14 matches found
EUVD-2007-3066
Malware in sbrugna...
EUVD-2008-4053
Malware in sbrugna...
Information Disclosure
dompdf/dompdf is vulnerable to information disclosure. The vulnerability exists because the resource URI validations are not properly handled which allows an attacker to bypass chroot checks and gain access to image files in the system...
CVE-2018-12401
Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service DOS attacks. This vulnerability affects Firefox 63...
coap-resources NSE Script
Dumps list of available resources from CoAP endpoints. This script establishes a connection to a CoAP endpoint and performs a GET request on a resource. The default resource for our request is code/.well-known/core/core, which should contain a list of resources provided by the endpoint. For...
CVE-2016-1942
Mozilla Firefox before 44.0 allows user-assisted remote attackers to spoof a trailing substring in the address bar by leveraging a user's paste of a 1 wyciwyg: URI or 2 resource: URI...
Mozilla Firefox - 'pdf.js' Privileged JavaScript Injection (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Firefox PDF.js Privileged Javascript Injection', 'Description' = %q This module gains remote code execution on Firefox 35-36 by...
CVE-2008-4068
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive information and prompt users to write this...
CVE-2008-4068
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive information and prompt users to write this...
Directory traversal
Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and earlier on Mac OS X and Unix allows remote attackers to read arbitrary files via ..%2F dot dot encoded slash sequences in a resource:// URI...
Code injection
Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read files in the local Firefox installation directory via a resource:// URI...
CVE-2007-3074
Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read files in the local Firefox installation directory via a resource:// URI...
CVE-2007-3072
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on Windows allows remote attackers to read arbitrary files via ..%5C dot dot encoded backslash sequences in a resource:// URI...
CVE-2007-3072
CVE-2007-3072 describes a directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on Windows. The issue allows a remote attacker to read arbitrary files via dot-dot-encoded backslash sequences ("..%5C") in a resource:// URI, leading to complete confidentiality impact . The NVD entry l...