Lucene search
K

9799 matches found

Fedora
Fedora
added 2007/12/07 6:23 p.m.13 views

[SECURITY] Fedora 8 Update: seamonkey-1.1.7-1.fc8

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

2AI score
Exploits0
Fedora
Fedora
added 2007/12/07 6:17 p.m.16 views

[SECURITY] Fedora 7 Update: seamonkey-1.1.7-1.fc7

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

2AI score
Exploits0
seebug.org
seebug.org
added 2007/12/05 12:0 a.m.19 views

MS Internet Explorer 6 Table.Frameset NULL Dereference Vulnerability

No description provided by source. !-- http://browserfun.blogspot.com/ The following bug was tested on the latest version of Internet Explorer 6 on a fully-patched Windows XP SP2 system. This bug was found by Aviv Raff using the DOM-Hanoi fuzzer script. DOM-Hanoi works by building trees of ...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/11/26 12:0 a.m.55 views

wirelessg-multi.txt

http://www.gnucitizen.org/blog/persistent-xss-and-csrf-on-wireless-g-adsl-gateway-with-speedbooster-wag54gs The following vulns were found on 24 June 2007 and were tested against firmware V1.00.06. The specific persistent XSS holes mentioned in this advisory were fixed by Cisco on firmware versio...

4.3CVSS6.6AI score0.0194EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.63 views

Ubuntu 6.06 LTS : firefox vulnerabilities (USN-327-1)

Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious URL. CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3811,...

10CVSS8.4AI score0.78359EPSS
Exploits11References15
Fedora
Fedora
added 2007/11/06 4:5 p.m.45 views

[SECURITY] Fedora 8 Update: seamonkey-1.1.5-2.fc8

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

9.3CVSS2AI score0.12736EPSS
Exploits5
RedHat Linux
RedHat Linux
added 2007/10/19 3:45 p.m.5 views

security flaw

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client...

6.8CVSS5.9AI score0.0219EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.34 views

openSUSE 10 Security Update : seamonkey (seamonkey-1952)

This security update brings Mozilla SeaMonkey to version 1.0.4. Please also see http://www.mozilla.org/projects/security/known-vulnerabilities.html for more details. It includes fixes to the following security problems : - CVE-2006-3801/MFSA 2006-44: Code execution through deleted frame reference...

7.5CVSS8.8AI score0.78359EPSS
Exploits11References14
securityvulns
securityvulns
added 2007/08/31 12:0 a.m.4805 views

Vulnerability in Joomla!

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting уязвимости в Joomla!. XSS: Уязвимость в поиске по сайту в параметре searchword. Дыра является DOM based XSS. http://site/index.php?option=comsearch&searchword=';alert'XSS'// Для исполнения кода, пользователь должен сменить...

6.6AI score
Exploits0
myhack58
myhack58
added 2007/07/24 12:0 a.m.27 views

Ajax allows a web page Trojan“quietly perform”-vulnerability warning-the black bar safety net

On the Ajax implementation, the developer is to think like the“Ajax to do that in user when browsing the web should not feel it to execute asynchronously, and does not need to wait for the page to refresh can be done automatically verify data”, such as whether the user name can be registered...

7.1AI score
Exploits0
Fedora
Fedora
added 2007/07/20 7:32 p.m.39 views

[SECURITY] Fedora 7 Update: seamonkey-1.1.3-1.fc7

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

9.3CVSS2AI score0.04618EPSS
Exploits3
securityvulns
securityvulns
added 2007/07/04 12:0 a.m.44 views

Security on AIR: Local file access through JavaScript

Hi! It's just a very first look to AIR Adobes Integrated Runtime and its possibilities to process HTML/JS. AIR is beta by now, so Adobe may change things in the final release. What is AIR? Quote from Adobe: "Adobe Integrated Runtime AIR is a cross- operating system runtime that allows you to...

6.6AI score
Exploits0
Prion
Prion
added 2007/06/06 9:30 p.m.21 views

Code injection

Microsoft Internet Explorer 6 allows remote attackers to spoof the URL bar, and page properties including SSL certificates, by interrupting page loading through certain use of location DOM objects and setTimeout calls. NOTE: this issue can be leveraged for phishing and other attacks...

9.3CVSS7.2AI score0.19976EPSS
Exploits1References9Affected Software1
myhack58
myhack58
added 2007/05/26 12:0 a.m.12 views

FireBug storm out of a serious vulnerability-a vulnerability warning-the black bar safety net

FireBug is a very useful JavaScript and DOM to view the debugging tools, is Firefox a plugin. Can to http://addons.mozilla.org go and download it. Debug code when you can use the following statement: The CODE: console. log'scriptalert...' Copy to clipboard While eliminating the need to write your...

7.7AI score
Exploits0
NVD
NVD
added 2007/04/18 3:19 a.m.19 views

CVE-2007-2060

Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox allows remote attackers to execute arbitrary Javascript in the browser chrome via the RSS feed DOM...

6.8CVSS6.9AI score0.03175EPSS
Exploits0References9
Prion
Prion
added 2007/04/18 3:19 a.m.14 views

Cross site scripting

Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox allows remote attackers to execute arbitrary Javascript in the browser chrome via the RSS feed DOM...

6.8CVSS7.4AI score0.03175EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2007/04/11 1:19 a.m.23 views

CVE-2007-1947

Cross-zone scripting vulnerability in the DOM templates domplates used by the console.log function in the Firebug extension before 1.04 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome by...

3.5CVSS6.9AI score0.04483EPSS
Exploits0References3
Prion
Prion
added 2007/04/11 1:19 a.m.18 views

Cross site scripting

Cross-zone scripting vulnerability in the DOM templates domplates used by the console.log function in the Firebug extension before 1.04 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome by...

3.5CVSS7.3AI score0.0504EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2007/04/11 1:0 a.m.45 views

CVE-2007-1947

Affected software: Firebug extension for Mozilla Firefox (DOM templates used by console.log, domplates). Vulnerability: Cross-zone scripting via overwriting toString in anonymous functions within domplates, enabling bypass of zone restrictions and potential read of file:// URIs or code execution ...

3.5CVSS7AI score0.04483EPSS
Exploits0References3Affected Software1
seebug.org
seebug.org
added 2007/04/07 12:0 a.m.54 views

FireBug 跨站脚本执行漏洞

BUGTRAQ ID: 23315 FireBug是一个非常实用的JavaScript以及DOM查看调试工具,是Firefox的一个插件。 FireBug的对脚本代码的处理实现上存在漏洞,远程攻击者可能利用此漏洞在用户机器上执行恶意脚本代码。 在浏览器中远程脚本是受到沙盒限制的,也就是任何http:或https:前缀的URL都是安全的。浏览器扩展使用chrome: protocol,这个协议不受任何限制,因此浏览器扩展都是受信任的。如果远程脚本诱骗浏览器对chrome:执行JavaScript表达式的话,这个脚本就可以完全控制整个chrome及操作系统,因为命令执行和读写访问都是允许的。...

6.9AI score
Exploits0
Rows per page
Query Builder