CVE-2009-4148

DAZ Studio 2.3.3.161, 2.3.3.163, and 3.0.1.135 allows remote attackers to execute arbitrary JavaScript code via a 1 .ds, 2 .dsa, 3 .dse, or 4 .dsb file, as demonstrated by code that loads the WScript.Shell ActiveX control, related to a "script injection vulnerability."...

KDE -- multiple vulnerabilities

oCERT reports: Ark input sanitization errors: The KDE archiving tool, Ark, performs insufficient validation which leads to specially crafted archive files, using unknown MIME types, to be rendered using a KHTML instance, this can trigger uncontrolled XMLHTTPRequests to remote sites. IO Slaves inp...

Mozilla Thunderbird WYSIWIG Engine Filtering IFRAME JavaScript Execution (CVE-2006-0884)

Mozilla Thunderbird is an email client application often seen as an alternative to the mainstream Microsoft email clients. Thunderbird supports various email delivering protocols such as SMTP, IMAP and POP3. The program is also capable of reading and composing HTML formatted email messages. A...

Mozilla Firefox < 3.0.14 / 3.5.3 Multiple Vulnerabilities

Binary data 5161.prm...

Firefox 3.5.3 3.0.14 Chrome privilege escalation with FeedWriter

Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter...

Joomla! Extension UIajaxIM 1.1 - JavaScript Execution

Joomla! Extension UIajaxIM 1.1 - JavaScript Execution 0000000000000000000000000000000000 000000000000000000000 00000000000000000000000000000000000 0000000000000000 00000000000000000000000000000000 + Joomla Extension UIajaxIM 1.1 Javascript Execution + Software : Joomla + Author : 599eme Man +...

Joomla! Extension UIajaxIM 1.1 - JavaScript Execution

0000000000000000000000000000000000 000000000000000000000 00000000000000000000000000000000000 0000000000000000 00000000000000000000000000000000 + Joomla Extension UIajaxIM 1.1 Javascript Execution + Software : Joomla + Author : 599eme Man + Contact : [email protected] + Thanks : Moudi, Neocoderz,...

Phorum 5.2.11 Cross Site Scripting

//----- Advisory Program : Phorum 5.2.11 Homepage : http://www.phorum.org/ Discovery : 2009/07/16 Author Contacted : 2009/07/17 Found by : crashfr at sysdream dot com This Advisory : crashfr at sysdream dot com //----- Application description Started in 1998, Phorum was the original PHP and MySQL...

Apple Safari Multiple Vulnerabilities - 01 - (Jun 2009) - Windows

Apple Safari Web Browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari";...

CVE-2009-1704

CFNetwork in Apple Safari before 4.0 misinterprets downloaded image files as local HTML documents in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript code by placing it in an image file...

Novell Groupwise Cross Site Scripting

Novell GroupWise Web Access Multiple XSS /============================================\ / SecureState R&D Team - leroy and sasquatch \ / Discovered: 11-24-08, 03-05-09 \ \ Vendor Notified: 01-06-09, 03-05-09 / \ Vendor Publication: 05-21-09 / ============================================/...

Novell GroupWise Web Access Multiple XSS

Novell GroupWise Web Access Multiple XSS /============================================ / SecureState R&D Team - leroy and sasquatch / Discovered: 11-24-08, 03-05-09 Vendor Notified: 01-06-09, 03-05-09 / Vendor Publication: 05-21-09 / ============================================/...

Mozilla Thunderbird Multiple Vulnerabilities (Apr 2009) - Linux

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedHat Security Advisory RHSA-2009:0436

The remote host is missing updates announced in advisory RHSA-2009:0436. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content...

Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : mozilla-thunderbird, thunderbird vulnerabilities (USN-647-1)

It was discovered that the same-origin check in Thunderbird could be bypassed. If a user had JavaScript enabled and were tricked into opening a malicious website, an attacker may be able to execute JavaScript in the context of a different website. CVE-2008-3835 Several problems were discovered in...

Ubuntu Update for firefox vulnerabilities USN-535-1

Ubuntu Update for Linux kernel vulnerabilities USN-535-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5351.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox vulnerabilities USN-535-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Mozilla Firefox Multiple Vulnerabilities (Feb 2009) - Linux

Mozilla Firefox browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Safari < 3.2.2 Multiple Vulnerabilities

Binary data 4932.prm...

Mozilla Firefox 3.x < 3.0.6 Multiple Vulnerabilities

Binary data 4922.prm...

JSON Hijacking of use as well as Web API security-vulnerability warning-the black bar safety net

by:cosine JSON Hijacking what role, as a black brother said, You can CSRF to give the user privacy data: a. The principle of the last presentation, first take a attack example, take the meal to do an experiment. First of all, we see this:http://help.fanfou.com/api.html. Rice no API. Wherein:...