CVE-2011-2628

Opera before 11.11 does not properly implement FRAMESET elements, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via vectors related to page unload...

Opera < 11.11 Frameset Memory Corruption

Binary data 800867.prm...

Opera -- code injection vulnerability through broken frameset handling

Opera Software ASA reports: Fixed an issue with framesets that could allow execution of arbitrary code, as reported by an anonymous contributor working with the SecuriTeam Secure Disclosure program...

Frameset issue allows execution of arbitrary code – Opera Security Advisories

Framesets allow web pages to hold other pages inside them. Certain frameset constructs are not handled correctly when the page is unloaded, causing a memory corruption. To inject code, additional techniques will have to be employed...

Frameset issue allows execution of arbitrary code

Framesets allow web pages to hold other pages inside them. Certain frameset constructs are not handled correctly when the page is unloaded, causing a memory corruption. To inject code, additional techniques will have to be employed...

Mozilla integer overflow in frameset spec (MFSA 2011-12)

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...

Mozilla integer overflow in frameset spec (MFSA 2011-12)

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...

Mozilla integer overflow in frameset spec (MFSA 2011-12)

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...

Mozilla Foundation Security Advisory 2010-50

Mozilla Foundation Security Advisory 2010-50 Title: Frameset integer overflow vulnerability Impact: Critical Announced: September 7, 2010 Reporter: Chris Rohlf Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.9 Firefox 3.5.12 Thunderbird 3.1.3 Thunderbird 3.0.7 SeaMonkey 2.0.7...

Integer overflow

Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols aka columns...

FreeBSD : mozilla -- multiple vulnerabilities (4a21ce2c-bb13-11df-8e32-000f20797ede)

The Mozilla Project reports : MFSA 2010-49 Miscellaneous memory safety hazards rv:1.9.2.9/ 1.9.1.12 MFSA 2010-50 Frameset integer overflow vulnerability MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array MFSA 2010-52 Windows XP DLL loading vulnerability MFSA 2010-53 Heap buffer...

Mozilla Frameset integer overflow vulnerability (MFSA 2010-50)

Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols aka columns...

Mozilla Frameset integer overflow vulnerability (MFSA 2010-50)

Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols aka columns...

Mozilla Frameset integer overflow vulnerability (MFSA 2010-50)

Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols aka columns...

Frameset integer overflow vulnerability — Mozilla

Security researcher Chris Rohlf of Matasano Security reported that the implementation of the HTML frameset element contained an integer overflow vulnerability. The code responsible for parsing the frameset columns used an 8-byte counter for the column numbers, so when a very large number of colum...

Image upload formula deceptive vulnerability tutorials-vulnerability warning-the black bar safety net

For the reader: the script to attack the lovers, ASP programmer Pre-knowledge: none Image upload formula spoofing attacks Wen/ Yan into the This vulnerability applies to all only check the uploaded file format of the program, put the images into HTML code, after uploading the executable to do the...

Debian DSA-1641-1 : phpmyadmin - several vulnerabilities

Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administrate MySQL databases over the web. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-4096 Remote authenticated users could execute arbitrary code on the host running...

DSA-1641-1 phpmyadmin - several issues

Bulletin has no description...

New Automatic File Download vulnerabilities in Google Chrome

Здравствуйте 3APA3A! Сообщаю вам о найденной мною новых Automatic File Download уязвимостях в браузере Google Chrome. В браузере Chrome имеются уязвимости, которая позволяют загружать произвольные файлы, в том числе exe, без предварительного уведомления пользователя. Данные две Automatic File...

Debian Security Advisory DSA 777-1 (mozilla)

The remote host is missing an update to mozilla announced via advisory DSA 777-1. A vulnerability has been discovered in Mozilla and Mozilla Firefox that allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site. Thunderbird is not affected by this and...