CVE-2012-5354

CVE-2012-5354 is covered by details in connected advisories/plugins. The open-connected sources show that Mozilla Firefox before 16.0, Mozilla Thunderbird before 16.0, and SeaMonkey before 2.13 are vulnerable to a clickjacking-style issue when navigating away from a page that has an active set of...

CVE-2012-5354

Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows remote attackers to conduct clickjacking attacks via vectors involving an XPI file, the window.ope...

Safari For Windows 5.1.5 URL window.open() Spoof

Safari for windows 5.1.5 and prior URL window.open spoof Vendor URL: http://www.apple.com Advisore: http://lostmon.blogspot.com/2012/03/safari-for-windows-515-and-prior-and.html Vendor Notify: YES Exploit available: YES History: Safari has a serious issues with protocol handlers, for long times i...

Apple iOS 5.x Safari地址栏欺骗漏洞

iOS是由苹果公司开发的操作系统。 iPhone 4和第4代iPod touch上的iOS 5.1版的Safari在用"window.open"打开新窗口时存在错误，可被利用在显示可信网站URL时显示任意内容，执行欺骗攻击 0 Apple iOS 5.x 厂商补丁： Apple ----- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://support.apple.com/...

Fwd: {Lostmonґs Group} Internet Explorer 6, 7 and 8 Window.open race condition Vulnerability

Internet Explorer 6, 7 and 8 Window.open race condition Vulnerability Vendor URL: http://www.microsoft.com Advisore: http://lostmon.blogspot.com/2011/08/internet-explorer-6-7-and-8-windowopen.html Coordinate Dislcosure: YES exploit available: Private CVE-2011-1257 and MS011-57 Microsoft Internet...

Opera 11.01 - NULL PTR Dereference

Opera 11.01 - NULL PTR Dereference Opera 11.01 Null Ptr Derefer / +. Title : Opera 11.01 Null Pointer Derefernce +. Date : 15.03.2011 05:18 +. Author: echo +. Version: 11.01 +. Software link: http://www.opera.com/download/ +. Tested on : Win32 xp home sp 2 +. CVE : NULL...

Mozilla Foundation Security Advisory 2010-76

Mozilla Foundation Security Advisory 2010-76 Title: Chrome privilege escalation with window.open and isindex element Impact: Critical Announced: December 9, 2010 Reporter: echo Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.13 Firefox 3.5.16 SeaMonkey 2.0.11 Description Security researcher ec...

Chrome privilege escalation with window.open and <isindex> element — Mozilla

Security researcher echo reported that a web page could open a window with an about:blank location and then inject an element into that page which upon submission would redirect to a chrome: document. The effect of this defect was that the original page would wind up with a reference to a...

CVE-2010-1939

Apple Safari 4.0.5 for Windows is affected by CVE-2010-1939, a use-after-free vulnerability in window handling where a crafted HTML page opens a popup with window.open and then closes the parent window, triggering an invalid pointer. Exploitation could allow remote code execution. Documents consi...

CVE-2010-1939

Removed by vendor...

Apple Safari 4.0.5 parent.close() (memory corruption) Code Execution

Exploit for windows platform in category remote exploits ==================================================================== Apple Safari 4.0.5 parent.close memory corruption Code Execution ==================================================================== Tested on: Apple Safari 4.0.5 / XP SP...

CVE-2010-0661

WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401, as used in Google Chrome before 4.0.249.78, allows remote attackers to bypass the Same Origin Policy via vectors involving the window.open method...

CVE-2010-0661

WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401, as used in Google Chrome before 4.0.249.78, allows remote attackers to bypass the Same Origin Policy via vectors involving the window.open method...

Buffer overflow

WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401, as used in Google Chrome before 4.0.249.78, allows remote attackers to bypass the Same Origin Policy via vectors involving the window.open method...

CVE-2010-0661

Removed by vendor...

Maxthon Address Bar Spoofing Vulnerability

Maxthon Browser is prone to Address Bar Spoofing vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

Mozilla Firefox 3.5.1 and SeaMonkey 1.1.17, and Flock 2.5.1, allow context-dependent attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary file: URL after a victim has visited any file: URL, as demonstrated by a visit to a file: document written by the...

CVE-2009-3004

Avant Browser 11.7 Builds 35 and 36 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the sit...

CVE-2009-3007

CVE-2009-3007 affects Mozilla Firefox 3.5.1, SeaMonkey 1.1.17, and Flock 2.5.1, enabling context-dependent attackers to spoof the address bar via window.open with a relative URI to reveal an arbitrary file: URL after the user navigates to a file: URL. The connected documents corroborate a family ...

CVE-2009-3008

The provided connected documents corroborate CVE-2009-3008 affecting K-Meleon 1.5.3, describing an address bar spoofing vulnerability. Attackers can cause the browser to display an arbitrary file: URL in the address bar by using window.open with a relative URI after the user has visited a file: U...