9803 matches found
ZDI-11-097: Apple Webkit setOuterText Memory Corruption Remote Code Execution Vulnerability
ZDI-11-097: Apple Webkit setOuterText Memory Corruption Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-097 March 2, 2011 -- CVE ID: CVE-2011-0116 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Apple -- Affected Products: Apple WebKit --...
Apple Safari WebKit Range Object Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how WebKit...
Apple Webkit setOuterText Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setOuterText...
Microsoft Internet Explorer 'ReleaseInterface()' Remote Code Execution Vulnerability
This host is installed with Internet Explorer and is prone to remote code execution vulnerability. This NVT has been replaced by NVT secpodms11-018.nasl OID:1.3.6.1.4.1.25623.1.0.900278. OpenVAS Vulnerability Test $Id: gbmsiereleaseinterfacecodeexecutionvuln.nasl 6526 2017-07-05 05:43:52Z cfische...
Microsoft Internet Explorer Incorrect GUI Display Vulnerability
This host has installed with Internet Explorer and is prone to incorrect GUI display vulnerability. OpenVAS Vulnerability Test $Id: gbmsieincorrectguidisplayvuln.nasl 6526 2017-07-05 05:43:52Z cfischer $ Microsoft Internet Explorer Incorrect GUI Display Vulnerability Authors: Sooraj KS Updated By...
Microsoft Internet Explorer 'ReleaseInterface()' RCE Vulnerability
Internet Explorer is prone to a remote code execution RCE vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.900278. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright ...
Microsoft Internet Explorer Incorrect GUI Display Vulnerability
This host has installed with Internet Explorer and is prone to incorrect GUI display vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.902334. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced...
SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 3693)
Mozilla Firefox 3.6 was updated to update 3.6.13 fixing several security issues. - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain...
SuSE 11.1 Security Update : Mozilla XULrunner (SAT Patch Number 3694)
Mozilla XULRunner 1.9.1 was updated to update 1.9.1.16 fixing several security issues. - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain...
Уязвимости в xAjax и xajax_jquery_plugin
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и Full path disclosure уязвимостях в xAjax и xajaxjqueryplugin. XSS WASC-08: http://site/cms/’;alertdocument.cookie;/ Это DOM Based XSS. Данная уязвимость в частности имеет место в MC Content Manager которая использует xAjax...
xAjax Cross Site Scripting / Path Disclosure
Hello list! I want to warn you about Cross-Site Scripting and Full path disclosure vulnerabilities in xAjax and xajaxjqueryplugin. ------------------------- Affected products: ------------------------- Vulnerable are potentially all versions of xAjax. Vulnerable are all versions of...
CVE-2011-0484
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node removal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale rendering node."...
Code injection
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node removal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale rendering node."...
CVE-2011-0484
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node removal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale rendering node."...
CVE-2011-0484
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node removal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale rendering node."...
CVE-2011-0484
Removed by vendor...
Google Chrome < 8.0.552.237 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 8.0.552.237. Such versions are reportedly affected by multiple vulnerabilities : - A browser crash exists in extensions notification handling. Issue 58053 - Bad pointer handling exists in node iteration. Issue 65764 -...
CVE-2011-0347
Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated by crossfuzz...
CVE-2011-0346
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to the DOM implementation and the BreakAASpecial and...
Code injection
Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated by crossfuzz...