Lucene search
K

672 matches found

OSV
OSV
added 2006/07/27 8:4 p.m.1 views

DEBIAN-CVE-2006-3808

Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig PAC servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object...

7.5CVSS8.7AI score0.02897EPSS
Exploits0References1
CVE
CVE
added 2006/07/27 8:0 p.m.97 views

CVE-2006-3808

CVE-2006-3808 affects Mozilla Firefox (pre-1.5.0.5) and SeaMonkey (pre-1.0.3) where a malicious Proxy Auto-Config (PAC) script could set FindProxyForURL to an eval on a privileged object, enabling remote code execution with elevated privileges. Public advisories in connected docs confirm the PAC ...

7.5CVSS6.5AI score0.02897EPSS
Exploits0References55Affected Software2
Cvelist
Cvelist
added 2006/07/27 8:0 p.m.30 views

CVE-2006-3808

Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig PAC servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object...

6.5AI score0.02897EPSS
Exploits0References55
Debian CVE
Debian CVE
added 2006/07/27 8:0 p.m.27 views

CVE-2006-3808

Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig PAC servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object...

7.5CVSS6.8AI score0.02897EPSS
Exploits0
Mozilla
Mozilla
added 2006/07/25 12:0 a.m.29 views

PAC privilege escalation using Function.prototype.call — Mozilla

mozbugra4 reports that a malicious Proxy AutoConfig PAC server could serve a PAC script that can execute code with elevated privileges by setting the required FindProxyForURL function to the eval method on a privileged object that leaked into the PAC sandbox. By redirecting the victim to a...

7.5CVSS1.4AI score0.02897EPSS
Exploits0References1Affected Software2
FreeBSD
FreeBSD
added 2006/07/25 12:0 a.m.35 views

mozilla -- multiple vulnerabilities

A Mozilla Foundation Security Advisory reports of multiple issues. Several of which can be used to run arbitrary code with the privilege of the user running the program. MFSA 2006-56 chrome: scheme loading remote content MFSA 2006-55 Crashes with evidence of memory corruption rv:1.8.0.5 MFSA...

7.5CVSS7.3AI score0.78359EPSS
Exploits11References14
Mozilla
Mozilla
added 2006/06/01 12:0 a.m.31 views

Privilege escalation using addSelectionListener — Mozilla

Web content could access the nsISelectionPrivate interface of the Selection object and use it to add a SelectionListener. The listener would be called when the user did a "Find" on the page or a "select all", and as intended this shouldn't cause any problems. But as with escaping the PAC sandbox ...

7.5CVSS2.8AI score0.06027EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2005/09/28 4:0 a.m.64 views

CVE-2005-3089

Summary of CVE-2005-3089: Firefox 1.0.6 is affected by a denial-of-service condition caused by a Proxy Auto-Config (PAC) script that uses an eval statement. The issue is specifically tied to Firefox 1.0.6 and may depend on whether an untrusted party triggers it; in the provided materials, this un...

2.6CVSS6AI score0.01683EPSS
Exploits0References9Affected Software1
RedHat Linux
RedHat Linux
added 2005/09/22 8:36 p.m.7 views

security flaw

Firefox 1.0.6 allows attackers to cause a denial of service crash via a Proxy Auto-Config PAC script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability...

2.6CVSS5.8AI score0.01683EPSS
Exploits0References4
securityvulns
securityvulns
added 2005/03/16 12:0 a.m.34 views

DMA[2005-0310a] - 'Frank McIngvale LuxMan buffer overflow'

DMA2005-0310a - 'Frank McIngvale LuxMan buffer overflow' Author: Kevin Finisterre Vendor: [email protected] broken Product: 'luxman' References: CAN-2005-0385 http://www.digitalmunition.com/DMA2005-0310a.txt http://www.debian.org/security/2005/dsa-693 Description: LuxMan is a Pac-Man clone for...

7.2CVSS6.1AI score0.01373EPSS
Exploits1
0day.today
0day.today
added 2005/03/14 12:0 a.m.21 views

Frank McIngvale LuxMan 0.41 Local Buffer Overflow Exploit

Exploit for linux platform in category local exploits ========================================================= Frank McIngvale LuxMan 0.41 Local Buffer Overflow Exploit ========================================================= !/usr/bin/perl -w luxman exploit ii luxman 0.41-19.1 Pac-Man clone...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2005/03/14 12:0 a.m.17 views

Frank McIngvale LuxMan 0.41 Local Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl -w luxman exploit ii luxman 0.41-19.1 Pac-Man clone svgalib based Tested with "security compat" set in /etc/vga/libvga.config on debian unstable 3.1 kfinisterre@jdam:$ ./luxmanex.pl LuxMan v0.41, Copyright c 1995 Frank McIngvale LuxMan comes with...

7.1AI score
Exploits0
Rows per page
Query Builder