64 matches found
CVE-2010-1992
Removed by vendor...
CVE-2010-1989
CVE-2010-1989 affects Opera 9.52, where an IMG element with SRC redirecting to a mailto: URL can trigger the external mail handler and exhaustively launch applications, causing denial of service via pages with many images. Root cause: image tag redirect to mailto. No remediation details are provi...
CVE-2010-1992
Google Chrome 1.0.154.48 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service excessive application launches via an HTML document with many IFRAME elements...
CVE-2010-1989
Opera 9.52 executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service excessive application launches via an HTML document with many images, a related issue to CVE-2010-0181...
CVE-2010-0181
Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service excessive application launches via an...
Hardcoded credentials
Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service excessive application launches via an...
CVE-2010-0181
Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service excessive application launches via an...
CVE-2010-0181
Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service excessive application launches via an...
opera-xssexecpoc.txt
bb var z=null; function x window.setTimeout"z=window.open'opera:historysearch?q=%2A';window.focus;",1500; window.setTimeout"z.close;",3000; window.setTimeout"location.href='mailto:'",3000; " onclick="x"Click me... s=document.createElement"IFRAME"; s.src="opera:config"; document.body.appendChilds;...
Debian: Security Advisory (DSA-793-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apple Mac OSX 10.5.x - Mail Arbitrary Code Execution
Apple Mac OSX 10.5.x - Mail Arbitrary Code Execution source: https://www.securityfocus.com/bid/26510/info Apple Mac OS X is prone to a vulnerability that can allow arbitrary code to run. This issue affects the Mail application when handling email attachments. Attackers can exploit this issue to...
Apple Mac OSX 10.5.x - Mail Arbitrary Code Execution
source: https://www.securityfocus.com/bid/26510/info Apple Mac OS X is prone to a vulnerability that can allow arbitrary code to run. This issue affects the Mail application when handling email attachments. Attackers can exploit this issue to execute arbitrary code in the context of the user...
FreeBSD : opera -- multiple vulnerabilities (44224e08-8306-11dc-9283-0016179b2dd5)
An advisory from Opera reports : If a user has configured Opera to use an external newsgroup client or e-mail application, specially crafted Web pages can cause Opera to run that application incorrectly. In some cases this can lead to execution of arbitrary code. When accessing frames from...
Novell Groupwise 6.5 Webaccess - HTML Injection
Novell Groupwise 6.5 Webaccess - HTML Injection source: https://www.securityfocus.com/bid/14310/info Novell GroupWise WebAccess is prone to an HTML injection vulnerability. This may be used to inject hostile HTML and script code into the Web mail application. When a user opens an email containing...
Apple Mac OS X vulnerable to information disclosure in "Message-ID" header
Overview The Mail application supplied with Apple's Mac OS X operating system identifies the system from which any electronic mail is sent. Description Mac OS X includes the Mail application for handling electronic mail. This application does include the Media Access Control MAC address of a...
Debian DSA-533-1 : courier - XSS
A cross-site scripting vulnerability was discovered in sqwebmail, a web mail application provided by the courier mail suite, whereby an attacker could cause web script to be executed within the security context of the sqwebmail application by injecting it via an email message. %NASLMINLEVEL 70300...
CVE-2004-0085
Unknown vulnerability in the Mail application for Mac OS X 10.1.5 and 10.2.8 with unknown impact, a different vulnerability than CVE-2004-0086...
CVE-2004-0086
Unknown vulnerability in the Mail application for Mac OS X 10.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2004-0085...
CVE-2004-0085
Technical details about CVE-2004-0085 are not provided in the connected documents; public info here is limited to generic descriptions. Monitor for updates.
CVE-2004-0086
Technical details for CVE-2004-0086 are not publicly provided in the supplied documents. No explicit affected versions, root cause, or impact are stated. Monitor official advisories for updates.