MS KB2974008: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer

The remote host is missing KB2974008. It is, therefore, affected by the following vulnerabilities : - A CSRF bypassing Same Origin Policy vulnerability exists that could leak potentially sensitive data. CVE-2014-4671 - Multiple unspecified errors exist that could allow unspecified security bypass...

Adobe AIR <= AIR 14.0.0.110 Multiple Vulnerabilities (APSB14-17)

According to its version, the instance of Adobe AIR on the remote Windows host is equal or prior to 14.0.0.110. It is, therefore, affected by the following vulnerabilities : - A CSRF bypassing Same Origin Policy vulnerability exists that could leak potentially sensitive data. CVE-2014-4671 -...

PT-2014-1372 · Adobe +4 · Flash Player +6

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions prior to 13.0.0.231 Adobe Flash Player versions 14.x prior to 14.0.0.145 Adobe AIR versions prior to 14.0.0.137 Adobe AIR SDK versions prior to 14.0.0.137 Adobe AIR SDK & Compiler versions prior to 14.0.0.137 hapi...

Oracle JRE - java.net.URLConnection class – Same-of-Origin (SOP) Policy Bypass

No description provided by source. Description Security-Assessment.com discovered that a Java Applet making use of java.net.URLConnection class can be used to bypass same-of-origin SOP policy and domain based security controls in modern browsers when communication occurs between two domains that...

MS IE 5/6 OBJECT Tag Same Origin Policy Violation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5196/info Microsoft Internet Explorer allows script code to violate the same origin policy through usage of the HTML OBJECT tag. Malicious script code may obtain a legitimate reference to an embedded object containing a w...

Mozilla Firefox <= 2.0.0.1 (location.hostname) Cross-Domain Vulnerability

No description provided by source. !-- Mozilla Firefox 'location.hostname' Cross-Domain Vulnerability Software : Mozilla Firefox version 2.0.0.1 and prior CVE reference : CVE-2007-0981 Impact : Security Bypass Risk : Moderate Discovered by : Michal Zalewski http://lcamtuf.coredump.cx/ Advisory Da...

Mozilla Firefox <= 3.0.3 Internet Shortcut Same Origin Policy Violation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31611/info Mozilla Firefox is prone to a vulnerability that allows attackers to violate the same-origin policy. This issue occurs because the application fails to properly enforce the same-origin policy when handling...

Microsoft Internet Explorer 5.0.1 - Cached Content Cross Domain Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35200/info Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access...

Opera 5.12/6.0 Frame Location Same Origin Policy Circumvention Vulnerability

... Opera是一款由Opera Software开发和维护的WEB浏览器产品，可使用在Linux和Unix操作系统下，也可使用在Microsoft Windows操作系统下。 ... Opera在处理浏览器同源策略时存在漏洞，可导致远程攻击者在用户浏览器不同的帧中执行脚本代码。 ... Opera允许Javascript修改包含在文档中IFRAME或者FRAME的Location属性，如果一IFRAME或者FRAME的Location设置JavaScript:...

WebKit JavaScript 'onload()' Event Cross Domain Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35315/info WebKit is prone to a cross-domain scripting vulnerability because it fails to properly restrict the access of JavaScript code when loading new webpages. A remote attacker can exploit this vulnerability to bypas...

WebKit 'parent/top' Cross Domain Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35441/info WebKit is prone to a cross-domain scripting vulnerability. A remote attacker can exploit this vulnerability to bypass the same-origin policy and obtain potentially sensitive information or launch spoofing attac...

Microsoft Internet Explorer 5 Dialog Same Origin Policy Bypass Variant Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5561/info Microsoft Internet Explorer includes support for dialog windows through script calls to the two functions showModalDialog and showModelessDialog. These functions accept a URL location for the dialog content, and...

Microsoft Internet Explorer 7/8 Beta 1 Frame Location Cross Domain Security Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29986/info Microsoft Internet Explorer is prone to a cross-domain scripting security-bypass vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to...

Same Team E-shop manager - SQL Injection Exploit

No description provided by source...

Mozilla Multiple Products Server Refresh Header XSS

No description provided by source. source: http://www.securityfocus.com/bid/34656/info The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox, Thunderbird, and SeaMonkey. Attackers can exploit these issues to bypass same-origin restrictions,...

openSUSE Security Update : seamonkey (seamonkey-5768)

Mozilla SeaMonkey was updated to 2.7 security update, fixing security issues and bugs. Following security bugs were fixed : MFSA 2012-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs...

openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2010:0430-2)

This update brings Mozilla Thunderbird to the 3.0.6 security release. It fixes following security bugs: MFSA 2010-34 / CVE-2010-1211: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showe...

openSUSE Security Update : mozilla-js192 (openSUSE-SU-2011:1076-1)

Mozilla XULRunner was updated to version 1.9.2.23, fixing various bugs and security issues. MFSA 2011-36: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory...

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2011:1079-1)

Mozilla Firefox was updated to version 3.6.23, fixing various bugs and security issues. MFSA 2011-36: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption...

Adobe AIR < 13.0.0.111 Multiple Vulnerabilities (APSB14-14)

Binary data 8261.prm...