8271 matches found
CVE-2005-1713
Serendipity 0.8 is affected by multiple XSS vulnerabilities described in CVE-2005-1713, exploitable via the templatedropdown and shoutbox plugins. The Red Hat and NVD entries corroborate that remote attackers could inject arbitrary web script or HTML through these plugins, enabling client-side sc...
CVE-2005-1713
Multiple cross-site scripting XSS vulnerabilities in Serendipity 0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 templatedropdown and 2 shoutbox plugins...
CVE-2005-1452
Serendipity before 0.8 allows Chief users to "hide plugins installed by other users."...
CVE-2005-0527
Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling."...
CVE-2005-1157
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in the GUI, which could then be used to execute...
CVE-2005-0527
Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling."...
galeon, mozilla security update
CentOS Errata and Security Advisory CESA-2005:384-01 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2005-April/073786.html Affected packages: galeon mozilla mozilla-chat mozilla-devel mozilla-dom-inspector mozilla-js-debugger mozilla-mail mozilla-nspr...
mozilla security update
CentOS Errata and Security Advisory CESA-2005:384 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2005-April/073779.html https://lists.centos.org/pipermail/centos-announce/2005-April/073780.html...
RHEL 2.1 / 3 : Mozilla (RHSA-2005:384)
Updated Mozilla packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several bu...
Important: Red Hat Security Advisory: firefox security update
Updated firefox packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Vladimir V. Perepelitsa discovered a bug in the way Firefox handles...
GLSA-200504-18 : Mozilla Firefox, Mozilla Suite: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200504-18 Mozilla Firefox, Mozilla Suite: Multiple vulnerabilities The following vulnerabilities were found and fixed in the Mozilla Suite and Mozilla Firefox: Vladimir V. Perepelitsa reported a memory disclosure bug in JavaScript...
CVE-2005-1157
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in the GUI, which could then be used to execute...
Multiple Netscape / Mozilla / Firefox vulnerabilities
Search content hijacking with search plugins, crossite scripting with link tag...
Mozilla Suite: Multiple vulnerabilities
Background The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader. Description The following vulnerabilities were found and fixed in the Mozilla Suite: Mark Dowd from ISS X-Force reported an exploitable heap overrun in the GIF processing of obsolete Netscape...
CVE-2005-0527
CVE-2005-0527 affects Firefox 1.0 (Mozilla/Firefox family) where plugins can load privileged content into frames, enabling remote code execution as demonstrated by Firescrolling when a user drags a scrollbar twice. Connected advisories show this as part of broader Mozilla/XPCOM plugin access issu...
awstats63.txt
/==========================================/ // GHC - AWStats - ADVISORY \ PRODUCT: AWStats // VERSION: = 6.3 \ URL: http://awstats.sourceforge.net/ // VULNERABILITY CLASS: Multiple vulnerabilities \ RISK: high /==========================================/ Product Description "AWStats is a free...
Plugins can be used to load privileged content — Mozilla
Plugins such as flash can be used to load privileged content into a frame. Once loaded various spoofs can be applied to get the user to interact with the privileged content. Michael Krax's "Fireflashing" example demonstrates that an attacker can open about:config in a frame, hide it with an opaci...
glFTPD FTP server plugin directory traversal
Обратный путь в каталогах в плагинах sitenfo.sh, sitezipchk.sh, siteziplist.sh...
glFTPd 1.x2.0 ZIP Plugins - Multiple Directory Traversal Vulnerabilities
glFTPd 1.x2.0 ZIP Plugins - Multiple Directory Traversal Vulnerabilities source: https://www.securityfocus.com/bid/12586/info It is reported that various ZIP related plugins supplied with the server contain multiple directory traversal vulnerabilities. These issues may allow remote attackers to...
glFTPd 1.x/2.0 'ZIP' Plugins - Multiple Directory Traversal Vulnerabilities
source: https://www.securityfocus.com/bid/12586/info It is reported that various ZIP related plugins supplied with the server contain multiple directory traversal vulnerabilities. These issues may allow remote attackers to determine the existence of files on a computer and also disclose arbitrary...