2451 matches found
Design/Logic Flaw
Maxthon Browser 2.5.3.80 UNICODE allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site...
JavaScript chrome privilege escalation — Mozilla
Mozilla security researcher mozbugra4 reported a vulnerability which allows scripts from page content to run with elevated privileges. Using this vulnerability, an attacker could cause a chrome privileged object, such as the browser sidebar or the FeedWriter, to interact with web content in such ...
Cross site request forgery (csrf)
Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x before 6.11, as used in vbDrupal before 5.17.0, allows user-assisted remote attackers to obtain sensitive information by tricking victims into visiting the front page of the site with a crafted URL and causing form data to be sent to an...
Google Chrome < 1.0.154.59 ChromeHTML URI Handling Privilege Escalation
The version of Google Chrome installed on the remote host is earlier than 1.0.154.59. Such versions are reportedly affected by an issue when handling URLs with a 'chromehtml:' protocol that could allow an attacker to run scripts of his choosing on any page or enumerate files on the local disk. If...
EUVD-2008-3645
Buffer overflow in the memnstr function in PHP 4.4.x before 4.4.9 and PHP 5.6 through 5.2.6 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via the delimiter argument to the explode function. NOTE: the scope of this issue is limited since...
Fedora 7 : libpng10-1.0.37-1.fc7 (2008-3979)
This update fixes the way that libpng10 handles unknown zero-length chunks, which in previous versions could result in writing to attacker controlled addresses, depending on how the libpng api is used. To be affected, an application would have to call pngsetkeepunknownchunks, which tells libpng n...
Debian Security Advisory DSA 1149-1 (ncompress)
The remote host is missing an update to ncompress announced via advisory DSA 1149-1. Tavis Ormandy from the Google Security Team discovered a missing boundary check in ncompress, the original Lempel-Ziv compress and uncompress programs, which allows a specially crafted datastream to underflow a...
CVE-2007-4700
Unspecified vulnerability in WebKit on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to use Safari as an indirect proxy and send attacker-controlled data to arbitrary TCP ports via unknown vectors...
Design/Logic Flaw
Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA formerly Computer Associates products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server...
CVE-2007-3336
Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA formerly Computer Associates products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server...
Design/Logic Flaw
inimodifier sgid-zendtech in Zend Platform 2.2.3 and earlier allows local users to modify the system php.ini file by editing a copy of php.ini file using the -f parameter, and then performing a symlink attack using the directory that contains the attacker-controlled php.ini file, and linking this...
Blojsom 2.31 - Cross-Site Scripting
Blojsom 2.31 - Cross-Site Scripting source: https://www.securityfocus.com/bid/20026/info Blojsom is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to have arbitrary script code execute in the browser ...
PT-2006-5354 · Mozilla · Firefox
Name of the Vulnerable Software and Affected Versions: Mozilla Firefox version 1.5.0.6 Description: The issue allows remote attackers to execute arbitrary JavaScript in the context of the browser's session with an arbitrary intranet web server. This can be achieved by hosting a script on an...
CVE-2006-2196
Unspecified vulnerability in pinball 0.3.1 allows local users to gain privileges via unknown attack vectors that cause pinball to load plugins from an attacker-controlled directory while operating at raised privileges...
CVE-2006-2196
Unspecified vulnerability in pinball 0.3.1 allows local users to gain privileges via unknown attack vectors that cause pinball to load plugins from an attacker-controlled directory while operating at raised privileges...
Matt Wright Guestbook 2.3.1 - Guestbook.pl Multiple HTML Injection Vulnerabilities
Matt Wright Guestbook 2.3.1 - Guestbook.pl Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/17438/info Guestbook is prone to multiple HTML-injection vulnerabilities; the application fails to properly sanitize user-supplied input before using it in dynamically...
MPlayer: Multiple overflows
Background MPlayer is a media player capable of handling multiple multimedia file formats. Description iDEFENSE, Ariel Berkman and the MPlayer development team found multiple vulnerabilities in MPlayer. These include potential heap overflows in Real RTSP and pnm streaming code, stack overflows in...
Mozilla POP3 Mail Handler Remote Overflow (deprecated)
Binary data 1320.prm...
Microsoft Outlook Express 6.0 - URI Obfuscation
source: https://www.securityfocus.com/bid/10345/info Microsoft Outlook Express has been reported prone to a URI obfuscation vulnerability. This issue is reported to affect version 6.0 of the affected software, other versions might also be affected. An attacker could reportedly get a user to visit...
phpGroupWare 0.9.x - 'index.php' HTML Injection
source: https://www.securityfocus.com/bid/12082/info PhpGroupWare is reported to be susceptible to a HTML injection vulnerability. This issue exists because the application fails to properly sanitize user-supplied input. The attacker-supplied HTML and script code would be able to access propertie...