CVE-2010-3325

Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets CSS documents, which allows remote attackers to obtain sensitive information from a different 1 domain or 2 zone via a crafted web site, aka "CSS Special Character Information...

Information disclosure

Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets CSS documents, which allows remote attackers to obtain sensitive information from a different 1 domain or 2 zone via a crafted web site, aka "CSS Special Character Information...

CVE-2010-3325

CVE-2010-3325 affects Microsoft Internet Explorer 6–8. It is an information-disclosure vulnerability in how IE processes CSS special characters, enabling a crafted web page to disclose content from another domain/IE zone. Attack would require the user to view a malicious page; impact is informati...

CVE-2010-3325

Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets CSS documents, which allows remote attackers to obtain sensitive information from a different 1 domain or 2 zone via a crafted web site, aka "CSS Special Character Information...

Microsoft Internet Explorer Multiple Vulnerabilities (2360131)

This host is missing a critical security update according to Microsoft Bulletin MS10-071. OpenVAS Vulnerability Test $Id: secpodms10-071.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft Internet Explorer Multiple Vulnerabilities 2360131 Authors: Sooraj KS Copyright: Copyright c 2010 SecPod,...

PT-2010-4736 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 through 8 Description: The issue allows remote attackers to obtain sensitive information from a different domain or zone via a crafted web site. An information disclosure vulnerability exists in the way...

Microsoft Internet Explorer Multiple Vulnerabilities (2360131)

This host is missing a critical security update according to Microsoft Bulletin MS10-071. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Internet Explorer EOT File hdmx Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion...

Internet Explorer CSS Special Character Information Disclosure (MS10-071; CVE-2010-3325)

CSS Cascading Style Sheets is a formatting method for Web pages using HTML. An information disclosure vulnerability has been reported in the way Microsoft Internet Explorer processes CSS special characters. The vulnerability is due to the way Internet Explorer improperly process CSS special...

Internet Explorer CSS Rule Handling Memory Corruption (MS10-071; CVE-2010-3328)

Multiple memory corruption vulnerabilities have been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been initialized or has been deleted. To trigger this issue, an attacker may create a malicious web page that will...

opera -- multiple vulnerabilities

The Opera Desktop Team reports: Fixed an issue that allowed cross-domain checks to be bypassed, allowing limited data theft using CSS, as reported by Isaac Dawson. Fixed an issue where manipulating the window could be used to spoof the page address. Fixed an issue with reloads and redirects that...

SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7101)

This update brings Mozilla Firefox to the 3.5.11 security release. It fixes following security issues : - Several memory safety bugs in habe been identified in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs show evidence of memory corruption under certain...

Cross-domain checks may be bypassed, allowing limited data theft using CSS

CSS can be loaded cross-domain. In some cases, files that do not contain CSS may be partially interpreted as CSS. It is possible to make Opera incorrectly treat remote CSS files as if they were CSS files from the document-origin server, allowing the interpreted parts of a remote file to be read b...

Mozilla Products nsCSSValue Array Index Integer Overflow (CVE-2010-2752)

Mozilla Firefox and Seamonkey are popular open source web browsers from Mozilla Foundation. An integer overflow vulnerability exists in Mozilla products including Firefox, Thunderbird, and SeaMonkey. The vulnerability is due to a 16-bit integer value used in allocating the size of the array class...

Details Emerge on IE 8 Data-Stealing Bug

Security researcher Chris Evans has released details of the data-stealing bug in Internet Explorer 8 that he publicized earlier this month, saying that the CSS flaw can be used to force victims to post messages on Twitter and that the bug appears to be no closer to being fixed. The bug, which has...

Mozilla Firefox CSS font-face Remote Code Execution Vulnerability

Exploit for windows platform in category dos / poc ================================================================= Mozilla Firefox CSS font-face Remote Code Execution Vulnerability ================================================================= Title : Mozilla Firefox CSS font-face Remote Cod...

Mozilla Firefox CSS - font-face Remote Code Execution

Mozilla Firefox CSS - font-face Remote Code Execution ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moabu-15-mozilla-firefox-css-font-face-remote-code-execution-vulnerability/...

Mozilla Firefox CSS - font-face Remote Code Execution

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moabu-15-mozilla-firefox-css-font-face-remote-code-execution-vulnerability/...

CVE-2010-1823

Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by ...

CVE-2010-1823

Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by ...