Internet Explorer 5.0 under Windows 95 (guess other versions are affected) with its default security settings allows frame spoofing. The problem is setting the location of a frame to an arbitrary URL without updating the address bar. This vulnerability allows misleading the user he is browsing a trusted site, while in fact he may be browsing a hostile site which might be stealing information. Exploit code included. Demonstration here.
09497b7b50c16e58218c28a33279ed5882e86027db0bc70e9c6a2f753e1b716cInternet Explorer 5.0 under Windows 95 and WinNT 4.0 (guess other versions are affected) has security problems with HTTP redirects in XML objects. This allows at least Reading any (local or nonlocal) XML file and any wellformed documents, Reading parts of documents, Checking for the existence of local files, and possibly reading arbitrary files. Exploit included.
5b6c27497f657cb808f65f63aae3c8ef89936dfdab9b4da93b59f14c50255ef8Internet Explorer 5.0 under Windows 95 and NT 4.0 (suppose Win98 is vulnerable) allows reading local text and HTML files and files from any domain (probably reading files of other types of files is possible). Window spoofing is possible. It is also possible in some cases to read files behind fiewall. This vulnerability may be exploited using HTML email message or a newsgroup posting. Exploit details included. Demonstration page here.
603db408fc66d2ab6cae5ce3dd967cb85920a8c73d94f5c008287f4df83058b9Internet Explorer 5.0 under Windows 95 and WinNT 4.0 (suppose Win98 is vulnerable) allows reading local files and text/HTML files from any domain. Window spoofing is possible. It is also possible in some cases to read files behind fiewall. Example code here.
ae28152f3141ef6c3d473a077670277333c83e16b166924e3ecccd5099c6e352IE 5.0 vulnerability - reading local (and from any domain, probably window spoofing is possible) files using IFRAME and document.execCommand. Includes exploit. Demonstration code Here.
9675de24df2217c21e2f6231a2c519019a809807235ded9783257956a7c2f796buffer overflow condition in AIX 4.2/4.1/? when the shell variable LC_MESSAGES is long enough.
103ea19cb527277842d3dd3bb20b3f14f9f0bd1b02207d703a724b9b6be17f8fAIX 4.2,(others?) dtaction and HOME exploit that spawns a root shell.
1ac437d1677cf0384f1f7de36f7e24345f6528b93186858140a87185f041e488buffer overflow in /usr/sbin/lquerylv which spawns a root shell under AIX 4.2, probably 4.x,3.x.
81b8de5c637ccced3cfd8378513947dc6d9f7838e263300aa32fdc9c43b6f8b8Javascript security bug in Internet Explorer 4.01 (patched), circumvents "Cross-frame security" and opens several security holes.
7227b448af3c5ef0eee755f1fa66d2c1d4b4400b036c4138d64e3ddd002a156bBug in Internet Explorer 4.01 (patched) allows "window spoofing". Example exploit code included.
0b2ab3f0132b2fc54770b55d039b580dac7c035f985f03a438663ddaa610f04aBug in Internet Explorer 4.x (patched) allows reading of local files and sending them to an arbitrary server. Example exploit code included.
5916233223b5e5bc31f55023b0812bae98d5c70fa3ab07dc14a34bddd7a6a54eBug in Netscape Communicator 4.x allows malicious attacker to "sniff" URLs from another window using JavaScript and the "data:" protocol. Exploit code included. Recommended fix included.
4215ccc14f062493feac812cddfcf1be8abe93be5b7e8f56099ca9b0416f5be3Netscape Communicator 4.x "view-source:" JavaScript based security vulnerabilities allow remote attacker to browse local directories, read user cache, read parsed HTML files, read user Netscape configuration (including email address, mail servers and passwords), and more. Exploit code included.
13eeef3ba60d37b3c70b6455f0e55a229c748b49abebb72131ed44effc3f89c2Bug in Netscape Communicator 4.x allows malicious attacker to "sniff" URLs from another window using JavaScript and the "view-source:" protocol. Exploit code included. Recommended fix included.
6c87d9e19ec261cf123b91b2dec43f12eefd5dccca17669258f6a0a467027ce7Netscape Communicator v4.x security vulnerability involving improper handling of special bookmarks with JavaScript code in the title allows malicious webmaster to read user bookmarks, browse user directories, read user files.
aaaa1ddc11d79ab5f3c9d082fde1a995997f192bf37cac14fa0c87c1a8ecd431Another JavaScript <TITLE> tag security vulnerability in Netscape Communicator. User cache, including password and credit card information, is compromised. Exploit code included. NOTE: This security hole can be exploited via HTML email messages AND by malicious web masters.
6d685e52e4fc21fc3faf76ef720426f42d60a333942a268e77b7b4c48887ff3eMicrosoft Internet Explorer 5.0 contains security vulnerabilities that allow remote attacker to retrieve local files and "spoof windows". Exploit code examples included.
bd4c8f6d2ab242dd7ea8bc94e911f8584c013fe6a484c1d01a244a66ad069f48Netscape Communicator (3.04,4.06,4.5 Win95 and 4.08 WinNT) window spoofing bug compromises security using HTML mail message and JavaScript. Exploit code and fix included.
ed9e03f402ff9690fca5ed0a1985985c50d5510d196408575af60fc549596bb3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed