Lucene search
K

9799 matches found

UbuntuCve
UbuntuCve
added 2005/05/02 4:0 a.m.22 views

CVE-2005-1160

The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object...

5.1CVSS6AI score0.02718EPSS
Exploits0References4
NVD
NVD
added 2005/05/02 4:0 a.m.24 views

CVE-2005-1160

The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object...

5.1CVSS6.6AI score0.02718EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2005/04/26 4:27 p.m.35 views

Important: Red Hat Security Advisory: Mozilla security update

Updated mozilla packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Vladimir V...

7.5CVSS6.1AI score0.10036EPSS
Exploits4References3
RedHat Linux
RedHat Linux
added 2005/04/26 4:27 p.m.5 views

security flaw

The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object...

5.1CVSS6AI score0.02718EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2005/04/21 9:11 a.m.5 views

security flaw

The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object...

5.1CVSS6AI score0.02718EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2005/04/21 9:11 a.m.48 views

Important: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Vladimir V. Perepelitsa discovered a bug in the way Firefox handles...

7.5CVSS6.1AI score0.10036EPSS
Exploits4References3
Cvelist
Cvelist
added 2005/04/18 4:0 a.m.24 views

CVE-2005-1160

The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object...

6.6AI score0.02718EPSS
Exploits0References18
Mozilla
Mozilla
added 2005/04/15 12:0 a.m.14 views

Privilege escalation via DOM property overrides — Mozilla

mozbugra4 reported several exploits giving an attacker the ability to install malicious code or steal data, requiring only that the user do commonplace actions like click on a link or open the context menu. The common cause in each case was privileged UI code "chrome" being overly trusting of DOM...

6.8AI score
Exploits0References3Affected Software2
FreeBSD
FreeBSD
added 2005/04/15 12:0 a.m.14 views

mozilla -- privilege escalation via DOM property overrides

A Mozilla Foundation Security Advisory reports: mozbugra4 reported several exploits giving an attacker the ability to install malicious code or steal data, requiring only that the user do commonplace actions like click on a link or open the context menu. The common cause in each case was privileg...

1.7AI score
Exploits0References1
CVE
CVE
added 2004/12/15 5:0 a.m.51 views

CVE-2004-1173

Internet Explorer 6 contains a vulnerability where remote attackers can bypass the popup blocker using DOM methods in the DHTML Editing Component (DEC) and showModalDialog calls. Root cause: the DHTML Editing Component/DEC enables a bypass via its DOM API. Impact described as bypassing the popup ...

7.5CVSS7AI score0.11722EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2002/04/09 12:0 a.m.32 views

Scripting for the scriptless with OWC in IE (GM#005-IE)

GreyMagic Security Advisory GM005-IE ===================================== By GreyMagic Software, Israel. 08 Apr 2002. Available in HTML format at http://security.greymagic.com/adv/gm005-ie/. Topic: Scripting for the scriptless with OWC in IE. Discovery date: 10 Mar 2002. Affected applications:...

6.7AI score
Exploits0
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.16 views

CVE-2000-0958

HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window...

6.6AI score0.0284EPSS
Exploits1References2
CVE
CVE
added 2001/01/22 5:0 a.m.55 views

CVE-2000-0958

CVE-2000-0958 concerns HotJava Browser 3.0, where remote attackers can access the DOM of a web page by opening a javascript: URL in a named window. The available documents identify the affected product and the basic interaction (javascript: URLs and window naming) but do not provide deeper root-c...

5CVSS7AI score0.0284EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2000/12/19 5:0 a.m.18 views

CVE-2000-0958

HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window...

5CVSS6.6AI score0.0284EPSS
Exploits1References2
exploitpack
exploitpack
added 2000/10/25 12:0 a.m.18 views

Sun HotJava Browser 3 - Arbitrary DOM Access

Sun HotJava Browser 3 - Arbitrary DOM Access source: https://www.securityfocus.com/bid/1837/info A malicious website operator may be able to obtain cookies from a target system browsing with Sun HotJava Browser. The Document Object Model DOM of arbitrary URLs can be accessed if a specially formed...

Exploits0
securityvulns
securityvulns
added 2000/10/06 12:0 a.m.31 views

IE5.5 window.externalNavigateAndFind security vulnerability....

Multiple security vulnerabilities found in window.external.NavigateAndFind function in IE5.5... After the most recent patches applied the vulnerabilities seem to persist.. Actually there is no current issues discussed at microsft website... Microsoft has been notified about the problem via email...

7.5AI score
Exploits0
CVE
CVE
added 2000/04/26 4:0 a.m.57 views

CVE-2000-0266

The CVE-2000-0266 entry describes a vulnerability in Internet Explorer 5.01 where a malicious applet can bypass the cross-frame security policy by interacting with the Java JSObject to modify DOM properties, allowing an IFRAME to load an arbitrary JavaScript URL. This reveals a client-side cross-...

2.6CVSS7AI score0.16225EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2000/04/18 4:0 a.m.19 views

CVE-2000-0266

Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL...

2.6CVSS6.6AI score0.16225EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2000/01/08 12:0 a.m.24 views

ie5.cross-frame.txt

Georgi Guninski security advisory 4, 2000 IE 5 security vulnerablity - circumventing Cross-frame security policy and accessing the DOM of "old" documents. Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies,...

7.4AI score
Exploits0
Rows per page
Query Builder