Lucene search
K

9799 matches found

Opera Security Advisories
Opera Security Advisories
added 2008/12/15 12:0 a.m.20 views

HTML parsing flaw can cause Opera to execute arbitrary code

Certain HTML constructs can cause the resulting DOM to change unexpectedly, which triggers a crash. To inject code, additional techniques will have to be employed...

2.8AI score
Exploits0Affected Software1
myhack58
myhack58
added 2008/12/12 12:0 a.m.13 views

MSN cross-site vulnerability analysis-vulnerability warning-the black bar safety net

As early as a few days ago, heard colleagues say,“friends msn send to a web page, enter the password, the results a few days later, the MSN password is wrong, could be stolen.” At that time also asked colleagues want the address, but he said address not found. A few days later a friend said to se...

6.7AI score
Exploits0
Ubuntu
Ubuntu
added 2008/11/26 12:42 a.m.69 views

USN-668-1: Thunderbird vulnerabilities

Georgi Guninski, Michal Zalewsk and Chris Evans discovered that the same-origin check in Thunderbird could be bypassed. If a user were tricked into opening a malicious website, an attacker could obtain private information from data stored in the images, or discover information about software on t...

10CVSS8.7AI score0.05865EPSS
Exploits1
Fedora
Fedora
added 2008/11/19 2:55 p.m.37 views

[SECURITY] Fedora 9 Update: libxml2-2.7.2-2.fc9

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

10CVSS0.6AI score0.04051EPSS
Exploits1
FreeBSD
FreeBSD
added 2008/11/18 12:0 a.m.32 views

opera -- multiple vulnerabilities

The Opera Team reports: Manipulating certain text-area contents can cause a buffer overflow, which may be exploited to execute arbitrary code. Certain HTML constructs can cause the resulting DOM to change unexpectedly, which triggers a crash. To inject code, additional techniques will have to be...

9.3CVSS6.8AI score0.31509EPSS
Exploits6References6
Mozilla
Mozilla
added 2008/11/12 12:0 a.m.35 views

Crash and remote code execution in nsFrameManager — Mozilla

ling and wushi of team509, via TippingPoint's Zero Day Initiative program, reported a flaw in part of Mozilla's DOM constructing code. This vulnerability can be exploited by modifying certain properties of a file input element before it has finished initializing. When the blur method of the...

9.3CVSS2.9AI score0.03633EPSS
Exploits0References2Affected Software3
Zero Day Initiative
Zero Day Initiative
added 2008/11/12 12:0 a.m.34 views

Mozilla Firefox Input Box Type Property Dangling Pointer Vulnerability

This vulnerability allows attackers to potentially execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when a DOM method on a specific HTML form...

9.3CVSS2.7AI score0.03633EPSS
Exploits0References1
Cvelist
Cvelist
added 2008/10/24 10:0 a.m.15 views

CVE-2008-4737

Cross-site scripting XSS vulnerability in wholite.cgi in WhoDomLite 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the dom parameter...

5.7AI score0.01497EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2008/10/24 12:0 a.m.4 views

PT-2008-5948 · Whodomlite · Whodomlite

Name of the Vulnerable Software and Affected Versions: WhoDomLite version 1.1.3 Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML via the dom parameter in the wholite.cgi component. Recommendations: For WhoDomLite version 1.1.3,...

4.3CVSS5.5AI score0.01497EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2008/10/07 12:0 a.m.32 views

Mozilla Firefox Multiple Vulnerability July-08 (Linux)

The host is installed with Mozilla Firefox browser, that is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbfirefoxmultvulnjuly08lin.nasl 6539 2017-07-05 12:02:14Z cfischer $ Mozilla Firefox Multiple Vulnerability July-08 Linux Authors: Chandan S Copyright: Copyright c 2008...

10CVSS0.3AI score0.13949EPSS
Exploits2References13
OpenVAS
OpenVAS
added 2008/10/06 12:0 a.m.35 views

Mozilla Seamonkey Multiple Vulnerability July-08 (Windows)

The host is installed with Mozilla Seamonkey, that is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbseamonkeymultvulnjuly08win.nasl 6519 2017-07-04 14:08:14Z cfischer $ Mozilla Seamonkey Multiple Vulnerability July-08 Windows Authors: Chandan S Copyright: Copyright c 2008...

10CVSS0.7AI score0.13949EPSS
Exploits2References13
OpenVAS
OpenVAS
added 2008/10/06 12:0 a.m.37 views

Mozilla Firefox Multiple Vulnerabilities (Jul 2008) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.7AI score0.13949EPSS
Exploits2References14
exploitpack
exploitpack
added 2008/09/30 12:0 a.m.9 views

Rianxosencabos CMS 0.9 - Blind SQL Injection

Rianxosencabos CMS 0.9 - Blind SQL Injection -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rianxosencabos CMS 0.9 Remote Blind SQL Injection Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- / Script: Rianxosencabos / Version: 0.9 / File affected:...

0.5AI score
Exploits0
Fedora
Fedora
added 2008/09/28 6:44 p.m.46 views

[SECURITY] Fedora 9 Update: seamonkey-1.1.12-1.fc9

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

10CVSS2AI score0.43921EPSS
Exploits15
Fedora
Fedora
added 2008/09/28 6:41 p.m.41 views

[SECURITY] Fedora 8 Update: seamonkey-1.1.12-1.fc8

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

10CVSS2AI score0.43921EPSS
Exploits15
seebug.org
seebug.org
added 2008/09/14 12:0 a.m.19 views

Sports Clubs Web Panel 0.0.1 Remote Game Delete Exploit

No description provided by source. !/usr/bin/perl -W Sports Clubs Web Panel 0.0.1 Remote Game Delete Exploit File affected: include/draw-delete.php id Vuln Code: 06: $did = $GET'id'; 08: mysqlquery"DELETE FROM draw WHERE did='$did'"; by ka0x ka0x01 at gmail dot com D.O.M Labs - Security Researche...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/09/13 12:0 a.m.63 views

Sports Clubs Web Panel 0.0.1 Remote Game Delete Exploit

Exploit for unknown platform in category web applications ======================================================= Sports Clubs Web Panel 0.0.1 Remote Game Delete Exploit ======================================================= !/usr/bin/perl -W Sports Clubs Web Panel 0.0.1 Remote Game Delete Explo...

7.1AI score
Exploits0
Fedora
Fedora
added 2008/09/10 7:4 a.m.38 views

[SECURITY] Fedora 9 Update: libxml2-2.6.32-3.fc9

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

6.5CVSS0.6AI score0.02507EPSS
Exploits1
Fedora
Fedora
added 2008/09/10 6:44 a.m.35 views

[SECURITY] Fedora 8 Update: libxml2-2.6.32-2.fc8

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

6.5CVSS0.6AI score0.02507EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2008/07/24 12:0 a.m.43 views

Debian DSA-1615-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2785 It was discovered that missing boundary checks on a reference counter for CSS objects...

10CVSS6AI score0.13949EPSS
Exploits4References27
Rows per page
Query Builder