322 matches found
Avant Browser Address Bar Spoofing Vulnerability
Avant Browser is prone to Address Bar Spoofing vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
Lunascape 5.1.3 and 5.1.4 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site containi...
Design/Logic Flaw
Microsoft Internet Explorer 6 through 8 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the...
CVE-2009-3006
Maxthon Browser 2.5.3.80 UNICODE allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site...
Design/Logic Flaw
Maxthon Browser 2.5.3.80 UNICODE allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site...
Design/Logic Flaw
Avant Browser 11.7 Builds 35 and 36 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the sit...
CVE-2009-0522
Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the "mouse pointer display," related to a "Clickjacking attack."...
CVE-2009-0114
Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant."...
CVE-2009-0114
Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant."...
Microsoft Internet Explorer Clickjacking Vulnerability
This host has installed Internet Explorer and is prone to clickjacking vulnerability OpenVAS Vulnerability Test $Id: gbmsieclickjackingvuln.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft Internet Explorer Clickjacking Vulnerability Authors: Sharath S Copyright: Copyright c 2009 Greenbone...
Microsoft Internet Explorer Clickjacking Vulnerability
This host has installed Internet Explorer and is prone to clickjacking vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2009-0253
Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" attack...
[Backports-security-announce] Security Update for pidgin
Gerfried Fuchs uploaded new packages for pidgin which fixed the following security problem: CVE-2008-2957, Debian Bug 488632 The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service memory...
CVE-2008-2957
The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service memory or disk consumption via a UDP packet that specifies an arbitrary URL...
CVE-2008-2957
The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service memory or disk consumption via a UDP packet that specifies an arbitrary URL...
Fedora 8 : gallery2-2.2.4-1.fc8 (2007-4778)
Gallery 2.2.4 addresses the following security vulnerabilities : - Publish XP module - Fixed unauthorized album creation and file uploads. - URL rewrite module - Fixed local file inclusion vulnerability in unsecured admin controller and information disclosure in hotlink protection. - Core /...
gallery2 -- multiple vulnerabilities
The Gallery team reports: Gallery 2.2.4 addresses the following security vulnerabilities: Publish XP module - Fixed unauthorized album creation and file uploads. URL rewrite module - Fixed local file inclusion vulnerability in unsecured admin controller and information disclosure in hotlink...
SiteBar: Multiple issues
Background SiteBar is a PHP application that allows users to store their bookmarks on a web server. Description Tim Brown discovered these multiple issues: the translation module does not properly sanitize the value to the "dir" parameter CVE-2007-5491, CVE-2007-5694; the translation module also...
Design/Logic Flaw
Argument injection vulnerability in the Linden Lab Second Life secondlife:// protocol handler, as used in Internet Explorer and possibly Firefox, allows remote attackers to obtain sensitive information via a '" ' double-quote space sequence followed by the -autologin and -loginuri arguments, whic...
CVE-2006-4060
PHP remote file inclusion vulnerability in calendar.php in Visual Events Calendar 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the cfgdir parameter...