Lucene search
K

329 matches found

Mozilla
Mozilla
added 2013/08/06 12:0 a.m.55 views

Document URI misrepresentation and masquerading — Mozilla

Mozilla security researcher mozbugra4 reported that through an interaction of frames and browser history it was possible to make the browser believe attacker-supplied content came from the location of a previous page in browser history. This allows for cross-site scripting XSS attacks by loading...

4.3CVSS1.6AI score0.01331EPSS
Exploits0References2Affected Software5
Microsoft Security Update
Microsoft Security Update
added 2013/05/14 5:0 p.m.15 views

Security Update for Microsoft .NET Framework 3.5 on Windows 8 (KB2804584)

A security issue has been identified that could allow an attacker to misrepresent a system action or behavior without the knowledge of the user. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...

2AI score
Exploits0
Exploit DB
Exploit DB
added 2010/12/10 12:0 a.m.21 views

Social Share - 'vote.php' HTTP Response Splitting

source: https://www.securityfocus.com/bid/45550/info Social Share is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. Th...

7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2009/03/25 11:30 p.m.27 views

CVE-2009-1107

The Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a "Swing...

4.3CVSS6.3AI score0.02799EPSS
Exploits0References1
Prion
Prion
added 2009/03/25 11:30 p.m.26 views

Spoofing

The Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a "Swing...

4.3CVSS6.7AI score0.02799EPSS
Exploits0References30
CVE
CVE
added 2008/06/16 10:0 p.m.55 views

CVE-2008-2714

Summary: CVE-2008-2714 affects Opera before 9.26, where remote attackers could misrepresent web page addresses by using certain characters that cause the address text to be misplaced. Impact (as stated): The issue enables manipulation of how a page address is displayed, potentially enabling phish...

5CVSS6.5AI score0.01755EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2007/02/15 2:0 a.m.18 views

CVE-2006-7022

The Tools module in fx-APP 0.0.8.1 allows remote attackers to misrepresent the contents of a web page via an arbitrary URL in the url parameter to a showhtml action for index.php, which causes the URL to be displayed within an iframe...

6.7AI score0.02169EPSS
Exploits0References4
NVD
NVD
added 2006/03/23 11:6 p.m.14 views

CVE-2006-1367

The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the Motorola E398 and other Motorola P2K-based phones does not require pairing for a connection related to the Headset Audio Gateway service, which allows user-assisted remote attackers to obtain AT level access and view phonebook...

6.8CVSS6.7AI score0.02631EPSS
Exploits1References7
Prion
Prion
added 2006/01/11 9:3 p.m.14 views

Code injection

Hummingbird Collaboration aka Hummingbird Enterprise Collaboration 5.21 and earlier allows remote attackers to misrepresent the type and name of a file via modified docext and id parameters, which might trick a user into downloading dangerous or unexpected content...

4CVSS7.2AI score0.02254EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2006/01/11 9:3 p.m.16 views

CVE-2006-0173

Hummingbird Collaboration aka Hummingbird Enterprise Collaboration 5.21 and earlier allows remote attackers to misrepresent the type and name of a file via modified docext and id parameters, which might trick a user into downloading dangerous or unexpected content...

4CVSS6.7AI score0.02254EPSS
Exploits1References6
Cvelist
Cvelist
added 2006/01/11 9:0 p.m.18 views

CVE-2006-0173

Hummingbird Collaboration aka Hummingbird Enterprise Collaboration 5.21 and earlier allows remote attackers to misrepresent the type and name of a file via modified docext and id parameters, which might trick a user into downloading dangerous or unexpected content...

6.7AI score0.02254EPSS
Exploits1References6
CVE
CVE
added 2006/01/11 9:0 p.m.38 views

CVE-2006-0173

Hummingbird Collaboration (Hummingbird Enterprise Collaboration)

4CVSS6.7AI score0.02254EPSS
Exploits1References6Affected Software1
exploitpack
exploitpack
added 2005/11/16 12:0 a.m.13 views

Opera Web Browser 8.08.5 - HTML Form Status Bar Misrepresentation

Opera Web Browser 8.08.5 - HTML Form Status Bar Misrepresentation source: https://www.securityfocus.com/bid/15472/info A vulnerability has been identified in Opera Web browser that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead into...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2005/11/16 12:0 a.m.19 views

Opera Web Browser 8.0/8.5 - HTML Form Status Bar Misrepresentation

source: https://www.securityfocus.com/bid/15472/info A vulnerability has been identified in Opera Web browser that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead into following a link to a malicious site. This vulnerability would most...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/04/15 12:0 a.m.22 views

PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting

source: https://www.securityfocus.com/bid/13201/info PHP-Nuke is prone to a HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent how Web...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/12/15 12:0 a.m.21 views

Apple Safari Web Browser 1.x - HTML Form Status Bar Misrepresentation

Apple Safari Web Browser 1.x - HTML Form Status Bar Misrepresentation source: https://www.securityfocus.com/bid/11949/info A vulnerability has been identified in Apple Safari Web Browser that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2004/12/15 12:0 a.m.21 views

Apple Safari Web Browser 1.x - HTML Form Status Bar Misrepresentation

source: https://www.securityfocus.com/bid/11949/info A vulnerability has been identified in Apple Safari Web Browser that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead into following a link to a malicious site. The issue presents itself...

7.4AI score
Exploits0
CERT
CERT
added 2004/11/04 12:0 a.m.12 views

Microsoft Internet Explorer does not properly interpret IFRAME elements when displaying URLs in the status bar

Overview Microsoft Internet Explorer does not properly display the location of HTML documents in the status bar. An attacker could exploit this behavior to mislead users into revealing sensitive information. Description Web browsers frequently display the Uniform Resource Locator URL in the statu...

5.8AI score
Exploits0
CERT
CERT
added 2004/11/04 12:0 a.m.18 views

Multiple web browsers do not properly interpret BASE and FORM elements when displaying URLs in the status bar

Overview Multiple web browsers do not properly display the location of HTML documents in the status bar. An attacker could exploit this behavior to mislead users into revealing sensitive information. Description Web browsers frequently display the Uniform Resource Locator URL in the status bar wh...

5.8AI score
Exploits0References1
Exploit DB
Exploit DB
added 2004/03/31 12:0 a.m.22 views

Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation

source: https://www.securityfocus.com/bid/10023/info A vulnerability has been identified in Microsoft Internet Explorer that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead into following a link to a malicious site. The issue presents itse...

7.4AI score
Exploits0
Rows per page
Query Builder