Lucene search
K

716 matches found

Ubuntu
Ubuntu
added 2009/12/18 10:31 p.m.78 views

USN-874-1: Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities

Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary...

9.3CVSS8.5AI score0.04785EPSS
Exploits8
securityvulns
securityvulns
added 2009/12/17 12:0 a.m.80 views

Mozilla Foundation Security Advisory 2009-69

Mozilla Foundation Security Advisory 2009-69 Title: Location bar spoofing vulnerabilities Impact: Moderate Announced: December 15, 2009 Reporter: Jonathan Morgan, Jordi Chancel Products: Firefox, SeaMonkey Fixed in: Firefox 3.5.6 Firefox 3.0.16 SeaMonkey 2.0.1 Description Security researcher...

6.8CVSS9.3AI score0.02539EPSS
Exploits7
RedHat Linux
RedHat Linux
added 2009/12/16 4:33 a.m.3 views

Mozilla SSL spoofing with document.location and empty SSL response page

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content aka 204 status code and an empty...

6.8CVSS7.4AI score0.0219EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2009/09/25 11:8 a.m.7 views

AV Researcher Calls for Standard Threat Level Displays

GENEVA — A veteran security researcher today challenged the anti-malware industry to work on a standard way of assigning computer/Internet threat levels to present transparent helpful information to consumers and businesses. During a presentation at the Virus Bulletin 2009 conference here, Fortin...

Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.45 views

SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 1200)

Mozilla Firefox was updated to the 3.0.13 release, fixing some security issues and bugs : - Security researcher Juan Pablo Lopez Yacubian reported that an attacker could call window.open on an invalid URL which looks similar to a legitimate URL and then use document.write to place content within...

10CVSS9AI score0.04939EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2009/08/20 12:0 a.m.31 views

openSUSE Security Update : MozillaFirefox (MozillaFirefox-1202)

MozillaFirefox was updated to the 3.0.13 release, fixing some security issues and bugs : MFSA 2009-44 / CVE-2009-2654: Security researcher Juan Pablo Lopez Yacubian reported that an attacker could call window.open on an invalid URL which looks similar to a legitimate URL and then use document.wri...

10CVSS9AI score0.04939EPSS
Exploits1References5
Prion
Prion
added 2009/06/10 6:0 p.m.22 views

Design/Logic Flaw

WebKit in Apple Safari before 4.0 allows remote attackers to spoof the browser's display of 1 the host name, 2 security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3 hotspot property...

2.6CVSS6.7AI score0.02888EPSS
Exploits2References13Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.32 views

Ubuntu 5.10 / 6.06 LTS / 6.10 : firefox vulnerabilities (USN-428-1)

Several flaws have been found that could be used to perform Cross-site scripting attacks. A malicious website could exploit these to modify the contents or steal confidential data such as passwords from other opened web pages. CVE-2006-6077, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981,...

9.3CVSS8.7AI score0.5036EPSS
Exploits11References16
UbuntuCve
UbuntuCve
added 2007/02/26 8:28 p.m.23 views

CVE-2007-0779

GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...

6.4CVSS6AI score0.01548EPSS
Exploits0References2
Prion
Prion
added 2007/02/26 8:28 p.m.22 views

Code injection

GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...

6.4CVSS6.3AI score0.01548EPSS
Exploits0References47Affected Software2
Mozilla
Mozilla
added 2007/02/23 12:0 a.m.37 views

Spoofing using custom cursor and CSS3 hotspot — Mozilla

David Eckel reported that browser UI elements--such as the host name and security indicators--could be spoofed by using a large, mostly transparent, custom cursor and adjusting the CSS3 hotspot property so that the visible part of the cursor floated outside the browser content area...

6.4CVSS3.7AI score0.01548EPSS
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2006/04/21 12:0 a.m.27 views

Ubuntu 4.10 / 5.04 / 5.10 : mozilla-firefox, firefox vulnerabilities (USN-271-1)

Web pages with extremely long titles caused subsequent launches of Firefox browser to hang for up to a few minutes, or caused Firefox to crash on computers with insufficient memory. CVE-2005-4134 Igor Bukanov discovered that the JavaScript engine did not properly declare some temporary variables...

10CVSS8.5AI score0.12589EPSS
Exploits3References22
RedHat Linux
RedHat Linux
added 2006/04/14 3:54 p.m.3 views

security flaw

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site...

2.6CVSS5.8AI score0.02477EPSS
Exploits0References4
OSV
OSV
added 2006/04/14 10:2 a.m.2 views

DEBIAN-CVE-2006-1740

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site...

2.6CVSS6.3AI score0.02477EPSS
Exploits0References1
OSV
OSV
added 2006/04/14 10:2 a.m.6 views

CVE-2006-1740

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site...

6.1AI score
Exploits0References45
Cvelist
Cvelist
added 2006/04/14 10:0 a.m.24 views

CVE-2006-1740

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site...

5.9AI score0.02477EPSS
Exploits0References45
Rows per page
Query Builder