Lucene search
K

322 matches found

OpenVAS
OpenVAS
added 2009/09/02 12:0 a.m.12 views

Avant Browser Address Bar Spoofing Vulnerability

Avant Browser is prone to Address Bar Spoofing vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.7AI score0.00891EPSS
Exploits0References1
Prion
Prion
added 2009/08/28 3:30 p.m.16 views

Design/Logic Flaw

Lunascape 5.1.3 and 5.1.4 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site containi...

4.3CVSS7.2AI score0.00881EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2009/08/28 3:30 p.m.15 views

Design/Logic Flaw

Microsoft Internet Explorer 6 through 8 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the...

4.3CVSS7.1AI score0.10601EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2009/08/28 3:30 p.m.18 views

CVE-2009-3006

Maxthon Browser 2.5.3.80 UNICODE allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site...

4.3CVSS6.7AI score0.01046EPSS
Exploits0References3
Prion
Prion
added 2009/08/28 3:30 p.m.12 views

Design/Logic Flaw

Maxthon Browser 2.5.3.80 UNICODE allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site...

4.3CVSS7.2AI score0.01046EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2009/08/28 3:30 p.m.14 views

Design/Logic Flaw

Avant Browser 11.7 Builds 35 and 36 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the sit...

4.3CVSS7.2AI score0.00891EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2009/02/26 4:17 p.m.27 views

CVE-2009-0522

Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the "mouse pointer display," related to a "Clickjacking attack."...

4.3CVSS5.8AI score0.02701EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2009/02/26 4:17 p.m.29 views

CVE-2009-0114

Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant."...

5.8CVSS6AI score0.03847EPSS
Exploits0References2
Cvelist
Cvelist
added 2009/02/26 4:0 p.m.31 views

CVE-2009-0114

Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant."...

7.5AI score0.03847EPSS
Exploits0References17
OpenVAS
OpenVAS
added 2009/02/04 12:0 a.m.24 views

Microsoft Internet Explorer Clickjacking Vulnerability

This host has installed Internet Explorer and is prone to clickjacking vulnerability OpenVAS Vulnerability Test $Id: gbmsieclickjackingvuln.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft Internet Explorer Clickjacking Vulnerability Authors: Sharath S Copyright: Copyright c 2009 Greenbone...

4.3CVSS6.7AI score0.10627EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2009/02/04 12:0 a.m.27 views

Microsoft Internet Explorer Clickjacking Vulnerability

This host has installed Internet Explorer and is prone to clickjacking vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS5.2AI score0.10627EPSS
Exploits0References1
Cvelist
Cvelist
added 2009/01/22 6:0 p.m.31 views

CVE-2009-0253

Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" attack...

6.5AI score0.02527EPSS
Exploits0References3
Debian
Debian
added 2008/10/27 7:16 p.m.26 views

[Backports-security-announce] Security Update for pidgin

Gerfried Fuchs uploaded new packages for pidgin which fixed the following security problem: CVE-2008-2957, Debian Bug 488632 The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service memory...

6.4CVSS5.2AI score0.02097EPSS
Exploits0
NVD
NVD
added 2008/07/01 10:41 p.m.17 views

CVE-2008-2957

The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service memory or disk consumption via a UDP packet that specifies an arbitrary URL...

6.4CVSS6.7AI score0.02097EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2008/07/01 10:0 p.m.27 views

CVE-2008-2957

The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service memory or disk consumption via a UDP packet that specifies an arbitrary URL...

6.4CVSS6.5AI score0.02097EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/12/26 12:0 a.m.17 views

Fedora 8 : gallery2-2.2.4-1.fc8 (2007-4778)

Gallery 2.2.4 addresses the following security vulnerabilities : - Publish XP module - Fixed unauthorized album creation and file uploads. - URL rewrite module - Fixed local file inclusion vulnerability in unsecured admin controller and information disclosure in hotlink protection. - Core /...

5.7AI score
Exploits0References1
FreeBSD
FreeBSD
added 2007/12/24 12:0 a.m.34 views

gallery2 -- multiple vulnerabilities

The Gallery team reports: Gallery 2.2.4 addresses the following security vulnerabilities: Publish XP module - Fixed unauthorized album creation and file uploads. URL rewrite module - Fixed local file inclusion vulnerability in unsecured admin controller and information disclosure in hotlink...

10CVSS5.9AI score0.02007EPSS
Exploits0References1
Gentoo Linux
Gentoo Linux
added 2007/11/06 12:0 a.m.42 views

SiteBar: Multiple issues

Background SiteBar is a PHP application that allows users to store their bookmarks on a web server. Description Tim Brown discovered these multiple issues: the translation module does not properly sanitize the value to the "dir" parameter CVE-2007-5491, CVE-2007-5694; the translation module also...

9CVSS7AI score0.07563EPSS
Exploits5
Prion
Prion
added 2007/09/18 10:17 p.m.9 views

Design/Logic Flaw

Argument injection vulnerability in the Linden Lab Second Life secondlife:// protocol handler, as used in Internet Explorer and possibly Firefox, allows remote attackers to obtain sensitive information via a '" ' double-quote space sequence followed by the -autologin and -loginuri arguments, whic...

5CVSS7.2AI score0.01284EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2006/08/10 12:0 a.m.19 views

CVE-2006-4060

PHP remote file inclusion vulnerability in calendar.php in Visual Events Calendar 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the cfgdir parameter...

7.5AI score0.03873EPSS
Exploits1References8
Rows per page
Query Builder