EUVD-2010-0199

Malware in sbrugna...

SUSE CVE-2010-0168

The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow remote attackers to cause a denial of service...

Amateur Photographer's Image Gallery 0.9a XSS / SQL Injection

ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ ³ ÚÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÂÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿ ³ ³ ³ Undergroundthalo Hacking Team - Security Advisory ³ ³ ³...

Amateur Photographer 's Image Gallery 0.9a XSS / SQL Injection

Amateur Photographer's Image Gallery version 0.9a suffers from cross site scripting, remote file disclosure, and remote SQL injection vulnerabilities. Undergroundthalo Hacking Team - Security Advisory --------------------------------------------------------------------------- Author : cr4wl3r...

Mozilla Foundation Security Advisory 2010-13

Mozilla Foundation Security Advisory 2010-13 Title: Content policy bypass with image preloading Impact: Moderate Announced: March 23, 2010 Reporter: Josh Soref, Nokia Products: Firefox 3.6 Fixed in: Firefox 3.6.2 Description Mozilla developer Josh Soref of Nokia reported that documents failed to...

Design/Logic Flaw

The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow remote attackers to cause a denial of service...

CVE-2010-0168

The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow remote attackers to cause a denial of service...

CVE-2010-0168

The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow remote attackers to cause a denial of service...

Content policy bypass with image preloading — Mozilla

Mozilla developer Josh Soref of Nokia reported that documents failed to call certain security checks when attempting to preload images. Although the image content is not available to the page, it is possible to specify protocols that are normally not allowed in a web page such as file:. This...

Mozilla Firefox 3.6 - Image Preloading Content-Policy Check Security Bypass

source: https://www.securityfocus.com/bid/38927/info Mozilla Firefox is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass content-loading policies. Attackers can exploit this issue to bypass content-loading policies. The impact of this issue will depend on the...