Lucene search
K

1619 matches found

UbuntuCve
UbuntuCve
added 2009/08/31 4:30 p.m.32 views

CVE-2009-3010

Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; SeaMonkey 1.1.17; and Mozilla 1.7.x and earlier do not properly block data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting ...

4.3CVSS5.9AI score0.01851EPSS
Exploits1References1
Cvelist
Cvelist
added 2009/08/31 4:0 p.m.30 views

CVE-2009-3016

Apple Safari 4.0.3 does not properly block javascript: and data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header that contains a javascript: URI, 2 entering a javascript: URI...

5.3AI score0.01062EPSS
Exploits1References3
Cvelist
Cvelist
added 2009/08/31 4:0 p.m.33 views

CVE-2009-3011

Google Chrome 1.0.154.48 and earlier, 2.0.172.28, 2.0.172.37, and 3.0.193.2 Beta does not properly block data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header that contains...

5.4AI score0.00938EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2009/08/31 12:0 a.m.6 views

PT-2009-5350 · Mozilla · Firefox +1

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions 3.0.13 and earlier Mozilla Firefox version 3.5 Mozilla Firefox version 3.6 a1 pre Mozilla Firefox version 3.7 a1 pre SeaMonkey version 1.1.17 Mozilla versions 1.7.x and earlier Description: The issue allows remote...

4.3CVSS5.3AI score0.01851EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2009/08/27 3:6 p.m.15 views

Snow Leopard Gets an Anti-Virus Scanner

Apple’s commercials may give the impression that Macs are virus-free but the company isn’t taking any chances with the newest Mac OS X refresh. Apple has quietly added a new Snow Leopard feature to scan software downloads for malware, a no-brainer move that coincides with a noticeable spike in...

2.2AI score
Exploits0References3
OpenVAS
OpenVAS
added 2009/07/09 12:0 a.m.24 views

Google Chrome Cross-Site Scripting Vulnerability - July09

This host has Google Chrome installed and is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbgooglechromexssvulnjul09.nasl 4869 2016-12-29 11:01:45Z teissa $ Google Chrome Cross-Site Scripting Vulnerability - July09 Authors: Sharath S Copyright: Copyright c 2009...

4.3CVSS6.4AI score0.02046EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2009/07/09 12:0 a.m.24 views

Microsoft Internet Explorer XSS Vulnerability - July09

The host is installed with Internet Explorer and is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbmsiexssvulnjul09.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft Internet Explorer XSS Vulnerability - July09 Authors: Nikita MR Copyright: Copyright c 2009...

4.3CVSS6.4AI score0.14381EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2009/07/09 12:0 a.m.23 views

Opera Web Browser 'Refresh' Header XSS Vulnerabilities (Linux)

The host is installed with Opera Web Browser and is prone to Cross-Site Scripting Vulnerability. OpenVAS Vulnerability Test $Id: gboperaxssvulnlin.nasl 4869 2016-12-29 11:01:45Z teissa $ Opera Web Browser 'Refresh' Header XSS Vulnerabilities Linux Authors: Antu Sanadi Copyright: Copyright c 2009...

4.3CVSS0.01709EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2009/07/09 12:0 a.m.20 views

Google Chrome Cross-Site Scripting Vulnerability (Jul 2009)

Google Chrome is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.8AI score0.02046EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2009/07/09 12:0 a.m.28 views

Opera Web Browser 'Refresh' Header XSS Vulnerabilities - Windows

Opera Web Browser is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.7AI score0.01709EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/07/09 12:0 a.m.23 views

Opera Web Browser 'Refresh' Header XSS Vulnerabilities - Linux

Opera Web Browser is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.7AI score0.01709EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/07/09 12:0 a.m.20 views

Microsoft Internet Explorer XSS Vulnerability (Jul 2009)

Internet Explorer is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS4.7AI score0.14381EPSS
Exploits1References4
Prion
Prion
added 2009/07/07 11:30 p.m.31 views

Cross site scripting

Opera 9.52 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header or 2 specifying the content of a Refresh header, a related issue to...

4.3CVSS5.8AI score0.05565EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2009/07/07 11:0 p.m.71 views

CVE-2009-2351

CVE-2009-1312 is referenced in MiracleLinux AXSA advisories as a vulnerability in Mozilla Firefox and SeaMonkey where javascript: URIs in Refresh headers in HTTP responses were not blocked. Affected versions include Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17; this could enable cross...

4.3CVSS5.9AI score0.01709EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2009/07/07 11:0 p.m.31 views

CVE-2009-2352

Google Chrome 1.0.154.48 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header or 2 specifying the content of a Refresh header, a related issue...

8.7AI score0.02046EPSS
Exploits1References5
exploitpack
exploitpack
added 2009/06/03 12:0 a.m.9 views

Google Chrome 0.3.154 - JavaScript: URI in Refresh Header Cross-Site Scripting

Google Chrome 0.3.154 - JavaScript: URI in Refresh Header Cross-Site Scripting source: https://www.securityfocus.com/bid/35572/info Google Chrome is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execu...

0.2AI score
Exploits0
Prion
Prion
added 2009/04/22 6:30 p.m.25 views

Cross site scripting

Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header or 2 specifying the content of a Refresh header. NOTE...

4.3CVSS5.8AI score0.05565EPSS
Exploits0References26Affected Software1
NVD
NVD
added 2009/04/22 6:30 p.m.21 views

CVE-2009-1312

Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header or 2 specifying the content of a Refresh header. NOTE...

4.3CVSS5.6AI score0.05565EPSS
Exploits0References26
RedHat Linux
RedHat Linux
added 2009/04/22 1:40 a.m.4 views

javascript: URIs

Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header or 2 specifying the content of a Refresh header. NOTE...

4.3CVSS7.3AI score0.05565EPSS
Exploits0References4
exploitpack
exploitpack
added 2009/04/22 12:0 a.m.11 views

Mozilla (Multiple Products) - Server Refresh Header Cross-Site Scripting

Mozilla Multiple Products - Server Refresh Header Cross-Site Scripting source: https://www.securityfocus.com/bid/34656/info The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox, Thunderbird, and SeaMonkey. Attackers can exploit these issue...

0.1AI score
Exploits0
Rows per page
Query Builder