Lucene search
+L

2790 matches found

0day.today
0day.today
added 2004/11/29 12:0 a.m.15 views

Multiple Browsers Nested Array sort() Loop Stack Overflow Exception

Exploit for unknown platform in category dos / poc =================================================================== Multiple Browsers Nested Array sort Loop Stack Overflow Exception =================================================================== a = new Array; while 1 a = new Arraya.sort; ...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2004/11/25 12:0 a.m.24 views

Mozilla Firefox 0.8/0.9/0.10 - Infinite Array Sort Denial of Service

source: https://www.securityfocus.com/bid/11752/info Mozilla Firefox is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs an infinite JavaScript array sort operation. It is conjectured that this will only result in a denial of service and...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2004/11/10 12:0 a.m.28 views

Microsoft Internet Explorer 6.0 / Firefox 0.x / Netscape 7.x - IMG Tag Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/11645/info Various browsers are reported prone to multiple vulnerabilities in the image handling functionality through the tag. These issues can allow remote attackers to determine the existence of local files, cause a denial of service condition, and...

7.4AI score
Exploits0
CERT
CERT
added 2004/11/04 12:0 a.m.18 views

Multiple web browsers do not properly interpret TABLE elements when displaying URLs in the status bar

Overview Multiple web browsers do not properly display the location of HTML documents in the status bar. An attacker could exploit this behavior to mislead users into revealing sensitive information. Description Web browsers frequently display the Uniform Resource Locator URL in the status bar wh...

5.8AI score
Exploits0References3
securityvulns
securityvulns
added 2004/09/17 12:0 a.m.168 views

wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities

Westpoint Security Advisory --------------------------- Title: Multiple Browser Cookie Injection Vulnerabilities Risk Rating: Low Software: Multiple Web Browsers Platforms: Unix and Windows Author: Paul Johnston [email protected] assisted by Richard Moore [email protected] Date: 15...

7.5CVSS6.8AI score0.17183EPSS
Exploits1
CERT
CERT
added 2004/09/17 12:0 a.m.21 views

Mozilla may allow violation of cross-domain scripting policies via dragging

Overview A vulnerability affecting Mozilla web browsers may allow violation of cross-domain scripting policies and possibly execute code originating from a remote source. Description Mozilla web browsers allow the dragging of links and objects from one window to another. Should the object copied ...

6.9AI score
Exploits0References5
securityvulns
securityvulns
added 2004/09/17 12:0 a.m.27 views

multiple browsers cookie spoofing

It's possible to spoof cookies for few 3rd level domains...

3.5AI score
Exploits0References3Affected Software4
securityvulns
securityvulns
added 2004/09/13 12:0 a.m.51 views

[Full-Disclosure] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue

-- Corsaire Security Advisory -- Title: Multiple vendor MIME RFC2047 encoding issue Date: 04.08.03 Application: various Environment: various Author: Martin O'Neal [email protected] Audience: General distribution Reference: c030804-007 -- Scope -- The aim of this document is to clearly...

7.5CVSS6.1AI score0.02383EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/06 12:0 a.m.35 views

Mozilla Multiple Browsers CA Certificate SSL Page DoS

The remote host is using Mozilla, an alternative web browser. The Mozilla Personal Security Manager PSM contains a flaw that may permit an attacker to silently import a certificate into the PSM certificate store. This corruption may result in a denial of SSL connections. C Tenable Network Securit...

5CVSS5.5AI score0.03146EPSS
Exploits0References3
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.21 views

CVE-2002-1126

Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunloa...

6.3AI score0.01523EPSS
Exploits1References7
CVE
CVE
added 2004/09/01 4:0 a.m.63 views

CVE-2002-1126

CVE-2002-1126 affects Mozilla 1.1 and earlier and Mozilla-based browsers (e.g., Netscape, Galeon). The issue occurs when loading a new page, where the document referrer is set too quickly, allowing a page to deduce the next URL visited (including manually entered URLs) via the onunload handler. T...

2.6CVSS6.4AI score0.01523EPSS
Exploits1References7Affected Software2
Tenable Nessus
Tenable Nessus
added 2004/08/27 12:0 a.m.12 views

Gecko-based Browsers for MacOS X Content Spoofing

Binary data 2169.prm...

2.6CVSS7.3AI score0.01596EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2004/08/23 12:0 a.m.21 views

nss -- exploitable buffer overflow in SSLv2 protocol handler

ISS X-Force reports that a remotely exploitable buffer overflow exists in the Netscape Security Services NSS library's implementation of SSLv2. From their advisory: The NSS library contains a flaw in SSLv2 record parsing that may lead to remote compromise. When parsing the first record in an SSLv...

3.5AI score
Exploits0References3
FreeBSD
FreeBSD
added 2004/08/11 12:0 a.m.34 views

Mutiple browser frame injection vulnerability

A class of bugs affecting many web browsers in the same way was discovered. A Secunia advisory reports: The problem is that the browsers don't check if a target frame belongs to a website containing a malicious link, which therefore doesn't prevent one browser window from loading content in a nam...

6.4AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2004/07/27 4:0 a.m.37 views

CVE-2004-0718

The 1 Mozilla 1.6, 2 Firebird 0.7, 3 Firefox 0.8, and 4 Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability...

7.5CVSS5.8AI score0.01746EPSS
Exploits0References1
Cvelist
Cvelist
added 2004/07/16 4:0 a.m.22 views

CVE-2004-0595

The striptags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null \0 characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and...

5.3AI score0.45159EPSS
Exploits3References18
CVE
CVE
added 2004/07/16 4:0 a.m.127 views

CVE-2004-0595

The CVE-2004-0595 issue affects PHP’s strip_tags function in PHP 4.x (up to 4.3.7) and 5.x (up to 5.0.0RC3). The vulnerability arises because null characters (\0) in tag names are not filtered when restricting input to allowed tags, allowing dangerous tags to slip through and be processed by brow...

6.8CVSS5.3AI score0.45159EPSS
Exploits3References18Affected Software3
securityvulns
securityvulns
added 2004/05/25 12:0 a.m.39 views

MacOS X browsers files overwriting and scripts execution (multiple bugs)

By using vulnerability in telnet: protocol handling it's possible to add -f option to telnet command line. help: protocol handler allows scripts execution via help: command...

4.6AI score
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2004/05/17 12:0 a.m.35 views

Re: [Full-Disclosure] iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability

Am 13.05.2004 um 17:16 schrieb Richard Johnson: Opera Telnet URI Handler File Creation/Truncation Vulnerability iDEFENSE Security Advisory 05.12.04 www.idefense.com/application/poi/display?id=104&type=vulnerabilities May 12, 2004 This vulnerability exists under OSX with Safari, Firefox, OmniWeb,...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2004/05/13 12:0 a.m.35 views

Microsoft Internet Explorer 5 / Firefox 0.8 / OmniWeb 4.x - URI Protocol Handler Arbitrary File Creation/Modification

source: https://www.securityfocus.com/bid/10336/info A vulnerability has been identified in multiple products from multiple vendors that may allow a remote attacker to create or modify arbitrary files; these issues relate to the processing of URI requests via various protocol handlers including...

7.4AI score
Exploits0
Rows per page
Query Builder