Internet Explorer 5.0 under Windows 95 (guess other versions are affected) with its default security settings allows frame spoofing. The problem is setting the location of a frame to an arbitrary URL without updating the address bar. This vulnerability allows misleading the user he is browsing a trusted site, while in fact he may be browsing a hostile site which might be stealing information. Exploit code included. Demonstration here.
09497b7b50c16e58218c28a33279ed5882e86027db0bc70e9c6a2f753e1b716c
Internet Explorer 5.0 under Windows 95 and WinNT 4.0 (guess other versions are affected) has security problems with HTTP redirects in XML objects. This allows at least Reading any (local or nonlocal) XML file and any wellformed documents, Reading parts of documents, Checking for the existence of local files, and possibly reading arbitrary files. Exploit included.
5b6c27497f657cb808f65f63aae3c8ef89936dfdab9b4da93b59f14c50255ef8
Internet Explorer 5.0 under Windows 95 and NT 4.0 (suppose Win98 is vulnerable) allows reading local text and HTML files and files from any domain (probably reading files of other types of files is possible). Window spoofing is possible. It is also possible in some cases to read files behind fiewall. This vulnerability may be exploited using HTML email message or a newsgroup posting. Exploit details included. Demonstration page here.
603db408fc66d2ab6cae5ce3dd967cb85920a8c73d94f5c008287f4df83058b9
Internet Explorer 5.0 under Windows 95 and WinNT 4.0 (suppose Win98 is vulnerable) allows reading local files and text/HTML files from any domain. Window spoofing is possible. It is also possible in some cases to read files behind fiewall. Example code here.
ae28152f3141ef6c3d473a077670277333c83e16b166924e3ecccd5099c6e352
IE 5.0 vulnerability - reading local (and from any domain, probably window spoofing is possible) files using IFRAME and document.execCommand. Includes exploit. Demonstration code Here.
9675de24df2217c21e2f6231a2c519019a809807235ded9783257956a7c2f796
buffer overflow condition in AIX 4.2/4.1/? when the shell variable LC_MESSAGES is long enough.
103ea19cb527277842d3dd3bb20b3f14f9f0bd1b02207d703a724b9b6be17f8f
AIX 4.2,(others?) dtaction and HOME exploit that spawns a root shell.
1ac437d1677cf0384f1f7de36f7e24345f6528b93186858140a87185f041e488
buffer overflow in /usr/sbin/lquerylv which spawns a root shell under AIX 4.2, probably 4.x,3.x.
81b8de5c637ccced3cfd8378513947dc6d9f7838e263300aa32fdc9c43b6f8b8
Javascript security bug in Internet Explorer 4.01 (patched), circumvents "Cross-frame security" and opens several security holes.
7227b448af3c5ef0eee755f1fa66d2c1d4b4400b036c4138d64e3ddd002a156b
Bug in Internet Explorer 4.01 (patched) allows "window spoofing". Example exploit code included.
0b2ab3f0132b2fc54770b55d039b580dac7c035f985f03a438663ddaa610f04a
Bug in Internet Explorer 4.x (patched) allows reading of local files and sending them to an arbitrary server. Example exploit code included.
5916233223b5e5bc31f55023b0812bae98d5c70fa3ab07dc14a34bddd7a6a54e
Bug in Netscape Communicator 4.x allows malicious attacker to "sniff" URLs from another window using JavaScript and the "data:" protocol. Exploit code included. Recommended fix included.
4215ccc14f062493feac812cddfcf1be8abe93be5b7e8f56099ca9b0416f5be3
Netscape Communicator 4.x "view-source:" JavaScript based security vulnerabilities allow remote attacker to browse local directories, read user cache, read parsed HTML files, read user Netscape configuration (including email address, mail servers and passwords), and more. Exploit code included.
13eeef3ba60d37b3c70b6455f0e55a229c748b49abebb72131ed44effc3f89c2
Bug in Netscape Communicator 4.x allows malicious attacker to "sniff" URLs from another window using JavaScript and the "view-source:" protocol. Exploit code included. Recommended fix included.
6c87d9e19ec261cf123b91b2dec43f12eefd5dccca17669258f6a0a467027ce7
Netscape Communicator v4.x security vulnerability involving improper handling of special bookmarks with JavaScript code in the title allows malicious webmaster to read user bookmarks, browse user directories, read user files.
aaaa1ddc11d79ab5f3c9d082fde1a995997f192bf37cac14fa0c87c1a8ecd431
Another JavaScript <TITLE> tag security vulnerability in Netscape Communicator. User cache, including password and credit card information, is compromised. Exploit code included. NOTE: This security hole can be exploited via HTML email messages AND by malicious web masters.
6d685e52e4fc21fc3faf76ef720426f42d60a333942a268e77b7b4c48887ff3e
Microsoft Internet Explorer 5.0 contains security vulnerabilities that allow remote attacker to retrieve local files and "spoof windows". Exploit code examples included.
bd4c8f6d2ab242dd7ea8bc94e911f8584c013fe6a484c1d01a244a66ad069f48
Netscape Communicator (3.04,4.06,4.5 Win95 and 4.08 WinNT) window spoofing bug compromises security using HTML mail message and JavaScript. Exploit code and fix included.
ed9e03f402ff9690fca5ed0a1985985c50d5510d196408575af60fc549596bb3