Searching box software vulnerabilities

Remote attackers can perform a denial of servic

malicious | attackers | machines | display | filling | message | forcing | packets | perform | service | Windows | Remote | packet | denial | files | using | each | log | can | ARP | box |

Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.


The Logon box of a Windows NT system displays t

displays | Windows | system | logged | Logon | user | last | name | box |

The Logon box of a Windows NT system displays the name of the last user who logged in.


Macromedia Shockwave before 6.0 allows a malici

GetNextText | Macromedia | malicious | webmaster | Shockwave | internal | possibly | servers | command | access | allows | before | user's | movie | mail | read | box | web | via |

Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie.


Vulnerability in VNC, TightVNC, and TridiaVNC a

Vulnerability | LocalSystem | Messaging | arbitrary | TridiaVNC | TightVNC | dialogue | clients" | execute | System | allows | access | bypass | users | local | using | Win32 | "Add | code | VNC | box | new | GUI |

Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to execute arbitrary code as LocalSystem by using the Win32 Messaging System to bypass the VNC GUI and access the "Add new clients" dialogue box.


Web Shop Manager 1.1 allows remote attackers to

metacharacters | attackers | arbitrary | commands | execute | Manager | search | remote | allows | shell | Shop | box | via | Web |

Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box.


csChatRBox.cgi in CGIScript.net csChat-R-Box al

csChatRBoxcgi | csChat-R-Box | CGIScriptnet | attackers | arbitrary | parameter | processed | function | execute | allows | remote | which | setup | eval | Perl | code | via |

csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.


Mozilla before 1.7, Firefox before 0.9, and Thu

interactive | Thunderbird | extensions | manipulate | arbitrary | XPInstall | Security | Firefox | Mozilla | install | events | dialog | before | remote | sites | using | allow | box | web |

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.


AFP Server on Mac OS X 10.3.x to 10.3.5, under

Server | 103x | Mac | AFP |

AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box.


LINBOX LIN:BOX allows remote attackers to bypas

LINBOX |

LINBOX LIN:BOX allows remote attackers to bypass authentication, obtain sensitive information, or gain access via a direct request to admin/user.pl preceded by // (double leading slash).


AFP Server in Mac OS X before 10.3.8 uses insec

before | Server | AFP | Mac |

AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box.


Firefox before 1.0.5 and Mozilla before 1.7.9 d

Firefox | before |

Firefox before 1.0.5 and Mozilla before 1.7.9 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."


iCab 2.9.8 does not clearly associate a Javascr

iCab |

iCab 2.9.8 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."


Safari version 2.0 (412) does not clearly assoc

version | Safari |

Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."


Opera 7.x and 8 before 8.01 does not clearly as

before | Opera |

Opera 7.x and 8 before 8.01 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."


Microsoft Internet Explorer 6.0 does not clearl

Vulnerability" | facilitates | Javascript | associate | Microsoft | generated | attackers | Spoofing | Explorer | Internet | phishing | attacks | clearly | trusted | "Dialog | remote | dialog | Origin | allows | which | spoof | does | page | site | not | box | aka | web |

Microsoft Internet Explorer 6.0 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."


Multiple design errors in Microsoft Internet Ex

Microsoft | Internet | Multiple | Explorer | design | errors |

Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers to execute arbitrary code by (1) overlaying a malicious new window above a file download box, then (2) using a keyboard shortcut and delaying the display of the file download box until the user hits a shortcut that activates the "Run" button, aka "File Download Dialog Box Manipulation Vulnerability."


Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x be

Firefox | Mozilla | before |

Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler.


Firefox 1.5.0.2 does not fix all test cases ass

Firefox |

Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | attackers | inclusion | arbitrary | Multiple | execute | A-Blog | remote | allow | code | file | URL | via | PHP |

Multiple PHP remote file inclusion vulnerabilities in A-Blog 2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) open_box, (2) middle_box, and (3) close_box parameters in (a) sources/myaccount.php; the (4) navigation_end parameter in (b) navigation/search.php and (c) navigation/donation.php; and the (6) navigation_start and (7) navigation_middle parameters in navigation/donation.php, (d) navigation/latestnews.php, and (e) navigation/links.php; different vectors than CVE-2006-5092.


ScriptMate User Manager 2.1 and earlier allow r

information | unspecified | ScriptMate | attackers | sensitive | Manager | vectors | related | earlier | remote | obtain | allow | User | via |

ScriptMate User Manager 2.1 and earlier allow remote attackers to obtain sensitive information via unspecified vectors related to (1) the Logins box and (2) the Search box.


Software vulnerabilities results 1 to 20 of 67     
Page: 1234