24 matches found
DubSite CMS 1.0 - CSRF Vulnerability
No description provided by source. Pentest Information: ==================== Connection has discovered a Cross Site Request ForgeryCSRF vulnerability in DubSite CMS v1.0 Details ======= Tested on OS: Windows XP Tested with Software: Mozilla Firefox 3.5.x Vulnerable Products: DubSite CMS Affected...
CVE-2011-0075
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...
Mozilla Firefox 3.5.x < 3.5.15 Buffer Overflow Vulnerability
Binary data 801274.prm...
Mozilla Firefox 3.5 - 'escape()' Return Value Memory Corruption (Metasploit)
$Id: firefoxescaperetval.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
CVE-2010-2753
Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-fre...
CVE-2010-0183
Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame construction process for menus...
Design/Logic Flaw
Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame construction process for menus...
Content-Disposition: attachment ignored if Content-Type: multipart also present
Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting XSS...
Firefox nsTreeSelection实现释放后使用漏洞
CVE ID: CVE-2010-0175 Firefox是一款流行的开源WEB浏览器。 Firefox处理nsTreeSelection元素的特殊事件时存在释放后使用漏洞。在执行select事件时,Firefox未经检查元素之前是否已被释放便进行了访问,这可能导致执行任意代码。 Mozilla Firefox 3.5.x Mozilla Firefox 3.0.x Mozilla Thunderbird 3.0.4 Mozilla SeaMonkey 2.0.4 临时解决方法: 禁用JavaScript。 厂商补丁: Debian ------...
PBX Phone System 2.x - Multiple Vulnerabilities
PenTest Information: ==================== Global-Evolution Security Team remove discover multiple Vulnerabilities on PBX Phone System Application. An attacker can get sensitive customer/admin session-data over multiple Cross-Site-Scripting vulnerabilities. Details ======= Tested on OS: Windows 7...
DubSite CMS 1.0 - Cross-Site Request Forgery
DubSite CMS 1.0 - Cross-Site Request Forgery Pentest Information: ==================== Connection has discovered a Cross Site Request ForgeryCSRF vulnerability in DubSite CMS v1.0 Details ======= Tested on OS: Windows XP Tested with Software: Mozilla Firefox 3.5.x Vulnerable Products: DubSite CMS...
CVE-2009-3982
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...
DubSite CMS 1.0 Cross Site Request Forgery
Pentest Information: ==================== Connection has discovered a Cross Site Request ForgeryCSRF vulnerability in DubSite CMS v1.0 Details ======= Tested on OS: Windows XP Tested with Software: Mozilla Firefox 3.5.x Vulnerable Products: DubSite CMS Affected Versions: 1.0 Vulnerability Type:...
Barracuda IMFirewall 620 Vulnerability
Exploit for unknown platform in category web applications ====================================== Barracuda IMFirewall 620 Vulnerability ====================================== PenTest Information: ==================== GESEC Team remove discover multiple Input Validation Vulnerabilities on Barracud...
CVE-2009-3377
Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via unknown vectors...
Mozilla Firefox 3.5 Heap Spray OS X
!/usr/bin/env python FireFox 3.5 Heap Spray OS X Exploit Modified by: DrIDE Originally Discovered by: Simon Berry-Bryne Pythonized by: David Kennedy ReL1K @ SecureState Thanks to HDM Tested on OS X 10.5.7 from BaseHTTPServer import HTTPServer from BaseHTTPServer import BaseHTTPRequestHandler impo...
Mozilla Firefox 3.5 (OSX) - Font Tags Remote Buffer Overflow
Mozilla Firefox 3.5 OSX - Font Tags Remote Buffer Overflow !/usr/bin/env python FireFox 3.5 Heap Spray OS X Exploit Modified by: DrIDE Originally Discovered by: Simon Berry-Bryne Pythonized by: David Kennedy ReL1K @ SecureState Thanks to HDM Tested on OS X 10.5.7 from BaseHTTPServer import...
Mozilla Firefox 3.5 (Font tags) Remote Heap Spray Exploit (pl)
Exploit for windows platform in category remote exploits ============================================================== Mozilla Firefox 3.5 Font tags Remote Heap Spray Exploit pl ============================================================== FireFox 3.5 Heap Spray Discovered by: Simon Berry-Bryne...
CVE-2009-2478
Mozilla Firefox 3.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via unspecified vectors, related to a "flash bug."...
CVE-2009-2478
Mozilla Firefox 3.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via unspecified vectors, related to a "flash bug."...