329 matches found
Document URI misrepresentation and masquerading — Mozilla
Mozilla security researcher mozbugra4 reported that through an interaction of frames and browser history it was possible to make the browser believe attacker-supplied content came from the location of a previous page in browser history. This allows for cross-site scripting XSS attacks by loading...
Security Update for Microsoft .NET Framework 3.5 on Windows 8 (KB2804584)
A security issue has been identified that could allow an attacker to misrepresent a system action or behavior without the knowledge of the user. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...
Social Share - 'vote.php' HTTP Response Splitting
source: https://www.securityfocus.com/bid/45550/info Social Share is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. Th...
CVE-2009-1107
The Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a "Swing...
Spoofing
The Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a "Swing...
CVE-2008-2714
Summary: CVE-2008-2714 affects Opera before 9.26, where remote attackers could misrepresent web page addresses by using certain characters that cause the address text to be misplaced. Impact (as stated): The issue enables manipulation of how a page address is displayed, potentially enabling phish...
CVE-2006-7022
The Tools module in fx-APP 0.0.8.1 allows remote attackers to misrepresent the contents of a web page via an arbitrary URL in the url parameter to a showhtml action for index.php, which causes the URL to be displayed within an iframe...
CVE-2006-1367
The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the Motorola E398 and other Motorola P2K-based phones does not require pairing for a connection related to the Headset Audio Gateway service, which allows user-assisted remote attackers to obtain AT level access and view phonebook...
Code injection
Hummingbird Collaboration aka Hummingbird Enterprise Collaboration 5.21 and earlier allows remote attackers to misrepresent the type and name of a file via modified docext and id parameters, which might trick a user into downloading dangerous or unexpected content...
CVE-2006-0173
Hummingbird Collaboration aka Hummingbird Enterprise Collaboration 5.21 and earlier allows remote attackers to misrepresent the type and name of a file via modified docext and id parameters, which might trick a user into downloading dangerous or unexpected content...
CVE-2006-0173
Hummingbird Collaboration aka Hummingbird Enterprise Collaboration 5.21 and earlier allows remote attackers to misrepresent the type and name of a file via modified docext and id parameters, which might trick a user into downloading dangerous or unexpected content...
CVE-2006-0173
Hummingbird Collaboration (Hummingbird Enterprise Collaboration)
Opera Web Browser 8.08.5 - HTML Form Status Bar Misrepresentation
Opera Web Browser 8.08.5 - HTML Form Status Bar Misrepresentation source: https://www.securityfocus.com/bid/15472/info A vulnerability has been identified in Opera Web browser that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead into...
Opera Web Browser 8.0/8.5 - HTML Form Status Bar Misrepresentation
source: https://www.securityfocus.com/bid/15472/info A vulnerability has been identified in Opera Web browser that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead into following a link to a malicious site. This vulnerability would most...
PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting
source: https://www.securityfocus.com/bid/13201/info PHP-Nuke is prone to a HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent how Web...
Apple Safari Web Browser 1.x - HTML Form Status Bar Misrepresentation
Apple Safari Web Browser 1.x - HTML Form Status Bar Misrepresentation source: https://www.securityfocus.com/bid/11949/info A vulnerability has been identified in Apple Safari Web Browser that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead...
Apple Safari Web Browser 1.x - HTML Form Status Bar Misrepresentation
source: https://www.securityfocus.com/bid/11949/info A vulnerability has been identified in Apple Safari Web Browser that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead into following a link to a malicious site. The issue presents itself...
Microsoft Internet Explorer does not properly interpret IFRAME elements when displaying URLs in the status bar
Overview Microsoft Internet Explorer does not properly display the location of HTML documents in the status bar. An attacker could exploit this behavior to mislead users into revealing sensitive information. Description Web browsers frequently display the Uniform Resource Locator URL in the statu...
Multiple web browsers do not properly interpret BASE and FORM elements when displaying URLs in the status bar
Overview Multiple web browsers do not properly display the location of HTML documents in the status bar. An attacker could exploit this behavior to mislead users into revealing sensitive information. Description Web browsers frequently display the Uniform Resource Locator URL in the status bar wh...
Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation
source: https://www.securityfocus.com/bid/10023/info A vulnerability has been identified in Microsoft Internet Explorer that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead into following a link to a malicious site. The issue presents itse...