18 matches found
EUVD-2009-2348
Malware in sbrugna...
EUVD-2009-2994
Malware in sbrugna...
EUVD-2009-2347
Malware in sbrugna...
EUVD-2009-1310
Malware in sbrugna...
Maxthon 'javascript:' And 'data:' URI XSS Vulnerability
Maxthon Browser is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
QtWeb 'javascript:' And 'data:' URI XSS Vulnerability
QtWeb Browser is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Product(s) 'javascript:' URI XSS Vulnerability - Sep09 (Linux)
This host is installed with Mozilla Products and is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbmozillaprdtsjsurixssvulnsep09lin.nasl 6482 2017-06-29 08:31:43Z cfischer $ Mozilla Products 'javascript:' URI XSS Vulnerability - Sep09 Linux Authors: Sharath S...
CVE-2009-3016
Apple Safari 4.0.3 does not properly block javascript: and data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header that contains a javascript: URI, 2 entering a javascript: URI...
Cross site scripting
Google Chrome 1.0.154.48 and earlier, 2.0.172.28, 2.0.172.37, and 3.0.193.2 Beta does not properly block data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header that contains...
CVE-2009-3010
Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; SeaMonkey 1.1.17; and Mozilla 1.7.x and earlier do not properly block data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting ...
CVE-2009-3011
Google Chrome 1.0.154.48 and earlier, 2.0.172.28, 2.0.172.37, and 3.0.193.2 Beta does not properly block data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header that contains...
CVE-2009-3016
Apple Safari 4.0.3 does not properly block javascript: and data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header that contains a javascript: URI, 2 entering a javascript: URI...
Microsoft Internet Explorer XSS Vulnerability - July09
The host is installed with Internet Explorer and is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbmsiexssvulnjul09.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft Internet Explorer XSS Vulnerability - July09 Authors: Nikita MR Copyright: Copyright c 2009...
Cross site scripting
Opera 9.52 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header or 2 specifying the content of a Refresh header, a related issue to...
CVE-2009-2351
CVE-2009-1312 is referenced in MiracleLinux AXSA advisories as a vulnerability in Mozilla Firefox and SeaMonkey where javascript: URIs in Refresh headers in HTTP responses were not blocked. Affected versions include Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17; this could enable cross...
CVE-2009-2352
Google Chrome 1.0.154.48 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header or 2 specifying the content of a Refresh header, a related issue...
CVE-2009-1312
Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header or 2 specifying the content of a Refresh header. NOTE...
javascript: URIs
Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to 1 injecting a Refresh header or 2 specifying the content of a Refresh header. NOTE...