The vulnerability of the Thunderbird email client, which allows a hacker to trigger a service failure

The vulnerability of the nsXMLHttpRequest::AppendToResponseText method in the Thunderbird email client is caused by an overflow in the buffer in the dynamic memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability of the Firefox browser, which allows a hacker to execute arbitrary code

The vulnerability of the CanonicalizeXPCOMParticipant function in Firefox browsers is related to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by manipulating the XMLHttpRequest function remotely...

UBUNTU-CVE-2015-2733

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a dedicated worker...

CVE-2013-0187

Foreman before 1.1 allows remote authenticated users to gain privileges via a 1 XMLHttpRequest or 2 AJAX request...

MGASA-2013-0321 Updated chromium-browser-stable packages fix multiple vulnerabilities

Updated chromium-browser-stable packages fix security vulnerabilities: Atte Kettunen of OUSPG discover a use-after-free issue in Blink's XML HTTP request implementation CVE-2013-2925. cloudfuzzer discovered a use-after-free issue in the list indenting implementation CVE-2013-2926. cloudfuzzer...

Debian DSA-2785-1 : chromium-browser - several vulnerabilities

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2013-2906 Atte Kettunen of OUSPG discovered race conditions in Web Audio. - CVE-2013-2907 Boris Zbarsky discovered an out-of-bounds read in window.prototype. - CVE-2013-2908 Chamal de Silva discovered an address bar...

DSA-2785-1 chromium-browser - several

Bulletin has no description...

Debian Security Advisory DSA 2785-1 (chromium-browser - several vulnerabilities)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-2906 Atte Kettunen of OUSPG discovered race conditions in Web Audio. CVE-2013-2907 Boris Zbarsky discovered an out-of-bounds read in window.prototype. CVE-2013-2908 Chamal de Silva discovered an address bar spoofin...

CVE-2008-2800

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting XSS attacks via vectors involving 1 an event handler attached to an outer window, 2 a SCRIPT element in an unloaded document, or 3 the...

Vulnerability in multiple web browsers allowing request spoofing attacks

Overview Multiple web browsers contain a vulnerability in the processing of XmlHttpRequest objects. XmlHttpRequest objects available in JavaScript provide a function to communicate with a server without reloading a web page. In general, JavaScript only allows communication within the same domain ...

CVE-2007-6502

Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...

CVE-2007-6502

Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...

VulnCheck KEV: CVE-2006-5745

Unspecified vulnerability in the setRequestHeader method in the XMLHTTP XML HTTP ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a...

Debian DSA-866-1 : mozilla - several vulnerabilities

Several security-related problems have been discovered in Mozilla and derived programs. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2871 Tom Ferris discovered a bug in the IDN hostname handling of Mozilla that allows remote attackers to cause a...

CVE-2005-2703

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting...

CVE-2005-2703

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting...

Microsoft Internet Explorer 5 (Windows 95982000NT 4.0) - XML HTTP Redirect

Microsoft Internet Explorer 5 Windows 95982000NT 4.0 - XML HTTP Redirect MS IE 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4 XML HTTP Redirect Vulnerability source: https://www.securityfocus.com/bid/815/info A vulnerability in the method IE5 uses to process XML data may allow a maliciou...