16 matches found
CVE-2026-8022
Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted MHTML page. Chromium security severity: Low...
EUVD-2017-9006
Malware in sbrugna...
Exploit Details Emerge for Unpatched Microsoft Bug
New details have emerged about an unpatched security vulnerability in Microsoft’s Internet Explorer that was recently used in a complex campaign against security researchers. A fresh analysis from 0patch offers further insight into where the bug exists and how it can be triggered in real-world...
Exploit for Cross-site Scripting in Google Chrome
It is an exploit module for CVE-2017-5124, a Chrome UXSS vulnerability. The target product/service is Google Chrome, and the vulnerability class/vector is User Interface UI Scripting UXSS. The probable entry point is the PoC.mht file, which is a MHTML file containing a malicious XML stylesheet th...
CVE-2017-17859
Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside XSLT data in one part of an MHTML file. Specifically, JavaScript code in another part of this MHTML...
CVE-2017-17859
Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside XSLT data in one part of an MHTML file. Specifically, JavaScript code in another part of this MHTML...
CVE-2017-17859
Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside XSLT data in one part of an MHTML file. Specifically, JavaScript code in another part of this MHTML...
Design/Logic Flaw
Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside XSLT data in one part of an MHTML file. Specifically, JavaScript code in another part of this MHTML...
Microsoft Internet Explorer MHTML Protocol Handler XSS
No description provided by source. Hacking with mhtml protocol handler Author: www.80vul.com Email:5up3rh3igmail.com Release Date: 2011/1/15 References: http://www.80vul.com/mhtml/Hacking%20with%20mhtml%20protocol%20handler.txt Ph4nt0m Webzine 0x05 http://secinn.appspot.com/pstzine Was finally...
Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass (MS04-013)
Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass MS04-013 source: https://www.securityfocus.com/bid/9658/info Microsoft Internet Explorer has been reported prone to a vulnerability that may permit hostile content to be interpreted in the Local Zone. The issue may be exploited via the...
Microsoft Outlook Express 6.0 - MHTML Forced File Execution (2)
Microsoft Outlook Express 6.0 - MHTML Forced File Execution 2 source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem...
Microsoft Outlook Express MHTML Forced File Execution Vulnerability
Description A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component failing to securely handle MHTML file URIs that reference a non-existent...
Microsoft Outlook Express 6.0 - .MHTML Forced File Execution (1)
Microsoft Outlook Express 6.0 - .MHTML Forced File Execution 1 source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The proble...
Microsoft Outlook Express 6.0 - MHTML Forced File Execution (2)
source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component failing to securely handle MHTML...
Code execution via Eudora
Using META REFRESH it's possible to launch mhtml file...
ICQ and MSIE allow execution of arbitrary code
Outline qoute I was about to put on a home page right after I discovered it and still had a hope that I will be that one who will finally destroy the world :: /quote Well i dont know if it will destroy the world, but sure enough it's enough to destory a small portion off it : Actually i found the...