5118 matches found
CVE-2006-1993
Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller contex...
CVE-2006-1993
CVE-2006-1993 – Firefox focus() designMode vulnerability : A flaw in the JavaScript focus implementation allowed a remotely triggered crash and, in theory, arbitrary code execution by referencing a deleted controller context object when contentWindow.focus is used inside an iframe with designMode...
security flaw
The WYSIWYG rendering engine "rich mail" editor in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which i...
security flaw
The WYSIWYG rendering engine "rich mail" editor in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which i...
linksubmit <= All version Html Tag Injector in index.php
Vendor : linksubmit Version : All Version www : http://www.phpselect.com AUTHOR : s3rv3rhack3r you can submit html tag's in $description linksubmit.php Exploit : !/usr/bin/perl Exploit by s3rv3rhack3r Special Thanx : hessamx , f0rk ,sattar.li , stanic, mfox,blood moon and.. / | | | / / | |/ // / ...
PHPSelect Submit-A-Link - HTML Injection
source: https://www.securityfocus.com/bid/17348/info Submit-A-Link is prone to an HTML-injection vulnerability. The script fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context of th...
link bank code execution and xss
——– summary software: Link Bank vendors website: http://daverave.64digits.com/index.php?page=linkbank versions: n/a class: remote status: unpatched exploit: available solution: not available discovered by: retard risk level: high ——– description Link Bank does not sanatise post sumbited to it...
Mozilla Thunderbird 1.5 - Multiple Remote Information Disclosure Vulnerabilities
source: https://www.securityfocus.com/bid/16881/info Mozilla Thunderbird is susceptible to multiple remote information-disclosure vulnerabilities. These issues are due to the application's failure to properly enforce the restriction for downloading remote content in email messages. These issues...
DEBIAN-CVE-2006-0884
The WYSIWYG rendering engine "rich mail" editor in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which i...
CVE-2006-0884
The WYSIWYG rendering engine "rich mail" editor in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which i...
CVE-2005-3630
Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives...
Mozilla Thunderbird : Remote Code Execution & Denial of Service
Mozilla Thunderbird : Remote Code Execution & Denial of Service //----- Advisory Program : Mozilla Thunderbird Homepage : http://www.mozilla.com/thunderbird/ Tested version : = 1.0.7 Found by : nono2357 at sysdream dot com This advisory : nono2357 at sysdream dot com Discovery date : 2006/01/28...
Mozilla Thunderbird code execution
IFRAME SRC attribute allows javascript execution...
Mozilla (Multiple Products) - iFrame JavaScript Execution
Mozilla Multiple Products - iFrame JavaScript Execution source: https://www.securityfocus.com/bid/16770/info Multiple Mozilla products are prone to a script-execution vulnerability. The vulnerability presents itself when an attacker supplies a specially crafted email to a user containing maliciou...
Mozilla (Multiple Products) - iFrame JavaScript Execution
source: https://www.securityfocus.com/bid/16770/info Multiple Mozilla products are prone to a script-execution vulnerability. The vulnerability presents itself when an attacker supplies a specially crafted email to a user containing malicious script code in an IFRAME and the user tries to reply t...
Cross site scripting
Cross-site scripting XSS vulnerability in u2u.php in XMB Forums 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter, as demonstrated using a URL-encoded iframe tag...
CVE-2006-0779
Cross-site scripting XSS vulnerability in u2u.php in XMB Forums 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter, as demonstrated using a URL-encoded iframe tag...
CVE-2005-4720
Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a denial of service client crash via an IFRAME element with a large value of the WIDTH attribute, which triggers a problem related to representation of floating-point numbers, leading to an infinite loop of widget resizes...
CVE-2005-4720
Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a denial of service client crash via an IFRAME element with a large value of the WIDTH attribute, which triggers a problem related to representation of floating-point numbers, leading to an infinite loop of widget resizes...
Winamp <= 5.12 (Crafted PLS) Remote Buffer Overflow Exploit (0-Day)
No description provided by source. / Winamp 5.12 Remote Buffer Overflow Universal Exploit Zero-Day Bug discovered & exploit coded by ATmaCA Web: http://www.spyinstructors.com && http://www.atmacasoft.com E-Mail: [email protected] Credit to Kozan / / Tested with : Winamp 5.12 on Win XP Pro Sp2 / ...