Lucene search
+L

4938 matches found

Packet Storm
Packet Storm
added 2005/02/26 12:0 a.m.24 views

ieBypass.txt

Hi LIST. Windows XP SP2 forces the titlebar to be present in script-initiated Internet Explorer windows. In the titlebar, domain name is listed before the page title. Using magic DNS,this domain name can be exploited by malicious people to trick users into visiting a malicious popup window. The...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/01/29 5:0 a.m.28 views

CVE-2004-1381

Firefox before 1.0 and Mozilla before 1.7.5 allow inactive background tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks...

6.4AI score0.06879EPSS
Exploits1References6
Packet Storm
Packet Storm
added 2005/01/28 12:0 a.m.21 views

OutlookMuteX.txt

' Recent versions of Outlook, as well as a released patch, ' make Outlook prompt the user whenever a remote appliction ' tries to access specific contact information in the Outlook ' Contact database. The user can then decide to allow or not ' allow the application to get that access. ' ' Microso...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2004/12/31 5:0 a.m.23 views

CVE-2004-2655

rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen...

5.4CVSS5.9AI score0.02293EPSS
Exploits0References2
NVD
NVD
added 2004/12/31 5:0 a.m.20 views

CVE-2004-2655

rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen...

5.4CVSS6.5AI score0.02293EPSS
Exploits0References17
OSV
OSV
added 2004/12/31 5:0 a.m.10 views

CVE-2004-2655

rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen...

6.5AI score
Exploits0References17
UbuntuCve
UbuntuCve
added 2004/10/20 4:0 a.m.32 views

CVE-2004-1381

Firefox before 1.0 and Mozilla before 1.7.5 allow inactive background tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks...

5CVSS6AI score0.06879EPSS
Exploits1References2
Slackware Linux
Slackware Linux
added 2004/09/22 8:39 p.m.16 views

[slackware-security] Mozilla

New Mozilla 1.7.3 packages are available for Slackware 10.0 and -current to fix security issues. Here are the details from the Slackware 10.0 ChangeLog: patches/packages/mozilla-1.7.3-i486-1.tgz: Upgraded to mozilla-1.7.3. The Mozilla page says this fixes some "minor security holes". It also brea...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2004/04/22 12:0 a.m.28 views

PISG 0.54 - IRC Nick HTML Injection

source: https://www.securityfocus.com/bid/10195/info pisg has been reported prone to an input validation vulnerability. The issue will only present itself when pisg is used to monitor an IRC server that does not place limitations on IRC Nick values that can be used. If an attacker specifies HTML...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/10 12:0 a.m.26 views

MNOGoSearch 3.1.20 - 'search.cgi?UL' Remote Buffer Overflow (2)

source: https://www.securityfocus.com/bid/7865/info mnoGoSearch 'search.cgi' has been reported prone to a buffer overflow vulnerability. The issue is a result of a lack of sufficient bounds checking performed on user-supplied URI parameters that are passed to the 'search.cgi' application. It may ...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/04/02 12:0 a.m.57 views

HTML.cobble

Sunday, April 1, 2001 Default installation of Internet Explorer 5.5 with all of its so-called patches, service "packs" etc, still allows us to execute files on default installations of the target computer: Once Again: We cobble together new and old Components as follows : - 1. Courtesy of Georgi...

7AI score
Exploits0
exploitpack
exploitpack
added 2001/02/12 12:0 a.m.25 views

Micro Focus Cobol 4.1 - Arbitrary Command Execution

Micro Focus Cobol 4.1 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/2359/info Micro Focus Cobol is a development suite for unix platforms offered by Merant. It is typically licensed on a per-user basis. If Micro Focus Cobol is installed with the 'Apptrack' feature enable...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2001/02/12 12:0 a.m.46 views

Micro Focus Cobol 4.1 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/2359/info Micro Focus Cobol is a development suite for unix platforms offered by Merant. It is typically licensed on a per-user basis. If Micro Focus Cobol is installed with the 'Apptrack' feature enabled, local users may be able to elevate privileges. A...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/12/08 12:0 a.m.73 views

Exploit Code for File Input field advisory.

I have coded an exploit example for the "File Upload via Form" vulnerability recently mentioned by Microsoft Security. Here's the source for it well, most of the source. If you would like the whole source, email me. I'll send it as an attachment. --------------snip------------------ !script...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 2000/08/15 12:0 a.m.30 views

Check Point Software Firewall-1 3.0/1 4.0/1 4.1 - Session Agent Dictionary Attack (1)

source: https://www.securityfocus.com/bid/1662/info A vulnerability exists in all versions of the Check Point Session Agent, part of Firewall-1. Session Agent works in such a way that the firewall will establish a connection back to the client machine. Upon doing so, it will prompt for a username...

7.4AI score
Exploits0
canvas
canvas
added 2000/07/07 4:0 a.m.68 views

Immunity Canvas: WUFTPD_SEXEC

Name| wuftpdsexec ---|--- CVE| CVE-2000-0573 Exploit Pack| CANVAS Description| WuFTPD SITE EXEC Formatstring Bug Notes| References: http://www.securityfocus.com/bid/1387 CVE Name: CVE-2000-0573 VENDOR: wuftpd.org Repeatability: Multiple tries Date public: 22-06-2000 CERT Advisory:...

10CVSS0.1AI score0.96292EPSS
Exploits4
securityvulns
securityvulns
added 2000/04/15 12:0 a.m.20 views

Очередной обзор Security Focus

No description provided...

1AI score
Exploits0References1
securityvulns
securityvulns
added 2000/04/03 12:0 a.m.42 views

Вышел очередной обзор Security Focus

No description provided...

0.8AI score
Exploits0References1
Rows per page
Query Builder