529 matches found
Amaya (URL Bar) Remote Stack Overflow Vulnerability
W3C Amaya 10.1 Web Browser Amaya URL Bar Remote Stack Overflow Vulnerability Written and discovered by: r0ut3r writ3r at gmail.com / www.bmgsec.com.au Advisory: http://www.bmgsec.com.au/advisory/40/ ------------------------------------------------------ Shellcode notes: The application fails to...
W3C Amaya 10.1 Web Browser - URL Bar Remote Stack Overflow (PoC)
W3C Amaya 10.1 Web Browser - URL Bar Remote Stack Overflow PoC W3C Amaya 10.1 Web Browser Amaya URL Bar Remote Stack Overflow Vulnerability Written and discovered by: r0ut3r writ3r at gmail.com / www.bmgsec.com.au Advisory: http://www.bmgsec.com.au/advisory/40/...
W3C Amaya 10.1 Web Browser - URL Bar Remote Stack Overflow (PoC)
W3C Amaya 10.1 Web Browser Amaya URL Bar Remote Stack Overflow Vulnerability Written and discovered by: r0ut3r writ3r at gmail.com / www.bmgsec.com.au Advisory: http://www.bmgsec.com.au/advisory/40/ ------------------------------------------------------ Shellcode notes: The application fails to...
W3C Amaya 10.1 Web Browser (URL Bar) Remote Stack Overflow PoC
Exploit for unknown platform in category dos / poc ============================================================== W3C Amaya 10.1 Web Browser URL Bar Remote Stack Overflow PoC ============================================================== W3C Amaya 10.1 Web Browser Amaya URL Bar Remote Stack...
CVE-2007-4225
Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion...
MSIE7 entrapment again (+ FF tidbit)
Hello again, Microsoft Internet Explorer seems to have a soft spot for browser entrapment vulnerabilities. Just to recap, in these attacks, the user is made believe he had left a webpage and the URL bar or SSL state data reinforce him in this belief - but in reality, is prevented from doing so, a...
Code injection
Microsoft Internet Explorer 6 allows remote attackers to spoof the URL bar, and page properties including SSL certificates, by interrupting page loading through certain use of location DOM objects and setTimeout calls. NOTE: this issue can be leveraged for phishing and other attacks...
CVE-2007-3092
CVE-2007-3092 affects Microsoft Internet Explorer 6. The vulnerability allows remote attackers to spoof the URL bar and page properties (including SSL certificates) by interrupting page loading with certain uses of location DOM objects and setTimeout calls, enabling phishing-like attacks. Exploit...
[Full-disclosure] Assorted browser vulnerabilities
Hello, Will keep it brief. A couple of browser bugs, fresh from the oven, hand crafted with love: 1 Title : MSIE page update race condition CRITICAL Impact : cookie stealing / setting, page hijacking, memory corruption Demo : http://lcamtuf.coredump.cx/ierace/ ...aka the bait & switch...