4 matches found
IP Board 3.x - CSRF Token hjiacking
No description provided by source. Title: IP Board 3.x CSRF - Token hjiacking Date: 03.09.14 Version: = 3.4.6 Vendor: invisionpower.com Author: Piotr S. Video-PoC: https://www.youtube.com/watch?v=G5P21TA4DjY 1 Introduction Latest and propabbly previous IPB verions suffers on vulnerability, which...
Design/Logic Flaw
Microsoft Office 2013 and 2013 RT allows remote attackers to discover authentication tokens via a crafted response to a file-open request for an Office file on a web site, as exploited in the wild in 2013, aka "Token Hijacking Vulnerability."...
CVE-2013-5054
CVE-2013-5054 affects Microsoft Office 2013 and 2013 RT. The vulnerability is an information disclosure where remote attackers can gain authentication tokens by exploiting a flaw in how Office handles specially crafted responses to file-open requests on a malicious website. The issue is described...
VulnCheck KEV: CVE-2013-5054
Microsoft Office 2013 and 2013 RT allows remote attackers to discover authentication tokens via a crafted response to a file-open request for an Office file on a web site, as exploited in the wild in 2013, aka "Token Hijacking Vulnerability."...