CVE-2005-2263

The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which causes the callback to be run in the context of t...

firefox & mozilla -- multiple vulnerabilities

The Mozilla Foundation reports of multiple security vulnerabilities in Firefox and Mozilla: MFSA 2005-56 Code execution through shared function objects MFSA 2005-55 XHTML node spoofing MFSA 2005-54 Javascript prompt origin spoofing MFSA 2005-53 Standalone applications can run arbitrary code throu...

Same-origin violation with InstallTrigger callback — Mozilla

The InstallTrigger.install method for launching an install accepts a callback function that will be called with the final success or error status. By forcing a page navigation immediately after calling the install method this callback function can end up running in the context of the new page...

Immunity Canvas: MS05_021

Name| ms05021 ---|--- CVE| CVE-2005-0560 Exploit Pack| CANVAS Description| MS Exchange 2000 MS05-021 X-LINK2STATE heap overflow Notes| CVE Name: CVE-2005-0560 VENDOR: Microsoft MSADV: MS05-021 CVSS: 7.5 CVE Url: https://vulners.com/cve/CVE-2005-0560 Notes: This exploit is reliable over and over...

CVE-2004-1389

Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process,...

CVE-2004-1389

Summary: CVE-2004-1389 describes an unknown vulnerability in the Veritas NetBackup Administrative Assistant interfaces across multiple NetBackup products (BusinesServer 3.4/3.4.1/4.5, DataCenter 3.4/3.4.1/4.5, Enterprise Server 5.1, NetBackup Server 5.0/5.1) that allows arbitrary command executio...

CVE-2004-1389

Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process,...

Windows 2000 Network Connection Manager privelege escalation

Callback function is called with system priveleges...

Formatting string bug on cyrus-sasl library

This issue may be already have been on list. I assume that the moderator this case rejects this mail. On last non-beta version of cyrus-sasl library have formatting string bug on default logging callback. Default cyrys sasl logging callback is static int saslsyslogvoid context attributeunused, in...

AFS Client Version Detection

This detects the AFS client version by connecting to the AFS callback port and processing the buffer received. The client version gives potential attackers additional information about the system they are attacking. Versions and types should be ommited where possible. This script was written by...

Stored XSS vulnerability on Bounce Management Callback

Impact Insufficient sanitization / filtering allows for arbitrary JavaScript Injection in Mautic using the bounce management callback function. The values submitted in the "error" and "errorrelatedto" parameters of the POST request of the bounce management callback will be permanently stored and...

PT-2013-6355 · Openssh +4 · Openssh +4

Name of the Vulnerable Software and Affected Versions: OpenSSH versions 6.2 through 6.3 Description: The issue allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet data that provides a crafted callback address. This is due to the mm newkeys fro...