37 matches found
EUVD-2002-1426
Malware in sbrugna...
EUVD-2002-1425
Malware in sbrugna...
EUVD-2004-2466
Malware in sbrugna...
EUVD-2007-6502
Malware in sbrugna...
Google Toolbar 1.1.60 Search Function Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5477/info Reportedly, when the Google Toolbar receives a search query it may cause Microsoft Internet Explorer to crash. When a user views a malicious web page it will cause the Google Toolbar to throw an exception in...
Google Toolbar 1.1.x About.HTML HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11210/info Google Toolbar is reported prone to a HTML injection vulnerability. It is reported that the Google Toolbar 'ABOUT.HTML' page allows the injection of HTML and JavaScript code. This vulnerability may allow an...
CVE-2007-6536
The Custom Button Installer dialog in Google Toolbar 4 and 5 beta presents certain domain names in the 1 "Downloaded from" and 2 "Privacy considerations" sections without verifying domain names, which makes it easier for remote attackers to spoof domain names and trick users into installing...
Open redirect
The Custom Button Installer dialog in Google Toolbar 4 and 5 beta presents certain domain names in the 1 "Downloaded from" and 2 "Privacy considerations" sections without verifying domain names, which makes it easier for remote attackers to spoof domain names and trick users into installing...
CVE-2007-6536
The Custom Button Installer dialog in Google Toolbar 4 and 5 beta presents certain domain names in the 1 "Downloaded from" and 2 "Privacy considerations" sections without verifying domain names, which makes it easier for remote attackers to spoof domain names and trick users into installing...
CVE-2007-6536
The CVE-2007-6536 issue affects Google Toolbar 4 and 5 beta where the Custom Button Installer dialog may display domain names in the “Downloaded from” and “Privacy considerations” fields without validating them. The root cause is lack of domain verification, enabling remote attackers to spoof dom...
KLA10182 SUI vulnerability in Google Toolbar
Lack of domain name verification was found in Google Toolbar. By exploiting this vulnerability malicious users can spoof domain names. This vulnerability can be exploited remotely via custom button manipulations. Original advisories - Related products Google-Toolbar CVE list CVE-2007-6536 high...
Google工具条对话框漏洞
BUGTRAQ ID: 26923 CNCAN ID:CNCAN-2007122003 Google Toolbar是一款流行的嵌入IE的工具条程序。 Google Toolbar存在对话框伪造问题,远程攻击者可以利用漏洞欺骗用户安装恶意定制按钮到工具栏。 当增加新的Google工具栏按钮时,允许伪造对话框上的信息,这可以导致攻击者使目标用户确信按钮来自可信域而安装。此按钮可用于下载恶意文件或进行钓鱼等攻击。 Google Toolbar 5 beta Google Toolbar 4 目前没有详细解决方案提供: http://toolbar.google.com/...
Google Toolbar Dialog Spoofing Vulnerability
Google Toolbar allows spoofing the information presented in the dialog which is being displayed when adding a new Google Toolbar button. This can allow an attacker to convince the users that his button comes from a trusted domain. This button can then be used to download malicious files or conduc...
[Full-disclosure] New Vulnerability against Firefox/ Major Extensions
This information also posted with html link goodness to http://paranoia.dubfire.net/2007/05/remote-vulnerability-in-firefox.html -------------------------- Executive Summary -------------------------- A vulnerability exists in the upgrade mechanism used by a number of high profile Firefox...
Google Toolbar Detection
Binary data 3726.prm...
Microsoft Internet Explorer Version Detection (Google Toolbar)
Binary data 3725.prm...
CVE-2004-2475
Cross-site scripting XSS vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it i...
CVE-2004-2475
The CVE-2004-2475 entry concerns a cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 that could allow remote scripts to be injected via about.html in the About section. The connected documentation notes that demonstrations using the res:// protocol may not cross privilege bound...
Google Toolbar < 2.0.114.1 Multiple Vulnerabilities
The remote host is running the Google Toolbar, a toolbar of Internet Explorer. The remote version of this software is reportedly affected by an HTML injection vulnerability that could allow an attacker to execute a cross-site scripting attack. C Tenable Network Security, Inc. include"compat.inc";...
CVE-2004-2475
Cross-site scripting XSS vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it i...