13 matches found
EUVD-2008-0603
Malware in sbrugna...
Khoj Open Redirect Vulnerability in Login Page
Summary An attacker can use the next parameter on the login page to redirect a victim to a malicious page, while masking this using a legit-looking app.khoj.dev url. For example, https://app.khoj.dev/login?next=//example.com will redirect to the https://example.com page. Details The problem seems...
SUSE CVE-2008-0593
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original UR...
Mozilla Firefox 0.8/0.9/0.10 Infinite Array Sort Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11752/info Mozilla Firefox is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs an infinite JavaScript array sort operation. It is conjectured that this will only...
Mozilla Foundation Security Advisory 2008-10
Mozilla Foundation Security Advisory 2008-10 Title: URL token stealing via stylesheet redirect Impact: Low Announced: February 7, 2008 Reporter: Martin Straka Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.12 SeaMonkey 1.1.8 Description Security researcher Martin Straka reported that...
CVE-2008-0593
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original UR...
Design/Logic Flaw
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original UR...
CVE-2008-0593
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original UR...
CVE-2008-0593
CVE-2008-0593 affects Gecko-based browsers, notably Firefox < 2.0.0.12 and SeaMonkey
URL token stealing via stylesheet redirect — Mozilla
Security researcher Martin Straka reported that Gecko-based browsers update the .href property of stylesheet DOM nodes to reflect the final URI of the stylesheet after following any 302 redirects much as the document.location property is updated. This differs from other browsers and could...
[NEWS] XBL Implementation Allows Script Execution (Gecko)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
security flaw
Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and K-Meleon 0.9, and possibly other products that use the Gecko engine, allow remote attackers to cause a denial of service application crash via JavaScript that repeatedly calls an empty function...
Mozilla Firefox 0.8/0.9/0.10 - Infinite Array Sort Denial of Service
source: https://www.securityfocus.com/bid/11752/info Mozilla Firefox is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs an infinite JavaScript array sort operation. It is conjectured that this will only result in a denial of service and...