9799 matches found
CVE-2009-1597
Mozilla Firefox executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as...
CVE-2009-1599
Opera executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as demonstrated by a w...
Design/Logic Flaw
Opera executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as demonstrated by a w...
Design/Logic Flaw
Apple Safari executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as demonstrated...
CVE-2009-1597
Mozilla Firefox executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as...
CVE-2009-1598
Google Chrome
CVE-2009-1599
Summary: CVE-2009-1599 concerns a PDF-related JavaScript security bypass in Opera. The vulnerability arises when a javascript: URI is executed from the target attribute of a submit button inside a form contained in an inline PDF, potentially bypassing Adobe Acrobat JavaScript restrictions on acce...
CVE-2009-1600
Apple Safari (PDF JavaScript security) is reported to execute DOM calls triggered by a javascript: URI in the target attribute of a form submit within an inline PDF, potentially bypassing Adobe Acrobat JavaScript restrictions on accessing the document object. This could enable remote attackers to...
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : mozilla-thunderbird, thunderbird vulnerabilities (USN-668-1)
Georgi Guninski, Michal Zalewsk and Chris Evans discovered that the same-origin check in Thunderbird could be bypassed. If a user were tricked into opening a malicious website, an attacker could obtain private information from data stored in the images, or discover information about software on t...
Firefox 3 Layout engine crashes
The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service application crash and possibly trigger memory corruption via vectors related to 1 nsAsyncInstantiateEvent::Run, 2...
Mandrake Security Advisory MDVSA-2009:090 (php)
The remote host is missing an update to php announced via advisory MDVSA-2009:090. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...
[SECURITY] Fedora 10 Update: seamonkey-1.1.15-3.fc10
SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...
Ubuntu Update for firefox, firefox-3.0, xulrunner-1.9 vulnerabilities USN-667-1
Ubuntu Update for Linux kernel vulnerabilities USN-667-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6671.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox, firefox-3.0, xulrunner-1.9 vulnerabilities USN-667-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone...
Ubuntu: Security Advisory (USN-668-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DSA-1751-1 xulrunner - several vulnerabilities
Bulletin has no description...
Mozilla Seamonkey Multiple Vulnerabilities (Mar 2009) - Windows
Mozilla Seamonkey browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2009-0775
Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection...
Double free
Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection...
CVE-2009-0775
Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection...
CVE-2009-0775
CVE-2009-0775 is a Mozilla Firefox/Thunderbird/SeaMonkey vulnerability described in the MiracleLinux AXSA advisory as a Double free in cloned XUL DOM elements linked as parent/child that are mishandled during garbage collection. A remote attacker could potentially execute arbitrary code by crafti...