Lucene search
K

3182 matches found

Ubuntu
Ubuntu
added 2010/04/09 10:51 p.m.66 views

USN-920-1: Firefox 3.0 and Xulrunner vulnerabilities

Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking...

10CVSS8.9AI score0.07054EPSS
Exploits3
OpenVAS
OpenVAS
added 2010/04/09 12:0 a.m.50 views

Ubuntu Update for openjdk-6 vulnerabilities USN-923-1

Ubuntu Update for Linux kernel vulnerabilities USN-923-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9231.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for openjdk-6 vulnerabilities USN-923-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

7.5CVSS0.3AI score0.96319EPSS
Exploits33References2
seebug.org
seebug.org
added 2010/04/08 12:0 a.m.59 views

Mozilla Firefox浏览器强制URL拖放操作权限提升漏洞

CVECAN ID: CVE-2010-0178 Firefox是一款流行的开源WEB浏览器。 浏览器Applet可能错误的将单个鼠标点击动作解释为拖放操作,这可能导致在用户浏览器中非预期的加载资源。攻击者可以连续两次利用这种行为,第一次在用户浏览器中加载特权的chrome: URL,之后在同一文档之上加载恶意的javascript: URL,导致以chrome权限执行任意脚本。 Mozilla Firefox 3.6 Mozilla Firefox 3.5.x Mozilla Firefox 3.0.x Mozilla SeaMonkey 2.0.4 补丁安装方法: 1. 手工安装补丁...

7.6CVSS0.1AI score0.03431EPSS
Exploits1
securityvulns
securityvulns
added 2010/04/06 12:0 a.m.63 views

Mozilla Foundation Security Advisory 2010-20

Mozilla Foundation Security Advisory 2010-20 Title: Chrome privilege escalation via forced URL drag and drop Impact: Critical Announced: March 30, 2010 Reporter: Paul Stone Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.2 Firefox 3.5.9 Firefox 3.0.19 SeaMonkey 2.0.4 Description Security...

7.6CVSS0.7AI score0.03431EPSS
Exploits1
Cvelist
Cvelist
added 2010/04/05 5:0 p.m.17 views

CVE-2010-0178

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL an...

9.6AI score0.03431EPSS
Exploits1References20
UbuntuCve
UbuntuCve
added 2010/04/05 12:0 a.m.34 views

CVE-2010-0178

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL an...

7.6CVSS7.3AI score0.03431EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2010/04/01 2:56 a.m.7 views

OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084...

4.3CVSS5.8AI score0.02783EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/04/01 12:21 a.m.7 views

OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084...

4.3CVSS5.8AI score0.02783EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/04/01 12:14 a.m.6 views

OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084...

4.3CVSS5.8AI score0.02783EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/03/30 11:26 p.m.83 views

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

10CVSS7.6AI score0.07054EPSS
Exploits3References8
RedHat Linux
RedHat Linux
added 2010/03/30 11:26 p.m.4 views

Firefox Chrome privilege escalation via forced URL drag and drop

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL an...

7.6CVSS7.7AI score0.03431EPSS
Exploits1References4
Mozilla
Mozilla
added 2010/03/30 12:0 a.m.33 views

Chrome privilege escalation via forced URL drag and drop — Mozilla

Security researcher Paul Stone reported that a browser applet could be used to turn a simple mouse click into a drag-and-drop action, potentially resulting in the unintended loading of resources in a user's browser. This behavior could be used twice in succession to first load a privileged chrome...

7.6CVSS2.5AI score0.03431EPSS
Exploits1References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2010/03/18 12:0 a.m.10 views

DB2 Suspicious Command Detection (drop database)

Binary data 5373.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/03/18 12:0 a.m.9 views

DB2 Suspicious Command Detection (drop table)

Binary data 5375.prm...

7.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2010/03/03 6:20 p.m.10 views

OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0084...

4.3CVSS5.8AI score0.02783EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2010/02/25 12:0 a.m.23 views

Fedora 12 : automake-1.11.1-1.fc12 (2009-13157)

Wed Dec 9 2009 Karsten Hopp 1.11.1-1 - update to version 1.11.1 to fix CVE-2009-4029 - Tue Dec 1 2009 Karsten Hopp 1.11-6 - preserve time stamps of man pages 225302 - drop MIT from list of licenses - Wed Nov 4 2009 Stepan Kasal - 1.11-5 - add even more testsuite build requires - Wed Nov 4 2009...

4.4CVSS5.3AI score0.00477EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2010/02/16 4:20 p.m.6 views

MySQL: Format string vulnerability by manipulation with database instances (crash)

Multiple format string vulnerabilities in the dispatchcommand function in libmysqld/sqlparse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in a database...

8.5CVSS6AI score0.10586EPSS
Exploits2References4
Metasploit
Metasploit
added 2010/02/08 10:34 p.m.12 views

PostgreSQL Server Generic Query

This module imports a file local on the PostgreSQL Server into a temporary table, reads it, and then drops the temporary table. It requires PostgreSQL credentials with table CREATE privileges as well as read privileges to the target file. This module requires Metasploit:...

7AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/02/03 12:0 a.m.10 views

Sun MySQL mysql_log Format String (CVE-2009-2446)

A format string vulnerability exists in Sun Microsystems MySQL database server. The flaw is due to insufficient input validation when processing create and drop database commands. Remote authenticated attackers could exploit this vulnerability by sending malformed data to the MySQL process. In a...

8.5CVSS4.8AI score0.10586EPSS
Exploits2
Check Point Advisories
Check Point Advisories
added 2009/12/13 12:0 a.m.25 views

Internet Explorer Drag and Drop Elevation of Privilege (MS04-038; CVE-2004-0839)

Microsoft Internet Explorer provides a number of ways to represent remote or local content. One of it's more powerful features is the Web folder view. The Web folder provides easy access to files located on a web server. A vulnerability exists in the way Internet Explorer uses the web folder view...

5CVSS6.1AI score0.33081EPSS
Exploits1
Rows per page
Query Builder