16 matches found
CVE-2019-11700
A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. Note: this issue only occurs on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox 67...
EUVD-2019-3370
Malware in sbrugna...
SUSE CVE-2019-11700
A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. Note: this issue only occurs on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox 67...
The vulnerability in the implementation of the res protocol in Google Chrome web browsers allows a hacker to execute arbitrary JavaScript code.
The vulnerability in the implementation of the res protocol in Google Chrome browsers exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code through the Internet Explorer web...
CVE-2019-11700
A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. Note: this issue only occurs on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox 67...
Open redirect
A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. Note: this issue only occurs on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox 67...
UBUNTU-CVE-2019-11700
A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. Note: this issue only occurs on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox 67...
CVE-2019-11700
A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. Note: this issue only occurs on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox 67...
CVE-2019-11700
Mozilla Firefox before version 67 is affected by CVE-2019-11700 due to improper handling of the res: protocol. A hyperlink using res: could cause local-file access at a known location in Internet Explorer when a user approves execution, with the issue confined to Windows. The vulnerability is roo...
FreeBSD : mozilla -- multiple vulnerabilities (44b6dfbf-4ef7-4d52-ad52-2b1b05d81272)
Mozilla Foundation reports : CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS CVE-2019-9816: Type confusion with object groups and UnboxedObjects CVE-2019-9817: Stealing of cross-domain images using canvas CVE-2019-9818: Use-after-free in crash generation server...
mozilla -- multiple vulnerabilities
Mozilla Foundation reports: CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS CVE-2019-9816: Type confusion with object groups and UnboxedObjects CVE-2019-9817: Stealing of cross-domain images using canvas CVE-2019-9818: Use-after-free in crash generation server...
Microsoft Internet Explorer 8 Beta 1 - 'ieframe.dll' Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28581/info Microsoft Internet Explorer is prone to a script-injection vulnerability when handling specially crafted requests to 'acrerror.htm' via the 'res://' protocol. The file resides in the 'ieframe.dll' dynamic-link...
Microsoft Internet Explorer 5 ShowHelp Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6780/info Microsoft Internet Explorer implements the showHelp function as a means of displaying help content contained in HTML pages. However, this function is capable of performing too many other actions outside of its...
Microsoft Internet Explorer 8 Beta 1 - ieframe.dll Script Injection
Microsoft Internet Explorer 8 Beta 1 - ieframe.dll Script Injection source: https://www.securityfocus.com/bid/28581/info Microsoft Internet Explorer is prone to a script-injection vulnerability when handling specially crafted requests to 'acrerror.htm' via the 'res://' protocol. The file resides ...
CVE-1999-0967
CVE-1999-0967 describes a buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol. The connected PT-1997-1176 entry reiterates a buffer overflow in the HTML library with affected software and recommends updating to ...
PT-1997-1176 · Microsoft · Outlook Express +2
Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Outlook Express affected versions not specified Windows Explorer affected versions not specified Description: A buffer overflow issue exists in the HTML library used by the affected software v...