5123 matches found
CVE-2010-1992
Removed by vendor...
Main PHP-Nuke Site Compromised
The main site for the PHP-Nuke content management system software has been compromised and is serving malicious iFrame exploits to visitors. Researchers at Websense found that the phpnuke.org site is currently serving several different exploits. The attack uses the common iFrame-redirection...
Safari JavaScriptCore.dll Stack Exhaustion
Problem Event Name: APPCRASH Application Name: Safari.exe Application Version: 5.31.22.7 Application Timestamp: 4b8f94fa Fault Module Name: JavaScriptCore.dll Fault Module Version: 5.31.22.5 Fault Module Timestamp: 4b8cb88c Exception Code: c00000fd Exception Offset: 000889f7 OS Version:...
Apple Safari 4.0.5 - JavaScriptCore.dll Stack Exhaustion
Apple Safari 4.0.5 - JavaScriptCore.dll Stack Exhaustion window.print; a; function a setIntervalb,0; function b var c = document.createElement"iframe"; c.setAttribute"src",document.location; document.getElementsByTagName"body"0.appendChildc; setIntervala,0;...
JIRA is vulnerable to clickjacking attacks
panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-21101. panel A clickjacking attack on JIRA would most likely take the form of a third-party site, containing an invisible iframe on top of a...
JIRA is vulnerable to clickjacking attacks
A clickjacking attack on JIRA would most likely take the form of a third-party site, containing an invisible iframe on top of an unrelated page. The iframe would contain a page in JIRA. The victim would believe he was clicking on the other site but would actually be clicking in JIRA and performin...
Net Solutions' Hack Heightens Role of ISP in App Layer Security
According to research, the malicious iframe used in the latest Network Solutions attack pointed to corpadsinc.com which then downloads Adobe exploits onto victims’ machines. The hacks raise an issue increasingly being faced by Website owners: what’s the responsibility of the ISP or service or clo...
CVE-2009-3385
CVE-2009-3385 affects Mozilla SeaMonkey prior to 1.1.19. The vulnerability lies in the mail/HTML rendering component where scriptable plugin content (e.g., Flash) could be loaded and executed inside an iframe in HTML emails. This could allow a user-assisted attacker to access sensitive data or lo...
Apple Safari 'SRC' Remote Denial Of Service Vulnerability
This host is installed with Apple Safari Web Browser and is prone to to Denial of Service vulnerabilities. OpenVAS Vulnerability Test $Id: gbapplesafaricfnetworksrcdosvuln.nasl 7174 2017-09-18 11:48:08Z asteins $ Apple Safari 'SRC' Remote Denial Of Service Vulnerability Authors: Antu Sanadi...
Code injection
cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.4 on Windows, allows remote attackers to cause a denial of service application crash via a long string in the SRC attribute of a 1 IMG or 2 IFRAME element...
CVE-2010-0925
Apple Safari
Google Chrome Multiple Vulnerabilities - (Windows)
This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnwin02.nasl 5394 2017-02-22 09:22:42Z teissa $ Google Chrome Multiple Vulnerabilities - Windows Authors: Antu Sanadi Copyright: Copyright c 2010 SecPod,...
Firefox Multiple Vulnerabilities (Feb 2010) - Windows
Firefox Browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Firefox Multiple Vulnerabilities Feb-10 (Windows)
The host is installed with Firefox Browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodfirefoxmultvulnfeb10win.nasl 5394 2017-02-22 09:22:42Z teissa $ Firefox Multiple Vulnerabilities Feb-10 Windows Authors: Rachana Shetty Copyright: Copyright c 2010 SecPod,...
Firefox Multiple Vulnerabilities Feb-10 (Linux)
The host is installed with Firefox Browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodfirefoxmultvulnfeb10lin.nasl 5394 2017-02-22 09:22:42Z teissa $ Firefox Multiple Vulnerabilities Feb-10 Linux Authors: Rachana Shetty Copyright: Copyright c 2010 SecPod,...
Microsoft Windows ShellExecute()输入验证漏洞(MS10-002/MS10-007)
BUGTRAQ ID: 37884 CVE ID: CVE-2010-0027 Microsoft Windows是微软发布的非常流行的操作系统。 IE浏览器等应用使用ShellExecute API函数处理文件。由于没有正确的对数据流执行验证,用户受骗跟随了恶意URL就可能导致绕过安全过滤执行本地系统上的二进制程序。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows 2000SP4 厂商补丁: Microsoft ---------...
CVE-2010-0648
Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets0.href property value, relate...
Design/Logic Flaw
Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets0.href property value, relate...
Google Chrome < 4.0.249.89 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 4.0.249.89. Such versions are reportedly affected by multiple vulnerabilities : - Two errors when resolving domain names and when interpreting configured proxy lists can be exploited to disclose sensitive data. Issue 12303,...
Google Chrome < 4.0.249.89 Multiple Vulnerabilities
Binary data 5336.pasl...