PLUGINSPAGE privileged JavaScript execution II — Mozilla

Paul Nickerson reports that the fix for MFSA 2005-34 can be bypassed using nested javascript: URLs, again allowing the attacker to execute privileged code. The attacker must first convince the user to first click on the missing-plugin icon in the page or the "Install Missing Plugins..." button in...

HP-UX PHCO_33989 : HP-UX envd, Local Execution of Privileged Code (HPSBUX02073 SSRT051012 rev.2)

s700800 11.00 envd1M cumulative patch : A potential vulnerability has been identified with HP-UX running the envd1M. The vulnerability could be exploited by a local authorized user to execute arbitrary code and/or gain unauthorized privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

CVE-2005-1160

The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object...