Lucene search
K

3332 matches found

Exploit DB
Exploit DB
added 2004/07/13 12:0 a.m.32 views

Mozilla Browser 0.9/1.x Cache File - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/10709/info Mozilla Browser is reported prone to multiple vulnerabilities that could eventually allow for code execution on the local computer. These vulnerabilities do not represent a significant threat on their own, however, code execution in the context...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2004/07/03 12:0 a.m.41 views

[Full-Disclosure] CYBSEC - Security Advisory: Denial of Service in IBM WebSphere Edge Server

The following advisory is also available in pdf for download at http://www.cybsec.com/vuln/IBM-WebSphere-Edge-Server-DOS.pdf CYBSEC S.A. www.cybsec.com Advisory Name: Denial of Service in WebSphere Edge Server. Vulnerability Class: Denial of Service Release Date: June 2nd 2004 Affected...

1AI score
Exploits0
exploitpack
exploitpack
added 2004/07/02 12:0 a.m.15 views

IBM Websphere Caching Proxy Server 5.0 2 - Denial of Service

IBM Websphere Caching Proxy Server 5.0 2 - Denial of Service source: https://www.securityfocus.com/bid/10651/info A denial of service vulnerability is reported in the Caching Proxy component bundled with the IBM Websphere Edge Server. It is reported that if the proxy is configured with the...

Exploits0
Exploit DB
Exploit DB
added 2004/07/02 12:0 a.m.25 views

IBM Websphere Caching Proxy Server 5.0 2 - Denial of Service

source: https://www.securityfocus.com/bid/10651/info A denial of service vulnerability is reported in the Caching Proxy component bundled with the IBM Websphere Edge Server. It is reported that if the proxy is configured with the JunctionRewrite directive in conjunction with the UseCookie option,...

7.4AI score
Exploits0
CERT
CERT
added 2004/02/02 12:0 a.m.61 views

Microsoft Internet Explorer allows mouse events to manipulate window objects and perform "drag and drop" operations

Overview Microsoft Internet Explorer IE dynamic HTML DHTML mouse events can manipulate windows to copy objects from one domain to another, including the Local Machine Zone. This vulnerability could allow an attacker to write arbitrary files to the local file system. Description In IE, certain DHT...

7.4AI score
Exploits0References30
NVD
NVD
added 2004/01/20 5:0 a.m.33 views

CVE-2003-1027

Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching SaveRef to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different...

10CVSS6.4AI score0.38052EPSS
Exploits0References15
Cvelist
Cvelist
added 2004/01/08 5:0 a.m.37 views

CVE-2003-1027

Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching SaveRef to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different...

7.5AI score0.38052EPSS
Exploits0References15
CVE
CVE
added 2004/01/08 5:0 a.m.61 views

CVE-2003-1027

CVE-2003-1027 is a remote-code-execution vulnerability related to Internet Explorer’s handling of drag-and-drop. The Drag-and-Drop Vulnerability (CAN-2005-0053) updates address this and is explicitly stated as a variation of CVE-2003-1027. Affected software includes IE 5.01 through 6 SP1 (and rel...

10CVSS7.5AI score0.38052EPSS
Exploits0References15Affected Software2
securityvulns
securityvulns
added 2003/11/26 12:0 a.m.27 views

HijackClickV2 - a successor of HijackClick attack

HijackClickV2 - a successor of HijackClick attack tested OS:Win2k3,CN version IE: with MS03-048 installed. OS:WinXp, CN version Microsoft Internet Explorer v6.Sp1; up-to-date on 2003/11/16 overview After applying MS03-048, the original HijackClick exploit doesn't work any more. With method...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2003/09/11 12:0 a.m.29 views

MSIE->RefBack

RefBack tested Browser Ver MS Internet Explorer: 6.0.2600.0000.xpclntqfe.021108-2107; Encryption: 128-bit; Patch:; Q810847; So, it's far from fully patched. it also works after applying the patch for "Using the backbutton in IE is dangerous" OS Ver: "Windows XP Cn ver" demo...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2003/09/11 12:0 a.m.17 views

MSIE->LinkillerSaveRef:another caller-based authorization

LinkillerSaveRef:another caller-based authorizationis broken. "that's all" is end of file if you are in a hurry tested Browser Ver MS Internet Explorer: 6.0.2600.0000.xpclntqfe.021108-2107; Encryption: 128-bit; Patch:; Q810847; So, it's far from fully patched. It also works after applying the pat...

