Lucene search
K

4 matches found

seebug.org
seebug.org
added 2008/06/05 12:0 a.m.9 views

MS Internet Explorer URL Injection in History List (MS04-004)

No description provided by source. // Andreas Sandblad, 2004-02-03, patched by MS04-004 // Name: payload // Purpose: Run payload code called from Local Machine zone. // The code may be arbitrary such as executing shell commands...

7.1AI score
Exploits0
CERT
CERT
added 2005/05/10 12:0 a.m.33 views

Mozilla fails to properly prevent "JavaScript:" URIs containing "eval()" from being executed in the context of other URIs in the history list

Overview Mozilla fails to properly restrict the execution of javascript: URIs. The impact is similar to that of a cross-site scripting vulnerability, which allows an attacker to access data in other sites. Description Mozilla uses a same origin security model to maintain separation between browse...

5.1CVSS5.7AI score0.16697EPSS
Exploits1References16
0day.today
0day.today
added 2004/02/04 12:0 a.m.41 views

MS Internet Explorer URL Injection in History List (MS04-004)

Exploit for unknown platform in category remote exploits ============================================================= MS Internet Explorer URL Injection in History List MS04-004 ============================================================= // Andreas Sandblad, 2004-02-03, patched by MS04-004 //...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2004/02/04 12:0 a.m.36 views

Microsoft Internet Explorer - URL Injection in History List (MS04-004)

// Andreas Sandblad, 2004-02-03, patched by MS04-004 // Name: payload // Purpose: Run payload code called from Local Machine zone. // The code may be arbitrary such as executing shell commands. // This demo simply creates a harmless textfile on the desktop. function payload file = "sandblad.txt";...

7.4AI score
Exploits0
Rows per page
Query Builder