Lucene search
K

3175 matches found

Ubuntu
Ubuntu
added 2008/12/17 11:50 p.m.59 views

USN-690-1: Firefox and xulrunner vulnerabilities

Several flaws were discovered in the browser engine. These problems could allow an attacker to crash the browser and possibly execute arbitrary code with user privileges. CVE-2008-5500, CVE-2008-5501, CVE-2008-5502 It was discovered that Firefox did not properly handle persistent cookie data. If ...

10CVSS8.4AI score0.03201EPSS
Exploits0
NVD
NVD
added 2008/12/17 11:30 p.m.15 views

CVE-2008-5513

Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting XSS attacks via unknown...

4.3CVSS5.8AI score0.01784EPSS
Exploits0References24
CVE
CVE
added 2008/12/17 11:0 p.m.97 views

CVE-2008-5513

CVE-2008-5513 affects Mozilla Firefox. The issue arises in the session-restore feature, where restoration of SessionStore data can bypass the Same Origin Policy, enabling content injection and cross-site scripting (XSS) via unknown vectors. Affected products/versions include Firefox 3.x prior to ...

4.3CVSS8.9AI score0.01784EPSS
Exploits0References24Affected Software3
UbuntuCve
UbuntuCve
added 2008/12/17 12:0 a.m.26 views

CVE-2008-5513

Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting XSS attacks via unknown...

4.3CVSS5.9AI score0.01784EPSS
Exploits0References3
Cvelist
Cvelist
added 2008/11/25 11:0 p.m.35 views

CVE-2008-4229

Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the device from a backup...

6.2AI score0.00244EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2008/11/25 12:0 a.m.4 views

PT-2008-5522 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: Apple iPhone OS versions 2.0 through 2.1 Apple iPhone OS for iPod touch versions 2.0 through 2.1 Description: A race condition exists in the Passcode Lock feature, allowing physically proximate attackers to bypass the lock and launch arbitrar...

3.7CVSS6.5AI score0.00244EPSS
Exploits0References8
securityvulns
securityvulns
added 2008/11/14 12:0 a.m.55 views

Mozilla Foundation Security Advisory 2008-53

Mozilla Foundation Security Advisory 2008-53 Title: XSS and JavaScript privilege escalation via session restore Impact: Critical Announced: November 12, 2008 Reporter: David Bloom, mozbugra4 Products: Firefox Fixed in: Firefox 3.0.4 Firefox 2.0.0.18 Description Security researcher David Bloom...

4.3CVSS1AI score0.0307EPSS
Exploits0
NVD
NVD
added 2008/11/13 11:30 a.m.17 views

CVE-2008-5019

The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting XSS attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors...

4.3CVSS6.1AI score0.0307EPSS
Exploits0References25
Prion
Prion
added 2008/11/13 11:30 a.m.21 views

Cross site scripting

The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting XSS attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors...

4.3CVSS6AI score0.0307EPSS
Exploits0References25Affected Software3
Cvelist
Cvelist
added 2008/11/13 11:0 a.m.24 views

CVE-2008-5019

The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting XSS attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors...

8.8AI score0.0307EPSS
Exploits0References25
EUVD
EUVD
added 2008/11/13 11:0 a.m.5 views

EUVD-2008-4998

The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting XSS attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors...

4.3CVSS6.2AI score0.0307EPSS
Exploits0References29
RedHat Linux
RedHat Linux
added 2008/11/13 2:18 a.m.7 views

Mozilla XSS via session restore

The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting XSS attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors...

4.3CVSS5.9AI score0.0307EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/11/13 2:4 a.m.4 views

Mozilla XSS via session restore

The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting XSS attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors...

4.3CVSS5.9AI score0.0307EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2008/11/13 12:0 a.m.35 views

Mozilla Firefox < 2.0.0.18 Multiple Vulnerabilities

Binary data 4751.prm...

10CVSS7.3AI score0.10187EPSS
Exploits2References27
Mozilla
Mozilla
added 2008/11/12 12:0 a.m.28 views

XSS and JavaScript privilege escalation via session restore — Mozilla

Security researcher David Bloom reported that the browser's session restore feature can be used to violate the same-origin policy and run JavaScript in the context of another site. Any otherwise unexploitable crash can be used to force the user into the session restore state...

4.3CVSS1.5AI score0.0307EPSS
Exploits0References2Affected Software1
CERT
CERT
added 2008/10/07 12:0 a.m.34 views

Gear Software CD DVD Filter driver privilege escalation vulnerability

Overview The Gear Software CD DVD Filter driver contains a privilege escalation vulnerability, which can allow an attacker to gain SYSTEM privileges. Description Gear Software provides a driver called CD DVD Filter, which is provided by GEARAspiWDM.sys. This driver is used by multiple CD/DVD...

7.2CVSS6.9AI score0.00424EPSS
Exploits2References4
securityvulns
securityvulns
added 2008/07/29 12:0 a.m.187 views

Security Bypass Vulnerabilities AXESSTEL

Bboyhacks bboyhacksatgmail.com AXESS.TEL CDMA 1xEV-DO FIXED WIRELESS MODEN AXW-D800 S/W Version:D2ETH10901VEBR Jun-14-2006 Default LAN IP: 192.168.0.1 http thttpd 2.25b Security Bypass Vulnerabilities basic setup http://192.168.0.1/etc/config/System.html Network...

1.5AI score
Exploits0
seebug.org
seebug.org
added 2008/07/23 12:0 a.m.18 views

EMC Retrospect弱哈希算法口令泄露漏洞

BUGTRAQ ID: 30319,30308 EMC Retrospect是Windows平台下的备份和恢复软件。 Retrospect备份客户端在网络中以明文传输口令哈希。如果远程攻击者向客户端发送了恶意报文的话,客户端的响应信息中就会包含有明文口令,导致损失保密性;此外Retrospect备份服务器的认证模块使用了弱口令哈希算法,攻击者可以较容易的暴力猜测。 EMC Retrospect for Windows 7.5.508 EMC --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2008/04/01 2:24 p.m.8 views

Important: Red Hat Security Advisory: lspp-eal4-config-ibm and capp-lspp-eal4-config-hp security update

Updated lspp-eal4-config-ibm and capp-lspp-eal4-config-hp packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The lspp-eal4-config-ibm and capp-lspp-eal4-config-h...

6.9CVSS5.6AI score0.00361EPSS
Exploits0References2
0day.today
0day.today
added 2008/03/26 12:0 a.m.102 views

Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities

Exploit for hardware platform in category remote exploits ================================================================ Linksys WRT54G firmware 1.00.9 Security Bypass Vulnerabilities ================================================================ regurgitated by: meathive url: kinqpinz.info ;...

7.1AI score0.05164EPSS
Exploits10
Rows per page
Query Builder