CVE-2009-1581

CVE-2009-1581 affects SquirrelMail up to version 1.4.18, where functions/mime.php fails to protect against CSS positioning in HTML email. This allows a remote attacker to spoof the user interface and can enable cross-site scripting (XSS) and phishing via a crafted message. The connected advisorie...

Baidu space XSIO vulnerability-vulnerability warning-the black bar safety net

Article author: aullik5 Original source: http://hi.baidu.com/aullik5/blog ... a02c6785352416.html Today want to talk about this vulnerability is a very wretched vulnerability. Most of the sites have this vulnerability, not only is Baidu. What is XSIO, and why is it wretched? XSIO is because there...

Mozilla Foundation Security Advisory 2008-11

Mozilla Foundation Security Advisory 2008-11 Title: Web forgery overwrite with div overlay Impact: Low Announced: February 7, 2008 Reporter: Emil Ljungdahl, Lars-Olof Moilanen Products: Firefox Fixed in: Firefox 2.0.0.12 Description Security researchers Emil Ljungdahl and Lars-Olof Moilanen...

CVE-2008-0594

Mozilla Firefox before 2.0.0.12 does not always display a web forgery warning dialog if the entire contents of a web page are in a DIV tag that uses absolute positioning, which makes it easier for remote attackers to conduct phishing attacks...

Design/Logic Flaw

Mozilla Firefox before 2.0.0.12 does not always display a web forgery warning dialog if the entire contents of a web page are in a DIV tag that uses absolute positioning, which makes it easier for remote attackers to conduct phishing attacks...

CVE-2008-0594

Mozilla Firefox before 2.0.0.12 does not always display a web forgery warning dialog if the entire contents of a web page are in a DIV tag that uses absolute positioning, which makes it easier for remote attackers to conduct phishing attacks...

Web forgery overwrite with div overlay — Mozilla

Security researchers Emil Ljungdahl and Lars-Olof Moilanen demonstrated that, in cases where the entire contents of a page are enclosed in a with absolute positioning, a web forgery warning dialog won't be displayed unless the user switches tabs away-from then back-to the forgery page...

Unfixed XSS vulnerability at www.globalpositioningsystems.co.uk

Security researcher GURUS, has submitted on 14/03/2007 a cross-site-scripting XSS vulnerability affecting www.globalpositioningsystems.co.uk, which at the time of submission ranked 74121 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 14/03/200...

PT-2007-1310 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6.0.2900 SP2 and earlier Description: The issue allows remote attackers to cause a denial of service, resulting in a crash, by utilizing a table element with a CSS attribute that sets the position. This...

Dove gray ultimate free kill tutorial-vulnerability warning-the black bar safety net

To this station also quite a few days, learned a lot of knowledge. Here today, I also want to talk about yourself tofree to killperception. A week ago,I dofree to killby Kabbah, rising, Kingsoft, Norton, etc. files and memory. I'm very excited about thefree to killmethod in the online publication...

Mozilla Firefox 1.0.4 - 'Set As Wallpaper' Code Execution

// Exploit by Michael Krax Firewalling - Proof-of-Concept function stopload // in some cases the javascript url never stops to load // therefore we force a stop after the real image got loaded window.setTimeout"window.stop",1000; Firewalling - Proof-of-Concept The "Set As Wallpaper" dialog takes...

Microsoft Internet Explorer 6 - Absolute Position Block Denial of Service

Microsoft Internet Explorer 6 - Absolute Position Block Denial of Service source: https://www.securityfocus.com/bid/8758/info A problem has been reported in Microsoft Internet Explorer when absolute positioning is used. Because of this, it may be possible to deny service to users of the browser...

Microsoft Internet Explorer 6 - Absolute Position Block Denial of Service

source: https://www.securityfocus.com/bid/8758/info A problem has been reported in Microsoft Internet Explorer when absolute positioning is used. Because of this, it may be possible to deny service to users of the browser. This issue may be due to memory corruption, however, it is known not at th...