Lucene search
K

8 matches found

NVD
NVD
added 2010/11/22 1:0 p.m.24 views

CVE-2010-3804

The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a...

5CVSS8.4AI score0.09126EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2010/11/22 1:0 p.m.23 views

CVE-2010-3804

The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a...

5CVSS5.9AI score0.09126EPSS
Exploits0References1
Prion
Prion
added 2010/11/22 1:0 p.m.34 views

Sql injection

The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a...

5CVSS6.4AI score0.09126EPSS
Exploits2References11Affected Software1
CVE
CVE
added 2010/11/20 9:0 p.m.107 views

CVE-2010-3804

CVE-2010-3804 concerns the JavaScript RNG in WebKit used by Apple Safari, where a weak random-number generation algorithm makes it easier to track a user by predicting values. Affected are Safari before 5.0.3 on Mac OS X 10.5–10.6 and Windows, and before 4.1.3 on Mac OS X 10.4. Root cause is the ...

5CVSS8.2AI score0.09126EPSS
Exploits0References11Affected Software1
securityvulns
securityvulns
added 2010/09/16 12:0 a.m.70 views

New writeup by Amit Klein (Trusteer): "Cross-domain information leakage in Firefox 3.6.4-3.6.8, Firefox 3.5.10-3.5.11 and Firefox 4.0 Beta1"

Hi list I would like to announce a new writeup, titled "Cross-domain information leakage in Firefox 3.6.4-3.6.8, Firefox 3.5.10-3.5.11 and Firefox 4.0 Beta1". The writeup is available in the following URL: http://www.trusteer.com/sites/default/files/CrossdomainMathRandomleakageinFF3.6.4-3.6.8.pdf...

5.8CVSS9.2AI score0.04462EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2010/09/15 8:0 p.m.30 views

CVE-2010-3171

The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a random number generator that is seeded only once per document object, which makes it easier for remote attackers to track a user, or trick a user into acti...

5.8CVSS5.9AI score0.04462EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2010/09/15 8:0 p.m.32 views

CVE-2010-3399

The jsInitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a context pointer in conjunction with its successor pointer for seeding of a random number generator, which makes it easier for remote attackers to guess th...

5.8CVSS5.8AI score0.01914EPSS
Exploits2References1
CVE
CVE
added 2010/09/15 7:0 p.m.84 views

CVE-2010-3171

CVE-2010-3171 relates to the Firefox JavaScript Math.random() seed being initialized only once per document object, making it easier for remote attackers to track a user or trigger in-session phishing via spoofed pop-ups. The issue ties to an underlying fix (CVE-2008-5913) that was not fully corr...

5.8CVSS9AI score0.04462EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder