Computer Security

Search:Vulnerability:23.11.2006
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Firefox password manager form information leak
Published:23.11.2006
Source:MOZILLA
SecurityVulns ID:6855
Type:client
Level:4/10
Description:Password manager doesn't check form destination. It makes it possible for attacker to retrieve saved paramters, including saved login/password if he can insert form into content of the site.
Affected:MOZILLA : Firefox 1.5
 MOZILLA : Firefox 2.0
Files:Cross-Site Forms + Password Manager = Security Failure
Discuss:Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:23.11.2006
Source:
SecurityVulns ID:6853
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WRSCRIPTS : wr-board 1.4
 INVERSEFLOW : InverseFlow Help Desk 2.31
Original documentdocumentgamr-14_(at)_hotmail.com, XSS in scriptat support InverseFlow Help Desk v2.31 (23.11.2006)
 documentКот Кузькин, уязвимости скриптов с www.wr-script.ru (wr-board 1.4Lite) (23.11.2006)
Discuss:Read or add your comments to this news (0 comments)

Microsoft Windows Media Player 10 buffer overflow
Published:23.11.2006
Source:BUGTRAQ
SecurityVulns ID:6854
Type:client
Level:7/10
Description:Stack overflow on ASX files parsing.
Original documentdocumentsehato, Windows Media ASX PlayList File Denial Of Service Vulnerability (23.11.2006)
Files:Exploits Windows Media ASX PlayList File Denial Of Service Vulnerability
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server