CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ThreatPost•added 2011/05/16 5:6 p.m.•11 views

Geek.com Hacked, Found Hosting Exploit Kit

The security geeks at Geek.com were busy this weekend, after Web security firm zScaler found evidence that an exploit kit was using malicious iframe attacks to try to attack visitors to the company’s Web site, according to a Zscaler report Sunday. A post on the web security firm’s blog indicated...

0.7AI score

Exploits0References5

myhack58•added 2011/05/14 12:0 a.m.•29 views

A DNS suffix may lead to cross-domain security issues-vulnerability warning-the black bar safety net

We all know that dhcpd can be set in which the client's DNS suffix. For example, if we set the DNS suffix"sb.com”when we visit www. sb. com, all clients will use the DHCP server and try the following sequence for resolution. Note: the following green font are representative of the Main Domain Nam...

6.9AI score

The Hacker News•added 2011/05/04 10:45 a.m.•5 views

Goal.com Hacked, found to be serving malware !

According to Armorize, soccer news site Goal.com was recently found to be serving malware. "In an analysis of the attack, Armorize researcher Wayne Huang suggests that a hacker specifically targeted and compromised Goal.com through a back-door that allowed the attacker to manipulate the site's...

6.7AI score

Cent OS•added 2011/04/29 8:53 p.m.•81 views

seamonkey security update

CentOS Errata and Security Advisory CESA-2011:0473 Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS ba...

10CVSS7.9AI score0.69977EPSS

Exploits5References7

RedHat Linux•added 2011/04/29 3:15 a.m.•3 views

Mozilla crash from bad iframe source (MFSA 2011-12)

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...

RedHat Linux•added 2011/04/29 3:15 a.m.•55 views

Critical: Red Hat Security Advisory: thunderbird security update

An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

10CVSS7.9AI score0.69977EPSS

Exploits5References7

RedHat Linux•added 2011/04/29 3:14 a.m.•4 views

Mozilla crash from bad iframe source (MFSA 2011-12)

RedHat Linux•added 2011/04/29 3:8 a.m.•5 views

Mozilla crash from bad iframe source (MFSA 2011-12)

RedHat Linux•added 2011/04/29 2:57 a.m.•5 views

Mozilla crash from bad iframe source (MFSA 2011-12)

Check Point Advisories•added 2011/04/27 12:0 a.m.•16 views

Internet Explorer Malformed IFRAME Buffer Overflow (MS04-040; CVE-2004-1050)

Internet Explorer IE is a popular web browser developed by Microsoft corporation. A buffer overflow vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is in the way Microsoft Internet Explorer parses certain parameters of an IFRAME tag. An attacker can exploit this...

10CVSS7.5AI score0.67061EPSS

Exploits4

xssed•added 2011/04/09 12:0 a.m.•11 views

Unfixed XSS vulnerability at www.poumon.ca

Security researcher Gamoscu, has submitted on 04/09/2011 a cross-site-scripting XSS vulnerability affecting www.poumon.ca, which at the time of submission ranked 564377 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is currently...

0.1AI score

Exploits0References1

Tenable Nessus•added 2011/03/31 12:0 a.m.•12 views

Web Server iFrame Source Hosted on 3rd-party Server

Binary data 5877.prm...

7.3AI score

Exploits0References1

The Hacker News•added 2011/03/22 4:59 p.m.•11 views

JavaScript hole in Facebook !

Facebook made some important changes to the way in Facebook Pages, the fan pages set up by brands, bands and even cucumbers could be created. In the past the tabs which could be added to these pages have been set up in two ways; the first used the Facebook FBML app. This allowed page tabs to be...

6.8AI score

securityvulns•added 2011/03/15 12:0 a.m.•47 views

VUPEN Security Research - Apple Safari WebKit Iframe Event Handling Remote Use-after-free

VUPEN Security Research - Apple Safari WebKit Iframe Event Handling Remote Use-after-free http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Apple Safari is a web browser developed by Apple. As of February 2010, Safari was the fourth most widely used browser, with 4.45...

7.6AI score

ThreatPost•added 2011/02/16 5:45 p.m.•11 views

BBC Sites Serving Malware

The websites of the BBC’s 6 music and 1Xtra radio stations have been injected with a malicious iframe and are redirecting users to a site serving up malware according to a Websense report Tuesday. The iframe, on both the BBC 6 music and 1Xtra webpages, is loading code from a malicious website fro...

3.2AI score

Exploits0References3

FreeBSD•added 2011/01/04 12:0 a.m.•12 views

mediawiki -- Clickjacking vulnerabilities

Clickjacking vulnerabilities: Clickjacking is a type of vulnerability discovered in 2008, which is similar to CSRF. The attack involves displaying the target webpage in a iframe embedded in a malicious website. Using CSS, the submit button of the form on the targeit webpage is made invisible, and...

2.7AI score

Exploits0References1

The Hacker News•added 2010/11/30 2:33 a.m.•10 views

Cyber Fraud: Tactics, Techniques and Procedures

Gone are the days when those BlackHat Hackers would tickle you for fun, Now they will poke you & take your diamonds without you even knowing anything about it until it's too late. Landscape in the Cyber underground has completely changed since then, making it more like well organized business...

6.6AI score