9799 matches found
[SECURITY] Fedora 8 Update: seamonkey-1.1.9-2.fc8
SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...
[SECURITY] Fedora 7 Update: seamonkey-1.1.9-2.fc7
SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...
[SECURITY] Fedora 8 Update: seamonkey-1.1.9-1.fc8
SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...
GLSA-200803-09 : Opera: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200803-09 Opera: Multiple vulnerabilities Mozilla discovered that Opera does not handle input to file form fields properly, allowing scripts to manipulate the file path CVE-2008-1080. Max Leonov found out that image comments might...
Opera browser multiple security vulnerabilities
Information leakage on form file upload, images comments scrip execution , DOM sanitization filters bypass...
CVE-2008-1082
Opera before 9.26 allows remote attackers to "bypass sanitization filters" and conduct cross-site scripting XSS attacks via crafted attribute values in an XML document, which are not properly handled during DOM presentation...
CVE-2008-1082
Opera before 9.26 allows remote attackers to "bypass sanitization filters" and conduct cross-site scripting XSS attacks via crafted attribute values in an XML document, which are not properly handled during DOM presentation...
Cross site scripting
Opera before 9.26 allows remote attackers to "bypass sanitization filters" and conduct cross-site scripting XSS attacks via crafted attribute values in an XML document, which are not properly handled during DOM presentation...
CVE-2008-1082
Opera before 9.26 is affected by CVE-2008-1082 due to a flaw in handling DOM attribute values of imported XML documents, which allows bypassing sanitization filters and enables cross-site scripting (XSS). This configures a remote attacker to exploit crafted attribute values in an XML document dur...
Opera Web浏览器9.26修复多个安全漏洞
BUGTRAQ ID: 27901 Opera是一款流行的WEB浏览器,支持多种平台。 Opera Web浏览器的9.26之前版本中存在多个安全漏洞,可能允许恶意用户执行跨站脚本攻击、泄露敏感信息或绕过某些安全限制。 1 当用户键入文件输入时,脚本可能导致忽略一些键盘动作。如果脚本能够诱骗用户相信正在键入正常的文件输入,而不让用户看到已经忽略了键盘动作,就可能导致输入指向计算机上的文件路径,然后在未经用户交互的情况下上传文件。 2 图形属性中可能包含有自定义标注。在显示图形属性时,Opera可能将这些标注处理为脚本,导致在错误的安全环境中运行脚本。 3...
opera -- multiple vulnerabilities
Opera Software ASA reports about multiple security fixes: Fixed an issue where simulated text inputs could trick users into uploading arbitrary files, as reported by Mozilla. Image properties can no longer be used to execute scripts, as reported by Max Leonov. Fixed an issue where the...
Joomla Component astatsPRO 1.0 refer.php SQL Injection Vulnerability
Exploit for unknown platform in category web applications ==================================================================== Joomla Component astatsPRO 1.0 refer.php SQL Injection Vulnerability ====================================================================...
Joomla! Component astatsPRO 1.0 - 'refer.php' SQL Injection
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Joomla Component astatsPRO Remote SQL Injection Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- bug found by ka0x D.O.M TEAM 2008 we are: ka0x, an0de, xarnuz http://www.domlabs.org/ contact:...
[SECURITY] Fedora 7 Update: seamonkey-1.1.8-1.fc7
SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...
[SECURITY] Fedora 8 Update: seamonkey-1.1.8-1.fc8
SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...
Microsoft Internet Explorer SVG animateMotion.by Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of the "by" property...
firefox20012-poc.txt
Don't blame the extension developers this time : You probably thought otherwise after they just released version 2.0.0.12. a couple of hours ago, that had a fix for numerous other vulnerabilities. But guess what? we are going to see 2.0.0.13 pretty soon I guess. I snared at Mozilla before: don't...
Design/Logic Flaw
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original UR...
Firefox < 2.0.0.12 Multiple Vulnerabilities
The installed version of Firefox is affected by various security issues : - Several stability bugs leading to crashes which, in some cases, show traces of memory corruption - Several file input focus stealing vulnerabilities that could result in uploading of arbitrary files provided their full pa...
SuSE 10 Security Update : Firefox (ZYPP Patch Number 1960)
This security update brings Mozilla Firefox to version 1.5.0.6. More details can be found on: http://www.mozilla.org/projects/security/known-vulnerabiliti es.html It includes fixes to the following security problems : - Code execution through deleted frame reference. CVE-2006-3801 / MFSA 2006-44...