5714 matches found
CVE-2010-4183
Multiple cross-site scripting XSS vulnerabilities in HTML Purifier before 4.1.0, when Internet Explorer is used, allow remote attackers to inject arbitrary web script or HTML via a crafted 1 background-image, 2 background, or 3 font-family Cascading Style Sheets CSS property, a different...
CVE-2010-3962
CVE-2010-3962 is an uninitialized memory corruption / use-after-free vulnerability in Microsoft Internet Explorer 6–8 (mshtml) triggered via CSS token sequences and the clip attribute, leading to remote code execution. The CVE notes it was exploited in the wild in November 2010. Public details de...
PT-2010-5197
Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 6 through 8 Description The issue is related to a use-after-free vulnerability that allows remote attackers to execute arbitrary code. This can be achieved through vectors related to Cascading Style Sheets...
Maxthon 3.0.18.1000 CSS Denial of Service
Exploit for windows platform in category dos / poc ========================================= Maxthon 3.0.18.1000 CSS Denial of Service ========================================= Title: Maxthon 3.0.18.1000 CSS Denial of Service Vulnerability Author: 4n0nym0us Arash Sa'adatfar Developer: Maxthon...
Microsoft Internet Explorer invalid flag reference vulnerability
Overview Microsoft Internet Explorer invalid flag reference vulnerability Description According to the Microsoft Security Research & Defense Blog, Microsoft Internet Explorer incorrectly under-allocates memory to store a certain combination of Cascading Style Sheets CSS tags when parsing HTML,...
Maxthon 3.0.18.1000 CSS Denial of Service Vulnerability
No description provided by source. Title: Maxthon 3.0.18.1000 CSS Denial of Service Vulnerability Author: 4n0nym0us Arash Sa'adatfar Developer: Maxthon International Version:3.0.18 Software Link: http://dl.maxthon.com/mx3/mx3.0.18.1000.exe Tested On: Windows 7 Ultimate 32-bit !/usr/bin/perl my...
Microsoft Internet Explorer CSS Tags Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...
Maxthon 3.0.18.1000 - CSS Denial of Service
Maxthon 3.0.18.1000 - CSS Denial of Service Title: Maxthon 3.0.18.1000 CSS Denial of Service Vulnerability Author: 4n0nym0us Arash Sa'adatfar Developer: Maxthon International Version:3.0.18 Software Link: http://dl.maxthon.com/mx3/mx3.0.18.1000.exe Tested On: Windows 7 Ultimate 32-bit...
Maxthon 3.0.18.1000 - CSS Denial of Service
Title: Maxthon 3.0.18.1000 CSS Denial of Service Vulnerability Author: 4n0nym0us Arash Sa'adatfar Developer: Maxthon International Version:3.0.18 Software Link: http://dl.maxthon.com/mx3/mx3.0.18.1000.exe Tested On: Windows 7 Ultimate 32-bit !/usr/bin/perl my $file= "Crash.html"; my $junk= "A/" x...
FreeBSD : opera -- multiple vulnerabilities (aab187d4-e0f3-11df-b1ea-001999392805)
The Opera Desktop Team reports : - Fixed an issue that allowed cross-domain checks to be bypassed, allowing limited data theft using CSS, as reported by Isaac Dawson. - Fixed an issue where manipulating the window could be used to spoof the page address. - Fixed an issue with reloads and redirect...
Forced Matrix Script Remote Upload Vulnerability
Exploit for php platform in category web applications ================================================ Forced Matrix Script Remote Upload Vulnerability ================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\...
CVE-2010-4043
Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive information via a crafted document...
CVE-2010-4043
Technical details (affected product/version/root cause/impact) for CVE-2010-4043 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2010-4043
Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive information via a crafted document...
Microsoft Internet Explorer 8 Cross Domain
IE8 Css Cross-Domain Information Disclosure Vulnerability Author: www.80vul.com Email:5up3rh3igmail.com Release Date: 2010/10/14 References: http://www.80vul.com/ie8/IE8%20Css%20Cross-Domain%20Information%20Disclosure%20Vulnerability.txt Overview: MS-071 have fixed a Cross-Domain Information...
CVE-2010-3325
Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets CSS documents, which allows remote attackers to obtain sensitive information from a different 1 domain or 2 zone via a crafted web site, aka "CSS Special Character Information...
Information disclosure
Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets CSS documents, which allows remote attackers to obtain sensitive information from a different 1 domain or 2 zone via a crafted web site, aka "CSS Special Character Information...
CVE-2010-3325
CVE-2010-3325 affects Microsoft Internet Explorer 6–8. It is an information-disclosure vulnerability in how IE processes CSS special characters, enabling a crafted web page to disclose content from another domain/IE zone. Attack would require the user to view a malicious page; impact is informati...
CVE-2010-3325
Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets CSS documents, which allows remote attackers to obtain sensitive information from a different 1 domain or 2 zone via a crafted web site, aka "CSS Special Character Information...
PT-2010-4736 · Microsoft · Internet Explorer
Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 through 8 Description: The issue allows remote attackers to obtain sensitive information from a different domain or zone via a crafted web site. An information disclosure vulnerability exists in the way...