20 matches found
EUVD-2009-4071
Malware in sbrugna...
EUVD-2012-1241
Malware in sbrugna...
EUVD-2012-1240
Malware in sbrugna...
CVE-2012-1214
Cross-site scripting XSS vulnerability in the Add friends module in Yoono Desktop Application before 1.8.21 allows remote attackers to inject arbitrary web script or HTML via the create field in a "Create a group" action...
CVE-2012-1215
Cross-site scripting XSS vulnerability in the Add friends module in the Yoono extension before 7.7.8 for Firefox allows remote attackers to inject arbitrary web script or HTML via the create field in a "Create a group" action...
Cross site scripting
Cross-site scripting XSS vulnerability in the Add friends module in Yoono Desktop Application before 1.8.21 allows remote attackers to inject arbitrary web script or HTML via the create field in a "Create a group" action...
Cross site scripting
Cross-site scripting XSS vulnerability in the Add friends module in the Yoono extension before 7.7.8 for Firefox allows remote attackers to inject arbitrary web script or HTML via the create field in a "Create a group" action...
CVE-2012-1215
Cross-site scripting XSS vulnerability in the Add friends module in the Yoono extension before 7.7.8 for Firefox allows remote attackers to inject arbitrary web script or HTML via the create field in a "Create a group" action...
CVE-2012-1214
The CVE-2012-1214 vulnerability affects Yoono Desktop Application (before 1.8.21) in the Add friends module. It is a Cross-site Scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via the create field in a “Create a group” action. Documented impact is arbitrar...
CVE-2012-1214
Cross-site scripting XSS vulnerability in the Add friends module in Yoono Desktop Application before 1.8.21 allows remote attackers to inject arbitrary web script or HTML via the create field in a "Create a group" action...
CVE-2012-1215
The CVE-2012-1215 entry describes a Cross-site scripting (XSS) vulnerability in the Add friends module of the Yoono Firefox extension, exploited via the create field in a "Create a group" action. The affected product is the Yoono extension for Firefox, with versions prior to 7.7.8. The underlying...
Yoono Desktop 1.8.16 Cross Site Scripting
TITLE: Yoono Desktop Application Persistent XSS vendor: Yoono Version: 1.8.16 Impact: Persistent XSS Software Link: available in yoono site Author: r007k17-w Email: [email protected] Twitter: http://twitter.com/!/r007k17w My blog: http://shadowrootkit.wordpress.com/...
Yoono Firefox 7.7.0 Cross Site Scripting
TITLE: Yoono firefox addon Persistent XSS vendor: Yoono Version: 7.7.0 Impact: Persistent XSS Software Link: https://addons.mozilla.org/en-US/firefox/addon/yoono-twitter-facebook-linkedi/ Author: r007k17-w Email: [email protected] Twitter: http://twitter.com/!/r007k17w My blog:...
Mozilla Firefox Yoono extension code execution
It's possible to inject code via img tag events...
Yoono Firefox Extension - Privileged Code Injection
, , . .' '. ', . , '. , ., , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Yoono Firefox Extension Code Injection Vulnerability Versions affected: 6.1.1 +-----------+ |Description| +-----------+ The Yoono Firefox extension provides an interface for users t...
Firefox Yoono扩展DOM事件处理器跨域脚本执行漏洞
BUGTRAQ ID: 37123 CVECAN ID: CVE-2009-4100 Yoono是一个简单易用的Firefox侧栏,允许用户方便的连接到Facebook、MySpace等社会网络和AIM等即时聊天工具。 Yoono在处理onLoad标签等DOM事件处理器时没有正确地过滤用户输入,用户受骗加载了恶意的RSS源就可能导致向用户浏览器中注入恶意脚本,并以chrome:权限执行。 Mozilla Yoono 6.1.1 厂商补丁: Mozilla ------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...
CVE-2009-4100
Yoono extension before 6.1.1 for Firefox performs certain operations with chrome privileges, which allows user-assisted remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via DOM event handlers such as onload...
Cross site scripting
Yoono extension before 6.1.1 for Firefox performs certain operations with chrome privileges, which allows user-assisted remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via DOM event handlers such as onload...
CVE-2009-4100
Yoono extension before 6.1.1 for Firefox performs certain operations with chrome privileges, which allows user-assisted remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via DOM event handlers such as onload...
CVE-2009-4100
The CVE-2009-4100 issue affects the Yoono extension for Firefox prior to version 6.1.1, where operations with chrome privileges allow user-assisted remote attackers to execute arbitrary commands and conduct cross-domain scripting via DOM event handlers (e.g., onload). Mitigation per sources is to...