7422 matches found
phpMyAdmin: Cross-site scripting vulnerability
Background phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL databases from a web-browser. Description Oriol Torrent Santiago has discovered that phpMyAdmin fails to validate input to the "convcharset" variable, rendering it vulnerable to cross-site scripting...
PHP-Nuke 6.x7.x Downloads Module - Lid Cross-Site Scripting
PHP-Nuke 6.x7.x Downloads Module - Lid Cross-Site Scripting source: https://www.securityfocus.com/bid/13011/info It is reported that the PHP-Nuke 'Downloads' module is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize...
Maxthon Web Browser 1.2 - Search Bar Information Disclosure
Maxthon Web Browser 1.2 - Search Bar Information Disclosure source: https://www.securityfocus.com/bid/12898/info Maxthon Web Browser is reported prone to an information disclosure vulnerability. This issue may allow an attacker to disclose search bar contents from an affected browser. Information...
Maxthon Web Browser 1.2 - Search Bar Information Disclosure
source: https://www.securityfocus.com/bid/12898/info Maxthon Web Browser is reported prone to an information disclosure vulnerability. This issue may allow an attacker to disclose search bar contents from an affected browser. Information disclosed through the exploitation of this vulnerability ma...
Firefox < 1.0.2 Multiple Vulnerabilities
The remote version of Firefox contains various security issues that may allow an attacker to impersonate a website and to trick a user into accepting and executing arbitrary files or to cause a heap overflow in the FireFox process and execute arbitrary code on the remote host. C Tenable Network...
Java Web Start argument injection vulnerability
OVERVIEW ======== Java Web Start is a technology for easy client-side deployment of Java applications. "Using Java Web Start technology, standalone Java software applications can be deployed with a single click over the network" from Sun Microsystems's website. Java Web Start is installed with Ja...
Microsoft Windows SharePoint Services and SharePoint Team Services cross-site scripting vulnerabilities
Overview Microsoft Windows SharePoint Services and SharePoint Team Services contain cross-site scripting vulnerabilities. These vulnerabilities could be exploited to execute arbitrary code in the security context of the affected user. Description Microsoft Windows SharePoint Services for Windows...
Microsoft Windows SharePoint Services Cross-Site Scripting and Spoofing Vulnerability
Description A cross-site scripting and spoofing vulnerability affects Microsoft Windows SharePoint Services and SharePoint Team Services. A remote attacker may carry out a cross-site scripting attack to execute arbitrary HTML and script code in a user's browser. It is also possible to poison Web...
Opera may insecurely execute binary data encoded in a URI
Overview The Opera web browser fails to validate data encoded using the RFC 2397 scheme. A remote attacker may be able to execute arbitrary code on a vulnerable system. Description The Opera web browser fails to properly handle binary data encoded following the RFC 2397 specification for sending...
Konqueror Web Browser < 3.3.3 Remote Window Hijacking
Binary data 2531.prm...
Dillo: Format string vulnerability
Background Dillo is a small and fast multi-platform web browser based on GTK+. Description Gentoo Linux developer Tavis Ormandy found a format string bug in Dillo's handling of messages in aInterfacemsg. Impact An attacker could craft a malicious web page which, when accessed using Dillo, would...
Mandrake Linux Security Advisory : kdelibs (MDKSA-2004:160)
A vulnerability in the Konqueror web browser was discovered that would allow a malicious web site to take advantage of a flaw in kioftp to send email messages without user interaction. The updated packages are patched to correct the problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...
CVE-2004-1158
CVE-2004-1158 affects Konqueror 3.x up to 3.2.2-6 (and possibly other versions). The vulnerability, described as a window-injection issue, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab that resides in a different domain, demo...
Blog Torrent 0.80 - BTDownload.php Cross-Site Scripting
Blog Torrent 0.80 - BTDownload.php Cross-Site Scripting source: https://www.securityfocus.com/bid/11839/info It is reported that Blog Torrent is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This...
Mozilla Camino Web Browser 0.70.8 - Infinite Array Sort Denial of Service
Mozilla Camino Web Browser 0.70.8 - Infinite Array Sort Denial of Service source: https://www.securityfocus.com/bid/11761/info Mozilla Camino Web browser is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs an infinite JavaScript array so...
Apple Safari Web Browser 1.x - Infinite Array Sort Denial of Service
Apple Safari Web Browser 1.x - Infinite Array Sort Denial of Service source: https://www.securityfocus.com/bid/11759/info Apple Safari Web Browser is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs an infinite JavaScript array sort...
Apple Safari Web Browser 1.x - Infinite Array Sort Denial of Service
source: https://www.securityfocus.com/bid/11759/info Apple Safari Web Browser is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs an infinite JavaScript array sort operation. It is conjectured that this will only result in a denial of...
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (3)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities 3 source: https://www.securityfocus.com/bid/11712/info Multiple remote vulnerabilities reportedly affect the Opera Web Browser Java implementation. These issues are due to the insecure proprietary design of the Web browser's Ja...
Opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4)
Opera Web browser 7.54 java implementation - Multiple Vulnerabilities 4 source: https://www.securityfocus.com/bid/11712/info Multiple remote vulnerabilities reportedly affect the Opera Web Browser Java implementation. These issues are due to the insecure proprietary design of the Web browser's Ja...
Opera Web browser 7.54 java implementation - Multiple Vulnerabilities (1)
Opera Web browser 7.54 java implementation - Multiple Vulnerabilities 1 source: https://www.securityfocus.com/bid/11712/info Multiple remote vulnerabilities reportedly affect the Opera Web Browser Java implementation. These issues are due to the insecure proprietary design of the Web browser's Ja...