Lucene search
+L

853 matches found

Exploit DB
Exploit DB
added 2006/04/26 12:0 a.m.30 views

Microsoft Internet Explorer 5.0.1 - Modal Dialog Manipulation

source: https://www.securityfocus.com/bid/17713/info Internet Explorer is prone to a remote code-execution vulnerability through exploiting a race-condition when displaying modal security dialog boxes. This issue may be exploited to cause users to inadvertently allow remote-code to be executed...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2006/04/21 3:41 p.m.4 views

security flaw

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by 1 "using a modal alert to suspend an event handler while a new page is being loaded", 2 using eval, and using...

4.3CVSS5.9AI score0.03892EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2006/04/18 11:12 a.m.7 views

security flaw

Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by 1 "using a modal alert to suspend an event handler while a new page is being loaded", 2 using eval, and using...

4.3CVSS5.9AI score0.03892EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2006/04/17 12:0 a.m.35 views

RHEL 4 : firefox (RHSA-2006:0328)

Updated firefox packages that fix several security bugs are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Updated 24 Apr 2006 The erratum text has been updated to include CVE-2006-0748, an issue fixed by these erratum packages...

10CVSS8.1AI score0.10487EPSS
Exploits3References40
NVD
NVD
added 2005/11/16 7:42 a.m.19 views

CVE-2005-3560

Zone Labs 1 ZoneAlarm Pro 6.0, 2 ZoneAlarm Internet Security Suite 6.0, 3 ZoneAlarm Anti-Virus 6.0, 4 ZoneAlarm Anti-Spyware 6.0 through 6.1, and 5 ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs"...

7.5CVSS6.7AI score0.13588EPSS
Exploits1References6
Cvelist
Cvelist
added 2005/11/16 7:37 a.m.20 views

CVE-2005-3560

Zone Labs 1 ZoneAlarm Pro 6.0, 2 ZoneAlarm Internet Security Suite 6.0, 3 ZoneAlarm Anti-Virus 6.0, 4 ZoneAlarm Anti-Spyware 6.0 through 6.1, and 5 ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs"...

6.7AI score0.13588EPSS
Exploits1References6
exploitpack
exploitpack
added 2005/11/07 12:0 a.m.24 views

Zone Labs Zone Alarm 6.0 - Advance Program Control Bypass

Zone Labs Zone Alarm 6.0 - Advance Program Control Bypass source: https://www.securityfocus.com/bid/15347/info Zone Labs Zone Alarm is prone to a weakness that permits the bypassing of the Advanced Program Control protection. Reports indicate that applications can create a modal dialog box...

Exploits0
VulnCheck KEV
VulnCheck KEV
added 2004/07/30 12:0 a.m.3 views

VulnCheck KEV: CVE-2004-0549

The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine MSHTML, as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as...

10CVSS6.2AI score0.61057EPSS
Exploits0References1
securityvulns
securityvulns
added 2004/06/14 12:0 a.m.34 views

New Internet Explorer crossite scripting problems

Location: URL: HTTP header in conjuection with ms-its: handler allows to save file to known location. Crossite scripting with modal dialogs...

0.7AI score
Exploits0References2
NVD
NVD
added 2003/05/12 4:0 a.m.21 views

CVE-2003-0116

Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal...

5CVSS6.3AI score0.25248EPSS
Exploits1References4
Cvelist
Cvelist
added 2003/04/26 4:0 a.m.24 views

CVE-2003-0116

Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal...

7.4AI score0.25248EPSS
Exploits1References4
securityvulns
securityvulns
added 2002/12/04 12:0 a.m.32 views

Internet Explorer modal dialog style crossite scripting

By using IMG width="0" height="0" style="width: expressionalert;" script may be executed in local zone...

2.5AI score
Exploits0References1Affected Software1
CERT
CERT
added 2002/09/16 12:0 a.m.41 views

Microsoft Internet Explorer contains cross-site scripting vulnerabilities in local HTML resources

Overview Microsoft Internet Explorer IE includes several local HTML resources that contain cross-site scripting vulnerabilities. These resources use the dialogArguments property of dialog frames insecurely, allowing an attacker to execute arbitrary script in the Local Machine Zone. Description...

7.6AI score
Exploits0References26
Rows per page
Query Builder