5116 matches found
Design/Logic Flaw
Google Chrome 15.0.874.121 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code...
CVE-2011-4690
Opera 11.60 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code...
CVE-2011-4690
CVE-2011-4690 affects Opera 11.60 and earlier. The vulnerability arises because Opera does not prevent capturing timing data related to Same Origin Policy violations during IFRAME loading, enabling remote attackers to determine whether a document exists in the browser cache via crafted JavaScript...
CVE-2011-4688
CVE-2011-4688 affects Mozilla Firefox 8.0.1 and earlier. The issue enables an attacker to infer whether a document is present in the browser cache by observing data related to the timing of Same Origin Policy violations during iframe load attempts, via crafted JavaScript. The OpenVAS entries corr...
Yahoo Messenger Exploit Changes Status Messages
Security researchers at BitDefender are warning users about a new Yahoo! Messenger vulnerability that allows an attacker to change victims’ status updates. According to the security firm, the situation has been exploited in the wild to target version 11.x of the Messenger client. The vulnerabilit...
Unfixed XSS vulnerability at www.bravo.ee
Security researcher secrgb, has submitted on 13/11/2011 a cross-site-scripting XSS vulnerability affecting www.bravo.ee, which at the time of submission ranked 14207079 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is currently...
Opera 10/11 (bad nesting with frameset tag) Memory Corruption
Exploit for windows platform in category remote exploits Exploit for Opera 10/11 bad nesting with frameset tag Memory Corruption Vulnerability: Discovered: 2010-08-18 Patched: 2011-05-18 Tested on: v10.xx v10.00, v10.01, v10.10, v10.50, v10.51, v10.52, v10.53, v10.54, v10.6, v10.61, v10.62 and...
Mysql.com hacked, serving BlackHole exploit malware
Mysql.com hacked, serving BlackHole exploit malware MySQL.com website is currently hacked and compromised with a JavaScript malware and serving malware to anyone visiting it. The mysql.com website is injected with a script that generates an iFrame that redirects the visitors to...
Mysql.com hacked, serving BlackHole exploit malware
Mysql.com hacked, serving BlackHole exploit malware MySQL.com website is currently hacked and compromised with a JavaScript malware and serving malware to anyone visiting it. The mysql.com website is injected with a script that generates an iFrame that redirects the visitors to...
MHTML Mime-Formatted Request Vulnerability
No description provided by source. MHTML Mime-Formatted Request Vulnerability Again Author: www.80vul.com Email:5up3rh3igmail.com Release Date: 2011/09/23 Release: http://www.80vul.com/mhtml/mhtml-again.txt Overview: After MS11-057,I tested and found "MHTML Mime-Formatted Request Vulnerability"...
Iframe Vulnerability in Google App Engine (Appspot)
Iframe Vulnerability in Google App Engine Appspot An Indian Hacker "Ethical Mohit" have found in Iframe Vulnerability in Contact Desk page of Google App Engine Appspot. 1 Proof of Concept : Click Here 2 Proof of Concept : Click Here Google App Engine lets you run your web applications on Google's...
Iframe Vulnerability in Google App Engine (Appspot)
Iframe Vulnerability in Google App Engine Appspot An Indian Hacker "Ethical Mohit " have found in Iframe Vulnerability in Contact Desk page of Google App Engine Appspot. 1 Proof of Concept :Click Here 2 Proof of Concept :Click Here Google App Engine lets you run your web applications on Google's...
CentOS Update for seamonkey CESA-2011:0473 centos4 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
ABC.go.com Cross Site Scripting
.. . . \ \ || | \ \ | | / \ | \ \ | | |\ / \ | \ | / / Y \ \ | / \ / / / |/\ /| / /| / / / /|| / / / / / / / / / abc.go.COM XSS vulnerability vendor: www.abc.go.com Author: Karthik R 3psil0nLambDa Email: [email protected] My blog: www.epsilonlambda.co.cc...
Zynga.com Cross Site Scripting
.. . . \ \ || | \ \ | | / \ | \ \ | | |\ / \ | \ | / / Y \ \ | / \ / / / |/\ /| / /| / / / /|| / / / / / / / / / Zynga.COM Multiple XSS vulnerability vendor: www.zynga.com Author: Karthik R 3psil0nLambDa Email: [email protected] My blog: www.epsilonlambda.co.cc...
Unfixed XSS vulnerability at www.jdsports.co.uk
Security researcher trv, has submitted on 08/01/2011 a cross-site-scripting XSS vulnerability affecting www.jdsports.co.uk, which at the time of submission ranked 27154 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/12/2011. It is currently...
Iframe Injection Vulnerability on FileHippo - Popular software download site
Iframe Injection Vulnerability on FileHippo - Popular software download site One of the most Popular Freeware Software download website "FileHippo" is Vulnerable to Iframe Injection. This Vulnerability is Found and submitted by n3t phir3. Here is the Vulnerable Link and Screenshot as shown above...
Iframe Injection Vulnerability on FileHippo - Popular software download site
Iframe Injection Vulnerability on FileHippo - Popular software download site One of the most Popular Freeware Software download website "FileHippo" is Vulnerable to Iframe Injection. This Vulnerability is Found and submitted by n3t phir3. Here is the Vulnerable Link and Screenshot as shown above...
90000 web pages infected by mass iFrame attack
90000 web pages infected by mass iFrame attack Security Experts Wayne Huang, Chris Hsiao, NightCola Lin discovered that more than 90000 web pages are infected by mass iFrame attack. There's been a mass scale injection ongoing recently, with the injected iframe pointing to willysy.com . Just Try a...
90000 web pages infected by mass iFrame attack
90000 web pages infected by mass iFrame attack Security Experts Wayne Huang, Chris Hsiao, NightCola Lin discovered that more than 90000 web pages are infected by mass iFrame attack. There's been a mass scale injection ongoing recently, with the injected iframe pointing to willysy.com . Just Try a...