9799 matches found
HTML parsing flaw can cause Opera to execute arbitrary code
Certain HTML constructs can cause the resulting DOM to change unexpectedly, which triggers a crash. To inject code, additional techniques will have to be employed...
MSN cross-site vulnerability analysis-vulnerability warning-the black bar safety net
As early as a few days ago, heard colleagues say,“friends msn send to a web page, enter the password, the results a few days later, the MSN password is wrong, could be stolen.” At that time also asked colleagues want the address, but he said address not found. A few days later a friend said to se...
USN-668-1: Thunderbird vulnerabilities
Georgi Guninski, Michal Zalewsk and Chris Evans discovered that the same-origin check in Thunderbird could be bypassed. If a user were tricked into opening a malicious website, an attacker could obtain private information from data stored in the images, or discover information about software on t...
[SECURITY] Fedora 9 Update: libxml2-2.7.2-2.fc9
This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...
opera -- multiple vulnerabilities
The Opera Team reports: Manipulating certain text-area contents can cause a buffer overflow, which may be exploited to execute arbitrary code. Certain HTML constructs can cause the resulting DOM to change unexpectedly, which triggers a crash. To inject code, additional techniques will have to be...
Crash and remote code execution in nsFrameManager — Mozilla
ling and wushi of team509, via TippingPoint's Zero Day Initiative program, reported a flaw in part of Mozilla's DOM constructing code. This vulnerability can be exploited by modifying certain properties of a file input element before it has finished initializing. When the blur method of the...
Mozilla Firefox Input Box Type Property Dangling Pointer Vulnerability
This vulnerability allows attackers to potentially execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when a DOM method on a specific HTML form...
CVE-2008-4737
Cross-site scripting XSS vulnerability in wholite.cgi in WhoDomLite 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the dom parameter...
PT-2008-5948 · Whodomlite · Whodomlite
Name of the Vulnerable Software and Affected Versions: WhoDomLite version 1.1.3 Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML via the dom parameter in the wholite.cgi component. Recommendations: For WhoDomLite version 1.1.3,...
Mozilla Firefox Multiple Vulnerability July-08 (Linux)
The host is installed with Mozilla Firefox browser, that is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbfirefoxmultvulnjuly08lin.nasl 6539 2017-07-05 12:02:14Z cfischer $ Mozilla Firefox Multiple Vulnerability July-08 Linux Authors: Chandan S Copyright: Copyright c 2008...
Mozilla Seamonkey Multiple Vulnerability July-08 (Windows)
The host is installed with Mozilla Seamonkey, that is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbseamonkeymultvulnjuly08win.nasl 6519 2017-07-04 14:08:14Z cfischer $ Mozilla Seamonkey Multiple Vulnerability July-08 Windows Authors: Chandan S Copyright: Copyright c 2008...
Mozilla Firefox Multiple Vulnerabilities (Jul 2008) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rianxosencabos CMS 0.9 - Blind SQL Injection
Rianxosencabos CMS 0.9 - Blind SQL Injection -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rianxosencabos CMS 0.9 Remote Blind SQL Injection Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- / Script: Rianxosencabos / Version: 0.9 / File affected:...
[SECURITY] Fedora 9 Update: seamonkey-1.1.12-1.fc9
SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...
[SECURITY] Fedora 8 Update: seamonkey-1.1.12-1.fc8
SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...
Sports Clubs Web Panel 0.0.1 Remote Game Delete Exploit
No description provided by source. !/usr/bin/perl -W Sports Clubs Web Panel 0.0.1 Remote Game Delete Exploit File affected: include/draw-delete.php id Vuln Code: 06: $did = $GET'id'; 08: mysqlquery"DELETE FROM draw WHERE did='$did'"; by ka0x ka0x01 at gmail dot com D.O.M Labs - Security Researche...
Sports Clubs Web Panel 0.0.1 Remote Game Delete Exploit
Exploit for unknown platform in category web applications ======================================================= Sports Clubs Web Panel 0.0.1 Remote Game Delete Exploit ======================================================= !/usr/bin/perl -W Sports Clubs Web Panel 0.0.1 Remote Game Delete Explo...
[SECURITY] Fedora 9 Update: libxml2-2.6.32-3.fc9
This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...
[SECURITY] Fedora 8 Update: libxml2-2.6.32-2.fc8
This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...
Debian DSA-1615-1 : xulrunner - several vulnerabilities
Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2785 It was discovered that missing boundary checks on a reference counter for CSS objects...