9 matches found
EUVD-2009-0359
Malware in sbrugna...
January 29, 2025—KB5050092 (OS Builds 22621.4830 and 22631.4830) Preview
January 29, 2025—KB5050092 OS Builds 22621.4830 and 22631.4830 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 23H2, see its update history page. Note Follow...
SUSE CVE-2009-0355
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element...
A vulnerability in the functionality of website isolation occurs during the restoration of tabs and the Google Chrome browser, allowing a intruder to gain unauthorized access to protected information.
The vulnerability in the isolation function of websites, which occurs during the restoration of tabs and the Google Chrome browser, is related to authentication errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
Ubuntu 7.10 : firefox-3.0 vulnerabilities (USN-717-2)
A flaw was discovered in the browser engine when restoring closed tabs. If a user were tricked into restoring a tab to a malicious website with form input controls, an attacker could steal local files on the user's system. CVE-2009-0355 Wladimir Palant discovered that Firefox did not restrict...
Firefox local file stealing with SessionStore
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element...
Firefox local file stealing with SessionStore
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element...
Firefox local file stealing with SessionStore
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element...
CVE-2009-0355
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element...