[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 14298 Download | Alert*

A component in Microsoft Outlook Express 6 allows remote attackers to bypass domain restrictions and obtain sensitive information via redirections with the mhtml: URI handler, as originally reported for Internet Explorer 6 and 7, aka "URL Redirect Cross Domain Information Disclosure Vulnerability."

Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofing and phishing attacks by using a modal browser window in a way that preserves the original address bar and trusted UI of a trusted site, even after the browser has been navigated to a malicious site, aka the "Address Bar Spoofing Vulnerability."

Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofing and phishing attacks by using a modal browser window in a way that preserves the original address bar and trusted UI of a trusted site, even after the browser has been navigated to a malicious site, aka the "Address Bar Spoofing Vulnerability."

Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofing and phishing attacks by using a modal browser window in a way that preserves the original address bar and trusted UI of a trusted site, even after the browser has been navigated to a malicious site, aka the "Address Bar Spoofing Vulnerability."

The host is installed with Microsoft Visio 2003, 2007 or 2010 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly handle XML external entities that are resolved within other XML external entity declarations. Successful exploitation allows attackers to read data from a file located on the target system.

The host is installed with IBM Tivoli Directory Server 6.2 before 6.2.0.3-TIV-ITDS-IF0004 and is prone to a security bypass vulnerability. A flaw is present in the Web Administration Tool, which fails to prevent auto completion of passwords in IDSWebApp login page. Successful exploitation could allow an attacker to bypass security and obtain access to an unattended workstation.

The host is installed with Apple Safari before 3.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly mask the password field when reverse conversion is used with the Kotoeri input method. Successful exploitation allows physically proximate attackers to read the password.

The host is installed with Apple Safari before 3.1 and is prone to a secure website spoofing vulnerability. A flaw is present in the application, which fails to properly handle a 502 Bad Gateway error. Successful exploitation allows remote attackers to retrieve arbitrary data.

The host is installed with Apple Safari before 3.2.2 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle Safari RSS feeds. Successful exploitation could allow attackers to obtain passwords, cookies or other sensitive information.

The host is installed with Sun JDK or JRE 6 Update 10 or earlier and is prone to an multiple unspecified vulnerabilities. The flaws are present in the application, which fails to handle vectors related to access to inner classes in the (1) JAX-WS and (2) JAXB packages. Successful exploitation could allow applications to gain privileges.


Pages:      Start    1376    1377    1378    1379    1380    1381    1382    1383    1384    1385    1386    1387    1388    1389    ..   1429

© SecPod Technologies