Mozilla Firefox 3.x < 3.0.4 Multiple Vulnerabilities

Binary data 4752.prm...

-moz-binding property bypasses security checks on codebase principals — Mozilla

Security researcher Collin Jackson reported that the -moz-binding CSS property can be used to bypass security checks which validate codebase principals. Similar to the issue reported in MFSA 2008-23, Jackson demonstrated that an attacker can replace a stylesheet in a signed JAR which uses relativ...

css-read.txt

?php / BEGIN LICENSE BLOCK CSSH - a proof of concept CSS based history crawler Copyright C 2008 Sirdarckcat This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of t...

openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-5680)

This patch backports security fixes found in MozillaThunderbird 2.0.0.17 back to the 1.5 Thunderbird used in openSUSE 10.2. MFSA 2008-34 / CVE-2008-2785: An anonymous researcher, via TippingPoint's Zero Day Initiative program, reported a vulnerability in Mozilla CSS reference counting code. The...

Clickjacking（Clickjacking）vulnerabilities technology insider-vulnerability warning-the black bar safety net

Source:IT Expert network Clickjacking is OWASPNYCAppSec2008Conference a confidential topic, the following are some of the attacks described in: When you visit a malicious website, the attacker can control your browser to some link access, this vulnerability affects almost all browsers and all...

ifoto-disclose.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- iFoto, CSS-based GD2 photo gallery eNYe-Sec - www.enye-sec.org -- Description by the author's page -- This is yet another Web-based PHP photo gallery called, iFoto. iFoto use 90% CSS-based layout and can be customize ...

iFoto, CSS-based GD2 photo gallery &lt;= 1.0: Remote File Disclosure Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- iFoto, CSS-based GD2 photo gallery = 1.0: Remote File Disclosure Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- $ Program: iFoto, CSS-based GD2 photo gallery $ File...

CVE-2008-3632

Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a web page with crafted Cascading Style Sheets CSS import statements...

Design/Logic Flaw

Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a web page with crafted Cascading Style Sheets CSS import statements...

CVE-2008-3632

CVE-2008-3632 is a WebKit use-after-free vulnerability reported in SUSE/Nessus entries, affecting Apple iPod touch (1.1–2.0.2) and iPhone (1.0–2.0.2). The flaw arises in the CSS import handling of WebKit, enabling a remote attacker to trigger arbitrary code execution or cause an application crash...

CVE-2008-3632

Removed by vendor...

CVE-2008-3632

Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a web page with crafted Cascading Style Sheets CSS import statements...

WeBid 0.5.4 Multiple Remote Vulnerabilities

No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . ================================ ========================== ==================== |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ ...

WeBid 0.5.4 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications =========================================== WeBid 0.5.4 Multiple Remote Vulnerabilities =========================================== Application :: WeBid v0.5.4 Multi Exploit Groups : inj3ct0r Download ::...

webid 0.5.4 - Multiple Vulnerabilities

|| || | || o,7 || . o7 || 4||| ow, : / / . ================================ ========================== ==================== |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings...

Debian Security Advisory DSA 1614-1 (iceweasel)

The remote host is missing an update to iceweasel announced via advisory DSA 1614-1. OpenVAS Vulnerability Test $Id: deb16141.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1614-1 iceweasel Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian: Security Advisory (DSA-1614-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 5450)

MozillaFirefox was updated to version 2.0.0.16, which fixes various bugs and following security issues : - An anonymous researcher, via TippingPoint's Zero Day Initiative program, reported a vulnerability in Mozilla CSS reference counting code. The vulnerability was caused by an insufficiently...

openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5449)

MozillaFirefox was updated to version 2.0.0.16, which fixes various bugs and following security issues : MFSA 2008-34 CVE-2008-2785: An anonymous researcher, via TippingPoint's Zero Day Initiative program, reported a vulnerability in Mozilla CSS reference counting code. The vulnerability was caus...

Debian DSA-1621-1 : icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0304 It was discovered that a buffer overflow in MIME decoding can lead t...