Microsoft Internet Explorer Multiple Vulnerabilities (2360131)

This host is missing a critical security update according to Microsoft Bulletin MS10-071. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Internet Explorer Multiple Vulnerabilities (2360131)

This host is missing a critical security update according to Microsoft Bulletin MS10-071. OpenVAS Vulnerability Test $Id: secpodms10-071.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft Internet Explorer Multiple Vulnerabilities 2360131 Authors: Sooraj KS Copyright: Copyright c 2010 SecPod,...

opera -- multiple vulnerabilities

The Opera Desktop Team reports: Fixed an issue that allowed cross-domain checks to be bypassed, allowing limited data theft using CSS, as reported by Isaac Dawson. Fixed an issue where manipulating the window could be used to spoof the page address. Fixed an issue with reloads and redirects that...

Internet Explorer CSS Rule Handling Memory Corruption (MS10-071; CVE-2010-3328)

Multiple memory corruption vulnerabilities have been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been initialized or has been deleted. To trigger this issue, an attacker may create a malicious web page that will...

Internet Explorer CSS Special Character Information Disclosure (MS10-071; CVE-2010-3325)

CSS Cascading Style Sheets is a formatting method for Web pages using HTML. An information disclosure vulnerability has been reported in the way Microsoft Internet Explorer processes CSS special characters. The vulnerability is due to the way Internet Explorer improperly process CSS special...

Microsoft Internet Explorer EOT File hdmx Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion...

SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7101)

This update brings Mozilla Firefox to the 3.5.11 security release. It fixes following security issues : - Several memory safety bugs in habe been identified in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs show evidence of memory corruption under certain...

Cross-domain checks may be bypassed, allowing limited data theft using CSS

CSS can be loaded cross-domain. In some cases, files that do not contain CSS may be partially interpreted as CSS. It is possible to make Opera incorrectly treat remote CSS files as if they were CSS files from the document-origin server, allowing the interpreted parts of a remote file to be read b...

Mozilla Products nsCSSValue Array Index Integer Overflow (CVE-2010-2752)

Mozilla Firefox and Seamonkey are popular open source web browsers from Mozilla Foundation. An integer overflow vulnerability exists in Mozilla products including Firefox, Thunderbird, and SeaMonkey. The vulnerability is due to a 16-bit integer value used in allocating the size of the array class...

Details Emerge on IE 8 Data-Stealing Bug

Security researcher Chris Evans has released details of the data-stealing bug in Internet Explorer 8 that he publicized earlier this month, saying that the CSS flaw can be used to force victims to post messages on Twitter and that the bug appears to be no closer to being fixed. The bug, which has...

Mozilla Firefox CSS font-face Remote Code Execution Vulnerability

Exploit for windows platform in category dos / poc ================================================================= Mozilla Firefox CSS font-face Remote Code Execution Vulnerability ================================================================= Title : Mozilla Firefox CSS font-face Remote Cod...

Mozilla Firefox CSS - font-face Remote Code Execution

Mozilla Firefox CSS - font-face Remote Code Execution ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moabu-15-mozilla-firefox-css-font-face-remote-code-execution-vulnerability/...

Mozilla Firefox CSS - font-face Remote Code Execution

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moabu-15-mozilla-firefox-css-font-face-remote-code-execution-vulnerability/...

CVE-2010-1823

Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by ...

Design/Logic Flaw

Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by ...

CVE-2010-1823

Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by ...

CVE-2010-1823

Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by ...

CVE-2010-1823

CVE-2010-1823 describes a use-after-free vulnerability in WebKit before r65958, exploited via parsing that triggers document API usage (e.g., document.close) and can cause a denial of service. Affected software includes WebKit and Google Chrome prior to 6.0.472.59; the issue is tied to a Cascadin...

CVE-2010-1823

Removed by vendor...

Multiple Web Browser (CSS) Cross Domain Vulnerability

Is a very serious vulnerability, and we all know that the script can not be cross-domain policy restrictions homologous reading data. Microsoft Internet Explorer 6 & 8, IE 7 not tested Opera 10.62 Netscape v9.0.0.6 wait for patch 1.html: body bodyDOM: Cross Domain Vulnerability 2.html: style...