CVE-2005-2274

Microsoft Internet Explorer 6.0 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."...

Mozilla Firefox 1.0.4 - 'Set As Wallpaper' Code Execution

// Exploit by Michael Krax Firewalling - Proof-of-Concept function stopload // in some cases the javascript url never stops to load // therefore we force a stop after the real image got loaded window.setTimeout"window.stop",1000; Firewalling - Proof-of-Concept The "Set As Wallpaper" dialog takes...

CVE-2005-1797

The design of Advanced Encryption Standard AES, aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations...

CVE-2005-1797

The design of Advanced Encryption Standard AES, aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations...

security flaw

Firefox before 1.0 and Mozilla before 1.7.5 allows inactive background tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."...

phpWebLog <= 0.5.3 Arbitrary File Inclusion

Exploit for unknown platform in category web applications =========================================== phpWebLog = 0.5.3 Arbitrary File Inclusion =========================================== Example: if registerglobals=on and allowurlfopen=on:...

CVE-2004-1380

The CVE-2004-1380 issue affects Firefox &lt;1.0 and Mozilla

CVE-2004-0922

AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box...

CVE-2004-1122

Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows, aka the "Dialog Box Spoofing Vulnerability," a different vulnerability than CVE-2004-1314...

Opera < 7.54u1 Download Box Spoofing

Binary data 2467.prm...

CVE-2004-1122

CVE-2004-1122 affects Safari 1.x to 1.2.4 (and possibly other versions). The vulnerability allows inactive windows to launch dialog boxes, enabling remote attackers to spoof dialog boxes from web sites in other windows. It is described as the Dialog Box Spoofing Vulnerability and is explicitly no...

CVE-2004-1122

Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows, aka the "Dialog Box Spoofing Vulnerability," a different vulnerability than CVE-2004-1314...

Konqueror < 3.2.2-2 Cross-Domain Dialog Box Spoofing

Binary data 2374.prm...

CVE-2004-0922

CVE-2004-0922 (Mac OS X AFP Server) affects AFP Server on Mac OS X 10.3.x through 10.3.5. The underlying issue is that the guest group ID is not properly set, which causes a write-only AFP Drop Box on a guest-mounted share to become read-write, allowing a guest to read the Drop Box. The connected...

Secunia Research: Multiple Browsers Tabbed Browsing Vulnerabilities

====================================================================== Secunia Research 20/10/2004 - Multiple Browsers Tabbed Browsing Vulnerabilities - ====================================================================== Table of Contents Affected...

CVE-2004-1380

Firefox before 1.0 and Mozilla before 1.7.5 allows inactive background tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."...

DEBIAN-CVE-2004-1717

Multiple buffer overflows in the psscan function in ps.c for gv ghostview allow remote attackers to execute arbitrary code via a Postscript file with a long 1 BoundingBox, 2 comment, 3 Orientation, 4 PageOrder, or 5 Pages value...

Scorched 3D server chat box format string vulnerability

Background Scorched 3D is a game based loosely on the classic DOS game "Scorched Earth". Scorched 3D adds amongst other new features a 3D island environment and LAN and internet play. Scorched 3D is totally free and is available for multiple operating systems. Description Scorched 3D build 36.2 a...

PHP-Nuke 5.x6.0 - Avatar HTML Injection

PHP-Nuke 5.x6.0 - Avatar HTML Injection source: https://www.securityfocus.com/bid/6750/info A problem with PHP-Nuke could allow remote users to execute arbitrary code in the context of the web site. The problem is in the lack of sanitization of some types of input. PHP-Nuke does not sanitize code...

WU-IMAP 2000.287(1-2) - Remote Overflow

WU-IMAP 2000.2871-2 - Remote Overflow / 7350owex- x86/linux WU-IMAP 2000.2871-2 remote exploit TESO CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of TESO Security. The contents of these coded instructions, statements and computer programs may not be disclosed to thir...