Lucene search
+L

11 matches found

Prion
Prion
added 2013/05/01 12:0 p.m.22 views

Code injection

IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLET elements in HTML e-mail, which allows remote attackers to bypass intended restrictions on Java code execution and X-Confirm-Reading-To functionality via a crafted message, aka SPRs JMOY95BLM6 and...

5.8CVSS7.5AI score0.03787EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2010/11/26 8:0 p.m.21 views

Design/Logic Flaw

WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality, a related issue to...

5.8CVSS5.9AI score0.02446EPSS
Exploits0References11Affected Software1
UbuntuCve
UbuntuCve
added 2010/11/26 8:0 p.m.37 views

CVE-2010-3829

WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality, a related issue to...

5.8CVSS7.2AI score0.02446EPSS
Exploits0References3
Cvelist
Cvelist
added 2010/11/26 7:0 p.m.31 views

CVE-2010-3829

WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality, a related issue to...

8.5AI score0.02446EPSS
Exploits0References11
CVE
CVE
added 2010/11/26 7:0 p.m.63 views

CVE-2010-3829

CVE-2010-3829 is a WebKit vulnerability described for WebKit in Apple iOS prior to 4.2, where processing of an HTML LINK element with DNS prefetching could bypass the remote image loading setting in Mail. The issue allows remote attackers to bypass access restrictions via a LINK element used for ...

5.8CVSS7.8AI score0.02446EPSS
Exploits0References11Affected Software1
NVD
NVD
added 2010/11/22 1:0 p.m.22 views

CVE-2010-3813

The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS...

5.8CVSS8.8AI score0.01838EPSS
Exploits0References19
Prion
Prion
added 2010/11/22 1:0 p.m.21 views

Design/Logic Flaw

The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS...

5.8CVSS6.3AI score0.01838EPSS
Exploits0References19Affected Software1
UbuntuCve
UbuntuCve
added 2010/11/22 12:0 a.m.23 views

CVE-2010-3813

The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS...

5.8CVSS5.9AI score0.01838EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2010/11/20 9:0 p.m.28 views

CVE-2010-3813

Removed by vendor...

5.8CVSS6.6AI score0.01838EPSS
Exploits0
Cvelist
Cvelist
added 2010/11/20 9:0 p.m.24 views

CVE-2010-3813

The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS...

8.8AI score0.01838EPSS
Exploits0References19
Prion
Prion
added 2009/11/13 3:30 p.m.34 views

Design/Logic Flaw

The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attacke...

5CVSS6.1AI score0.02913EPSS
Exploits2References25Affected Software1
Rows per page
Query Builder