47 matches found
EUVD-2008-5652
Malware in sbrugna...
EUVD-2008-5481
Malware in sbrugna...
EUVD-2006-6489
Malware in sbrugna...
SUSE CVE-2008-3836
feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the 1 elem.doCommand, 2 elem.dispatchEvent, 3 setTitleText, 4 setTitleImage, and 5 initSubscriptionUI functions...
SUSE CVE-2008-5504
Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run arbitrary JavaScript with chrome privileges via vectors related to the feed preview, a different vulnerability than CVE-2008-3836...
SUSE CVE-2010-3020
The news-feed preview feature in Opera before 10.61 does not properly remove scripts, which allows remote attackers to force subscriptions to arbitrary feeds via crafted content...
SUSE CVE-2017-5382
Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vulnerability affects Firefox 51...
Mozilla Firefox 'feed preview' page clickjacking vulnerability
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in the embedded feed preview page in Mozilla Firefox versions prior to 64. A remote attacker can exploit this vulnerability to trick a user into downloading and...
CVE-2017-5382
Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vulnerability affects Firefox 51...
Mozilla Firefox Security Advisories (MFSA2017-01, MFSA2017-02) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
UBUNTU-CVE-2017-5382
Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vulnerability affects Firefox 51...
Security vulnerabilities fixed in Firefox 51 — Mozilla
JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. Use-after-free while manipulating XSL in XSLT documents A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potential...
openSUSE Security Update : opera (openSUSE-SU-2010:0540-1)
This update of opera fixes the following vulnerabilities : - CVE-2010-2576: CVSS v2 Base Score: 6.8 CWE-94: unexpected changes in tab focus could be used to run programs from the Internet, as reported by Jakob Balle and Sven Krewitt of Secunia - CVE-2010-3019: CVSS v2 Base Score: 9.3 CWE-119: hea...
CVE-2012-2634
Cross-site scripting XSS vulnerability in FeedDemon before 4.0, when the feed preview option is enabled, allows remote attackers to inject arbitrary web script or HTML via a feed...
FeedDemon vulnerable to arbitrary script execution
Overview FeedDemon is vulnerable to arbitrary script execution. FeedDemon is an RSS/Atom feed reader. FeedDemon is vulnerable to arbitrary script execution due to the improper processing during HTML page output based on feed information when using the "feed preview" option. Daiki Fukumori of Cybe...
FreeBSD : opera -- multiple vulnerabilities (71273c4d-a6ec-11df-8a8d-0008743bf21a)
The Opera Destkop Team reports : - Fixed an issue where heap buffer overflow in HTML5 canvas could be used to execute arbitrary code, as reported by Kuzzcc. - Fixed an issue where unexpected changes in tab focus could be used to run programs from the Internet, as reported by Jakob Balle and Sven...
News feed preview can subscribe to feeds without interaction – Opera Security Advisories
News feed preview can subscribe to feeds without interaction – Opera Security Advisories OPCOM Team | August 12, 2010 Severity Low Description When Opera is previewing a news feed, certain types of content do not have their scripts removed correctly. These scripts are able to subscribe the user t...
openSUSE Security Update : mozilla-xulrunner181 (mozilla-xulrunner181-237)
This update brings mozilla-xulrunner181 to security fix version 1.8.1.17. It contains the following security fixes: MFSA 2008-45 / CVE-2008-4069: XBM image uninitialized memory reading MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters...
openSUSE Security Update : opera (opera-366)
Opera 9.63 fixes the following security problems : - Manipulating text input contents can allow execution of arbitrary code - HTML parsing flaw can cause Opera to execute arbitrary code. - Long hostnames in file: URLs can cause execution of arbitrary code. - Script injection in feed preview can...
Ubuntu Update for firefox vulnerabilities USN-398-1
Ubuntu Update for Linux kernel vulnerabilities USN-398-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN3981.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox vulnerabilities USN-398-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...