Lucene search
K

350 matches found

NVD
NVD
added 2004/12/31 5:0 a.m.20 views

CVE-2004-0909

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 may allow remote attackers to trick users into performing unexpected actions, including installing software, via signed scripts that request enhanced abilities using the enablePrivilege parameter, then...

5.1CVSS6.5AI score0.01709EPSS
Exploits1References8
CERT
CERT
added 2004/12/17 12:0 a.m.35 views

Mozilla status elements can be disabled via JavaScript

Overview Mozilla allows websites to disable various browser status elements. This allows websites to create spoofed dialogs using XUL. Description Certain Mozilla web browser status elements, such as the address bar, status bar, and navigation controls, can be disabled remotely by web sites using...

10CVSS5.5AI score0.03231EPSS
Exploits0References6
securityvulns
securityvulns
added 2004/07/07 12:0 a.m.27 views

Multiple browsers security dialogs race conditions

By forcing user to type predictable characters, key sequences or mouse clicks it's possible to conduct situation user event will be received by shortly appeared security dialog for example "Save file" dialog can apper then user is about to press Y key...

3.7AI score
Exploits0References1
securityvulns
securityvulns
added 2004/07/07 12:0 a.m.27 views

[Full-Disclosure] Race conditions in security dialogs

I discovered arbitrary code execution holes in Mozilla, Internet Explorer, and Opera that involve human reaction time. One version of the attack works like this: the page contains a captcha displaying the word "only" and asks you to type the word to verify that you are a human. As soon as you typ...

2AI score
Exploits0
securityvulns
securityvulns
added 2004/06/14 12:0 a.m.32 views

New Internet Explorer crossite scripting problems

Location: URL: HTTP header in conjuection with ms-its: handler allows to save file to known location. Crossite scripting with modal dialogs...

0.7AI score
Exploits0References2
FreeBSD
FreeBSD
added 2004/06/05 12:0 a.m.30 views

mozilla -- users may be lured into bypassing security dialogs

According to the Mozilla project: An attacker who could lure users into clicking in particular places, or typing specific text, could cause a security permission or software installation dialog to pop up under the user's mouse click, clicking on the grant or install button...

5CVSS6.3AI score0.01984EPSS
Exploits0References1
NVD
NVD
added 2003/06/09 4:0 a.m.19 views

CVE-2003-0309

Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple file download dialogs, which eventually cause...

7.5CVSS7.5AI score0.4997EPSS
Exploits0References9
Cvelist
Cvelist
added 2003/05/17 4:0 a.m.20 views

CVE-2003-0309

Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple file download dialogs, which eventually cause...

8AI score0.4997EPSS
Exploits0References9
NVD
NVD
added 2002/03/25 5:0 a.m.18 views

CVE-2002-0101

Microsoft Internet Explorer 6.0 and earlier allows local users to cause a denial of service via an infinite loop for modeless dialogs showModelessDialog, which causes CPU usage while the focus for the dialog is not released...

5CVSS6.3AI score0.11512EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/03/15 5:0 a.m.25 views

CVE-2002-0101

Microsoft Internet Explorer 6.0 and earlier allows local users to cause a denial of service via an infinite loop for modeless dialogs showModelessDialog, which causes CPU usage while the focus for the dialog is not released...

6.3AI score0.11512EPSS
Exploits0References3
Rows per page
Query Builder