[ASA-202107-41] nextcloud-app-mail: information disclosure

Arch Linux Security Advisory ASA-202107-41 ========================================== Severity: Low Date : 2021-07-20 CVE-ID : CVE-2021-32707 Package : nextcloud-app-mail Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-2145 Summary ======= The package...

Design/Logic Flaw

Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail application does not, by default, render images in emails to not leak the read state. The privacy filter failed to filter images with a background-image CSS attribute. Note that the images were still passed...

CVE-2021-32707 Bypass of image blocking in Nextcloud Mail

Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail application does not, by default, render images in emails to not leak the read state. The privacy filter failed to filter images with a background-image CSS attribute. Note that the images were still passed...

Bypass of image blocking in Nextcloud Mail

None...

MS Internet Explorer <= 6.0.2900 SP2 (CSS Attribute) Denial of Service

No description provided by source. !-- Internet Explorer = 6.0.2900 SP2 suffers from a DoS vulnerability in which a remote users Internet Explorer session can be crashed when hovering their cursor over a specially made table. The fault occurs when the position CSS attribute is set to a table. Thi...

CVE-2010-0169

Technical details about CVE-2010-0169 are not provided in the supplied documents. Please monitor official advisories and vendor patches for affected products and versions.

[TZO-37-2009] Apple Safari &lt;v4 Remote code execution

Apple Safari Remote code execution CSS:Attr Shameless plug : ------------------------------------------------------------------------ You are invited to join the 2009 edition of HACK.LU, a small but concentrated luxemburgish security conference. More information : http://www.hack.lu - CFP is open...

CVE-2006-7031

Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service crash via a table element with a CSS attribute that sets the position, which triggers an "unhandled exception" in mshtml.dll...

hotmail_xss.txt

Adivisory Name : Hotmail and Windows Live Mail XSS Vulnerabilities Release Date : 2006.11.03 Test On : Microsoft IE 6.0 Discover : Cheng Peng Suapplesoupatgmail.com Introduction: Hotmail and Windows Live Mail are both web-based e-mail services by Microsoft. Details: Hotmail's filter identifies...

MS Internet Explorer <= 6.0.2900 SP2 (CSS Attribute) Denial of Service

Exploit for unknown platform in category dos / poc ====================================================================== MS Internet Explorer IE-Crash - By seven header position: fixed; height: 761px; width: 1268; 0day.today 2018-04-02...

Microsoft Internet Explorer 6.0.2900 SP2 - CSS Attribute Denial of Service

IE-Crash - By seven header position: fixed; height: 761px; width: 1268; milw0rm.com 2006-05-10...

[Full-disclosure] SEC Consult SA-20060314 :: Opera Browser CSS Attribute Integer Wrap / Buffer Overflow

SEC-CONSULT Security Advisory 20060413-0 ======================================== title: Opera Browser CSS Attribute Integer Wrap / Buffer Overflow program: Opera vulnerable version: = 8.52 homepage: www.opera.com found: 2006-03-01 by: SEC Consult / www.sec-consult.com...