Lucene search
+L

9 matches found

nvd
nvd
added 2010/07/30 8:30 p.m.17 views

CVE-2010-1796

The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields...

2.6CVSS5.8AI score0.01713EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2010/07/30 8:30 p.m.26 views

CVE-2010-1796

The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields...

2.6CVSS5.9AI score0.01713EPSS
Exploits0References1
debiancve
debiancve
added 2010/07/30 8:0 p.m.36 views

CVE-2010-1796

Removed by vendor...

2.6CVSS6.7AI score0.01713EPSS
Exploits0
cve
cve
added 2010/07/30 8:0 p.m.60 views

CVE-2010-1796

The CVE-2010-1796 issue affects Safari before 5.0.1 on Mac OS X 10.5–10.6 and Windows, and before 4.1.1 on Mac OS X 10.4. An implementation flaw in AutoFill lets a malicious website trigger AutoFill without user action, exposing Address Book Card data via JavaScript keystroke events. The security...

2.6CVSS5.8AI score0.01713EPSS
Exploits0References4Affected Software2
mozilla
mozilla
added 2010/03/23 12:0 a.m.33 views

XSS using addEventListener and setTimeout on a wrapped object — Mozilla

Mozilla security researcher mozbugra4 reports that by using an appropriately wrapped object it was possible to bypass the fix for MFSA 2007-19. Prior to Firefox 3.6 this gives an attacker the ability to perform cross-site scripting attacks against arbitrary sites as in the original MFSA 2007-19...

4.3CVSS1.3AI score0.01775EPSS
Exploits1References3Affected Software3
prion
prion
added 2006/06/07 4:2 p.m.19 views

Unrestricted file upload

Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be...

4CVSS6.8AI score0.1261EPSS
Exploits0References5Affected Software1
cve
cve
added 2006/06/07 4:0 p.m.121 views

CVE-2006-2900

CVE-2006-2900 concerns Internet Explorer 6 and an information-disclosure issue where a user-assisted attacker could cause file content disclosure by manipulating focus via OnKeyDown/OnKeyPress/OnKeyUp events and inserting characters into a file upload control. The core vector is a keystroke hijac...

4CVSS6.5AI score0.1261EPSS
Exploits0References5Affected Software2
prion
prion
added 2006/06/07 10:2 a.m.24 views

Unrestricted file upload

Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text bo...

4CVSS6.4AI score0.09825EPSS
Exploits1References45Affected Software4
cvelist
cvelist
added 2006/06/07 10:0 a.m.25 views

CVE-2006-2894

Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text bo...

6.2AI score0.09825EPSS
Exploits1References45
Rows per page
Query Builder