18 matches found
EUVD-2007-3066
Malware in sbrugna...
EUVD-2008-4053
Malware in sbrugna...
Information Disclosure
dompdf/dompdf is vulnerable to information disclosure. The vulnerability exists because the resource URI validations are not properly handled which allows an attacker to bypass chroot checks and gain access to image files in the system...
The vulnerability of the Thunderbird email client and the Firefox ESR browser lies in a error during the processing of CSS style sheets accessible through internal URIs, such as “resource:”. This allows attackers to circumvent the implemented content security policies.
The vulnerability of the Thunderbird email client and the Firefox ESR browser is related to an error in processing CSS style sheets that are accessed through internal URIs, as “resource:”. Exploiting this vulnerability can allow a malicious actor to bypass implemented content security policies...
CVE-2018-12401
Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service DOS attacks. This vulnerability affects Firefox 63...
coap-resources NSE Script
Dumps list of available resources from CoAP endpoints. This script establishes a connection to a CoAP endpoint and performs a GET request on a resource. The default resource for our request is code/.well-known/core/core, which should contain a list of resources provided by the endpoint. For...
Mozilla Firefox Address Bar Forgery Vulnerability (CNVD-2016-00850)
Mozilla Firefox on Android is an open source web browser for the Android platform. A security vulnerability exists in Mozilla Firefox that allows remote attackers to spoof the contents of the address bar by tricking users into copying the wyciwyg: URI or resource: URI link...
CVE-2016-1942
Mozilla Firefox before 44.0 allows user-assisted remote attackers to spoof a trailing substring in the address bar by leveraging a user's paste of a 1 wyciwyg: URI or 2 resource: URI...
Mozilla Firefox - 'pdf.js' Privileged JavaScript Injection (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Firefox PDF.js Privileged Javascript Injection', 'Description' = %q This module gains remote code execution on Firefox 35-36 by...
Zervit Webserver buffer overflow
Buffer overflow on oversized resource URI...
CVE-2008-4068
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive information and prompt users to write this...
CVE-2008-4068
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive information and prompt users to write this...
recource: bypass
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive information and prompt users to write this...
CVE-2007-3072
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on Windows allows remote attackers to read arbitrary files via ..%5C dot dot encoded backslash sequences in a resource:// URI...
Directory traversal
Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and earlier on Mac OS X and Unix allows remote attackers to read arbitrary files via ..%2F dot dot encoded slash sequences in a resource:// URI...
CVE-2007-3074
Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read files in the local Firefox installation directory via a resource:// URI...
Code injection
Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read files in the local Firefox installation directory via a resource:// URI...
CVE-2007-3072
CVE-2007-3072 describes a directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on Windows. The issue allows a remote attacker to read arbitrary files via dot-dot-encoded backslash sequences ("..%5C") in a resource:// URI, leading to complete confidentiality impact . The NVD entry l...