117 matches found
CVE-2009-3006
Maxthon Browser 2.5.3.80 UNICODE allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site...
CVE-2009-3006
Maxthon Browser 2.5.3.80 UNICODE allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site...
CVE-2009-3006
The CVE-2009-3006 entry concerns Maxthon Browser 2.5.3.80 UNICODE. The vulnerability allows a remote attacker to spoof the address bar by using window.open with a relative URI, causing the browser to display an arbitrary URL on the site visited by the victim and potentially trigger a spoofed logi...
Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC
No description provided by source. !-- Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC Summary: Maxthon Browser is a powerful tabbed browser built for all users. Besides basic browsing functionality, Maxthon Browser provides a rich set of features to improve your surfing experience...
Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC
Exploit for unknown platform in category dos / poc ============================================================== Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC ============================================================== Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Servic...
Maxthon Browser 2.1.4.443 - Unicode Remote Denial of Service (PoC)
Maxthon Browser 2.1.4.443 - Unicode Remote Denial of Service PoC Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC alert"Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC\n\n\t\tby LiquidWorm"; function thricer title="Attack"; url="http://www.thrice.net/"; if...
Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC
Summary Maxthon Browser is a powerful tabbed browser built for all users. Besides basic browsing functionality, Maxthon Browser provides a rich set of features to improve your surfing experience. Description Maxthon Browser is prone to a denial-of-service vulnerability. An attacker may exploit th...
Maxthon Browser 2.1.4.443 - Unicode Remote Denial of Service (PoC)
Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC alert"Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC\n\n\t\tby LiquidWorm"; function thricer title="Attack"; url="http://www.thrice.net/"; if window.sidebar window.sidebar.addPaneltitle, url,""; else if window.external...
maxthon-dos.txt
Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC alert"Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC\n\n\t\tby LiquidWorm"; function thricer title="Attack"; url="http://www.thrice.net/"; if window.sidebar window.sidebar.addPaneltitle, url,""; else if window.external...
Stack overflow
Stack-based buffer overflow in Maxthon Browser 2.0 and earlier allows remote attackers to execute arbitrary code via a long Content-type HTTP header...
CVE-2008-3667
Stack-based buffer overflow in Maxthon Browser 2.0 and earlier allows remote attackers to execute arbitrary code via a long Content-type HTTP header...
CVE-2008-3667
The CVE-2008-3667 issue affects Maxthon Browser 2.0 and earlier, where a stack-based overflow occurs in processing a long HTTP Content-Type header, enabling remote arbitrary code execution. Root cause: improper handling of the Content-Type header leading to a stack overflow. Affected products: Ma...
CVE-2008-3667
Stack-based buffer overflow in Maxthon Browser 2.0 and earlier allows remote attackers to execute arbitrary code via a long Content-type HTTP header...
KLA10258 ACE vulnerability in Maxthon Browser
A buffer overflow was found in Maxthon Browser. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HTTP request. Original advisories - Related products Maxthon-Browser CVE list CVE-2008-3667 high...
Maxthon Browser Content-Type缓冲区溢出漏洞
BUGTRAQ ID: 30617 CNCAN ID:CNCAN-2008081108 Maxthon Browser是一款国内非常流行的WEB浏览器。 Maxthon Browser不正确处理Content-Type字段数据,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 构建包含超长字符串的Content-Type应答提供给Maxthon浏览器解析,可导致触发缓冲区溢出而崩溃,存在执行任意指令可能。 Maxthon Maxthon 1.2.1 Maxthon Maxthon 1.2 Maxthon Maxthon 1.1.39 Maxthon Maxthon 1.6.3.80...
Maxthon Browser 1.x - Content-Type Buffer Overflow
Maxthon Browser 1.x - Content-Type Buffer Overflow source: https://www.securityfocus.com/bid/30617/info Maxthon Browser is prone to a buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts...
Maxthon Browser 1.x - Content-Type Buffer Overflow
source: https://www.securityfocus.com/bid/30617/info Maxthon Browser is prone to a buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition...
CVE-2006-6985
Cross-domain vulnerability in Maxthon 1.5.6 build 42 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site,...
CVE-2006-6985
CVE-2006-6985 affects Maxthon 1.5.6 build 42. a cross-domain information disclosure via an object tag with a data parameter referencing a link on an attacker site, which specifies a Location header pointing to the target site and exposes content through the object’s outerHTML. The root cause is c...
CVE-2006-6985
Cross-domain vulnerability in Maxthon 1.5.6 build 42 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site,...