3981 matches found
security flaw
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads...
security flaw
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads...
DEBIAN-CVE-2006-4253
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads...
PT-2006-1093 · K Meleon +4 · K-Meleon +4
Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions 1.5.0.6 and earlier K-Meleon version 1.0.1 and earlier Netscape Navigator version 8.1 and earlier Description: The issue is related to insufficient access control and concurrency vulnerabilities, allowing a remote...
security flaw
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...
security flaw
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...
security flaw
The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is use...
security flaw
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...
security flaw
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and migh...
DEBIAN-CVE-2006-1173
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and migh...
DEBIAN-CVE-2006-2779
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...
CVE-2006-2784
The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is use...
DEBIAN-CVE-2006-2723
Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service crash via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified...
CVE-2006-2723
Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service crash via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified...
CVE-2006-2723
Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service crash via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified...
CVE-2006-2723
Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service crash via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified...
Super Link Exchange Script v1.0
Super Link Exchange Script v1.0 Homepage: http://www.ebizunion.com/guidetosuper.php Description: Main Features: 1. Add unlimited nested category/sub-category, 2. Can check reciprocal link back, 3. Can hide and delete no link back sites. 4. Template can be edited and suitable to fit your current...
[Full-disclosure] MSIE Nested Object Vulnerability Is Exploitable
Hello, There has recently been some discussion regarding whether or not the MSIE Nested Object Vulnerability reported by Michal Zalewski is exploitable or not. Link to Michal Zalewski Full-Disclosure Posting: http://lists.grok.org.uk/pipermail/full-disclosure/2006- April/045422.html Because of...
CVE-2006-1992
mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service crash via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of code execution was originally theorized, but...
Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Michal Zalewski wrote: Perhaps not surprisingly, there appears to be a vulnerability in how Microsoft Internet Explorer handles or fails to handle certain combinations of nested OBJECT tags. This was tested with MSIE 6.0.2900.2180.xpsp.040806-182...