Google Chrome < 9.0.597.107 Multiple Vulnerabilities

Binary data 5807.pasl...

Google Chrome < 9.0.597.107 Multiple Vulnerabilities

Binary data 800958.prm...

Design/Logic Flaw

Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets CSS 2.1 Visual Formatting Model implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of...

UBUNTU-CVE-2011-0132

Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets CSS 2.1 Visual Formatting Model implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of...

CVE-2011-0132

CVE-2011-0132 is a use-after-free vulnerability in WebKit's Runin box of the CSS 2.1 Visual Formatting Model, affecting WebKit builds used by Apple iTunes before 10.2 on Windows and Apple Safari . If exploited, it could allow a remote attacker to achieve arbitrary code execution or memory corrupt...

CVE-2011-0132

Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets CSS 2.1 Visual Formatting Model implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of...

ZDI-11-098: Apple Safari Webkit Runin Box Promotion Remote Code Execution Vulnerability

ZDI-11-098: Apple Safari Webkit Runin Box Promotion Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-098 March 2, 2011 -- CVE ID: CVE-2011-0132 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Apple -- Affected Products: Apple WebKit -- Vulnerabili...

Apple Safari Webkit Runin Box Promotion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way th...

Google Chrome < 9.0.597.107 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 9.0.597.107. Such versions are reportedly affected by multiple vulnerabilities : - An unspecified error exists in the URL bar operations which can allow spoofing attacks. Issue 54262 - An unspecified error exists in the...

CVE-2011-1109

Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets CSS stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...

CVE-2011-1109

Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets CSS stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...

Null pointer dereference

Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets CSS stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...

CVE-2011-1109

Removed by vendor...

CVE-2011-1109

CVE-2011-1109 affects Google Chrome prior to 9.0.597.107. It describes a vulnerability in how CSS stylesheet nodes are processed, which can lead to a denial of service or unspecified impact via a stale pointer. The exact exploit vectors are not detailed in the provided documents. The CVSS base sc...

Web Server CSS Hosted on 3rd-party Server

Binary data 5800.prm...

MediaWiki CSS Comments XSS

There is a cross-site scripting vulnerability in this installation of MediaWiki that may allow an attacker to execute arbitrary script code in the browser of an unsuspecting user. Such script code could steal authentication credentials and be used to launch other attacks. This version of MediaWik...

Internet Explorer CSS Recursive Import Use After Free

$Id: ms11003iecssimport.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

FreeBSD : opera -- multiple vulnerabilities (2eda0c54-34ab-11e0-8103-00215c6a37bb)

Opera reports : Opera 11.01 is a recommended upgrade offering security and stability enhancements. The following security vulnerabilities have been fixed : - Removed support for 'javascript:' URLs in CSS -o-link values, to make it easier for sites to filter untrusted CSS. - Fixed an issue where...

FreeBSD : mediawiki -- multiple vulnerabilities (8d04cfbd-344d-11e0-8669-0025222482c5)

Medawiki reports : An arbitrary script inclusion vulnerability was discovered. The vulnerability only allows execution of files with names ending in '.php' which are already present in the local filesystem. Only servers running Microsoft Windows and possibly Novell Netware are affected. Despite...

New Version of Eleonore Exploit Kit Released With New 0-Day Exploit

The creator of the infamous Eleonore exploit pack has released a new version of the attack toolkit, adding some new exploits, including one for a zero day vulnerability. The new version of Eleonore is selling for $2,000, a premium price even in the world of high-level exploit kits. Eleonore is on...