57 matches found
EUVD-2012-2879
Malware in sbrugna...
EUVD-2013-6438
Malware in sbrugna...
EUVD-2010-1207
Malware in sbrugna...
SUSE CVE-2010-3769
The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted...
Gnome Web (Epiphany) < 3.28.2.1 - Denial of Service
Title: Gnome Web/Epiphany Browser libephymain.so in GNOME WEB/Epiphany PoC: b1tch3z = window.open"https://www.google.com", "bl1ngbl1ng", "width=250,height=250"; b1tch3z.document.write"ua b1tch3z"; // https://github.com/undergroundagency // https://github.com/ldpreload Video PoC:...
CVE-2018-12016
libephymain.so in GNOME Web aka Epiphany through 3.28.2.1 allows remote attackers to cause a denial of service application crash via certain window.open and document.write calls...
CVE-2018-12016
libephymain.so in GNOME Web aka Epiphany through 3.28.2.1 allows remote attackers to cause a denial of service application crash via certain window.open and document.write calls...
CVE-2018-12016
libephymain.so in GNOME Web aka Epiphany through 3.28.2.1 allows remote attackers to cause a denial of service application crash via certain window.open and document.write calls...
Opera + Mozilla Firefox 3.6 - Long String Crash Exploit (0day)
No description provided by source. ======================================================================= Mozilla Firefox 3.6 plenitude String Crash0day Exploit Opera plenitude String Denial of Service Exploit ======================================================================= by Asheesh Kum...
Firefox 3.6.8 - 3.6.11 Interleaving document.write and appendChild Exploit (From the Wild)
No description provided by source. !-- WARNING! This is exploit code from the wild. The original first 2 unicode chars at 'id=sun8' were ub8acu1029. Use, as always, at your own risk. body div style=visibility:hidden;width:0px;height:0px div...
Mozilla Firefox Interleaving document.write and appendChild Exploit
No description provided by source. $Id: mozillainterleavedwrite.rb 11796 2011-02-22 20:49:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Design/Logic Flaw
Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls to WebView methods that trigger use of an applewebdata: URL, which allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS UXSS attacks via vectors involving the document.write method...
CVE-2012-2899
Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls to WebView methods that trigger use of an applewebdata: URL, which allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS UXSS attacks via vectors involving the document.write method...
CVE-2012-2899
Removed by vendor...
CVE-2013-6636
The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote attackers to spoof the address bar via vectors...
CVE-2013-6636
The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote attackers to spoof the address bar via vectors...
CVE-2013-6636
Removed by vendor...
CVE-2013-6636
CVE-2013-6636 affects Chromium/Chromium-browser up to version 31.0.1650.63. The issue arises from a faulty empty-document check in the Blink FrameLoader path during modal dialog presentation, enabling an address bar spoofing attack via document.write. Affected component: FrameLoader.cpp in Blink ...
MS13-069 Microsoft Internet Explorer CCaret Use-After-Free
This Metasploit module exploits a use-after-free vulnerability found in Internet Explorer, specifically in how the browser handles the caret text cursor object. In IE's standards mode, the caret handling's vulnerable state can be triggered by first setting up an editable page with an input field,...
CVE-2013-1942
Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.20, as used in ownCloud Server before 5.0.4 and other products, allow remote attackers to inject arbitrary web script or HTML via the 1 jQuery or 2 id...