8262 matches found
DEBIAN-CVE-2003-0072
The Key Distribution Center KDC in Kerberos 5 krb5 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service crash on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array aka "array overrun"...
CVE-2002-1467
Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via 1 an HTTP redirect, 2 a "file://" base in a web document, or 3 a relative URL from a web archive mht file...
CVE-2002-1467
CVE-2002-1467 affects the Macromedia Flash Plugin prior to 6.0.47.0, allowing remote attackers to bypass the same-domain restriction and read arbitrary files via (1) HTTP redirects, (2) a file:// base in a web document, or (3) a relative URL from a web archive (mht). The primary sources in the pr...
Microsoft Internet Explorer 56 - Unauthorized Document Object Model Access
Microsoft Internet Explorer 56 - Unauthorized Document Object Model Access source: https://www.securityfocus.com/bid/5963/info Microsoft Internet Explorer MSIE is prone to a vulnerability that may enable a frame or iframe to gain unauthorized access to the Document Object Model DOM of other...
Microsoft Internet Explorer 5/6 - Unauthorized Document Object Model Access
source: https://www.securityfocus.com/bid/5963/info Microsoft Internet Explorer MSIE is prone to a vulnerability that may enable a frame or iframe to gain unauthorized access to the Document Object Model DOM of other frames/iframes in a different domain. This is possible because MSIE does not...
CVE-2002-0815
The Javascript "Same Origin Policy" SOP, as implemented in 1 Netscape, 2 Mozilla, and 3 Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the...
CVE-2002-0815
The CVE-2002-0815 entry describes a vulnerability in the Javascript Same Origin Policy (SOP) as implemented by Netscape, Mozilla, and Internet Explorer. The root cause is that code running in one frame can access content from a restricted site due to the ability to map the attacker’s parent domai...
CVE-2002-0815
The Javascript "Same Origin Policy" SOP, as implemented in 1 Netscape, 2 Mozilla, and 3 Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the...
Microsoft Internet Explorer 5/6 - OBJECT Tag Same Origin Policy Violation
source: https://www.securityfocus.com/bid/5196/info Microsoft Internet Explorer allows script code to violate the same origin policy through usage of the HTML OBJECT tag. Malicious script code may obtain a legitimate reference to an embedded object containing a web page from the same domain. This...
Microsoft Internet Explorer 56 - OBJECT Tag Same Origin Policy Violation
Microsoft Internet Explorer 56 - OBJECT Tag Same Origin Policy Violation source: https://www.securityfocus.com/bid/5196/info Microsoft Internet Explorer allows script code to violate the same origin policy through usage of the HTML OBJECT tag. Malicious script code may obtain a legitimate referen...
Opera 5.126.0 - Frame Location Same Origin Policy Circumvention
Opera 5.126.0 - Frame Location Same Origin Policy Circumvention source: https://www.securityfocus.com/bid/4745/info Opera is a web browser product created by Opera Software, and is available for a range of operating systems including Windows and Linux. A vulnerability has been reported in some...
Opera 5.12/6.0 - Frame Location Same Origin Policy Circumvention
source: https://www.securityfocus.com/bid/4745/info Opera is a web browser product created by Opera Software, and is available for a range of operating systems including Windows and Linux. A vulnerability has been reported in some versions of the Opera Browser. It is possible to bypass the same...
Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant (MS02-047)
Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant MS02-047 source: https://www.securityfocus.com/bid/5561/info Microsoft Internet Explorer includes support for dialog windows through script calls to the two functions showModalDialog and showModelessDialog. These functions...
Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant (MS02-047)
source: https://www.securityfocus.com/bid/5561/info Microsoft Internet Explorer includes support for dialog windows through script calls to the two functions showModalDialog and showModelessDialog. These functions accept a URL location for the dialog content, and an option argument parameter to...
PT-2001-2602 · Microsoft · Windows 2000 +1
Name of the Vulnerable Software and Affected Versions: Windows 2000 Description: The issue concerns the storage of cleartext authentication information in memory by RunAs runas.exe in Windows 2000. This could potentially allow attackers to obtain usernames and passwords by executing a process...
Microsoft Internet Explorer does not properly handle document.open()
Overview Microsoft Internet Explorer contains a vulnerability in which a script from one source is permitted to access files on the client's file system. An attacker may be able to read cookies and other files on a target system, and spoof Internet sites by creating believable window titles...
Several javascript vulnerabilities in Opera
Georgi Guninski security advisory 51, 2001 Several javascript vulnerabilities in Opera Systems affected: Opera 5.12/Windows, Opera 5.0/Linux - probably other versions Risk: Medium Date: 15 November 2001 Legal Notice: This Advisory is Copyright c 2001 Georgi Guninski. You may distribute it...
Opera 5.0/5.1 - Same Origin Policy Circumvention
source: https://www.securityfocus.com/bid/3553/info Opera is a popular, freely available web browser that is supported across many different platforms. Opera is prone to an issue which may allow for the execution of script code across domains, allowing for circumvention of the web browser's...
Opera 5.05.1 - Same Origin Policy Circumvention
Opera 5.05.1 - Same Origin Policy Circumvention source: https://www.securityfocus.com/bid/3553/info Opera is a popular, freely available web browser that is supported across many different platforms. Opera is prone to an issue which may allow for the execution of script code across domains,...
SyGate Backdoor Detection
SyGate engine remote controller seems to be running on this port. It may be used by malicious users that are on the same subnet as this host to reconfigure the remote SyGate engine. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10274; scriptversion "1.24";...