15 matches found
EUVD-2005-2456
Malware in sbrugna...
USN-2743-3: Unity Integration for Firefox, Unity Websites Integration and Ubuntu Online Accounts extension update
USN-2743-1 fixed vulnerabilities in Firefox. Future Firefox updates will require all addons be signed and unity-firefox-extension, webapps-greasemonkey and webaccounts-browser-extension will not go through the signing process. Because these addons currently break search engine installations LP:...
USN-2743-3 unity-firefox-extension, webapps-greasemonkey, webaccounts-browser-extension update
USN-2743-1 fixed vulnerabilities in Firefox. Future Firefox updates will require all addons be signed and unity-firefox-extension, webapps-greasemonkey and webaccounts-browser-extension will not go through the signing process. Because these addons currently break search engine installations LP:...
Greasemonkey 0.3.3 - Multiple Remote Information Disclosure Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/14336/info Greasemonkey is susceptible to multiple remote information disclosure vulnerabilities. These issues are due to a design error allowing insecure JavaScript functions to be executed by remote Web sites. The...
Session hacking via authentication cookie on Oracle CRM on Demand
Vulnerability Title: Session hacking via authentication cookie on Oracle CRM on Demand Date: 20/05/2011 Vendor: Oracle Product: Oracle CRM on Demand Software Link: https://sso.crmondemand.com/ Summary: Oracle CRM on Demand is a web application to manage Customer information. Desc: On login proces...
EvalInSandbox escape (Proxy Autoconfig, Greasemonkey) — Mozilla
Mozilla researcher mozbugra4 demonstrated that javascript run via EvalInSandbox can escape the sandbox and gain elevated privilege by calling valueOf on objects created outside the sandbox and inserted into it. Malicious scripts could use these privileges to compromise your computer or data...
A few species bypass the Windows Geniune Advantage validation method-vulnerability warning-the black bar safety net
Method 1: 1. On Windows Update, all the way to the next, The Ultimate validation fails 2. IE-tools-Manage Add-ons-Internet Explorer has the use of add-ons Windows Genuine Advantage - disable 3. Restart IE, on Windows Update, verified by Now enable the Windows Genuine Advantage and clear all the...
CVE-2005-2455
Greasemonkey before 0.3.5 is affected. The vulnerability allows a remote server to (1) read arbitrary files via a file:// URL in GM_xmlhttpRequest, (2) list installed scripts using GM_scripts, and (3) obtain sensitive information via GM_setValue/GM_getValue. The root causes are described in the C...
CVE-2005-2455
Greasemonkey before 0.3.5 allows remote web servers to 1 read arbitrary files via a GET request to a file:// URL in the GMxmlhttpRequest API function, 2 list installed scripts using GMscripts, or obtain sensitive information via 3 GMsetValue and GMgetValue...
CVE-2005-2455
Greasemonkey before 0.3.5 allows remote web servers to 1 read arbitrary files via a GET request to a file:// URL in the GMxmlhttpRequest API function, 2 list installed scripts using GMscripts, or obtain sensitive information via 3 GMsetValue and GMgetValue...
Greasemonkey Firefox extension information leak
Privileged functions are available with GMxmlhttpRequest...
[SA16128] Firefox Greasemonkey Extension Disclosure of Sensitive Information
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
Greasemonkey.txt
// Proof of concept exploits by Mark Pilgrim // 1 - Will disclose the contents of c:\boot.ini window.GMxmlhttpRequest = null; function trapGM03sPropertyName, sOldValue, sNewValue window.GMxmlhttpRequest = window.GMxmlhttpRequest; return sNewValue; function trapGM04sPropertyName, sOldValue,...
Greasemonkey 0.3.3 - Multiple Remote Information Disclosure Vulnerabilities
source: https://www.securityfocus.com/bid/14336/info Greasemonkey is susceptible to multiple remote information disclosure vulnerabilities. These issues are due to a design error allowing insecure JavaScript functions to be executed by remote Web sites. The specified issues exist in the...
Greasemonkey 0.3.3 - Multiple Remote Information Disclosure Vulnerabilities
Greasemonkey 0.3.3 - Multiple Remote Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/14336/info Greasemonkey is susceptible to multiple remote information disclosure vulnerabilities. These issues are due to a design error allowing insecure JavaScript functions to ...