317 matches found
UBUNTU-CVE-2015-3336
Google Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENTSETTINGSTYPEFULLSCREEN and CONTENTSETTINGSTYPEMOUSELOCK changes, which allows user-assisted remote attackers to cause a denial of service UI disruption by constructing a crafted HTML document containing...
Design/Logic Flaw
Google Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENTSETTINGSTYPEFULLSCREEN and CONTENTSETTINGSTYPEMOUSELOCK changes, which allows user-assisted remote attackers to cause a denial of service UI disruption by constructing a crafted HTML document containing...
CVE-2015-3336
Google Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENTSETTINGSTYPEFULLSCREEN and CONTENTSETTINGSTYPEMOUSELOCK changes, which allows user-assisted remote attackers to cause a denial of service UI disruption by constructing a crafted HTML document containing...
CVE-2015-1247
The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/searchengines/searchenginetabhelper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local...
chromium-browser: Scheme issues in OpenSearch
The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/searchengines/searchenginetabhelper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local...
Microsoft Windows NTLM automatically authenticates via SMB when following a file:// URL
Overview Software running on Microsoft Windows that utilizes HTTP requests can be forwarded to a file:// protocol on a malicious server, which causes Windows to automatically attempt authentication via SMB to the malicious server in some circumstances. The encrypted form of the user's credentials...
CVE-2014-9493
The V2 API in OpenStack Image Registry and Delivery Service Glance before 2014.2.2 and 2014.1.4 allows remote authenticated users to read or delete arbitrary files via a full pathname in a file: URL in the image location property...
CVE-2014-1566
Mozilla Firefox before 31.1 on Android does not properly restrict copying of local files onto the SD card during processing of file: URLs, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application. NOTE: this vulnerability exists because o...
CVE-2014-1369
WebKit in Apple Safari before 6.1.5 and 7.x before 7.0.5 allows user-assisted remote attackers to access file: URLs by leveraging a URL drag operation that originates at a crafted web site...
Windows 95/98 UNC Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/779/info There is a overflowable buffer in the networking code for Windows 95 and 98 all versions. The buffer is in the part of the code that handles filenames. By specifying an exceptionally long filename, an attacker ca...
elFinder 2.0 - file manager for web(rc1) - File Upload Vulnerability
Usage Info Info : u can upload .php .php3 .php6 .txt .html .pl .htaccess and ... Upload Your webshell and load from : site.com/var/upload/ro0t.php site.com/files/upload/ro0t.php site.com/var/upload/ro0t.php for get file url double click on your file to open file iframe page |/ o o...
CVE-2014-0772
The BWOCXRUN.BwocxrunCtrl.1 control contains a method named OpenUrlToBufferTimeout. This method takes a URL as a parameter and returns its contents to the caller in JavaScript. The URLs are accessed in the security context of the current browser session. The control does not perform any URL...
Buffer overflow
The OpenUrlToBuffer method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a file: URL...
Buffer overflow
The OpenUrlToBufferTimeout method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a file: URL...
CVE-2014-0771 Advantech WebAccess File and Directory Information Exposure
The BWOCXRUN.BwocxrunCtrl.1 control contains a method named “OpenUrlToBuffer.” This method takes a URL as a parameter and returns its contents to the caller in JavaScript. The URLs are accessed in the security context of the current browser session. The control does not perform any URL validation...
CVE-2014-0771
Advantech WebAccess BWOCXRUN.BwocxrunCtrl.1 OpenUrlToBuffer in bwocxrun.ocx allows reading arbitrary files via file:// URLs because there is no URL validation. This enables remote-access scenarios where an attacker could read local or reachable files through JavaScript, within the browser context...
Adobe Reader 'file://' URL Information Disclosure Vulnerability (Feb 2007) - Mac OS X
Adobe Reader is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Adobe Reader 'file://' URL Information Disclosure Vulnerability (Feb 2007) - Linux
Adobe Reader is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Design/Logic Flaw
Mozilla Firefox before 28.0.1 on Android processes a file: URL by copying a local file onto the SD card, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application...
CVE-2014-1515
CVE-2014-1515 affects Mozilla Firefox for Android prior to 28.0.1. It occurs when processing a file: URL by copying a local file to the SD card, allowing an attacker with a crafted application to read sensitive data from the Firefox profile directory. CVSSv2 base score 1.9 (LOW) with LOCAL access...