Lucene search
K

89 matches found

RedHat Linux
RedHat Linux
added 2012/11/14 8:30 p.m.8 views

libproxy: PAC handling insufficient content length check leading to buffer overflow

Heap-based buffer overflow in the pxpacreload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504...

10CVSS6.1AI score0.03218EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2010/04/14 2:45 p.m.13 views

Attackers Using Malicious PAC Files in Phishing Attacks

Malware authors have developed a new, and frighteningly effective, tactic that uses a feature built into all of the modern browsers to redirect users to malicious sites without their knowledge or action. In a worrisome new twist, attackers have begun using proxy auto-config PAC files, which are...

0.3AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2006/07/28 11:22 p.m.4 views

security flaw

Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig PAC servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object...

7.5CVSS7.6AI score0.02897EPSS
Exploits0References4
OSV
OSV
added 2006/07/27 8:4 p.m.1 views

DEBIAN-CVE-2006-3808

Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig PAC servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object...

7.5CVSS8.7AI score0.02897EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2006/07/27 7:53 p.m.5 views

security flaw

Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig PAC servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object...

7.5CVSS7.6AI score0.02897EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2005/09/28 6:3 p.m.21 views

CVE-2005-3089

Firefox 1.0.6 allows attackers to cause a denial of service crash via a Proxy Auto-Config PAC script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability...

2.6CVSS5.9AI score0.01683EPSS
Exploits0References1
NVD
NVD
added 2005/09/28 6:3 p.m.14 views

CVE-2005-3089

Firefox 1.0.6 allows attackers to cause a denial of service crash via a Proxy Auto-Config PAC script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability...

2.6CVSS6AI score0.01683EPSS
Exploits0References9
Cvelist
Cvelist
added 2005/09/28 4:0 a.m.20 views

CVE-2005-3089

Firefox 1.0.6 allows attackers to cause a denial of service crash via a Proxy Auto-Config PAC script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability...

6AI score0.01683EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2005/09/22 8:36 p.m.7 views

security flaw

Firefox 1.0.6 allows attackers to cause a denial of service crash via a Proxy Auto-Config PAC script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability...

2.6CVSS5.8AI score0.01683EPSS
Exploits0References4
Rows per page
Query Builder