317 matches found
Stack overflow
Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to execute arbitrary code via a long file: URL in a...
CVE-2009-3867
Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to execute arbitrary code via a long file: URL in a...
Design/Logic Flaw
Mozilla Firefox 3.5.1 and SeaMonkey 1.1.17, and Flock 2.5.1, allow context-dependent attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary file: URL after a victim has visited any file: URL, as demonstrated by a visit to a file: document written by the...
CVE-2009-3007
Mozilla Firefox 3.5.1 and SeaMonkey 1.1.17, and Flock 2.5.1, allow context-dependent attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary file: URL after a victim has visited any file: URL, as demonstrated by a visit to a file: document written by the...
CVE-2009-2200
WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage attribute of an EMBED element, which allows user-assisted remote attackers to launch arbitrary file: URLs and obtain sensitive information via a crafted HTML document...
openSUSE Security Update : opera (opera-366)
Opera 9.63 fixes the following security problems : - Manipulating text input contents can allow execution of arbitrary code - HTML parsing flaw can cause Opera to execute arbitrary code. - Long hostnames in file: URLs can cause execution of arbitrary code. - Script injection in feed preview can...
Design/Logic Flaw
Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack...
CVE-2009-1839
CVE-2009-1839 affects Mozilla Firefox 3.x before 3.0.11. Affected: Firefox 3 up to 3.0.11. Description: loading a file: URL via the location bar could have an incorrect security principal, allowing a user‑supplied crafted HTML document to bypass file access restrictions and read local files, i.e....
CVE-2009-1839
Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack...
Critical: Red Hat Security Advisory: seamonkey security update
Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat...
file: resources
Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via a crafted HTML document, as demonstrated by a URL with...
CVE-2009-1703
WebKit in Apple Safari before 4.0 does not prevent references to file: URLs within 1 audio and 2 video elements, which allows remote attackers to determine the existence of arbitrary files via a crafted HTML document...
CVE-2009-1703
CVE-2009-1703 concerns WebKit in Apple Safari prior to 4.0, where references to file: URLs within audio and video elements are not blocked. This could let remote attackers determine the existence of arbitrary files by delivering crafted HTML, constituting an information-disclosure risk. The affec...
DEBIAN-CVE-2009-0037
The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPTFOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to 1 trigger arbitrary requests to intranet servers, 2 read or overwrite arbitrary files via a redirect to a file:...
CVE-2009-0037
The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPTFOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to 1 trigger arbitrary requests to intranet servers, 2 read or overwrite arbitrary files via a redirect to a file:...
CVE-2009-0037
The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPTFOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to 1 trigger arbitrary requests to intranet servers, 2 read or overwrite arbitrary files via a redirect to a file:...
CVE-2008-4910
The BasicService in Sun Java Web Start allows remote attackers to execute arbitrary programs on a client machine via a file:// URL argument to the showDocument method...
CVE-2008-4910
CVE-2008-4910 affects Sun Java Web Start (BasicService). The vulnerability allows a remote attacker to execute arbitrary programs on a client machine by passing a file:// URL argument to the showDocument method. Impact is described as remote code execution with full confidentiality/integrity/avai...
CVE-2008-4910
The BasicService in Sun Java Web Start allows remote attackers to execute arbitrary programs on a client machine via a file:// URL argument to the showDocument method...
Apple Mac OS X Java插件'file://' URL处理远程代码执行漏洞
BUGTRAQ ID: 31380 CVE ID:CVE-2008-3638 CNCVE ID:CNCVE-20083638 Apple Mac OS X是一款商业性质的操作系统。 Apple Mac OS X不正确处理特殊构建的Java Applet,远程攻击者可以利用漏洞以应用程序上下文执行任意可执行程序。 Java插件没有阻止从file:// URL方式启动,构建恶意的Java Applet,诱使用户装载,可导致'file://' URL装载目标系统上的任意文件,导致任意代码执行。 Apple Mac OS X Server 10.5.5 Apple Mac OS X Server...