Opera Multiple Denial of Service Vulnerabilities - June12 (Windows)

The host is installed with Opera and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultdosvulnjune12win.nasl 5931 2017-04-11 09:02:04Z teissa $ Opera Multiple Denial of Service Vulnerabilities - June12 Windows Authors: Sooraj KS Copyright: Copyrigh...

Opera Multiple Denial of Service Vulnerabilities (Jun 2012) - Linux

Opera is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Opera Multiple Denial of Service Vulnerabilities (Jun 2012) - Mac OS X

Opera is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Opera Multiple Denial of Service Vulnerabilities (Jun 2012) - Windows

Opera is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-3567

Opera before 12.00 Beta allows remote attackers to cause a denial of service memory consumption or application hang via an IFRAME element that uses the src="" syntax to embed a parent document...

CVE-2012-3567

CVE-2012-3567 affects Opera before 12.00 Beta. The vulnerability is triggered via an IFRAME element using src="#" to embed a parent document, leading to memory consumption or an application hang (denial of service). The available connected documents confirm the same description and CVSS metrics (...

Mozilla: Information disclosure though Windows file shares and shortcut files (MFSA 2012-37)

Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut aka .lnk file for display within an IFRAME...

CVE-2012-1945

Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut aka .lnk file for display within an IFRAME...

SA-CONTRIB-2012-096 - Authoring HTML - Cross Site Scripting (XSS)

This module creates an input format suitable for use within a WYSIWYG editor. It adds support for the iframe HTML tag, making it friendly with the popular iframe embeds available in popular video sites like YouTube and Vimeo. It supports the script tag too. Both tags will only be allowed if the...

CVE-2012-1945

Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut aka .lnk file for display within an IFRAME...

Information disclosure

Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut aka .lnk file for display within an IFRAME...

CVE-2012-1945

CVE-2012-1945 affects Mozilla Firefox 4.x–12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0–12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10. The issue occurs when an HTML document loads a shortcut file (.lnk) inside an IFRAME, demonstrated by a network share on Windows or ...

CVE-2012-1945

Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut aka .lnk file for display within an IFRAME...

Mozilla: Information disclosure though Windows file shares and shortcut files (MFSA 2012-37)

Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut aka .lnk file for display within an IFRAME...

WordPress iFrame Admin Pages Plugin 'url' Parameter XSS Vulnerability

WordPress with iFrame Admin Pages Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

WordPress iFrame Admin Pages 0.1 Cross Site Scripting

Hi We have used our tool, THAPS, to identify vulnerabilities in this WordPress plugin. We have confirmed at least one of the reported vulnerabilities and created a working exploit located below. Attached is one or more log files containing the output of our tool, identifying the location of the...

WordPress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/53522/info The iFrame Admin Pages plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

X7 Chat 2.0.5.1 - Cross-Site Request Forgery (Add Admin)

Exploit Title: X7 Chat 2.0.5.1 CSRF Add Admin Exploit Google Dork: intitle:"Chat Room" "Powered By X7 Chat 2.0.5" Date: 09.05.2012 Author: DennSpec Software Link: http://x7chat.com/releases/v2/x7chat2051.zip Version: Replace http://xxxxxxxxx.com/x7path/ to your target url. Dont forget replace...

php-decoda Cross-Site Scripting in Video Tags

Exploit for php platform in category web applications Advisory: php-decoda: Cross-Site Scripting in Video Tags RedTeam Pentesting discovered a cross-site scripting XSS vulnerability in the PHP markup parser Decoda. This allows attackers that should be restricted to the markup supported by Decoda ...

Opera Browser 'SRC' Denial of Service Vulnerability (Mac OS X)

The host is installed with Opera browser and is prone to denial of service Vulnerability. OpenVAS Vulnerability Test $Id: gboperasrciframedosvulnmacosx.nasl 6018 2017-04-24 09:02:24Z teissa $ Opera Browser 'SRC' Denial of Service Vulnerability Mac OS X Authors: Madhuri D Copyright: Copyright c 20...