744 matches found
firefox: cross-domain information disclosure
Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which...
Mozilla Integer Overflow in XSLT Node Sorting
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node...
Mozilla Integer Overflow in XSLT Node Sorting
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node...
Microsoft Internet Explorer Stylesheet Array Removal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required in that a target must visit a malicious page. The specific flaw exists within IE's support for the CStyleSheet object. When a style sheet...
Mozilla Firefox缓存XUL样式表更改浏览器UI漏洞
BUGTRAQ ID: 38922 CVECAN ID: CVE-2010-0169 Firefox是一款流行的开源WEB浏览器。 远程XUL文档所使用的样式表可能会污染用户的XUL缓存,而浏览器Chrome之后会使用这个缓存确定用户界面的样式。恶意网站可以利用这个漏洞更改浏览器的样式属性,如字体大小和颜色。 Mozilla Firefox 3.6 Mozilla Firefox 3.5.x Mozilla Firefox 3.0.x Mozilla Thunderbird 3.0 Mozilla SeaMonkey 2.0 厂商补丁: Mozilla -------...
CVE-2010-0169
The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to...
CVE-2010-0169
The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to...
Apple Saferi multiple vulnerabilities (Mar10)
The host is running Apple Saferi and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodapplesafarimultvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Apple Safari multiple vulnerabilities Mar10 Authors: Madhuri D Updated By: Antu Sanadi on 2010-18-2010 Added the CVE and...
XSLT can be used to retrieve random contents of unrelated documents – Opera Security Advisories
XSLT can be used to retrieve random contents of unrelated documents – Opera Security Advisories OPCOM Team | March 18, 2010 Affected versions This vulnerability affects Opera 10.50. Severity Highly severe Description XSLT is normally subject to strict controls, preventing documents from separate...
firefox/thunderbird/seamonkey: browser chrome defacement via cached XUL stylesheets (MFSA 2010-14)
The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to...
CVE-2010-0051
Technical details about CVE-2010-0051 are not publicly provided in the supplied documents; monitor for updates.
GNOME Project libxslt Library RC4 Key String Buffer Overflow (CVE-2008-2935)
XSLT is an XML language to define transformation for XML. XSLT is designed for use as part of XSL, which is a stylesheet language for XML. In addition to XSLT, XSL includes an XML vocabulary for specifying formatting. There exists a heap based buffer overflow vulnerability in RC4 libxslt...
Microsoft Internet Explorer Information Disclosure Vulnerability (Feb 2010)
Microsoft Internet Explorer is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Firefox Multiple Vulnerabilities (Feb 2010) - Windows
Firefox Browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Firefox Multiple Vulnerabilities Feb-10 (Linux)
The host is installed with Firefox Browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodfirefoxmultvulnfeb10lin.nasl 5394 2017-02-22 09:22:42Z teissa $ Firefox Multiple Vulnerabilities Feb-10 Linux Authors: Rachana Shetty Copyright: Copyright c 2010 SecPod,...
Firefox Multiple Vulnerabilities Feb-10 (Windows)
The host is installed with Firefox Browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodfirefoxmultvulnfeb10win.nasl 5394 2017-02-22 09:22:42Z teissa $ Firefox Multiple Vulnerabilities Feb-10 Windows Authors: Rachana Shetty Copyright: Copyright c 2010 SecPod,...
Design/Logic Flaw
Microsoft Internet Explorer permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote HTTP servers to obtain sensitive information via a crafted document...
CVE-2010-0648
Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets0.href property value, relate...
CVE-2010-0648
Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets0.href property value, relate...
CVE-2010-0648
CVE-2010-0648 affects Mozilla Firefox (possibly before 3.6). The vulnerability allows a remote attacker to cause a user’s session to reveal a redirect’s target URL by placing the site’s URL in the HREF of a LINK element for a stylesheet and reading document.styleSheets[0].href, related to an IFRA...