153 matches found
msie-crosszone.txt
!-- Internet Explorer "Print Table of Links" Cross-Zone Scripting Vulnerability Author: Aviv Raff http://aviv.raffon.net/ Summary Internet Explorer is prone to a Cross-Zone Scripting vulnerability in its “Print Table of Links” feature. This feature allows users to add to a printed web page an...
Microsoft Internet Explorer - Print Table of Links Cross-Zone Scripting
Microsoft Internet Explorer - Print Table of Links Cross-Zone Scripting !-- Internet Explorer "Print Table of Links" Cross-Zone Scripting Vulnerability Author: Aviv Raff http://aviv.raffon.net/ Summary Internet Explorer is prone to a Cross-Zone Scripting vulnerability in its “Print Table of...
MS Internet Explorer (Print Table of Links) Cross-Zone Scripting PoC
Exploit for unknown platform in category remote exploits ==================================================================== MS Internet Explorer Print Table of Links Cross-Zone Scripting PoC ==================================================================== !-- Internet Explorer "Print Table ...
Microsoft Internet Explorer - Print Table of Links Cross-Zone Scripting
!-- Internet Explorer "Print Table of Links" Cross-Zone Scripting Vulnerability Author: Aviv Raff http://aviv.raffon.net/ Summary Internet Explorer is prone to a Cross-Zone Scripting vulnerability in its “Print Table of Links†feature. This feature allows users to add to a printed web page an...
Cross site scripting
Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Description and unspecified other metadata...
CVE-2008-0583
Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Description and unspecified other metadata...
CVE-2008-0582
Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.1 through 3.6.0.244 on Windows allows remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Full Name field of a reviewer of a business item entry, accessible through 1 the...
CVE-2008-0582
CVE-2008-0582 affects Skype on Windows (versions 3.1–3.6.0.244). The issue is a cross-zone scripting vulnerability in the Internet Explorer web control used by SkypeFind, allowing an attacker to inject script/HTML into the Local Machine Zone via the Full Name field of a reviewer in a business ite...
CVE-2008-0583
Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Description and unspecified other metadata...
CVE-2008-0583
CVE-2008-0583 describes a cross-zone scripting vulnerability in the Internet Explorer web control used by Skype 3.6.0.244 and older 3.5.x/3.6.x builds. The issue allows user-assisted remote attackers to inject arbitrary web script or HTML into the Local Machine Zone via metadata fields (Descripti...
CVE-2008-0582
Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.1 through 3.6.0.244 on Windows allows remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Full Name field of a reviewer of a business item entry, accessible through 1 the...
Cross site scripting
Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Title field of a 1 Dailymotion and possibly 2...
CVE-2008-0454
Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Title field of a 1 Dailymotion and possibly 2...
CVE-2008-0454
Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Title field of a 1 Dailymotion and possibly 2...
CVE-2008-0454
The CVE-2008-0454 entry concerns Skype on Windows where cross-zone scripting is possible through the Internet Explorer web control. Specifically, in Skype 3.6.0.244 (and earlier 3.5.x/3.6.x), a user-assisted attacker could inject arbitrary web script/HTML in the Local Machine Zone via the Title f...
Skype does not properly filter input from external websites
Overview The Skype client does not properly filter user-supplied input from websites that provide video content to Skype users. Description Skype is a peer-to-peer application that provides Voice over IP VoIP and Instant Messaging services. The Skype client is available for the Microsoft Windows,...
Cross site scripting
Cross-zone scripting vulnerability in the internal browser in i-Systems Feedreader 3.10 allows remote attackers to inject arbitrary web script or HTML via an item in a feed, as demonstrated by a WordPress blog update. NOTE: this was originally reported as XSS...
CVE-2007-5161
Cross-zone scripting vulnerability in the internal browser in i-Systems Feedreader 3.10 allows remote attackers to inject arbitrary web script or HTML via an item in a feed, as demonstrated by a WordPress blog update. NOTE: this was originally reported as XSS...
CVE-2007-5161
Cross-zone scripting vulnerability in the internal browser in i-Systems Feedreader 3.10 allows remote attackers to inject arbitrary web script or HTML via an item in a feed, as demonstrated by a WordPress blog update. NOTE: this was originally reported as XSS...
CVE-2007-5161
CVE-2007-5161 describes a cross-zone scripting vulnerability in the internal browser of the i-Systems Feedreader 3.10. The issue allows remote attackers to inject arbitrary web script or HTML via an item in a feed, demonstrated by a WordPress blog update. The vulnerability stems from how the inte...