1.6AI score
Exploits0
securityvulns
securityvulns
added 2003/05/03 12:0 a.m.29 views

Cisco Content Service Switch DNS DoS

Negative DNS response caching lieads to DoS possibility...

2.5AI score
Exploits0References1Affected Software2
CERT
CERT
added 2003/03/26 12:0 a.m.19 views

Incorrect NXDOMAIN responses from AAAA queries could cause denial-of-service conditions

Overview Some DNS servers respond with an inappropriate error message if queried for nonexistent AAAA records, which can lead to possible denial of service. Description Some DNS servers respond with a "Name Error" response code NXDOMAIN, RCODE 3 instead of "No Error" RCODE 0 when queried for a...

7.1AI score
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2003/03/24 12:0 a.m.903 views

Microsoft Windows SMB Registry : Winlogon Cached Password Weakness

The registry key 'HKLM\Software\Microsoft\WindowsNT\CurrentVersion\ Winlogon\CachedLogonsCount' is not 0. Using a value greater than 0 for the CachedLogonsCount key indicates that the remote Windows host locally caches the passwords of the users when they login, in order to continue to allow the...

5.6AI score
Exploits0References3
NVD
NVD
added 2002/12/18 5:0 a.m.17 views

CVE-2002-1262

Internet Explorer 5.5 and 6.0 does not perform complete security checks on external caching, which allows remote attackers to read arbitrary files...

7.5CVSS6.8AI score0.11986EPSS
Exploits0References5
Cvelist
Cvelist
added 2002/12/11 5:0 a.m.26 views

CVE-2002-1262

Internet Explorer 5.5 and 6.0 does not perform complete security checks on external caching, which allows remote attackers to read arbitrary files...

7.6AI score0.11986EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2002/11/25 12:0 a.m.27 views

IBM WebSphere Edge Caching Proxy DoS

We could crash the WebSphere Edge caching proxy by sending a bad request to the helpout.exe CGI. C Tenable Network Security, Inc. References: From:"Rapid 7 Security Advisories" Message-ID: Date: Wed, 23 Oct 2002 12:08:39 -0700 Subject: R7-0007: IBM WebSphere Edge Server Caching Proxy Denial of...

5CVSS5.4AI score0.07124EPSS
Exploits1References2
CVE
CVE
added 2002/10/25 4:0 a.m.55 views

CVE-2002-1168

CVE-2002-1168 describes a cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26. An attacker can force the server to echo a CRLF-containing Location header (%0a%0d) in HTTP responses, allowing script execution in the context of anothe...

6.8CVSS6.1AI score0.01635EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2002/10/25 4:0 a.m.51 views

CVE-2002-1167

IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x prior to 4.0.1.26 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to execute scripts as other users via an HTTP GET request. The connected documents confirm the affected product and method but do not p...

6.8CVSS5.9AI score0.03278EPSS
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2002/10/23 12:0 a.m.15 views

IBM Websphere Edge Server 3.694.0 - HTTP Header Injection

IBM Websphere Edge Server 3.694.0 - HTTP Header Injection source: https://www.securityfocus.com/bid/6001/info A vulnerability has been discovered in the Caching Proxy component bundled with the IBM Websphere Edge Server. Due to insufficient sanitization of user-supplied input it is possible for a...

7.7AI score
Exploits0
Rows per page
Query Builder