SeaMonkey: Multiple vulnerabilities

Background The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. Description Tom Ferris reported a heap-based buffer overflow involving wide SVG stroke widths that affects SeaMonke...

Mani Admin Plugin Stats Reader V1.2 rfi :)

Mani Admin Plugin Stats Reader V1.2 rfi : dork:"2006 by www.mani-stats-reader.de.vu" "allinurl:.php?ipath= inurl:"css"" vuln:index.php?ipath=evilshit greetz:RST, LinuxPakistan phpfreaks [email protected]...

[Full-disclosure] Stealing Browser History Without Using JavaScript

In case anyone is interested, I was able to port the old CSS history hacking stuff that Jeremiah Grossman originally found to a version that does not require JavaScript to fire using images and conditional logic built into CSS using a:visited and display attributes. It works in both IE7.0 and...

CVE-2007-1111

CVE-2007-1111 affects ActiveCalendar 1.2.0 with multiple XSS vulnerabilities in data/ via the css parameter to nine PHP scripts (flatevents.php, js.php, mysqlevents.php, m_2.php, m_3.php, m_4.php, xmlevents.php, y_2.php, y_3.php). Root cause: improper handling of user-supplied css parameter leads...

security flaw

GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...

CVE-2006-7031

Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service crash via a table element with a CSS attribute that sets the position, which triggers an "unhandled exception" in mshtml.dll...

PT-2007-1310 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6.0.2900 SP2 and earlier Description: The issue allows remote attackers to cause a denial of service, resulting in a crash, by utilizing a table element with a CSS attribute that sets the position. This...

bitweaver 1.3.1 XSS Exploit

No description provided by source. -=--------------------ADVISORY-------------------=- bitweaver 1.3.1 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: bitweaver -=+ Version: 1.3.1 -=+ Vendor's URL: http://www.bitweaver.org/articles/...

bitweaver-xss.txt

-=--------------------ADVISORY-------------------=- bitweaver 1.3.1 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: bitweaver -=+ Version: 1.3.1 -=+ Vendor's URL: http://www.bitweaver.org/articles/ -=+ Platform: Windows\Linux\Unix -=+ Bug typ...

[x0n3-h4ck] bitweaver 1.3.1 XSS Exploit

-=--------------------ADVISORY-------------------=- bitweaver 1.3.1 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: bitweaver -=+ Version: 1.3.1 -=+ Vendor's URL: http://www.bitweaver.org/articles/ -=+ Platform: WindowsLinuxUnix -=+ Bug type:...

CVE-2007-0341

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level URI, a different vulnerability than...

GLSA-200701-02 : Mozilla Firefox: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200701-02 Mozilla Firefox: Multiple vulnerabilities An anonymous researcher found evidence of memory corruption in the way Mozilla Firefox handles certain types of SVG comment DOM nodes. Additionally, Frederik Reiss discovered a...

Mozilla Firefox: Multiple vulnerabilities

Background Mozilla Firefox is a popular open-source web browser from the Mozilla Project. Description An anonymous researcher found evidence of memory corruption in the way Mozilla Firefox handles certain types of SVG comment DOM nodes. Additionally, Frederik Reiss discovered a heap-based buffer...

Mozilla Thunderbird: Multiple vulnerabilities

Background Mozilla Thunderbird is a popular open-source email client from the Mozilla Project. Description Georgi Guninski and David Bienvenu discovered buffer overflows in the processing of long "Content-Type:" and long non-ASCII MIME headers. Additionally, Frederik Reiss discovered a heap-based...

Mozilla Firefox/SeaMonkey/Thunderbird多个安全漏洞

Mozilla Firefox/SeaMonkey/Thunderbird是Mozilla开发的WEB浏览器和邮件客户端等套件。 Mozilla Firefox/SeaMonkey/Thunderbird存在多个安全问题，远程攻击者可以利用漏洞获得敏感信息，执行任意代码，提升特权等攻击。 具体包含： -当使用CSS指针属性设置指针到部分图象时，在转换图象到Windows bitmap时由于错误的大小处理会导致堆溢出。 -使用JavaScript watch可导致特权提升。 -bridge代码允许Java applets和JavaScript通信，由于重用已经释放的对象可导致应用程序崩溃。...

CVE-2006-6500

Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an...

Multiple Mozilla Firefox / Thunderbird / Seamonkey security vulnerabilities

Crossite scripting with functions prototypes. Information leak. Buffer overflows on oversized Content-Type fields in messages. Memory corruption on SVG header. Crossite scripting with img.src. DoS. JavaScript watchpoint privilege escalation. CSS image cursor property buffer overflow. Multiple...

Mozilla Foundation Security Advisory 2006-69

Mozilla Foundation Security Advisory 2006-69 Title: CSS cursor image buffer overflow Windows only Impact: Critical Announced: December 19, 2006 Reporter: Frederik Reiss Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.1 Firefox 1.5.0.9 Thunderbird 1.5.0.9 SeaMonkey 1.0.7...

CSS cursor image buffer overflow (Windows only) — Mozilla

Frederik Reiss reported a crash when using the CSS cursor property to set the cursor to certain images on Windows. A miscalculated size during conversion of the image to a Windows bitmap can result in a heap buffer overflow which could be used to compromise the victim's computer...

IE CSS畸形宽度单元标记拒绝服务漏洞

Internet Explorer是微软发布的非常流行的WEB浏览器。 Internet Explorer在处理畸形的HTML标记时存在漏洞，远程攻击者可能利用此漏洞导致用户机器不可用。 如果用户使用IE访问了设置有特制CSS宽度单元的WEB页面的话，就会导致iexplore.exe耗尽100%的CPU资源。 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 7 Beta 2 Microsoft Internet Explorer 7 Beta 1 Microsoft Internet Explorer 6.0 SP1...