EUVD-2007-0703

Malware in sbrugna...

DonutP and UnDonut confirmation dialog display vulnerability

Overview DonutP and its successor, unDonut, are IE-based tabbed web browsers. In DonutP and old versions of unDonut, Donut.P API does not require explicit user consent. Therefore DonutP and unDonut contain a vulnerability which may allow an attacker to execute a cross-site scripting and other...

Cross site scripting

Cross-zone scripting vulnerability in Darksky RSS bar for Internet Explorer before 1.29, RSS bar for Sleipnir before 1.29, and RSS bar for unDonut before 1.29 allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. NOTE: some of these details are...

CVE-2007-0706

Cross-zone scripting vulnerability in Darksky RSS bar for Internet Explorer before 1.29, RSS bar for Sleipnir before 1.29, and RSS bar for unDonut before 1.29 allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. NOTE: some of these details are...

CVE-2007-0706

Cross-zone scripting vulnerability in Darksky RSS bar for Internet Explorer before 1.29, RSS bar for Sleipnir before 1.29, and RSS bar for unDonut before 1.29 allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. NOTE: some of these details are...

CVE-2007-0706

Cross-zone scripting vulnerability (CVE-2007-0706) affects Darksky RSS bar for Internet Explorer < 1.29, Sleipnir RSS bar < 1.29, and unDonut RSS bar