nsXMLHttpRequest:: NotifyEventListeners() same-origin violation

The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass t...

Mozilla XSS via session restore

The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting XSS attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors...

Mozilla Image stealing via canvas and HTTP redirect

Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are no...

Mozilla XSS via session restore

The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting XSS attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors...

nsXMLHttpRequest:: NotifyEventListeners() same-origin violation

The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass t...

Mozilla Firefox < 2.0.0.18 Multiple Vulnerabilities

Binary data 4751.prm...

Firefox 3.0.x < 3.0.4 Multiple Vulnerabilities

The installed version of Firefox 3.0 is earlier than 3.0.4. Such versions are potentially affected by the following security issues : - Locally saved '.url' shortcut files can be used to read information stored in the local cache. MFSA 2008-47 - 'file:' URIs are given chrome privileges when opene...

Mozilla Firefox 3.x < 3.0.4 Multiple Vulnerabilities

Binary data 4752.prm...

CVE-2008-5012

Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are no...

SeaMonkey < 1.1.13 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 1.1.13. Such versions are potentially affected by the following security issues : - Locally saved '.url' shortcut files can be used to read information stored in the local cache. MFSA 2008-47 - The canvas element can be used in conjunction with a...

SeaMonkey < 1.1.13 Multiple Vulnerabilities

Binary data 4753.prm...

Firefox < 2.0.0.18 Multiple Vulnerabilities

The installed version of Firefox is earlier than 2.0.0.18. Such versions are potentially affected by the following security issues : - Locally saved '.url' shortcut files can be used to read information stored in the local cache. MFSA 2008-47 - The canvas element can be used in conjunction with a...

RHEL 4 / 5 : firefox (RHSA-2008:0978)

The remote Redhat Enterprise Linux 4 / 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2008:0978 advisory. - Mozilla buffer overflow in http-index-format parser CVE-2008-0017 - Mozilla crash and remote code execution via proto tampering...

nsXMLHttpRequest::NotifyEventListeners() same-origin violation — Mozilla

Mozilla security researcher mozbugra4 reported that the same-origin check in nsXMLHttpRequest::NotifyEventListeners could be bypassed. This vulnerability could be used to execute JavaScript in the context of a different website...

Image stealing via canvas and HTTP redirect — Mozilla

Mozilla developer Georgi Guninski reported that the canvas element could be used in conjunction with an HTTP redirect to bypass same-origin restrictions and gain access to the content in arbitrary images from other domains. This vulnerability could be used by an attacker to steal private...

XSS and JavaScript privilege escalation via session restore — Mozilla

Security researcher David Bloom reported that the browser's session restore feature can be used to violate the same-origin policy and run JavaScript in the context of another site. Any otherwise unexploitable crash can be used to force the user into the session restore state...

CVE-2008-5026

Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files aka attachments, which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting XSS attacks by uploading HTML...

Cross site scripting

Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files aka attachments, which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting XSS attacks by uploading HTML...

CVE-2008-5026

CVE-2008-5026 involves Microsoft SharePoint, where the Documents module allows uploading files using the same hostname/port as the site’s primary files. This enables remote authenticated users to leverage same-origin relationships and conduct cross-site scripting (XSS) by uploading HTML documents...

Opera < 9.62 Multiple Vulnerabilities

The version of Opera installed on the remote host is earlier than 9.62 and thus reportedly affected by several issues : - Opera fails to sanitize certain parameters passed to the 'History Search' 906. - The browser's same-origin policy may be violated because scripts running in the 'Links Panel'...