2790 matches found
Multiple Browsers Nested Array sort() Loop Stack Overflow Exception
Exploit for unknown platform in category dos / poc =================================================================== Multiple Browsers Nested Array sort Loop Stack Overflow Exception =================================================================== a = new Array; while 1 a = new Arraya.sort; ...
Mozilla Firefox 0.8/0.9/0.10 - Infinite Array Sort Denial of Service
source: https://www.securityfocus.com/bid/11752/info Mozilla Firefox is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs an infinite JavaScript array sort operation. It is conjectured that this will only result in a denial of service and...
Microsoft Internet Explorer 6.0 / Firefox 0.x / Netscape 7.x - IMG Tag Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/11645/info Various browsers are reported prone to multiple vulnerabilities in the image handling functionality through the tag. These issues can allow remote attackers to determine the existence of local files, cause a denial of service condition, and...
Multiple web browsers do not properly interpret TABLE elements when displaying URLs in the status bar
Overview Multiple web browsers do not properly display the location of HTML documents in the status bar. An attacker could exploit this behavior to mislead users into revealing sensitive information. Description Web browsers frequently display the Uniform Resource Locator URL in the status bar wh...
wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities
Westpoint Security Advisory --------------------------- Title: Multiple Browser Cookie Injection Vulnerabilities Risk Rating: Low Software: Multiple Web Browsers Platforms: Unix and Windows Author: Paul Johnston [email protected] assisted by Richard Moore [email protected] Date: 15...
Mozilla may allow violation of cross-domain scripting policies via dragging
Overview A vulnerability affecting Mozilla web browsers may allow violation of cross-domain scripting policies and possibly execute code originating from a remote source. Description Mozilla web browsers allow the dragging of links and objects from one window to another. Should the object copied ...
multiple browsers cookie spoofing
It's possible to spoof cookies for few 3rd level domains...
[Full-Disclosure] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue
-- Corsaire Security Advisory -- Title: Multiple vendor MIME RFC2047 encoding issue Date: 04.08.03 Application: various Environment: various Author: Martin O'Neal [email protected] Audience: General distribution Reference: c030804-007 -- Scope -- The aim of this document is to clearly...
Mozilla Multiple Browsers CA Certificate SSL Page DoS
The remote host is using Mozilla, an alternative web browser. The Mozilla Personal Security Manager PSM contains a flaw that may permit an attacker to silently import a certificate into the PSM certificate store. This corruption may result in a denial of SSL connections. C Tenable Network Securit...
CVE-2002-1126
Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunloa...
CVE-2002-1126
CVE-2002-1126 affects Mozilla 1.1 and earlier and Mozilla-based browsers (e.g., Netscape, Galeon). The issue occurs when loading a new page, where the document referrer is set too quickly, allowing a page to deduce the next URL visited (including manually entered URLs) via the onunload handler. T...
Gecko-based Browsers for MacOS X Content Spoofing
Binary data 2169.prm...
nss -- exploitable buffer overflow in SSLv2 protocol handler
ISS X-Force reports that a remotely exploitable buffer overflow exists in the Netscape Security Services NSS library's implementation of SSLv2. From their advisory: The NSS library contains a flaw in SSLv2 record parsing that may lead to remote compromise. When parsing the first record in an SSLv...
Mutiple browser frame injection vulnerability
A class of bugs affecting many web browsers in the same way was discovered. A Secunia advisory reports: The problem is that the browsers don't check if a target frame belongs to a website containing a malicious link, which therefore doesn't prevent one browser window from loading content in a nam...
CVE-2004-0718
The 1 Mozilla 1.6, 2 Firebird 0.7, 3 Firefox 0.8, and 4 Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability...
CVE-2004-0595
The striptags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null \0 characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and...
CVE-2004-0595
The CVE-2004-0595 issue affects PHP’s strip_tags function in PHP 4.x (up to 4.3.7) and 5.x (up to 5.0.0RC3). The vulnerability arises because null characters (\0) in tag names are not filtered when restricting input to allowed tags, allowing dangerous tags to slip through and be processed by brow...
MacOS X browsers files overwriting and scripts execution (multiple bugs)
By using vulnerability in telnet: protocol handling it's possible to add -f option to telnet command line. help: protocol handler allows scripts execution via help: command...
Re: [Full-Disclosure] iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability
Am 13.05.2004 um 17:16 schrieb Richard Johnson: Opera Telnet URI Handler File Creation/Truncation Vulnerability iDEFENSE Security Advisory 05.12.04 www.idefense.com/application/poi/display?id=104&type=vulnerabilities May 12, 2004 This vulnerability exists under OSX with Safari, Firefox, OmniWeb,...
Microsoft Internet Explorer 5 / Firefox 0.8 / OmniWeb 4.x - URI Protocol Handler Arbitrary File Creation/Modification
source: https://www.securityfocus.com/bid/10336/info A vulnerability has been identified in multiple products from multiple vendors that may allow a remote attacker to create or modify arbitrary files; these issues relate to the processing of URI requests via various protocol handlers including...