3175 matches found
USN-690-1: Firefox and xulrunner vulnerabilities
Several flaws were discovered in the browser engine. These problems could allow an attacker to crash the browser and possibly execute arbitrary code with user privileges. CVE-2008-5500, CVE-2008-5501, CVE-2008-5502 It was discovered that Firefox did not properly handle persistent cookie data. If ...
CVE-2008-5513
Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting XSS attacks via unknown...
CVE-2008-5513
CVE-2008-5513 affects Mozilla Firefox. The issue arises in the session-restore feature, where restoration of SessionStore data can bypass the Same Origin Policy, enabling content injection and cross-site scripting (XSS) via unknown vectors. Affected products/versions include Firefox 3.x prior to ...
CVE-2008-5513
Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting XSS attacks via unknown...
CVE-2008-4229
Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the device from a backup...
PT-2008-5522 · Apple · Ios +1
Name of the Vulnerable Software and Affected Versions: Apple iPhone OS versions 2.0 through 2.1 Apple iPhone OS for iPod touch versions 2.0 through 2.1 Description: A race condition exists in the Passcode Lock feature, allowing physically proximate attackers to bypass the lock and launch arbitrar...
Mozilla Foundation Security Advisory 2008-53
Mozilla Foundation Security Advisory 2008-53 Title: XSS and JavaScript privilege escalation via session restore Impact: Critical Announced: November 12, 2008 Reporter: David Bloom, mozbugra4 Products: Firefox Fixed in: Firefox 3.0.4 Firefox 2.0.0.18 Description Security researcher David Bloom...
CVE-2008-5019
The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting XSS attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors...
Cross site scripting
The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting XSS attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors...
CVE-2008-5019
The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting XSS attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors...
EUVD-2008-4998
The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting XSS attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors...
Mozilla XSS via session restore
The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting XSS attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors...
Mozilla XSS via session restore
The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting XSS attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors...
Mozilla Firefox < 2.0.0.18 Multiple Vulnerabilities
Binary data 4751.prm...
XSS and JavaScript privilege escalation via session restore — Mozilla
Security researcher David Bloom reported that the browser's session restore feature can be used to violate the same-origin policy and run JavaScript in the context of another site. Any otherwise unexploitable crash can be used to force the user into the session restore state...
Gear Software CD DVD Filter driver privilege escalation vulnerability
Overview The Gear Software CD DVD Filter driver contains a privilege escalation vulnerability, which can allow an attacker to gain SYSTEM privileges. Description Gear Software provides a driver called CD DVD Filter, which is provided by GEARAspiWDM.sys. This driver is used by multiple CD/DVD...
Security Bypass Vulnerabilities AXESSTEL
Bboyhacks bboyhacksatgmail.com AXESS.TEL CDMA 1xEV-DO FIXED WIRELESS MODEN AXW-D800 S/W Version:D2ETH10901VEBR Jun-14-2006 Default LAN IP: 192.168.0.1 http thttpd 2.25b Security Bypass Vulnerabilities basic setup http://192.168.0.1/etc/config/System.html Network...
EMC Retrospect弱哈希算法口令泄露漏洞
BUGTRAQ ID: 30319,30308 EMC Retrospect是Windows平台下的备份和恢复软件。 Retrospect备份客户端在网络中以明文传输口令哈希。如果远程攻击者向客户端发送了恶意报文的话,客户端的响应信息中就会包含有明文口令,导致损失保密性;此外Retrospect备份服务器的认证模块使用了弱口令哈希算法,攻击者可以较容易的暴力猜测。 EMC Retrospect for Windows 7.5.508 EMC --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Important: Red Hat Security Advisory: lspp-eal4-config-ibm and capp-lspp-eal4-config-hp security update
Updated lspp-eal4-config-ibm and capp-lspp-eal4-config-hp packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The lspp-eal4-config-ibm and capp-lspp-eal4-config-h...
Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities
Exploit for hardware platform in category remote exploits ================================================================ Linksys WRT54G firmware 1.00.9 Security Bypass Vulnerabilities ================================================================ regurgitated by: meathive url: kinqpinz.info ;...