632 matches found
CVE-2007-0801
The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1.5.0.9 creates temporary files with predictable filenames based on creation time, which allows remote attackers to execute arbitrary web script or HTML via a crafted XMLHttpRequest...
CVE-2007-0801
The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1.5.0.9 creates temporary files with predictable filenames based on creation time, which allows remote attackers to execute arbitrary web script or HTML via a crafted XMLHttpRequest...
Mozilla Firefox weak PRNG generator
Weak PRNG generator is used to generate temporary files names for XMLHttpRequest. It may be used to access content of local files by creating temporary HTML file with predictable name...
[Full-disclosure] Web 2.0 backdoors made easy with MSIE & XMLHttpRequest
As you probably know, the famous "web 2.0" XMLHttpRequest object allows client-side web scripts to send nearly arbitrary HTTP requests, and then freely analyze and manipulate the returned response, including HTTP headers. This gives an unprecedented level of control over your browser to the autho...
Taobao password guessing-vulnerability warning-the black bar safety net
| The following is quoted fragment: % 'Test Taobao landing 'Coded '2006-4-17 Response. Buffer = False Dim myUser,myPass myUser = "username" myPass = "password" Response. Write CheckPassmyUser,myPass '-----------------Package to determine the function begin---------------- Function...
CVE-2006-4712
Multiple cross-site scripting XSS vulnerabilities in Sage 1.3.6 allow remote attackers to inject arbitrary web script or HTML via JavaScript in a content:encoded element within an item element in an RSS feed, as demonstrated by four example content:encoded elements that use XMLHttpRequest to read...
CVE-2006-4712
Multiple cross-site scripting XSS vulnerabilities in Sage 1.3.6 allow remote attackers to inject arbitrary web script or HTML via JavaScript in a content:encoded element within an item element in an RSS feed, as demonstrated by four example content:encoded elements that use XMLHttpRequest to read...
UBBThreads 5.x,6.x md5 hash disclosure
UBBThreads 5.x,6.x md5 hash disclosure ------------------------------------------- Using XSS such as the one reported earlier: http://site/ubbpath/index.php?debug=xss will allow you to inject javascript and steal MD5 Hashes from: http://site/ubbpath/editbasic.php The MD5 is automatically included...
UBBThreads-md5.txt
UBBThreads 5.x,6.x md5 hash disclosure ------------------------------------------- Using XSS such as the one reported earlier: http://site/ubbpath/index.php?debug=xss will allow you to inject javascript and steal MD5 Hashes from: http://site/ubbpath/editbasic.php The MD5 is automatically included...
Write-up by Amit Klein: "IE + some popular forward proxy servers = XSS, defacement (browser cache poisoning)"
IE + some popular forward proxy servers = XSS, defacement browser cache poisoning Or "Exploiting the XmlHttpRequest object in IE" part II Amit Klein, May 2006 Preface ======= When I published my Exploiting the XmlHttpRequest object in IE - Referrer spoofing and a lot more..." 1 paper, I only...
"Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein
Exploiting the XmlHttpRequest object in IE - Referrer spoofing, and a lot more... Amit Klein, September 2005 Preface ======= This paper is released in a bit of haste, and as such, it may be somewhat incomplete. The reason is that I was toying with the concepts and techniques outlined in it for th...
FreeBSD : firefox & mozilla -- multiple vulnerabilities (8f5dd74b-2c61-11da-a263-0001020eed82)
A Mozilla Foundation Security Advisory reports of multiple issues : Heap overrun in XBM image processing jackerror reports that an improperly terminated XBM image ending with space characters instead of the expected end tag can lead to a heap buffer overrun. This appears to be exploitable to...
CVE-2005-4874
The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote attackers to obtain 1 proxy authentication passwords via a request with a "Max-Forwards: 0" header or 2 arbitrary local passwords on the web server that hosts this object...
CVE-2005-4874
The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote attackers to obtain 1 proxy authentication passwords via a request with a "Max-Forwards: 0" header or 2 arbitrary local passwords on the web server that hosts this object...
Debian DSA-838-1 : mozilla-firefox - multiple vulnerabilities
Multiple security vulnerabilities have been identified in the mozilla-firefox web browser. These vulnerabilities could allow an attacker to execute code on the victim's machine via specially crafted network resources. - CAN-2005-2701 Heap overrun in XBM image processing - CAN-2005-2702 Denial of...
[SECURITY] [DSA 838-1] New mozilla-firefox packages fox multiple vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 838-1 [email protected] http://www.debian.org/security/ Michael Stone October 2nd, 2005 http://www.debian.org/security/faq -...
CVE-2005-2703
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting...
CVE-2005-2703
CVE-2005-2703 affects Firefox up to 1.0.7 and Mozilla Suite up to 1.7.12. The issue lets a remote attacker modify HTTP headers of XML HTTP requests made via XMLHttpRequest, potentially enabling attacks such as HTTP request smuggling or splitting. This is triggered by how XMLHttpRequests are handl...
firefox & mozilla -- multiple vulnerabilities
A Mozilla Foundation Security Advisory reports of multiple issues: Heap overrun in XBM image processing jackerror reports that an improperly terminated XBM image ending with space characters instead of the expected end tag can lead to a heap buffer overrun. This appears to be exploitable to insta...
CPaint 1.3 - xmlhttp Request Input Validation
source: https://www.securityfocus.com/bid/14577/info CPAINT is prone to an input validation vulnerability. This issue occurs because the application fails to properly sanitize malicious scripts and requests from user-supplied input. Successful exploitation of this vulnerability could lead to a...