CVE-2015-1298

The RuntimeEventRouter::OnExtensionUninstalled function in extensions/browser/api/runtime/runtimeapi.cc in Google Chrome before 45.0.2454.85 does not ensure that the setUninstallURL preference corresponds to the URL of a web site, which allows user-assisted remote attackers to trigger access to a...

CVE-2015-2727

Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. NOTE: this vulnerability exists because of a...

CVE-2014-1489

Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service session restore via a crafted web site...

CVE-2013-6672

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations...

Debian Security Advisory DSA 2695-1 (chromium-browser - several issues)

Several vulnerabilities have been discovered in the Chromium web browser. Multiple use-after-free, out-of-bounds read, memory safety, and cross-site scripting issues were discovered and corrected. CVE-2013-2837 Use-after-free vulnerability in the SVG implementation allows remote attackers to caus...

CVE-2012-5943

Cross-site scripting XSS vulnerability in IBM iNotes 8.5.x before 8.5.3 FP4 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving mail, aka SPR JDOE8ZZS9...

CVE-2012-2104

cgi-bin/munin-cgi-graph in Munin 2.x writes data to a log file without sanitizing non-printable characters, which might allow user-assisted remote attackers to inject terminal emulator escape sequences and execute arbitrary commands or delete arbitrary files via a crafted HTTP request...

CVE-2012-3479

CVE-2012-3479 affects GNU Emacs up to version 24.1, where lisp/files.el can trigger eval forms in local-variable sections when enable-local-variables is set to :safe. This permits a remote attacker-curated file to execute arbitrary Emacs Lisp code. Multiple advisories and NASL/Gentoo/OpenVAS entr...

CVE-2012-1924

CVE-2012-1924 affects the Opera browser (older branches) where user-assisted remote attackers could induce download dialog tricks to execute arbitrary files. Public details in connected records confirm affected lines include Opera before 11.62 (Mac) and similar series on Windows/UNIX; OpenSUSE no...

CVE-2011-1406

Mahara before 1.3.6 does not properly handle an https URL in the wwwroot configuration setting, which makes it easier for user-assisted remote attackers to obtain credentials by sniffing the network at a time when an http URL is used for a login...

CVE-2007-5236

Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.215 and earlier, on Windows does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read local files via an untrusted application...

CVE-2007-4559

Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267...

CVE-2007-3929

CVE-2007-3929 describes a use-after-free vulnerability in the BitTorrent support of Opera prior to 9.22. A crafted BitTorrent header can leave a dangling pointer to an invalid object, potentially enabling user-assisted remote code execution. Connected advisories indicate multiple vulnerabilities ...

CVE-2007-3201

Visual truncation vulnerability in Windows Privacy Tray WinPT 1.2.0 allows user-assisted remote attackers to install a key listed under the wrong user ID, and possibly cause the user to encrypt a victim's correspondence with this attacker-supplied key, via a key ID composed of the attacker's user...

CVE-2006-3449

Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, possibly a buffer overflow, allows user-assisted remote attackers to execute arbitrary commands via a malformed record in the BIFF file format used in a PPT file, a different issue than CVE-2006-1540, aka "Microsoft PowerPoint...