MS Internet Explorer "mshtml.dll" CSS Parsing Buffer Overflow

No description provided by source. / Taken from http://www.securiteam.com/exploits/5NP042KF5A.html The exploit will create a .CSS file that should be included in an HTML file. When a user loads the HTML file, Internet Explorer will try to parse the CSS and will trigger the buffer overflow. /...

Gravity Board X 1.1 CSS Template Unauthorized Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14502/info Gravity Board X GBX is affected by an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper access validation before granting access to privileged functions. An...

Lycos HTMLGear guestGear CSS HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5728/info Lycos htmlGEAR guestGEAR does not sanitize HTML from CSS Cascading Style-Sheets elements in guestbook fields. An attacker could capitalize on this situation to include arbitrary HTML and script code in a guestbo...

Microsoft Internet Explorer 5.0.1 CSS Style Sheet Memory Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10382/info A vulnerability identified in Internet Explorer may allow an attacker to cause the application to crash. The issue presents itself when the browser attempts to process an HTML page containing a table and loads ...

Mozilla Thunderbird 1.5 - Multiple Remote Information Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16881/info Mozilla Thunderbird is susceptible to multiple remote information-disclosure vulnerabilities. These issues are due to the application's failure to properly enforce the restriction for downloading remote content...

wordpress 3.0.3 - Stored XSS (ie7,6 ns8.1)

No description provided by source. Exploit Title: Wordpress 3.0.3 stored XSS IE7,6 NS8.1 Date: 27 december 2010 Author: Saif Software Link:wordpress.org Version: 3.0.3 Tested on: IE 6 a stored XSS vulnerability using CSS styles affecting users surfing the malicious post using IE6, IE7, NS 8.1 POC...

WebSiteSniffer v1.41 - Captures all Web site files downloaded by your Web browser while browsing the Internet

WebSiteSniffer is a packet sniffer tool that captures all Web site files downloaded by your Web browser while browsing the Internet, and stores them on your hard drive under the base folder that you choose. WebSiteSniffer allows you to choose which type of Web site files will be captured: HTML...

openSUSE Security Update : chromium (openSUSE-SU-2014:0243-1)

Chromium was updated to version 32.0.1700.102: Stable channel update : - Security Fixes : - CVE-2013-6649: Use-after-free in SVG images - CVE-2013-6650: Memory corruption in V8 - and 12 other fixes - Other : - Mouse Pointer disappears after exiting full-screen mode - Drag and drop files into...

openSUSE Security Update : opera (openSUSE-SU-2010:0370-1)

Opera was upgraded to the 10.60 release. It brings lots of new features, bugfixes and security fixes. Security fixes include: CVE-2010-0653: Opera permits cross-origin loading of CSS style sheets even when the style sheet download has an incorrect MIME type and the style sheet document is...

openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-2779)

This update brings Mozilla XULRunner to the 1.9.1.11 security release. It fixes following security bugs: MFSA 2010-34 / CVE-2010-1211: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs show...

openSUSE Security Update : phpMyAdmin (openSUSE-SU-2014:0344-1)

phpMyAdmin was updated to 4.1.8 to fix bugs, security issues and also bring new features. Fixed security issue : - PMASA-2014-1 CVE-2014-1879, CWE-661 CWE-79 - update to 4.1.8 2014-02-22 - sf4276 Login loop on session expiry - sf4249 Incorrect number of result rows for SQL with subqueries - sf427...

Microsoft Internet Explorer CSS Out-Of-Bounds Indexing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Respondly: Full Path Disclosure

"code":500,"error":"Failed to render CSS stylesheet.","file":"/assets/packages/app/shared/css/","message":"ENOENT, open '/srv/www/respondly/releases/20140421220734/marketingbundle/programs/server/assets/packages/app/shared/css/" Request ------------ GET /css/shared/%22ns=%22alert9 HTTP/1.1...

Microsoft Internet Explorer CSS Table Handling Memory Corruption (MS10-090; CVE-2010-3962)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

(Pwn2Own) Apple Safari Heap Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CSS...

AppFish Offline Coder 2.2 Persistent Script Insertion

Document Title: =============== AppFish Offline Coder v2.2 iOS - Persistent Software Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1252 Release Date: ============= 2014-04-08 Vulnerability Laboratory ID VL-ID:...

AppFish Offline Coder v2.2 iOS - Persistent Vulnerability

Document Title: =============== AppFish Offline Coder v2.2 iOS - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1252 Release Date: ============= 2014-04-07 Vulnerability Laboratory ID VL-ID: ====================================...

Microsoft Internet Explorer Heap Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

visibility: visible undoes visibility: hidden

If you set an element to display: none the browser ignores all of its children, if a child sets itself to display: block it will remain hidden. This isn't true of visibility. Serious? Serious. html.show-only-the-button visibility: hidden; html.show-only-the-button .the-button visibility: visible;...

Microsoft Word Cascading Style Sheet Processing Code Execution - Ver2 (CVE-2008-1434)

A code execution vulnerability has been reported in Microsoft Office Word. The vulnerability is due to a memory calculation error in Microsoft Word that fails to properly handle specially Word files that includes a malformed CSS value. Successful exploitation of this vulnerability could allow a...