853 matches found
Microsoft Internet Explorer 5.0.1 - Modal Dialog Manipulation
source: https://www.securityfocus.com/bid/17713/info Internet Explorer is prone to a remote code-execution vulnerability through exploiting a race-condition when displaying modal security dialog boxes. This issue may be exploited to cause users to inadvertently allow remote-code to be executed...
security flaw
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by 1 "using a modal alert to suspend an event handler while a new page is being loaded", 2 using eval, and using...
security flaw
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by 1 "using a modal alert to suspend an event handler while a new page is being loaded", 2 using eval, and using...
RHEL 4 : firefox (RHSA-2006:0328)
Updated firefox packages that fix several security bugs are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Updated 24 Apr 2006 The erratum text has been updated to include CVE-2006-0748, an issue fixed by these erratum packages...
CVE-2005-3560
Zone Labs 1 ZoneAlarm Pro 6.0, 2 ZoneAlarm Internet Security Suite 6.0, 3 ZoneAlarm Anti-Virus 6.0, 4 ZoneAlarm Anti-Spyware 6.0 through 6.1, and 5 ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs"...
CVE-2005-3560
Zone Labs 1 ZoneAlarm Pro 6.0, 2 ZoneAlarm Internet Security Suite 6.0, 3 ZoneAlarm Anti-Virus 6.0, 4 ZoneAlarm Anti-Spyware 6.0 through 6.1, and 5 ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs"...
Zone Labs Zone Alarm 6.0 - Advance Program Control Bypass
Zone Labs Zone Alarm 6.0 - Advance Program Control Bypass source: https://www.securityfocus.com/bid/15347/info Zone Labs Zone Alarm is prone to a weakness that permits the bypassing of the Advanced Program Control protection. Reports indicate that applications can create a modal dialog box...
VulnCheck KEV: CVE-2004-0549
The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine MSHTML, as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as...
New Internet Explorer crossite scripting problems
Location: URL: HTTP header in conjuection with ms-its: handler allows to save file to known location. Crossite scripting with modal dialogs...
CVE-2003-0116
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal...
CVE-2003-0116
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal...
Internet Explorer modal dialog style crossite scripting
By using IMG width="0" height="0" style="width: expressionalert;" script may be executed in local zone...
Microsoft Internet Explorer contains cross-site scripting vulnerabilities in local HTML resources
Overview Microsoft Internet Explorer IE includes several local HTML resources that contain cross-site scripting vulnerabilities. These resources use the dialogArguments property of dialog frames insecurely, allowing an attacker to execute arbitrary script in the Local Machine Zone. Description...