EUVD-2011-3607

Malware in sbrugna...

SUSE CVE-2004-0224

Multiple buffer overflows in 1 iso2022jp.c or 2 shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."...

SUSE CVE-2008-0416

Multiple cross-site scripting XSS vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character encodings, including 1 a backspace character that is treated as...

SUSE CVE-2009-4142

The htmlspecialchars function in PHP before 5.2.12 does not properly handle 1 overlong UTF-8 sequences, 2 invalid ShiftJIS sequences, and 3 invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting XSS attacks by placing a crafted byte sequence before a special...

Oracle Solaris Third-Party Patch Update : thunderbird (multiple_vulnerabilities_in_thunderbird2)

The remote Solaris system is missing necessary patches to address security updates : - Cross-site scripting XSS vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via...

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2011:1243-1)

MozillaFirefox was updated to version 8 bnc728520 to fix the following security issues : dbg114-MozillaFirefox-5399 MozillaFirefox-5399 newupdateinfo MFSA 2011-47/CVE-2011-3648 bmo690225 Potential XSS against sites using Shift-JIS dbg114-MozillaFirefox-5399 MozillaFirefox-5399 newupdateinfo MFSA...

openSUSE Security Update : firefox / thunderbird (openSUSE-2011-9)

Mozilla Firefox and Thunderbird were updated to version 8.0 which fixes several security vulnerabilities : - MFSA 2011-52 - Code execution via NoWaiverWrapper CVE-2011-3655 - MFSA 2011-51 - Cross-origin image theft on Mac with integrated Intel GPU CVE-2011-3653 - MFSA 2011-50 - Cross-origin data...

Cross site scripting

Cross-site scripting XSS vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via vectors involving incorrect auto-selection of the Shift JIS encoding, leading to cross-domain scrolling events, aka "Shift JIS Character Encoding...

CVE-2013-3166

Cross-site scripting XSS vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via vectors involving incorrect auto-selection of the Shift JIS encoding, leading to cross-domain scrolling events, aka "Shift JIS Character Encoding...

CVE-2013-3166

CVE-2013-3166 is an XSS vulnerability in Microsoft Internet Explorer (IE6–IE10) that arises from incorrect auto‑selection of the Shift JIS encoding, enabling remote script/HTML execution via cross‑domain scrolling events. The issue is documented as the Shift JIS Character Encoding Vulnerability a...

Microsoft Internet Explorer Shift JIS Encoded Characters Cross-Site Scripting Vulnerability

Description Microsoft Internet Explorer is prone to a cross-site scripting vulnerability. An attacker can exploit this issue to gain access to information in another domain or Internet Explorer zone. This may allow the attacker to obtain sensitive information that may aid in further attacks...

Microsoft Internet Explorer Shift JIS字符信息泄露漏洞(CVE-2013-0015) (ms13-009)

BUGTRAQ ID: 57822 CVECAN ID: CVE-2013-0015 Microsoft Internet Explorer是微软公司推出的一款网页浏览器。 Shift JIS是日本语的字符编码。Internet Explorer 6, 7, 8, 9没有正确执行Shift JIS编码的自动选择，通过构造触发跨域滚动事件的特制网站，远程攻击者可从不同的域或区域读取内容，造成信息泄露。 0 Microsoft Internet Explorer 6 - 9 临时解决方法： 如果您不能立刻安装补丁或者升级，建议您采取以下措施以降低威胁： 将互联网和局域网安全区域设置为“高”...

CVE-2013-0015

Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different 1 domain or 2 zone via a crafted web site that triggers cross-domain scrolling events, aka "Shift JIS Character Encoding...

CVE-2013-0015

Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different 1 domain or 2 zone via a crafted web site that triggers cross-domain scrolling events, aka "Shift JIS Character Encoding...

Cross site scripting

Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different 1 domain or 2 zone via a crafted web site that triggers cross-domain scrolling events, aka "Shift JIS Character Encoding...

CVE-2013-0015

Microsoft Internet Explorer 6–9 suffer from a vulnerability in automatic Shift JIS encoding selection, enabling remote attackers to read content from a different domain/zone via a crafted site that triggers cross-domain scrolling events (Shift JIS Character Encoding Vulnerability). This issue cau...

CVE-2013-0015

Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different 1 domain or 2 zone via a crafted web site that triggers cross-domain scrolling events, aka "Shift JIS Character Encoding...

Microsoft Patches Critical IE Vulnerabilities

Internet Explorer continues to dominate Microsoft’s 2013 security updates. Among the 12 bulletins and 57 vulnerabilities patched in today’s release was a cumulative update for the maligned browser and another fix for a bug being exploited in the wild. Last month, an out-of-band fix for IE 6-8...

Internet Explorer Shift JIS Character Encoding (MS13-009; CVE-2013-0015)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer...

Ubuntu Update for thunderbird USN-1254-1

Ubuntu Update for Linux kernel vulnerabilities USN-1254-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12541.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for thunderbird USN-1254-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net...