4727 matches found
EasyMail MessagePrinter Object (emprint.DLL 6.0.1.0) BOF Exploit
No description provided by source. !-- rgodemmsgprnheap.html EasyMail MessagePrinter Object emprint.DLL 6.0.1.0 remote heap overflow exploit ie6 / xp sp2 Mr Dormann, this should integrate this :D : http://www.kb.cert.org/vuls/id/281977 retrieved from postcast srvr, dunno other software...
EasyMail MessagePrinter Object - emprint.dll 6.0.1.0 Remote Buffer Overflow
EasyMail MessagePrinter Object - emprint.dll 6.0.1.0 Remote Buffer Overflow pwnin'... //add su one, user: sun pass: tzu shellcode =...
EasyMail MessagePrinter Object (emprint.DLL 6.0.1.0) BOF Exploit
Exploit for unknown platform in category remote exploits ================================================================ EasyMail MessagePrinter Object emprint.DLL 6.0.1.0 BOF Exploit ================================================================ pwnin'... //add su one, user: sun pass: tzu...
EasyMail MessagePrinter Object - 'emprint.dll 6.0.1.0' Remote Buffer Overflow
pwnin'... //add su one, user: sun pass: tzu shellcode =...
Critical: Red Hat Security Advisory: seamonkey security update
Updated seamonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client...
Microsoft Internet Explorer and Mozilla Firefox - URI Handler Command Injection
Microsoft Internet Explorer and Mozilla Firefox - URI Handler Command Injection source: https://www.securityfocus.com/bid/24837/info Microsoft Internet Explorer, Mozilla Firefox and Netscape Navigator are prone to a vulnerability that lets attackers inject commands through the 'firefoxurl' and...
Code injection
Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME 1 during the load stage or 2 in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystrok...
CVE-2007-2382
The Moo.fx framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...
CVE-2007-2384
The Script.aculo.us framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using...
CVE-2007-2381
The MochiKit framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...
CVE-2007-2376
The Dojo framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...
XSS vulnerabilities
PMASA-2007-4 Announcement-ID: PMASA-2007-4 Date: 2007-04-24 Updated: 2007-05-17 Summary XSS vulnerabilities Description We received an advisory from Lukasz Plonka "sp3x" SecurityReason and we wish to thank him for his work. It was possible to trigger these attacks on various scripts due to...
Fedora Core 5 : thunderbird-1.5.0.8-1.fc5 (2006-1194)
Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processes certain malformed JavaScript code. A malicious HTML mail message could cause the execution of JavaScript code in such a way that could cause Thunderbird to crash or execute...
Hacking AJAX DWR Applications
By Guy Karlebach & Amichai Shulman Introduction The introduction of AJAX into a web application improves the user experience significantly. However, the complexity of some AJAX frameworks and the limited field experience with them requires a careful examination of potential vulnerabilities. DWR i...
flash plug-horse technology-vulnerability warning-the black bar safety net
Recently in a foreign country on the website to see an article about Backdooring Flash Objects the walkthroughof the article, the translation test a bit First class Backdoor function Backdoor static function mainmc getURL"javascript:alert'hello from backdoor'"; As the initial script, written in...
firefox security update
CentOS Errata and Security Advisory CESA-2006:0758 Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web...
devhelp, seamonkey security update
CentOS Errata and Security Advisory CESA-2006:0759 Updated seamonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open sour...
Critical: Red Hat Security Advisory: firefox security update
Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox...
CVE-2006-6257
The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message...
CVE-2006-6257
The CVE-2006-6257 issue affects AlternC 0.9.5 and earlier, where PHP warning messages disclose sensitive path information when folder names include JavaScript-like strings. The root cause is information leakage via warning output, enabling remote attackers to learn partial path details. Impact is...