Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote attackers to hijack the authentication of users with the "edit gd infinite scroll settings" permission for requests that delete settings via unspecified vectors...

CVE-2015-1567

Cross-site scripting XSS vulnerability in the admin page in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote authenticated users with the "edit gd infinite scroll settings" permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-1568

Cross-site request forgery CSRF vulnerability in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote attackers to hijack the authentication of users with the "edit gd infinite scroll settings" permission for requests that delete settings via unspecified vectors...

CVE-2015-1568

The CVE-2015-1568 entry concerns the Drupal GD Infinite Scroll contributed module, affected versions prior to 7.x-1.4. It describes a Cross-Site Request Forgery (CSRF) vulnerability that allows remote attackers to hijack the authentication of users who have the permission to edit GD Infinite Scro...

Apple iOS Scroll Bar Boundary Handling UI Fake Vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. Apple iOS suffers from a security vulnerability in the handling of scroll bar boundaries, which allows remote attackers to exploit this vulnerability to conduct forgery attacks...

SA-CONTRIB-2015-031 - GD Infinite Scroll - Multiple vulnerabilites

GD Infinite Scroll module enables you to use the "infinite scroll jQuery plugin : auto-pager" on custom pages. Some links were not protected against CSRF. A malicious user could cause another user with the "edit gd infinite scroll settings" permission to delete settings by getting his browser to...

CVE-2014-1748

The vulnerability CVE-2014-1748 affects Blink in Google Chrome prior to 35.0.1916.114. It targets ScrollView::paint in platform/scroll/ScrollView.cpp, allowing a remote attacker to spoof the UI by extending scrollbar painting into the parent frame. Impact: UI spoofing could mislead users. Affecte...

Remote code execution

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability."...

Microsoft Internet Explorer Scroll事件远程代码执行漏洞(MS11-081)

BUGTRAQ ID: 49947 CVE ID: CVE-2011-1993 Microsoft Internet Explorer简称MSIE，是微软公司推出的一款网页浏览器。 IE在Scroll事件的处理上存在内存破坏漏洞，当IE访问已经删除的对象的方式时，远程攻击者可利用此漏洞远程代码或导致内存破坏。 Microsoft Internet Explorer 9.x Microsoft Internet Explorer 8.x Microsoft Internet Explorer 7.x Microsoft Internet Explorer 6.x 临时解决方法：...

Adobe Flash Player ActionScript Image Scroll Code Execution (APSB11-21; CVE-2011-2138)

A code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in the application when processing ActionScript image scroll functions in SWF files. A remote attacker could exploit this vulnerability by enticing an unsuspecting victim to open a web pag...

VUPEN Security Research - Apple Safari WebKit Scroll Event Handling Remote Use-after-free

VUPEN Security Research - Apple Safari WebKit Scroll Event Handling Remote Use-after-free http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Apple Safari is a web browser developed by Apple. As of February 2010, Safari was the fourth most widely used browser, with 4.45...

MDVA-2009:145 : x11-driver-input-synaptics

The synaptics touchpad driver shipped with 2009.1 has problems correctly identifying and scaling the right hand scroll zone on certain hardware including the ASUS EeePC 701. This updated version addresses this and several other minor issues. Fixing among others Mandriva bug 51845. %NASLMINLEVEL...

Buffer overflow

Buffer overflow in Softonic International SciTE 1.72 allows user-assisted remote attackers to cause a denial of service application crash via a Ruby .rb file containing a long string, which triggers the crash when a scroll bar is used...

CVE-2009-3857

Buffer overflow in Softonic International SciTE 1.72 allows user-assisted remote attackers to cause a denial of service application crash via a Ruby .rb file containing a long string, which triggers the crash when a scroll bar is used...

CVE-2009-3857

Buffer overflow in Softonic International SciTE 1.72 allows user-assisted remote attackers to cause a denial of service application crash via a Ruby .rb file containing a long string, which triggers the crash when a scroll bar is used...

Mandriva Linux Security Advisory : firefox (MDVSA-2009:236)

Security issues were identified and fixed in firefox 3.0.x : Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vecto...

Design/Logic Flaw

Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property...

CVE-2009-3078

Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property...

ScITE Editor 1.72 Local Crash Vulnerability Exploit

Exploit for unknown platform in category dos / poc =================================================== ScITE Editor 1.72 Local Crash Vulnerability Exploit =================================================== !/usr/bin/perl ScITE Editor 1.72 crash vulnerability Exploit Bug Founded by prodigy PoC my...

ScITE Editor 1.72 - Local Crash

!/usr/bin/perl ScITE Editor 1.72 crash vulnerability Exploit Bug Founded by prodigy PoC my $owned="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" x 5000; openmyfile,'crash.rb'; print myfile $owned; closemyfile; !Usage: when you created the file is open with SciTE, and...