2190 matches found
Code injection
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...
CVE-2007-0779
CVE-2007-0779 concerns a GUI overlay spoofing flaw in SeaMonkey prior to 1.0.8 (and Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2) where a large, transparent cursor via CSS3 hotspot could spoof UI elements such as the hostname or security indicators. The vulnerability allows remote observe...
CVE-2007-0779
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...
FreeBSD : mozilla -- multiple vulnerabilities (12bd6ecf-c430-11db-95c5-000c6ec775d9)
The Mozilla Foundation reports of multiple security issues in Firefox, SeaMonkey, and Thunderbird. Several of these issues can probably be used to run arbitrary code with the privilege of the user running the program. - MFSA 2007-08 onUnload + document.write memory corruption - MFSA 2007-07...
security flaw
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...
security flaw
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...
Spoofing using custom cursor and CSS3 hotspot — Mozilla
David Eckel reported that browser UI elements--such as the host name and security indicators--could be spoofed by using a large, mostly transparent, custom cursor and adjusting the CSS3 hotspot property so that the visible part of the cursor floated outside the browser content area...
CVE-1999-1478
The CVE-1999-1478 entry concerns Sun’s HotSpot Performance Engine VM. A remote attacker can cause a denial of service on any server running HotSpot by issuing a URL that includes the [ character. The connected records confirm the affected component (Sun HotSpot Performance Engine VM) and the expl...
CVE-1999-1478
The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the character...
CVE-1999-1478
The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the character...