Lucene search
K

7007 matches found

exploitpack
exploitpack
added 2010/09/14 12:0 a.m.22 views

Mozilla Firefox 3.6.8 - Math.random() Cross Domain Information Disclosure

Mozilla Firefox 3.6.8 - Math.random Cross Domain Information Disclosure // source: https://www.securityfocus.com/bid/43222/info Mozilla Firefox is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a pag...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2010/09/10 12:0 a.m.39 views

Mozilla Products 'SJOW' Multiple Vulnerabilities (Windows)

The host is installed with Mozilla Firefox/Seamonkey/Thunderbird that are prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtssjowmultvulnwin.nasl 6444 2017-06-27 11:24:02Z santu $ Mozilla Products 'SJOW' Multiple Vulnerabilities Windows Authors: Madhuri D Copyright:...

4.3CVSS8.9AI score0.0159EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2010/09/10 12:0 a.m.23 views

Mozilla Products 'SJOW' Multiple Vulnerabilities (MFSA2010-60) - Windows

Mozilla Firefox/Seamonkey/Thunderbird are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS9.6AI score0.0159EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2010/09/10 12:0 a.m.23 views

Ubuntu Update for thunderbird vulnerabilities USN-978-1

Ubuntu Update for Linux kernel vulnerabilities USN-978-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9781.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for thunderbird vulnerabilities USN-978-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

9.3CVSS0.9AI score0.06527EPSS
Exploits0References2
securityvulns
securityvulns
added 2010/09/10 12:0 a.m.95 views

Mozilla Foundation Security Advisory 2010-60

Mozilla Foundation Security Advisory 2010-60 Title: XSS using SJOW scripted function Impact: High Announced: September 7, 2010 Reporter: mozbugra4 Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.5.12 Thunderbird 3.0.7 SeaMonkey 2.0.7 Description Mozilla security researcher mozbugra4...

4.3CVSS0.1AI score0.0159EPSS
Exploits0
NVD
NVD
added 2010/09/09 7:0 p.m.20 views

CVE-2010-2763

The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper aka SJOW implementation in Mozilla Firefox before 3.5.12, Thunderbird before 3.0.7, and SeaMonkey before 2.0.7 does not properly restrict scripted functions, which allows remote attackers to bypass the Same Origin Policy and conduct...

4.3CVSS7.8AI score0.0159EPSS
Exploits0References8
Prion
Prion
added 2010/09/09 7:0 p.m.27 views

Cross site scripting

The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper aka SJOW implementation in Mozilla Firefox before 3.5.12, Thunderbird before 3.0.7, and SeaMonkey before 2.0.7 does not properly restrict scripted functions, which allows remote attackers to bypass the Same Origin Policy and conduct...

4.3CVSS5.9AI score0.0159EPSS
Exploits0References8Affected Software3
Cvelist
Cvelist
added 2010/09/09 6:0 p.m.24 views

CVE-2010-2763

The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper aka SJOW implementation in Mozilla Firefox before 3.5.12, Thunderbird before 3.0.7, and SeaMonkey before 2.0.7 does not properly restrict scripted functions, which allows remote attackers to bypass the Same Origin Policy and conduct...

7.8AI score0.0159EPSS
Exploits0References8
CVE
CVE
added 2010/09/09 6:0 p.m.89 views

CVE-2010-2763

CVE-2010-2763 concerns the XPCSafeJSObjectWrapper (SJOW) in Mozilla’s Firefox/XULRunner implementation. The connected documents confirm a logical error in the SJOW scripted function handling on the Mozilla 1.9.1 development branch, allowing a caller to execute a function in the context of another...

4.3CVSS7.7AI score0.0159EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/09/09 12:0 a.m.48 views

Debian DSA-2106-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-2760, CVE-2010-3167, CVE-2010-3168 Implementation errors in XUL processing allow the...

9.3CVSS8.6AI score0.06527EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2010/09/09 12:0 a.m.36 views

Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : firefox, firefox-3.0, firefox-3.5, xulrunner-1.9.1, xulrunner-1.9.2 vulnerabilities (USN-975-1)

Several dangling pointer vulnerabilities were discovered in Firefox. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. CVE-2010-2760, CVE-2010-2767, CVE-2010-3167 Blake Kaplan and Michal Zalewski discovered several weaknesses in t...

9.3CVSS8.9AI score0.06672EPSS
Exploits1References14
Ubuntu
Ubuntu
added 2010/09/08 9:13 p.m.80 views

USN-978-1: Thunderbird vulnerabilities

Several dangling pointer vulnerabilities were discovered in Thunderbird. An attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. CVE-2010-2760, CVE-2010-2767, CVE-2010-3167 It was discovered that the XPCSafeJSObjectWrapper SJOW security...

9.3CVSS8.9AI score0.06527EPSS
Exploits0
Debian
Debian
added 2010/09/08 5:50 p.m.41 views

[SECURITY] [DSA 2106-1] New xulrunner packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-2106-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 08, 2010 http://www.debian.org/security/faq -...

9.3CVSS9.7AI score0.06527EPSS
Exploits0
NVD
NVD
added 2010/09/07 6:0 p.m.21 views

CVE-2010-3259

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially...

4.3CVSS7.7AI score0.016EPSS
Exploits0References22
UbuntuCve
UbuntuCve
added 2010/09/07 6:0 p.m.27 views

CVE-2010-3259

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially...

4.3CVSS5.9AI score0.016EPSS
Exploits0References2
Prion
Prion
added 2010/09/07 6:0 p.m.19 views

Design/Logic Flaw

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially...

4.3CVSS5.9AI score0.016EPSS
Exploits0References22Affected Software5
Cvelist
Cvelist
added 2010/09/07 5:0 p.m.27 views

CVE-2010-3259

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially...

8.1AI score0.016EPSS
Exploits0References22
CVE
CVE
added 2010/09/07 5:0 p.m.76 views

CVE-2010-3259

CVE-2010-3259 affects WebKit and WebKitGTK+ components across Safari and Chrome. Root cause: read access to images derived from CANVAS elements was not properly restricted, allowing a remote site to bypass the Same Origin Policy and obtain potentially sensitive image data. Affected versions inclu...

4.3CVSS7.8AI score0.016EPSS
Exploits0References22Affected Software1
Debian CVE
Debian CVE
added 2010/09/07 5:0 p.m.30 views

CVE-2010-3259

Removed by vendor...

4.3CVSS6.6AI score0.016EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2010/09/07 12:0 a.m.33 views

CVE-2010-2763

The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper aka SJOW implementation in Mozilla Firefox before 3.5.12, Thunderbird before 3.0.7, and SeaMonkey before 2.0.7 does not properly restrict scripted functions, which allows remote attackers to bypass the Same Origin Policy and conduct...

4.3CVSS7.2AI score0.0159EPSS
Exploits0References2
Rows per page
Query Builder