Lucene search
K

15 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.32 views

Mozilla Firefox <= 2.0.0.1 (location.hostname) Cross-Domain Vulnerability

No description provided by source. !-- Mozilla Firefox 'location.hostname' Cross-Domain Vulnerability Software : Mozilla Firefox version 2.0.0.1 and prior CVE reference : CVE-2007-0981 Impact : Security Bypass Risk : Moderate Discovered by : Michal Zalewski http://lcamtuf.coredump.cx/ Advisory Da...

7.5CVSS9.5AI score0.12144EPSS
Exploits7
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.18 views

Gentoo Security Advisory GLSA 200703-04 (mozilla-firefox)

The remote host is missing updates announced in advisory GLSA 200703-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.7AI score0.12144EPSS
Exploits10References3
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.29 views

Gentoo Security Advisory GLSA 200703-08 (seamonkey)

The remote host is missing updates announced in advisory GLSA 200703-08. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

9.3CVSS1.2AI score0.12144EPSS
Exploits10
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.37 views

Debian Security Advisory DSA 1336-1 (mozilla-firefox)

The remote host is missing an update to mozilla-firefox announced via advisory DSA 1336-1. OpenVAS Vulnerability Test $Id: deb13361.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1336-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

9.3CVSS1.4AI score0.5036EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.32 views

Ubuntu 5.10 / 6.06 LTS / 6.10 : firefox vulnerabilities (USN-428-1)

Several flaws have been found that could be used to perform Cross-site scripting attacks. A malicious website could exploit these to modify the contents or steal confidential data such as passwords from other opened web pages. CVE-2006-6077, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981,...

9.3CVSS8.7AI score0.5036EPSS
Exploits11References16
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.28 views

openSUSE 10 Security Update : seamonkey (seamonkey-2691)

This security update brings Mozilla SeaMonkey to version 1.1.1. http://www.mozilla.org/projects/security/known-vulnerabilities.html for more details. It includes fixes to the following security problems : - MFSA 2007-01: As part of the Firefox 2.0.0.2 and 1.5.0.10 update releases several bugs wer...

9.3CVSS9.1AI score0.5036EPSS
Exploits9References14
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.23 views

openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-2699)

This update brings Mozilla Firefox to security update version 1.5.0.10. - MFSA 2007-01: As part of the Firefox 2.0.0.2 and 1.5.0.10 update releases several bugs were fixed to improve the stability of the browser. Some of these were crashes that showed evidence of memory corruption and we presume...

9.3CVSS9.1AI score0.5036EPSS
Exploits9References13
Debian
Debian
added 2007/07/22 5:43 p.m.32 views

[SECURITY] [DSA 1336-1] New mozilla-firefox packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1336-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 22nd, 2007 http://www.debian.org/security/faq -...

9.3CVSS8.1AI score0.5036EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2007/03/12 12:0 a.m.30 views

Slackware 10.2 / 11.0 : mozilla-firefox (SSA:2007-066-03)

New mozilla-firefox packages are available for Slackware 10.2, and 11.0 to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2007-066-03. The text itself is copyright C...

9.3CVSS8.3AI score0.5036EPSS
Exploits8References13
securityvulns
securityvulns
added 2007/02/27 12:0 a.m.72 views

Mozilla Foundation Security Advisory 2007-07

Mozilla Foundation Security Advisory 2007-07 Title: Embedded nulls in location.hostname confuse same-domain checks Impact: High Announced: February 23, 2007 Reporter: Michal Zalewski Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.2 Firefox 1.5.0.10 SeaMonkey 1.0.8 Description Michal Zalewsk...

7.5CVSS0.8AI score0.12144EPSS
Exploits7
Exploit DB
Exploit DB
added 2007/02/20 12:0 a.m.44 views

Mozilla Firefox 2.0.0.1 - &#039;location.hostname&#039; Cross-Domain

Options - Privacy - Show Cookies for login.live.com Gorn, gorn.supportgmailcom 2007-02-19 16:00 -- var mydomain = '127.0.0.1'; var varcook = 'MSPPre=firefoxvulnerabilitytest'; var domcook = 'login.live.com'; if location.hostname == mydomain...

7.5CVSS6.3AI score0.12144EPSS
Exploits7
seebug.org
seebug.org
added 2007/02/20 12:0 a.m.41 views

Mozilla Firefox &lt;= 2.0.0.1 (location.hostname) Cross-Domain Vulnerability

No description provided by source. !-- Mozilla Firefox 'location.hostname' Cross-Domain Vulnerability Software : Mozilla Firefox version 2.0.0.1 and prior CVE reference : CVE-2007-0981 Impact : Security Bypass Risk : Moderate Discovered by : Michal Zalewski http://lcamtuf.coredump.cx/ Advisory Da...

7.5CVSS9.5AI score0.12144EPSS
Exploits7
0day.today
0day.today
added 2007/02/20 12:0 a.m.53 views

Mozilla Firefox <= 2.0.0.1 (location.hostname) Cross-Domain Vulnerabil

Exploit for unknown platform in category remote exploits ========================================================================= Mozilla Firefox Options - Privacy - Show Cookies for login.live.com...

7.1AI score0.12144EPSS
Exploits7
NVD
NVD
added 2007/02/16 1:28 a.m.22 views

CVE-2007-0981

Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname location.hostname DOM property, due to...

7.5CVSS6.4AI score0.12144EPSS
Exploits7References57
CVE
CVE
added 2007/02/16 1:0 a.m.118 views

CVE-2007-0981

CVE-2007-0981 affects Mozilla-based browsers (Firefox up to 1.5.0.10 and 2.x up to 2.0.0.2; SeaMonkey up to 1.0.8). The root cause is a handling flaw when location.hostname is modified via a URI containing a null byte, interacting with DNS resolver code, which can bypass the same-origin policy an...

7.5CVSS6.3AI score0.12144EPSS
Exploits7References57Affected Software2
Rows per page
Query Builder