48 matches found
Mozilla Firefox Multiple Vulnerabilities - November12 (Windows)
This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultvulnnov12win.nasl 5956 2017-04-14 09:02:12Z teissa $ Mozilla Firefox Multiple Vulnerabilities - November12 Windows Authors: Rachana Shetty Copyright: Copyright c...
Mozilla: XSS via plugins and shadowed window.location object (MFSA 2011-38)
Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170...
Mozilla: XSS via plugins and shadowed window.location object (MFSA 2011-38)
Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170...
Mozilla: XSS via plugins and shadowed window.location object (MFSA 2011-38)
Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170...
Mozilla Foundation Security Advisory 2007-39
Mozilla Foundation Security Advisory 2007-39 Title: Referer-spoofing via window.location race condition Impact: High Announced: November 26, 2007 Reporter: Gregory Fleischer Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.10 SeaMonkey 1.1.7 Description Gregory Fleischer demonstrated that it...
URL spoof in address bar
KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property...
CVE-2006-3640
Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability."...
CVE-2006-1650
Firefox 1.5.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: a followup was...