chrome privilege via wrong principal

Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka "Privilege escalation via incorrect principals...

chrome privilege via wrong principal

Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka "Privilege escalation via incorrect principals...

chrome privilege via wrong principal

Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka "Privilege escalation via incorrect principals...

CVE-2007-5794

Race condition in nssldap, when used in applications that are linked against the pthread library and fork after a call to nssldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong...

joomlacolorlab-rfi.txt

-------------------- Joomla comcolorlab Remote File Include -------------------- Found : xoron -------------------- Download: http://download.joomlaportal.ch/content/view/474/ -------------------- Wrong Code: include "$mosConfiglivesite/components/comcolor/about.html" ; --------------------...

Joomla! Component com_colorlab 1.0 - Remote File Inclusion

-------------------- Joomla comcolorlab Remote File Include -------------------- Found : xoron -------------------- Download: http://download.joomlaportal.ch/content/view/474/ -------------------- Wrong Code: include "$mosConfiglivesite/components/comcolor/about.html" ; --------------------...

CVE-2007-5191

mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs...

CVE-2007-4563

Cosminexus Manager in Cosminexus Application Server 06-50 and later might assign the wrong user's group permissions to logical J2EE server processes, which allows local users to gain privileges...

CVE-2007-4204

Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under...

CVE-2007-0244

pptpgre.c in PoPToP Point to Point Tunneling Server pptpd before 1.3.4 allows remote attackers to cause a denial of service PPTP connection tear-down via 1 GRE packets with out-of-order sequence numbers or 2 certain GRE packets that are processed using a wrong pointer and improperly dequeued...

MSN Passport accounts remote DoS code

No description provided by source. !/usr/bin/perl by: Simo aka 6mOHaCk 1 december 2005 MorX security research team www.morx.org Details: it seems that msn passport users using services such hotmail email and msn messenger and more ...

CVE-2007-1831

web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to open files and write "wrong data" via a crafted QUERYSTRING...

Kaqoo Auction - 'install_root' Multiple Remote File Inclusions

To ConTacT mE @ www.Asb-May.net/bb ScRiPt:-http://kaqoo.com/server/download.php GrEaTz To:-ToOofa-HaCk.eGy-Alkmadz-Bright Dark All AsB-MaY DisCoverY ExPloIts GrOup Discovered By:- ThE dE@Th Wrong Code:- includeonce"$installroot...

Kaqoo Auction - install_root Multiple Remote File Inclusions

Kaqoo Auction - installroot Multiple Remote File Inclusions To ConTacT mE @ www.Asb-May.net/bb ScRiPt:-http://kaqoo.com/server/download.php GrEaTz To:-ToOofa-HaCk.eGy-Alkmadz-Bright Dark All AsB-MaY DisCoverY ExPloIts GrOup Discovered By:- ThE dE@Th Wrong Code:- includeonce"$installroot...

Xero Portal (phpbb_root_path) Remote File Include Vulnerablity

Exploit for unknown platform in category web applications ============================================================== Xero Portal phpbbrootpath Remote File Include Vulnerablity ============================================================== C XORON - 2007 Bug name: Xero Portal v1.2 phpbbrootpat...

Debian DSA-1136-1 : gpdf - wrong input sanitising

'infamous41md' and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format PDF suite, which are also present in gpdf, the viewer with Gtk bindings, and which can lead to a denial of service by crashing the application or possibly to the execution of...

PHP invalid has table value deletion vulnerability

Wrong element with same hash value but different class may be removed from hash table...

security flaw

Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS...

security flaw

zendhashdelkeyorindex in zendhash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zendhashdel to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations...

CVE-2006-2775

Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote attackers to bypass restrictions by causing a persisted string to be associated with the wrong URL...