8287 matches found
CVE-2010-3934
The browser in Research In Motion RIM BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an...
Design/Logic Flaw
The browser in Research In Motion RIM BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an...
CVE-2010-3934
The CVE-2010-3934 issue affects BlackBerry Device Software running on the BlackBerry 9700: 5.0.0.593 Platform 5.1.0.147. The browser fails to properly restrict cross-domain JavaScript, allowing remote attackers to bypass the Same Origin Policy via window.open and an IFRAME. This indicates exposur...
CVE-2010-3934
The browser in Research In Motion RIM BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an...
SuSE 10 Security Update : Mozilla XULRunner (ZYPP Patch Number 6866)
Mozilla XUL Runner engine 1.9.0 was upgraded to version 1.9.0.8, fixing various bugs and security issues. The following security issues have been fixed : - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some o...
SuSE 10 Security Update : Mozilla XULRunner (ZYPP Patch Number 6617)
The Mozilla XULRunner engine was updated to version 1.9.0.15 to fix various bugs and security issues. The following security issues have been fixed : - Security researcher Paul Stone reported that a user's form history, both from web content as well as the smart location bar, was vulnerable to...
SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6867)
Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs and security issues. The following security issues have been fixed : - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes...
SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6609)
The Mozilla Firefox browser was updated to version 3.5.4 to fix various bugs and security issues. The following security issues have been fixed : - Security researcher Paul Stone reported that a user's form history, both from web content as well as the smart location bar, was vulnerable to theft....
Debian Security Advisory DSA 2106-1 (xulrunner)
The remote host is missing an update to xulrunner announced via advisory DSA 2106-1. OpenVAS Vulnerability Test $Id: deb21061.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2106-1 xulrunner Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
Research In Motion BlackBerry Device Software 4.7.1 - Cross Domain Information Disclosure
Research In Motion BlackBerry Device Software 4.7.1 - Cross Domain Information Disclosure source: https://www.securityfocus.com/bid/43685/info Research In Motion BlackBerry Device Software is prone to a cross-domain information-disclosure vulnerability because the application's web browser fails ...
Research In Motion BlackBerry Device Software 4.7.1 - Cross Domain Information Disclosure
source: https://www.securityfocus.com/bid/43685/info Research In Motion BlackBerry Device Software is prone to a cross-domain information-disclosure vulnerability because the application's web browser fails to properly enforce the same-origin policy. An attacker can exploit this issue to access...
BSA-002 Security Update for iceweasel
Alexander Reichle-Schmehl uploaded new packages for iceweasel which fixed the following security problems: CVE-2010-3169: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and...
Mozilla Firefox Information Disclosure Vulnerability (Windows)
The host is installed with Mozilla Firefox and is prone to Information Disclosure Vulnerability. OpenVAS Vulnerability Test $Id: secpodmozillafirefoxinfodiscvulnwin.nasl 5394 2017-02-22 09:22:42Z teissa $ Mozilla Firefox Information Disclosure Vulnerability Windows Authors: Madhuri D Copyright:...
Mozilla Firefox Information Disclosure Vulnerability - Windows
Mozilla Firefox is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA-2106-2] New xulrunner packages fix regression
------------------------------------------------------------------------ Debian Security Advisory DSA-2106-2 [email protected] http://www.debian.org/security/ Stefan Fritsch September 19, 2010 http://www.debian.org/security/faq -...
Ubuntu 10.04 LTS : thunderbird regression (USN-978-2)
USN-978-1 fixed vulnerabilities in Thunderbird. Some users reported stability problems under certain circumstances. This update fixes the problem. We apologize for the inconvenience. Several dangling pointer vulnerabilities were discovered in Thunderbird. An attacker could exploit this to crash...
[FLOCK-SA-2010-04] Flock Browser: window.open() Method Javascript Same-Origin Policy Violation (XSS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FLOCK-SA-2010-04 http://flock.com/security/ Title: window.open Method Javascript Same-Origin Policy Violation XSS Impact: High Announced on: 2010-09-09 Affected Products: Flock 3 versions prior to 3.0.0.4094 CVEs cve.mitre.org: CVE-2010-0661 Details:...
USN-978-2: Thunderbird regression
USN-978-1 fixed vulnerabilities in Thunderbird. Some users reported stability problems under certain circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several dangling pointer vulnerabilities were discovered in Thunderbird. An attacker...
Mozilla Firefox 3.6.8 - Math.random() Cross Domain Information Disclosure
Mozilla Firefox 3.6.8 - Math.random Cross Domain Information Disclosure // source: https://www.securityfocus.com/bid/43222/info Mozilla Firefox is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a pag...
Mozilla Firefox 3.6.8 - 'Math.random()' Cross Domain Information Disclosure
// source: https://www.securityfocus.com/bid/43222/info Mozilla Firefox is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. Successful exploits will allow attackers...