4361 matches found
Google Chrome < 23.0.1271.97 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 23.0.1271.97 and is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to visibility events and the URL loader. CVE-2012-5139, CVE-2012-5140 - An unspecified error exists related t...
Critical Vulnerability Fixed in Chrome 23
It’s Patch Tuesday, and not just for Microsoft and Adobe. Google also patched a number of security vulnerabilities in its Chrome browser today, including one critical flaw and three high-severity ones. The most serious vulnerability that Google fixed in Chrome 23 is a crash in the browser’s histo...
Java zero-day exploit sold in underground Market
Once again a zero day vulnerability exploit is sold by cyber criminals in the underground, once again a the flaw is related to Oracle's Java software that could allow to gain remote control over victim's machine. The news has been reported by KrebsOnSecurity blog that announced that the exploit...
Internet shortcuts used for phishing in elements – Opera Security Advisories
Websites may occasionally want to display image content from untrusted sources. A phishing attack may be carried out by the untrusted source, by displaying malicious instructions on the image, or by navigating the containing page to a similar looking document on another server. Since some image...
Sunny Navigation System cms the background filter is not strict vulnerability-vulnerability warning-the black bar safety net
BY: madmen From 1 6 3 Micro Forum Test URL http://www.xxx.com/admin/log/dispcont.asp admin/log/dispcont. asp View administrator login records where the filter is not strict lead to can view the login record of success Although success is cmd5 encryption, but a large part can be cracked Tasteless ...
Mozilla Seamonkey Multiple Vulnerabilities-01 (Windows)
The host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeymultvuln01oct12win.nasl 6093 2017-05-10 09:03:18Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities-01 Windows Authors: Arun Kallavi Copyright: Copyright c 20...
Mozilla Seamonkey Multiple Vulnerabilities - 01 - Mac OS X
Mozilla Seamonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Linux Security Advisory : libxslt (MDVSA-2012:164)
Multiple vulnerabilities has been discovered and corrected in libxslt : Unspecified vulnerability in XSLT allows remote attackers to obtain potentially sensitive information about heap memory addresses via unknown vectors CVE-2011-1202. libxslt 1.1.26 and earlier does not properly manage memory,...
CVE-2012-3984
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element's menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling...
Cross site scripting
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting XSS attacks or obtain sensitive POST content via...
Code injection
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element's menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling...
CVE-2012-5354
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows remote attackers to conduct clickjacking attacks via vectors involving an XPI file, the window.ope...
Design/Logic Flaw
Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScree...
CVE-2012-3984
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element's menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling...
Mozilla: DOS and crash with full screen and history navigation (MFSA 2012-79)
Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScree...
Mozilla: Spoofing and script injection through location.hash (MFSA 2012-84)
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting XSS attacks or obtain sensitive POST content via...
Mozilla: DOS and crash with full screen and history navigation (MFSA 2012-79)
Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScree...
Mozilla: Spoofing and script injection through location.hash (MFSA 2012-84)
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting XSS attacks or obtain sensitive POST content via...
CVE-2012-3988
Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScree...
Spoofing and script injection through location.hash — Mozilla
Security researcher Mariusz Mlynski reported an issue with spoofing of the location property. In this issue, writes to location.hash can be used in concert with scripted history navigation to cause a specific website to be loaded into the history object. The baseURI can then be changed to this...