Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in dotProject before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the 1 callback parameter in a colorselector action, 2 field parameter in a dateformat action, or 3 companyname parameter in an addedit action to index.php...

CVE-2012-5702

Multiple cross-site scripting XSS vulnerabilities in dotProject before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the 1 callback parameter in a colorselector action, 2 field parameter in a dateformat action, or 3 companyname parameter in an addedit action to index.php...

chromium: multiple security fixes in Chrome 38.0.2125.101

The SessionService::GetLastSession function in browser/sessions/sessionservice.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing...

CVE-2014-3193

The SessionService::GetLastSession function in browser/sessions/sessionservice.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing...

CVE-2014-3193

The SessionService::GetLastSession function in browser/sessions/sessionservice.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing...

Type confusion

The SessionService::GetLastSession function in browser/sessions/sessionservice.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing...

CVE-2014-3193

CVE-2014-3193 : Affected software is Google Chrome prior to 38.0.2125.101. Root cause is a type confusion issue in SessionService::GetLastSession used during callback processing, which can lead to a use-after-free and potentially other impact. The vulnerability enables denial of service and parti...

Bugzilla < 4.0.14 / 4.2.10 / 4.4.5 / 4.5.5 CSRF Vulnerability

According to its banner, the version of Bugzilla installed on the remote host contains a flaw in its callback APIs in which data is not properly sanitized before being submitted to the 'jsonrpc.cgi' script. Using a specially crafted OBJECT element with SWF content, a remote attacker could perform...

OAuth authentication memory vulnerability caution a user identity hijacking-vulnerability warning-the black bar safety net

With OpenSSL, like OAuthOpen Authorizationas a widely used open-source third-party login authentication Protocol, this year also broke a security vulnerability. In the third session of the know the security Forum, from Sina Weibo of the blue di snowball shows Sina as early as year 3 months...

Adobe AIR < 14.0.0.178 Multiple Vulnerabilities (APSB14-18)

Binary data 8358.prm...

Adobe Flash Player JSONP Cross-Site Request Forgery (APSB14-17: CVE-2014-4671)

A cross-site request forgery CSRF vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an insufficient validation of data from JSONP callback APIs. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

Flash "Rosetta" JSONP GET/POST Response Disclosure Exploit

A website that serves a JSONP endpoint that accepts a custom alphanumeric callback of 1200 chars can be abused to serve an encoded swf payload that steals the contents of a same-domain URL. Flash 'Flash "Rosetta" JSONP GET/POST Response Disclosure', 'Description' = %q A website that serves a JSON...

MGASA-2014-0291 Updated flash-player-plugin packages fix multiple vulnerabilities

Adobe Flash Player 11.2.202.394 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update includes additional validation checks to ensure that Flash Player rejects malicious content fr...

flash-plugin: vulnerable JSONP callback APIs issue (APSB14-17)

A flaw was found that would lead to Cross-Site Request Forgery CSRF attacks...

CVE-2014-4671

Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 do not properly restrict the SWF file format, which allows...

Microsoft Windows XP/VISTA/2000/2003/2008 - Kernel Usermode Callback Local Privilege Escalation Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/28554/info Microsoft Windows is prone to a local privilege-escalation vulnerability. The vulnerability resides in the Windows kernel. A locally logged-in user can exploit this issue to gain kernel-level access to the...

MS15-061 Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)

No description provided by source. include include / Exploiting MS15-061 with reverse engineering Win32k.sys by steps : 1: hook PEB callback Function 2: trigger vulnerability make proper Window to lead vulnerable function 3: replace fake object with NtUserDefSetText in Desktop heap inside PEB...

CVE-2012-5649

Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to execute arbitrary code via a JSONP callback, related to Adobe Flash...

For recent“Bo global eye OAuth vulnerability”analysis and preventive recommendations-vulnerability warning-the black bar safety net

! 5 According to Cnet reports, Nanyang Technological University, Singapore named Wang Jing PhD student, found that the OAuth and OpenID open source login tools the“covert redirect”vulnerabilityCovert Redirect to. First of all need to clear point is that the vulnerability is not present in the OAu...

For the recent Bosch global eye OAuth vulnerability analysis and preventive recommendations-vulnerability warning-the black bar safety net

According to CnetreportsSingapore Nanyang Technological University, a man named Wang Jing PhD student, found that the OAuth and OpenID open source login tools the“covert redirect”vulnerabilityCovert Redirect to. First of all need to clear point is that the vulnerability is not present in the OAut...