1279 matches found
CVE-2010-4033
CVE-2010-4033 affects Google Chrome versions before 7.0.517.41, where the browser’s autofill/autocomplete implementation allows remote attackers to perform “profile spamming” via unspecified vectors. The NVD entry describes the vulnerability as an issue with autofill/autocomplete, with a CVSS v2 ...
Google Chrome < 7.0.517.41 Multiple Vulnerabilities
Binary data 5680.pasl...
Google Chrome < 7.0.517.41 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 7.0.517.41. Such versions are reportedly affected by multiple vulnerabilities : - It is possible to spam profiles via autofill / autocomplete. Issue 48225, 51727 - An unspecified crash exists relating to forms. Issue 48857 ...
Google Chrome < 7.0.517.41 Multiple Vulnerabilities
Binary data 800924.prm...
About the security content of Safari 5.0.1 and Safari 4.1.1
About the security content of Safari 5.0.1 and Safari 4.1.1 Last Modified: July 28, 2010 Article: HT4276 Summary This document describes the security content of Safari 5.0.1 and Safari 4.1.1. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a...
CVE-2010-1796
The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields...
Input validation
The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields...
CVE-2010-1796
The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields...
CVE-2010-1796
The CVE-2010-1796 issue affects Safari before 5.0.1 on Mac OS X 10.5–10.6 and Windows, and before 4.1.1 on Mac OS X 10.4. An implementation flaw in AutoFill lets a malicious website trigger AutoFill without user action, exposing Address Book Card data via JavaScript keystroke events. The security...
CVE-2010-1796
The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields...
CVE-2010-1796
Removed by vendor...
Apple Fixes AutoFill Flaw in Massive Safari Update
LAS VEGAS–Apple has released a major update to its Safari browser that includes a number of security fixes, most importantly a patch for the AutoFill vulnerability disclosed recently. Safari 5.0, which was released Wednesday by Apple, gives users protection against several flaws, including the...
Safari < 4.1.1 / 5.0.1 Multiple Vulnerabilities
Binary data 5617.prm...
Safari AutoFill Feature Exposes User Data
A prominent security researcher is urging users of Apple’s Safari browser to immediately turn off the AutoFill feature to block hackers from stealing sensitive information. According to Jeremiah Grossman, founder and Chief Technology Officer of WhiteHat Security, the AutoFill Web Forms feature ca...
Firefox form history vulnerable to stealing
Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries...
CVE-2006-6238
The AutoFill feature in Apple Safari 2.0.4 does not properly verify that all automatically populated form fields are visible to the user, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via input fields of zero width, a variant of CVE-2006-6077...
CVE-2006-6238
The AutoFill feature in Apple Safari 2.0.4 does not properly verify that all automatically populated form fields are visible to the user, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via input fields of zero width, a variant of CVE-2006-6077...
CVE-2006-6238
The AutoFill feature in Apple Safari 2.0.4 does not properly verify that all automatically populated form fields are visible to the user, which allows remote attackers to obtain sensitive information, such as usernames and passwords, via input fields of zero width, a variant of CVE-2006-6077...
CVE-2006-6238
Technical details for CVE-2006-6238 are not provided in the supplied documents. Connected sources reference related Safari issues and other CVEs but do not specify affected versions, root cause, or fixes. Monitor for updates.