Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android. These vulnerabilities stem from the misleading or insufficient UI provided by the getCallingAppLabel function in CertInstaller.java, which may lead to t...

EUVD-2005-0592

Malware in sbrugna...

SUSE CVE-2004-0909

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 may allow remote attackers to trick users into performing unexpected actions, including installing software, via signed scripts that request enhanced abilities using the enablePrivilege parameter, then...

SUSE CVE-2012-1929

Opera before 11.62 on Mac OS X allows remote attackers to spoof the address field and security dialogs via crafted styling that causes page content to be displayed outside of the intended content area...

CVE-2012-1929

Opera before 11.62 on Mac OS X allows remote attackers to spoof the address field and security dialogs via crafted styling that causes page content to be displayed outside of the intended content area...

Code injection

Opera before 11.62 on Mac OS X allows remote attackers to spoof the address field and security dialogs via crafted styling that causes page content to be displayed outside of the intended content area...

CVE-2012-1929

Opera pre-11.62 for Mac OS X is affected by CVE-2012-1929, where crafted styling can cause page content to render outside the intended area, enabling spoofing of the address field and security dialogs. The issue is documented across multiple sources (NVD/SUSE openSUSE advisories and OpenVAS entri...

CVE-2012-1929

Opera before 11.62 on Mac OS X allows remote attackers to spoof the address field and security dialogs via crafted styling that causes page content to be displayed outside of the intended content area...

Web page content may overlap the address field – Opera Security Advisories

The browser’s user interface contains several pieces of security information. To preserve this information correctly, web page content should not be able to display over the user interface. Certain styling can cause Opera to allow the content to be displayed outside the page, over the address...

Web page content may overlap the address field

The browser's user interface contains several pieces of security information. To preserve this information correctly, web page content should not be able to display over the user interface. Certain styling can cause Opera to allow the content to be displayed outside the page, over the address...

Web page dialogs can be used to to display the wrong address in the address field – Opera Security Advisories

The address field should always show the correct address for the page that is loaded. If a page can cause Opera to display certain dialogs relating to a target site, the dialog may in some cases cause Opera to display the target site’s address instead of the correct address. This can allow an...

Web page content can display misleading security information – Opera Security Advisories

Dialogs such as the security information dialog and download dialog are displayed over the top of the webpage content. In some cases, webpage content will be incorrectly displayed on top of the dialogs, or over parts of the dialogs. This content can then display misleading security information,...

USN-576-1: Firefox vulnerabilities

Various flaws were discovered in the browser and JavaScript engine. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. CVE-2008-0412, CVE-2008-0413 Flaws were discovered in the file upload form control. A malicious website...

Spoofing download and security dialogs with overlapping windows — Mozilla

Michael Krax demonstrates that the download dialog and security dialogs can be spoofed by partially covering them with an overlapping window. Some users may not notice the OS window border and browser statusbar bisecting what appears to be a single dialog, and be convinced by the spoofing text of...

CVE-2004-0909

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 may allow remote attackers to trick users into performing unexpected actions, including installing software, via signed scripts that request enhanced abilities using the enablePrivilege parameter, then...

[Full-Disclosure] Race conditions in security dialogs

I discovered arbitrary code execution holes in Mozilla, Internet Explorer, and Opera that involve human reaction time. One version of the attack works like this: the page contains a captcha displaying the word "only" and asks you to type the word to verify that you are a human. As soon as you typ...

Multiple browsers security dialogs race conditions

By forcing user to type predictable characters, key sequences or mouse clicks it's possible to conduct situation user event will be received by shortly appeared security dialog for example "Save file" dialog can apper then user is about to press Y key...

mozilla -- users may be lured into bypassing security dialogs

According to the Mozilla project: An attacker who could lure users into clicking in particular places, or typing specific text, could cause a security permission or software installation dialog to pop up under the user's mouse click, clicking on the grant or install button...