8357 matches found
CVE-2002-0815
The Javascript "Same Origin Policy" SOP, as implemented in 1 Netscape, 2 Mozilla, and 3 Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the...
CVE-2002-0815
The Javascript "Same Origin Policy" SOP, as implemented in 1 Netscape, 2 Mozilla, and 3 Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the...
CVE-2002-0815
The CVE-2002-0815 entry describes a vulnerability in the Javascript Same Origin Policy (SOP) as implemented by Netscape, Mozilla, and Internet Explorer. The root cause is that code running in one frame can access content from a restricted site due to the ability to map the attacker’s parent domai...
Microsoft Internet Explorer 5/6 - OBJECT Tag Same Origin Policy Violation
source: https://www.securityfocus.com/bid/5196/info Microsoft Internet Explorer allows script code to violate the same origin policy through usage of the HTML OBJECT tag. Malicious script code may obtain a legitimate reference to an embedded object containing a web page from the same domain. This...
Microsoft Internet Explorer 56 - OBJECT Tag Same Origin Policy Violation
Microsoft Internet Explorer 56 - OBJECT Tag Same Origin Policy Violation source: https://www.securityfocus.com/bid/5196/info Microsoft Internet Explorer allows script code to violate the same origin policy through usage of the HTML OBJECT tag. Malicious script code may obtain a legitimate referen...
Opera 5.12/6.0 - Frame Location Same Origin Policy Circumvention
source: https://www.securityfocus.com/bid/4745/info Opera is a web browser product created by Opera Software, and is available for a range of operating systems including Windows and Linux. A vulnerability has been reported in some versions of the Opera Browser. It is possible to bypass the same...
Opera 5.126.0 - Frame Location Same Origin Policy Circumvention
Opera 5.126.0 - Frame Location Same Origin Policy Circumvention source: https://www.securityfocus.com/bid/4745/info Opera is a web browser product created by Opera Software, and is available for a range of operating systems including Windows and Linux. A vulnerability has been reported in some...
Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant (MS02-047)
Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant MS02-047 source: https://www.securityfocus.com/bid/5561/info Microsoft Internet Explorer includes support for dialog windows through script calls to the two functions showModalDialog and showModelessDialog. These functions...
Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant (MS02-047)
source: https://www.securityfocus.com/bid/5561/info Microsoft Internet Explorer includes support for dialog windows through script calls to the two functions showModalDialog and showModelessDialog. These functions accept a URL location for the dialog content, and an option argument parameter to...
PT-2001-2602 · Microsoft · Windows 2000 +1
Name of the Vulnerable Software and Affected Versions: Windows 2000 Description: The issue concerns the storage of cleartext authentication information in memory by RunAs runas.exe in Windows 2000. This could potentially allow attackers to obtain usernames and passwords by executing a process...
Microsoft Internet Explorer does not properly handle document.open()
Overview Microsoft Internet Explorer contains a vulnerability in which a script from one source is permitted to access files on the client's file system. An attacker may be able to read cookies and other files on a target system, and spoof Internet sites by creating believable window titles...
Several javascript vulnerabilities in Opera
Georgi Guninski security advisory 51, 2001 Several javascript vulnerabilities in Opera Systems affected: Opera 5.12/Windows, Opera 5.0/Linux - probably other versions Risk: Medium Date: 15 November 2001 Legal Notice: This Advisory is Copyright c 2001 Georgi Guninski. You may distribute it...
Opera 5.0/5.1 - Same Origin Policy Circumvention
source: https://www.securityfocus.com/bid/3553/info Opera is a popular, freely available web browser that is supported across many different platforms. Opera is prone to an issue which may allow for the execution of script code across domains, allowing for circumvention of the web browser's...
Opera 5.05.1 - Same Origin Policy Circumvention
Opera 5.05.1 - Same Origin Policy Circumvention source: https://www.securityfocus.com/bid/3553/info Opera is a popular, freely available web browser that is supported across many different platforms. Opera is prone to an issue which may allow for the execution of script code across domains,...
SyGate Backdoor Detection
SyGate engine remote controller seems to be running on this port. It may be used by malicious users that are on the same subnet as this host to reconfigure the remote SyGate engine. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10274; scriptversion "1.24";...
msie.5.dhtml.cuartango.txt
Date: Wed, 24 Mar 1999 12:11:09 +0100 From: Juan Carlos Garcia Cuartango To: [email protected] Subject: IE 5 security vulnerabilities Greetings, Microsoft delivers with IE 5 an Active X control called "DHTML Edit control Safe for Scripting for IE 5". In my opinion this control IS N...
PT-1999-1365 · Netscape · Netscape Communicator
Name of the Vulnerable Software and Affected Versions: Netscape Communicator version 4.x Description: The issue concerns Netscape Communicator 4.x with Javascript enabled, where it does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating...