CVE-2010-0651

WebKit vulnerability CVE-2010-0651: WebKit before r52784 (used in Google Chrome < 4.0.249.78 and Apple Safari

CVE-2010-0652

Microsoft Internet Explorer permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote HTTP servers to obtain sensitive information via a crafted document...

CVE-2010-0653

Opera before 10.10 permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document...

CVE-2010-0652

CVE-2010-0652 affects Microsoft Internet Explorer. The issue: cross-origin loading of CSS stylesheets when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, enabling remote servers to obtain sensitive information via a crafted document. This description ...

CVE-2010-0654

Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which...

CVE-2010-0651

Removed by vendor...

CVE-2010-0651

WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive...

CVE-2010-0654

Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which...

Microsoft Internet Explorer CSS Import Use-After-Free Code Execution (MS11-003; CVE-2004-0842; CVE-2010-3971)

Microsoft Internet Explorer is a popular web browser provided by Microsoft Corporation. Its web engine is also incorporated into other Microsoft products including Outlook. The product supports Cascading Style Sheets. A vulnerability exists in the way Microsoft Internet Explorer renders web pages...

firefox/thunderbird/seamonkey: browser chrome defacement via cached XUL stylesheets (MFSA 2010-14)

The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to...

Microsoft Outlook Web Access Cross-Site Scripting (MS05-029; CVE-2005-0563)

Microsoft Outlook Web Access OWA is a component of Microsoft Exchange Server. OWA allows authorized users to send and receive email, manage a calendar, and perform other functions using a web browser. OWA utilizes HTML, CSS and scripting techniques to present the user interface through the web...

[SECURITY] Fedora 11 Update: roundcubemail-0.3.1-2.fc11

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 12 Update: roundcubemail-0.3.1-2.fc12

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

DSA-1988-1 qt4-x11 - several vulnerabilities

Bulletin has no description...

ie6 css设置拒绝服务漏洞

No description provided by source. style type="text/css" !-- 问题是css里面设置样式的时候出错了。 css定义的是f:expressionthis.src='about:blank',this.outerHTML=''; 问题应该就是mshtml.dll里 -- /!CDATA/ iframe f:expressionthis.src='about:blank',this.outerHTML=''; f126v:expression !important // /style iframe id=f126 src=test...

Cross-domain data theft with CSS load

CSS can be loaded cross-domain, and in some cases it is be possible to read the data pointed to, leading to the possibility of cross-domain data theft...

Mozilla IFRAME Style Change Handling Code Execution (CVE-2008-1236)

Firefox is an open source web browser developed by Mozilla Foundation. The application is capable of interpreting and rendering many types of Internet content, including various versions of HTML, XML, CSS Cascade Style Sheet, Javascript, various graphic formats, and so on. Firefox is made availab...

CentOS 5 : kdelibs (CESA-2009:1127)

Updated kdelibs packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The kdelibs packages provide libraries for the K Desktop Environment KDE. A flaw...

LineWeb Local File Inclusion / SQL Injection

LineWeb it's a web-app to manage Lineage 2 private severs, a very known mmorpg, and allows to do action such as: Main Features: - Register - Login - Quick Login Function - Quick statistics function server status, game server status, online players - Statistics login server status, game server...

Microsoft Internet Explorer 8 - CSS 'expression' Remote Denial of Service

source: https://www.securityfocus.com/bid/40487/info Microsoft Internet Explorer is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successfully exploiting this issue will cause the applicati...