836 matches found
CVE-2005-1475
The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect...
CVE-2005-1475
The CVE-2005-1475 issue affects Opera 8.0 Final Build 1095 where the XMLHttpRequest object could bypass same-origin restrictions due to insufficient validation of server-side redirects, allowing a remote attacker to access resources on other domains and perform actions with the user’s privileges....
CVE-2005-1475
The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect...
[SA15008] Opera XMLHttpRequest Security Bypass
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
opera -- XMLHttpRequest security bypass
A Secunia Advisory reports: Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to steal content or to perform actions on other web sites with the privileges of the user. Normally, it should not be possible for the XMLHttpRequest object to access...
Opera < 8.01 Multiple Vulnerabilities
The version of Opera installed on the remote host is earlier than 8.01 and thus reportedly affected by multiple issues : - It may be possible for a malicious website to spoof dialog boxes. - It may be possible for a XMLHttpRequest object to gain unauthorized access to sensitive data. - The...
CVE-2005-0976
AppleWebKit WebCore and WebKit, as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs...
CVE-2005-0976
AppleWebKit WebCore and WebKit, as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs...
CVE-2005-0976
AppleWebKit-based browsers (WebCore/WebKit) are affected by CVE-2005-0976, which allows remote attackers to read local files via the XMLHttpRequest component. The vulnerability affects Safari 1.2+ and OmniWeb 5.1+ (and other WebKit-based apps using file: URLs), triggered by attacker‑supplied cont...
Galeon < 1.2.2 XMLHttpRequest File / Directory Disclosure
Binary data 1754.prm...
Mozilla < 1.0rc2 XMLHttpRequest File / Directory Disclosure (deprecated)
Binary data 1753.prm...
Netscape < 6.2.3 XMLHttpRequest File / Directory Disclosure
Binary data 1755.prm...
Mozilla Thunderbird < 2.0.0.22 Multiple Vulnerabilities
Binary data 5001.prm...
CVE-2002-0354
The XMLHttpRequest object XMLHTTP in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property...
CVE-2002-0354
The XMLHttpRequest object XMLHTTP in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property...
CVE-2002-0354
The CVE-2002-0354 issue concerns the XMLHttpRequest (XMLHTTP) object in Netscape 6.1 and Mozilla 0.9.7. It permits remote attackers to read arbitrary files and list directories on a client by directing the browser to a file via a URL redirect and then reading the result through responseText. This...