EUVD-2007-1253

Malware in sbrugna...

SUSE CVE-2004-0763

Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method...

SUSE CVE-2007-1095

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client...

phpcms 2 0 0 7 onunload. inc. php page to an update-type implant is attached using the EXP-bug warning-the black bar safety net

Download a set of phpcms 2 0 0 7 analysis, in the module\movie\onunload. inc. php found a update type of injection. query"UPDATE ". TABLEMOVIESERVER." SET num = num-1 WHERE serverid = $serverid AND num 0 "; ? $serverid is not any filtering and also not enclosed in single quotation marks, so ignor...

Microsoft Internet Explorer onUnload event memory corruption (CVE-2007-1094)

Microsoft Internet Explorer IE is a web browser application that is capable of rendering both static and dynamic web content. The application is primarily used for tasks related to browsing the web, such as displaying HTML encoded pages, downloading files, etc. Extensions to the basic HTML standa...

Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-536-1

Ubuntu Update for Linux kernel vulnerabilities USN-536-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5361.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-536-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networ...

Ubuntu Update for firefox vulnerabilities USN-535-1

Ubuntu Update for Linux kernel vulnerabilities USN-535-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5351.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox vulnerabilities USN-535-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Google Chrome OnbeforeUload and OnUnload Null Check Vulnerability.

Advisory: Google Chrome OnbeforeUload and OnUnload Null Check Vulnerability. Version Affected: Chrome/0.2.149.30 Chrome/0.2.149.29 Chrome/0.2.149.27 Description: Google chrome is susceptible to stringent behavior while handling "onbeforeunload" and "onunload" event in body tags. The malicious...

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : mozilla-thunderbird, thunderbird vulnerabilities (USN-536-1)

Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. CVE-2007-5339, CVE-2007-5340 Flaws were discovered in the file upload form control. By tricking a user int...

openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-4574)

This update brings Mozilla Firefox to security update version 2.0.0.8 Following security problems were fixed : - MFSA 2007-26 / CVE-2007-3844: Privilege escalation through chrome-loaded about:blank windows Mozilla researcher mozbugra4 reported that a flaw was introduced by the fix for MFSA 2007-2...

Mozilla Foundation Security Advisory 2007-30

Mozilla Foundation Security Advisory 2007-30 Title: onUnload Tailgating Impact: Low Announced: October 18, 2007 Reporter: Michal Zalewski Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.8 SeaMonkey 1.1.5 Description Michal Zalewski demonstrated that onUnload event handlers had access to the...

security flaw

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client...

security flaw

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client...

onUnload Tailgating — Mozilla

Michal Zalewski demonstrated that onUnload event handlers had access to the address of the new page about to be loaded, even if the navigation was triggered from outside the page content such as by using a bookmark, pressing the back button, or typing an address into the location bar. If the...

CVE-2007-1256

CVE-2007-1256 affects Mozilla Firefox 2.0.0.2. A malicious page can spoof the address bar, favicons, and document source by repeatedly setting document.location in the onunload attribute when navigating to another site, a variant of CVE-2007-1092. Affected component: Firefox; vulnerable behavior:...

Multiple browsers OnUnload event handler different vulnerabilities

Different memory corruptions because of race conditions in OnUnload handler. In addition address bar spoofing and creation of pages can not be left is possible...

Code injection

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a client...

CVE-2007-1094

Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service NULL dereference and application crash via JavaScript onUnload handlers that modify the structure of a document...

Memory corruption

Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize hook on DOM window objects...

CVE-2007-1091

Microsoft Internet Explorer 7 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via onUnload Javascript handlers...