CVE-2008-4441

The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of service reboot or hang-up via a malformed...

Marvell Driver Malformed Association Request Vulnerability

Title: ------ Marvell Driver Malformed Association Request Vulnerability Summary: -------- The wireless drivers in some Wi-Fi access points such as the MARVELL-based Linksys WAP4400N do not correctly parse some malformed 802.11 frames. Assigned CVE: ------------- CVE-2008-4441 Details: -------- T...

CVE-2008-4198

CVE-2008-4198 affects Opera before 9.52. When an HTTP page that loads an HTTPS page in a frame is rendered, Opera shows a padlock security indicator and a dialog for a secure connection, which could mislead users into unsafe actions on the HTTP page. Connected advisories confirm this as a frame/s...

CVE-2008-4063

CVE-2008-4063 affects Mozilla Firefox 3.x up to 3.0.2. The issue involves memory corruption in the layout engine via multiple vectors: (1) this==0 in nsContentList::Item, (2) Hindi/Indic IME interaction with the g key, and (3) inline frame protection when SortByContentOrder is invoked. Impact is ...

Mozilla crashes with evidence of memory corruption

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to the layout engine and 1 a zero value of the "this" variable in the...

CVE-2008-4063

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to the layout engine and 1 a zero value of the "this" variable in the...

CVE-2008-4135

Symbian OS S60 3rd edition on the Nokia E90 Communicator 07.40.1.2 Ra-6 and Nseries N82 allows remote attackers to cause a denial of service device crash via multiple deauthentication DeAuth frames...

Design/Logic Flaw

Symbian OS S60 3rd edition on the Nokia E90 Communicator 07.40.1.2 Ra-6 and Nseries N82 allows remote attackers to cause a denial of service device crash via multiple deauthentication DeAuth frames...

CVE-2008-4135

Symbian OS S60 3rd edition on the Nokia E90 Communicator 07.40.1.2 Ra-6 and Nseries N82 allows remote attackers to cause a denial of service device crash via multiple deauthentication DeAuth frames...

RealPlayer SWF Frame Handling Buffer Overflow Vulnerability (Windows)

This Remote host is running with RealPlayer, which is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: secpodrealplayerswfbofvuln900015.nasl 7174 2017-09-18 11:48:08Z asteins $ Description: RealPlayer SWF Frame Handling Buffer Overflow Vulnerability Windows Authors: Chandan...

CVE-2008-3456

phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack...

Cisco Intrusion Prevention System DoS

Problem on jumbo-frames parsing...

Design/Logic Flaw

Unspecified vulnerability in Cisco Intrusion Prevention System IPS 5.x before 5.18E2 and 6.x before 6.05E2, when inline mode and jumbo Ethernet support are enabled, allows remote attackers to cause a denial of service panic, and possibly bypass intended restrictions on network traffic, via a...

CVE-2008-2060

Cisco IPS Jumbo Frame DoS (CVE-2008-2060) affects Cisco Intrusion Prevention System versions 5.x before 5.1(8)E2 and 6.x before 6.0(5)E2 when inline mode and jumbo Ethernet support are enabled. A specific sequence of jumbo Ethernet frames on a gigabit inline-deployed platform can cause a kernel p...

CVE-2008-2716

Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks...

Design/Logic Flaw

Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks...

CVE-2008-2716

CVE-2008-2716 affects Opera before 9.5, where an unspecified vulnerability could allow remote attackers to spoof contents of trusted frames on the same parent page by modifying the location, enabling phishing. Public references indicate this CVE was addressed in Opera 9.50 via security updates (e...

Pages held in frames are able to change the location of pages in unrelated frames on the parent page – Opera Security Advisories

Pages held in frames are able to change the location of pages in unrelated frames on the parent page – Opera Security Advisories OPCOM Team | June 11, 2008 Severity: Less Severe Problem Description: Pages from different sources held on the same parent page should not be able to modify the locatio...

Pages held in frames are able to change the location of pages in unrelated frames on the parent page

Pages from different sources held on the same parent page should not be able to modify the locations of each other. In affected Opera versions, if a page contains frames from both a trusted but not secured, and an untrusted source, the untrusted page is able to replace the contents of a named...

Intel Centrino ipw2200BG Wireless Driver Remote BOF Exploit (meta)

Exploit for unknown platform in category remote exploits ================================================================== Intel Centrino ipw2200BG Wireless Driver Remote BOF Exploit meta ================================================================== This file is part of the Metasploit...