Lucene search
K

9802 matches found

UbuntuCve
UbuntuCve
added 2010/06/11 6:0 p.m.26 views

CVE-2010-1414

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to the removeChild DOM method...

9.3CVSS7.5AI score0.06698EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2010/06/11 6:0 p.m.34 views

CVE-2010-1395

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving DOM constructor objects, related to a "scope management issu...

4.3CVSS6AI score0.02933EPSS
Exploits0References2
Prion
Prion
added 2010/06/11 6:0 p.m.17 views

Design/Logic Flaw

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to the removeChild DOM method...

9.3CVSS8.1AI score0.06698EPSS
Exploits0References24Affected Software1
Cvelist
Cvelist
added 2010/06/11 5:28 p.m.30 views

CVE-2010-1414

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to the removeChild DOM method...

9AI score0.06698EPSS
Exploits0References24
EUVD
EUVD
added 2010/06/11 5:28 p.m.2 views

EUVD-2010-1442

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to the removeChild DOM method...

9.3CVSS8.7AI score0.06698EPSS
Exploits0References25
Cvelist
Cvelist
added 2010/06/11 5:28 p.m.24 views

CVE-2010-1395

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving DOM constructor objects, related to a "scope management issu...

7.2AI score0.02933EPSS
Exploits0References21
CVE
CVE
added 2010/06/11 5:28 p.m.81 views

CVE-2010-1395

CVE-2010-1395 is a WebKit-based XSS vulnerability in Apple Safari prior to 5.0 (Mac OS X 10.5–10.6 and Windows) and Safari/WebKit prior to 4.1 on Mac OS X 10.4. It arises from a DOM constructor object scope management issue that allows remote attackers to inject arbitrary script or HTML via certa...

4.3CVSS7AI score0.02933EPSS
Exploits0References21Affected Software2
Debian CVE
Debian CVE
added 2010/06/11 5:28 p.m.27 views

CVE-2010-1395

Removed by vendor...

4.3CVSS6.7AI score0.02933EPSS
Exploits0
ThreatPost
ThreatPost
added 2010/06/09 2:36 p.m.12 views

Google Pays $2K for Chrome Vulnerability

Google has paid out its highest sum yet, $2,000, for the discovery of a high-risk vulnerability found in its Chrome browser. The recipient is developer Sergey Glazunov, who found a DOM method-related means of circumventing the same origin policy. Read the full article. The H Security...

1AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/06/09 12:0 a.m.66 views

Google Chrome < 5.0.375.70 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 5.0.375.70. As such, it is reportedly affected by multiple vulnerabilities : - A cross-origin keystroke redirection vulnerability. Issue 15766 - A cross-origin bypass in DOM methods. Issue 39985 - A memory error exists in...

10CVSS7.2AI score0.08919EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2010/06/08 12:0 a.m.18 views

Google Chrome < 5.0.375.70 Multiple Vulnerabilities

Binary data 5567.pasl...

8.8CVSS7.3AI score0.01972EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2010/06/08 12:0 a.m.13 views

Google Chrome < 5.0.375.70 Multiple Vulnerabilities

Binary data 800928.prm...

8.8CVSS7.3AI score0.02149EPSS
Exploits1References3
seebug.org
seebug.org
added 2010/05/13 12:0 a.m.20 views

百度空间hi.baidu creatbgmusic() Dom-Xss Bug

百度空间的Javascript Dom函数creatbgmusic在输出变量bgmusic没有进行过滤,导致可以通过initBlogTextForFCK函数构造容易HTML代码,最终导致xss漏洞 在http://hi.baidu.com//js/bgmusic.js?v=1.0.js 代码: function creatbgmusicmurl, musicnum, IsMusicHide, IsMusicLoop, IsMusicAutoPlay, unknow, functype //传入的murl赋值到bgmusic1和bgmusic2中 //可以通过构造类似代码来闭合标签如 "i...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2010/04/29 12:0 a.m.59 views

Fedora Update for seamonkey FEDORA-2010-7100

Check for the Version of seamonkey OpenVAS Vulnerability Test Fedora Update for seamonkey FEDORA-2010-7100 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

10CVSS0.4AI score0.28167EPSS
Exploits48References2
seebug.org
seebug.org
added 2010/04/08 12:0 a.m.42 views

Mozilla Firefox 3.6浏览器DOM节点移动释放后使用漏洞

BUGTRAQ ID: 38952 CVECAN ID: CVE-2010-1121 Firefox是一款流行的开源WEB浏览器。 在文档间移动DOM节点时如果在特定的时间点触发了垃圾收集机制,Firefox就可能错误的引用之前已释放的对象,导致以当前用户权限执行任意代码。 Mozilla Firefox 3.6 厂商补丁: Mozilla ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.mozilla.org/...

10CVSS9.3AI score0.05773EPSS
Exploits1
securityvulns
securityvulns
added 2010/04/06 12:0 a.m.71 views

ZDI-10-063: Mozilla Firefox Cross Document DOM Node Moving Code Execution Vulnerability

ZDI-10-063: Mozilla Firefox Cross Document DOM Node Moving Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-063 April 5, 2010 -- CVE ID: CVE-2010-1121 -- Affected Vendors: Mozilla Firefox -- Affected Products: Mozilla Firefox 3.6.x -- TippingPointTM IPS Customer...

10CVSS0.2AI score0.05773EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2010/04/05 12:0 a.m.46 views

Mozilla Firefox Cross Document DOM Node Moving Remote Code Execution Vulnerability

This vulnerability allows remote attackers to bypass specific script execution enforcements on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when moving DOM nodes in...

10CVSS3.2AI score0.05773EPSS
Exploits1References1
Fedora
Fedora
added 2010/04/03 4:34 a.m.62 views

[SECURITY] Fedora 12 Update: seamonkey-2.0.4-1.fc12

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

10CVSS2AI score0.07054EPSS
Exploits4
ThreatPost
ThreatPost
added 2010/04/02 2:24 p.m.7 views

Mozilla Plugs Firefox Pwn2Own Security Hole

Mozilla is the first browser vendor to fix a vulnerability exploited at this year’s CanSecWest Pwn2Own contest. Just one week after a U.K.-based hacker known as “Nils” broke into a 64-bit Windows 7 machine with a Firefox vulnerability, the open-source group shipped Firefox 3.6.3 to plug the...

7.7AI score
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2010/04/01 12:0 a.m.3 views

Internet Explorer DOM Operation HTML Object Memory Corruption (MS10-018; CVE-2010-0491)

Microsoft Internet Explorer is the most widely used Internet browser. A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been correctly initialized or has been deleted. To trigger this...

9.3CVSS7.3AI score0.29284EPSS
Exploits2
Rows per page
Query Builder