74 matches found
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 156567 High CVE-2012-5133: Use-after-free in SVG filters. Credit to miaubiz. 148638 Medium CVE-2012-5130: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG. 155711 Low CVE-2012-5132: Browser crash with chunked encoding. Credit to Attila Szász. 158249 Hi...
CVE-2010-4758
installer.pl in Open Ticket Request System OTRS before 3.0.3 has an Inbound Mail Password field that uses the text type, instead of the password type, for its INPUT element, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen...
CVE-2010-4758
installer.pl in Open Ticket Request System OTRS before 3.0.3 has an Inbound Mail Password field that uses the text type, instead of the password type, for its INPUT element, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen...
CVE-2009-0821
Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause a denial of service application crash via nested calls to the window.print function, as demonstrated by a window.printwindow.print in the onclick attribute of an INPUT element...
CVE-2009-0355
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element...
Firefox local file stealing with SessionStore
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element...
CVE-2009-0355
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element...
Microsoft Internet Explorer HTML Form Value DoS Vulnerability
Internet Explorer is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
The shell32 module in Microsoft Internet Explorer 7.0 on Windows XP SP3 might allow remote attackers to execute arbitrary code via a long VALUE attribute in an INPUT element, possibly related to a stack consumption vulnerability...
SuSE 10 Security Update : gecko-sdk and mozilla-xulrunner (ZYPP Patch Number 5811)
This update backports the latest security fixes to the Mozilla XULRunner engine. It fixes following security issues : - The http-index-format MIME type parser nsDirIndexParser in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check for an allocatio...
Design/Logic Flaw
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by modifying properties of a file input element while it is stil...
Mozilla crash and remote code execution in nsFrameManager
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by modifying properties of a file input element while it is stil...
Code injection
Microsoft Internet Explorer allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page with an anchor element with a legitimate "href" attribute, a form whose action points to a malicious URL, and an INPUT submit element that is modified to lo...
Unauthorized local file access in Opera
Javascript submition of form with input type="file" element doesn't require user intervation...