MS KB2488013: Internet Explorer CSS Import Rule Processing Arbitrary Code Execution

The remote host is missing one of the workarounds referenced in KB 2488013. The remote version of IE reportedly fails to correctly process certain specially crafted Cascading Style Sheets CSS, which could result in arbitrary code execution on the remote system. C Tenable Network Security, Inc...

AWBS 2.9.2 (cart.php) Blind SQL Injection Vulnerability

Exploit for php platform in category web applications AWBS 2.9.2 Blind SQL Injection 0day ============================================================================================= Dork....: inurl:/cart?ca=addother&oid= Date....: 01-16-2011 Author..: ShivX Contact.: shivanxatgmaildotcom...

CVE-2011-0474

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets CSS token sequences in conjunction with cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a...

CVE-2011-0473

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets CSS token sequences in conjunction with CANVAS elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that le...

CVE-2011-0474

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets CSS token sequences in conjunction with cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a...

CVE-2011-0474

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 are affected by a flaw in handling CSS token sequences with cursors that can lead to a denial of service and possibly other impact via unknown vectors that produce a stale pointer. The provided documents identify the vulnerable sof...

CVE-2011-0473

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets CSS token sequences in conjunction with CANVAS elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that le...

CVE-2011-0473

CVE-2011-0473 affects Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344; vulnerability arises from improper handling of CSS token sequences with CANVAS elements, allowing remote denial of service or possibly other impact via unknown vectors that lead to a stale pointer. Root cause...

CVE-2011-0473

Removed by vendor...

CVE-2011-0474

Removed by vendor...

Microsoft Security Advisory 2488013

Microsoft Security Advisory 2488013 addresses a vulnerability in Internet Explorer. This advisory has been updated to include Microsoft Fix It 50591 that prevents the recursive loading of CSS style sheets in Internet Explorer as a mitigation for this vulnerability. Exploitation of this...

CVE-2011-0003

MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to conduct clickjacking attacks via unspecified vectors...

Code injection

MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to conduct clickjacking attacks via unspecified vectors...

CVE-2011-0003

MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to conduct clickjacking attacks via unspecified vectors...

mediawiki -- Clickjacking vulnerabilities

Clickjacking vulnerabilities: Clickjacking is a type of vulnerability discovered in 2008, which is similar to CSRF. The attack involves displaying the target webpage in a iframe embedded in a malicious website. Using CSS, the submit button of the form on the targeit webpage is made invisible, and...

Microsoft Internet Explorer 'CSS Import Rule' Use-after-free Vulnerability

This host has installed with Internet Explorer and is prone to Use-after-free Vulnerability. This NVT has been replaced by NVT secpodms11-003.nasl OID:1.3.6.1.4.1.25623.1.0.901180. OpenVAS Vulnerability Test $Id: secpodmsieuseafterfreedosvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Microsoft...

Microsoft Internet Explorer 'CSS Import Rule' Use-after-free Vulnerability

This host has installed with Internet Explorer and is prone to a use after free vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.901180. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced...

Google Chrome multiple vulnerabilities - Dec 10(Linux)

The host is running Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulndec10lin.nasl 5306 2017-02-16 09:00:16Z teissa $ Google Chrome multiple vulnerabilities - Dec 10Linux Authors: Sooraj KS Copyright: Copyright c 2010 Greenbone Networks...

Google Chrome multiple vulnerabilities - Dec 10(Windows)

The host is running Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulndec10win.nasl 5306 2017-02-16 09:00:16Z teissa $ Google Chrome multiple vulnerabilities - Dec 10Windows Authors: Sooraj KS Copyright: Copyright c 2010 Greenbone Networ...

Unpatched Flaw in IE Bypasses Key Windows Security Features

An exploit exploiting an unpatched vulnerability in Internet Explorer IE has gone public. Security researcher Shahin Ramezany announced in a Tuesday tweet that he successfully exploited the flaw, which involves how IE handles CSS style sheets on Windows 7 and Vista machines. Offensive Security, a...