UBUNTU-CVE-2015-7214

Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs...

Netgear DGN2200 Password Disclosure

Exploit Title: Password Disclosure vulnerability Software: NETGEAR DGN2200 Software Link: netgear.com Version: DGN2200 Author: Dolev Farhi, email: dolevatopenflaredotorg Date: 23.7.2014 Tested on: Kali Linux Firmware 1.0.0.291.7.29HotS 2. Vulnerability Description: ===============================...

Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure

Exploit Title: Password Disclosure vulnerability Software: NETGEAR DGN2200 Software Link: netgear.com Version: DGN2200 Author: Dolev Farhi, email: dolevatopenflaredotorg Date: 23.7.2014 Tested on: Kali Linux Firmware 1.0.0.291.7.29HotS 2. Vulnerability Description: ===============================...

Netscape Enterprise Server 3.51/3.6 JHTML View Source Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/559/info Netscape Enterprise Server 3.51 and above includes a search engine by default. The results it generates can be tailored using various configuration files, and one of the options is whether or not the full text of...

Mozilla Firefox <= 2.0.9 'view-source:' Scheme Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27700/info Mozilla Firefox is prone to an information-disclosure vulnerability because it fails to restrict access to local resources. Attackers can exploit this issue to obtain potentially sensitive information that will...

Penny Auction Script CSRF Bypass (View Source) Vulnerability

Exploit for php platform in category web applications Title: Auction CSRF Bypass View Source Vulnerability Author: hacker alajman Mail : email protected Software Link : http://www.phppennyauction.com/ Version: 1.0 Google Dork: inurl:staticpage id=20 -''+++ 9:59am - Perigaum Parsifal Automatik /...

FreeBSD Ports: chromium

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD : chromium -- multiple vulnerabilities (68ac6266-25c3-11e1-b63a-00262d5ed8ee)

Google Chrome Releases reports : 81753 Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to David Holloway of the Chromium development community. 95465 Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team Inferno. 98809 Medium CVE-2011-3906:...

CVE-2011-3907

The view-source feature in Google Chrome before 16.0.912.63 allows remote attackers to spoof the URL bar via unspecified vectors...

CVE-2011-3907

The view-source feature in Google Chrome before 16.0.912.63 allows remote attackers to spoof the URL bar via unspecified vectors...

CVE-2011-3907

Removed by vendor...

CVE-2010-0664

Stack consumption vulnerability in the ChildProcessSecurityPolicy::CanRequestURL function in browser/childprocesssecuritypolicy.cc in Google Chrome before 4.0.249.78 allows remote attackers to cause a denial of service memory consumption and application crash via a URL that specifies multiple...

CVE-2010-0664

Removed by vendor...

Google Chrome crossite scripting

Crossite scripting with chrome://history/ and view-source:chrome://history/...

view-source: protocol

The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to 1 bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; 2 read, create, or modify...

Mozilla Foundation Security Advisory 2009-17

Mozilla Foundation Security Advisory 2009-17 Title: Same-origin violations when Adobe Flash loaded via view-source: scheme Impact: High Announced: April 21, 2009 Reporter: Gregory Fleischer Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.9 Description Security researcher Gregory...

Design/Logic Flaw

The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to 1 bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; 2 read, create, or modify...

CVE-2009-1307

CVE-2009-1307 is evidenced in connected documents as a vulnerability in the view-source: URI handling in Mozilla Firefox before 3.0.9 (also affecting Thunderbird and SeaMonkey) that breaks the Same Origin Policy. It enables remote attackers to bypass cross-domain restrictions and connect to arbit...

view-source: protocol

The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to 1 bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; 2 read, create, or modify...

view-source: protocol

The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to 1 bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; 2 read, create, or modify...