|
258621
|
- |
|
mozilla
|
firefox
seamonkey
thunderbird
|
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an ht…
|
NVD-CWE-Other
|
CVE-2009-3984
|
2017-09-19 10:29 |
2009-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258622
|
- |
|
mozilla
|
firefox
seamonkey
|
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, an…
|
NVD-CWE-Other
|
CVE-2009-3985
|
2017-09-19 10:29 |
2009-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258623
|
- |
|
mozilla
|
firefox
seamonkey
|
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to execute arbitrary JavaScript with chrome privileges by leveraging a reference to a chrome …
|
CWE-94
Code Injection
|
CVE-2009-3986
|
2017-09-19 10:29 |
2009-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258624
|
- |
|
mozilla
|
firefox
seamonkey
|
The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, generates different exception messages depending on whether the referenced COM obj…
|
CWE-200
Information Exposure
|
CVE-2009-3987
|
2017-09-19 10:29 |
2009-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258625
|
- |
|
mozilla
|
firefox
seamonkey
|
Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-3988
|
2017-09-19 10:29 |
2010-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258626
|
- |
|
isc
|
bind
|
Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disa…
|
NVD-CWE-noinfo
|
CVE-2009-4022
|
2017-09-19 10:29 |
2009-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258627
|
- |
|
tim_hockin
|
acpid
|
A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, which might allow local users to leverage weak permissions on /var/log/acpid, and…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4033
|
2017-09-19 10:29 |
2009-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258628
|
- |
|
gnome
kde
xpdf
|
gpdf
kdegraphics
kpdf
xpdf
|
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine …
|
CWE-94
Code Injection
|
CVE-2009-4035
|
2017-09-19 10:29 |
2009-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258629
|
- |
|
ohloh
|
agoko_cms
|
Unrestricted file upload vulnerability in admintools/editpage-2.php in Agoko CMS 0.4 and earlier allows remote attackers to inject and execute arbitrary PHP code via the filename and text parameters.
|
CWE-20
Improper Input Validation
|
CVE-2009-4106
|
2017-09-19 10:29 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258630
|
- |
|
amplusnet
|
invisible_browsing
|
Buffer overflow in Invisible Browsing 5.0.52 allows user-assisted remote attackers to execute arbitrary code via a crafted .ibkey file containing a long string.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4107
|
2017-09-19 10:29 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
