Firefox 3 JavaScript engine crashes

The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service application crash and possibly trigger memory corruption via vectors involving 1 jsFindPropertyHelper, related to the definition...

in the web application rootkit-vulnerability warning-the black bar safety net

Author: jianxin 80sec EMail: jianxin80sec.com Site: http://www.80sec.com Date: 2009-3-28 From: http://www.80sec.com/release/webapp-rootkit.txt Directory 0×0 0 why do we have this idea 0×0 1 A web application in the back door of the basic idea 0×0 2 The practical application of some examples 0×0 0...

Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-629-1

Ubuntu Update for Linux kernel vulnerabilities USN-629-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6291.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-629-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networ...

Big Faceless Report Generator存在未明漏洞

BUGTRAQ ID: 34007 CNCAN ID：CNCAN-2009030601 Big Faceless Report Generator是一款Java控件，用于将XML文件转换为PDF文件。 Big Faceless Report Generator在处理JavaScript时存在一个未明漏洞。 目前没有详细漏洞细节提供。 Big Faceless Organization Big Faceless Report Generator 1.11.39 Big Faceless Organization Big Faceless Report Generator 1.1.41...

RedHat Update for thunderbird RHSA-2008:0224-01

Check for the Version of thunderbird OpenVAS Vulnerability Test RedHat Update for thunderbird RHSA-2008:0224-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

CentOS Update for seamonkey CESA-2008:0223-02 centos2 i386

Check for the Version of seamonkey OpenVAS Vulnerability Test CentOS Update for seamonkey CESA-2008:0223-02 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modi...

CentOS Update for seamonkey CESA-2008:0223 centos3 x86_64

Check for the Version of seamonkey OpenVAS Vulnerability Test CentOS Update for seamonkey CESA-2008:0223 centos3 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

Viart shopping cart 3.5 - Multiple Vulnerabilities

Viart shopping cart 3.5 - Multiple Vulnerabilities =============================================================== !vuln ViArt Shopping Cart v3.5 is prone to multiple remote vulnerabilities. Earlier versions may also be affected. ===============================================================...

Apple iPhone和iPod Touch 2.0版修复多个安全漏洞

BUGTRAQ ID: 30186 CVECAN ID: CVE-2008-1588,CVE-2008-1589,CVE-2008-2303,CVE-2008-2317,CVE-2008-1590 iPod touch（也被称为iTouch）是苹果公司发布的MP4播放器，iPhone是其发布的智能手机。 iPhone和iPod Touch都内嵌了Safari浏览器，远程攻击者可以利用该浏览器中的多个安全漏洞导致拒绝服务、读取敏感信息或执行任意代码。 CVE-2008-1588...

WebCT 4.x Javascript Session Stealer

WebCT 4.x Javascript Session Stealer Exploits Software: WebCT Campus Edition 4.x http://secunia.com/product/3280/ Affected Version: 4.1.5.8 Discoverer: Benjamin "balupton" Lupton Date Discovered: November 2005 Date Reported: 25/06/2007 Software Author Contacted again on: 20/07/2007 Date Published...

Opera < 9.23 Crafted Javascript Arbitrary Code Execution

The version of Opera installed on the remote host reportedly allows for execution of arbitrary code via specially crafted JavaScript if a user can be tricked into visiting a malicious site. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid25900; scriptversion"1.17";...

a specially crafted JavaScript can make Opera execute arbitrary code – Opera Security Advisories

a specially crafted JavaScript can make Opera execute arbitrary code – Opera Security Advisories OPCOM Team | August 7, 2007 A specially crafted JavaScript can make Opera execute arbitrary code. Severity: Highly severe Problem description A virtual function call on an invalid pointer that may...

GLSA-200701-08 : Opera: Two remote code execution vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200701-08 Opera: Two remote code execution vulnerabilities Christoph Deal discovered that JPEG files with a specially crafted DHT marker can be exploited to cause a heap overflow. Furthermore, an anonymous person discovered that...

Fedora Core 5 : mozilla-1.7.13-1.1.fc5 (2006-487)

Updated mozilla packages that fix several security bugs are now available. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several bugs...

CVE-2006-6501

Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function...

Mozilla Foundation Security Advisory 2006-70

Mozilla Foundation Security Advisory 2006-70 Title: Privilege escallation using watch point Impact: Critical Announced: December 19, 2006 Reporter: shutdown Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.1 Firefox 1.5.0.9 Thunderbird 1.5.0.9 SeaMonkey 1.0.7 Description Shutdown...

security flaw

Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function...

midiripoff.txt

lintah|adv|15@2006=========php b/d / / / ooo000-------------------------------- -------------000ooo/ / / \ \ \ Indonesian Cyber-Terrorist Grey Hats / / \ / / \ iFX a.k.a inversFX / / | ifx@... | | / \ \ / \ \ | | | ! ! | :. :/ | | | | | | locate : Indonesia, Jakarta | | |...

WEB2. 0 attack the trendy—Ajax Hacking-vulnerability warning-the black bar safety net

0 5 at the beginning, with web2. 0 this word in China each large network media such as a flood the emergence of Ajax technology AJAX, IE"Asynchronous JavaScript And XML"acronym, can be translated as asynchronous JavaScript and XML technology. At its core is a host in the browser called...

Update Protection against C-News 'path' Parameter File Inclusion Vulnerability

C-News, a script executed in XHTML/CSS that webmasters use for easy PHP and JavaScript presentation, is prone to a remote file inclusion vulnerability. An attacker can exploit this vulnerability to execute arbitrary PHP code on an affected system via a maliciously crafted URL in the 'path'...