156 matches found
Memory corruption
Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service crash and execute arbitrary code via vectors related to a document object "appended in a specific order," aka "HTML Objects Memory Corruption...
[SECURITY] Fedora 9 Update: roundcubemail-0.2-0.alpha.fc9
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
[SECURITY] Fedora 7 Update: roundcubemail-0.2-0.alpha.fc7.1
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
bitweaver-xss.txt
-=--------------------ADVISORY-------------------=- bitweaver 1.3.1 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: bitweaver -=+ Version: 1.3.1 -=+ Vendor's URL: http://www.bitweaver.org/articles/ -=+ Platform: Windows\Linux\Unix -=+ Bug typ...
flat.txt
Description: A PHP Website Engine not using any database. Support for different languages. Using the directory-structure for menue creation. Directory names are the menue topicscategories, filenames beneath are menue items. XHTML compliant. Supports Modules like P version: flatCMS 1.01 vendor:...
USN-157-1: Mozilla Thunderbird vulnerabilities
Vladimir V. Perepelitsa discovered a bug in Thunderbird's handling of anonymous functions during regular expression string replacement. A malicious HTML email could exploit this to capture a random block of client memory. CAN-2005-0989 Georgi Guninski discovered that the types of certain XPInstal...
security flaw
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...
security flaw
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...
security flaw
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...
CVE-2005-2269
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...
CVE-2005-2269
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...
CVE-2005-2269
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...
XHTML node spoofing — Mozilla
Parts of the browser UI relied too much on DOM node names without taking different namespaces into account and verifying that nodes really were of the expected type. An XHTML document could be used to create fake elements, for example, with content-defined properties that the browser would access...
ie6fire.txt
Hello , all. IE6 kicks Firefox's BUG : Local Information Disclosure. MIME types commonly used on the web determine what kind of content is being sent down and give the browser an idea of how to parse,render or otherwise deal with the content. "application/zip", for example, is what's sent by the...
CVE-2004-1686
CVE-2004-1686 affects Internet Explorer 6.0 on Windows XP SP2. A vulnerability allows remote attackers to bypass the Information Bar prompt for ActiveX and JavaScript by crafting an XHTML page containing an Internet Explorer formatted comment between the DOCTYPE and HTML tags, demonstrated with t...
Microsoft Internet Explorer 6 SV 1 XHTML Comment User Confirmation Bypass
Binary data 2301.prm...