227 matches found
CVE-2009-0836
Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 1120 and 1301, does not require user confirmation before performing dangerous actions defined in a PDF file, which allows remote attackers to execute arbitrary programs and have unspecified other impact via a crafted file, as...
Ubuntu 5.04 : kdewebdev vulnerability (USN-115-1)
Eckhart Worner discovered that Kommander opens files from remote and possibly untrusted locations without user confirmation. Since Kommander files can contain scripts, this would allow an attacker to execute arbitrary code with the privileges of the user opening the file. The updated Kommander wi...
CVE-2005-0754
Removed by vendor...
Microsoft Internet Explorer 6 SV 1 XHTML Comment User Confirmation Bypass
Binary data 2301.prm...
DSA-518 kdelibs - unsanitised input
Bulletin has no description...
Microsoft Internet Explorer - URL Injection in History List (MS04-004)
Microsoft Internet Explorer - URL Injection in History List MS04-004 // Andreas Sandblad, 2004-02-03, patched by MS04-004 // Name: payload // Purpose: Run payload code called from Local Machine zone. // The code may be arbitrary such as executing shell commands. // This demo simply creates a...
Дырка в Pegasus Mail
Если ссылки mailto: обрабатываются Pegasus Mail, то с помощью подобной ссылки можно отправить любой файл с компьютера пользователя по любому адресу без подтверждения пользователем...