browser

215 items tagged "browser"

Related tags: service vulnerability [+], security [+], opera web [+], code [+], black hat [+], qtweb [+], maxthon browser [+], maxthon [+], igor bukanov [+], gary kwong [+], web browser [+], safari browser [+], safari [+], memory corruption [+], file [+], cross application [+], buffer overflow vulnerability [+], browser engine [+], authors [+], arbitrary code execution [+], web browser version [+], ubuntu [+], read [+], opera browser [+], jeff walden [+], henry sivonen [+], cross [+], bugtraq [+], wild card [+], wild [+], usn [+], svg [+], security vulnerabilities [+], realplayer [+], microsoft [+], information disclosure vulnerability [+], exploits [+], exploit [+], dom [+], dolphin [+], darknet [+], audio [+], video [+], user [+], unique [+], txt [+], slides [+], poc [+], paul stone [+], netscape [+], memory protection [+], memory [+], mark dowd [+], k meleon [+], josh soref [+], javascript [+], integer overflow vulnerability [+], how to impress girls [+], firefox [+], crm [+], clickjacking [+], avant [+], arbitrary code [+], application [+], android [+], alexander sotirov [+], web [+], zombie [+], zero day [+], zero [+], zach hoffman [+], xss [+], xaurora [+], x code [+], tag [+], sun java runtime [+], ssl protocol [+], ssl [+], shah tags [+], roberto suggi [+], rich internet [+], ria [+], remote shell [+], remote [+], proof of concept [+], privacy event [+], peter eckersley [+], party application [+], novell iprint [+], metasploit [+], linux platforms [+], jordi chancel [+], java code execution [+], james lee tags [+], idefense security advisory [+], hijacking [+], heap memory [+], guided missiles [+], file browser [+], execution [+], engine math [+], eckersley [+], drive bys [+], domain information [+], decrypt [+], day [+], christian holler [+], b14 [+], avant browser [+], automatic browser [+], arora [+], ajax [+], active x [+], vulnerability [+], denial of service [+], wolf [+], windows [+], webkit [+], vulnerabilities [+], target [+], tar gz [+], sleeping giant [+], shewmaker [+], robert swiecki [+], rip [+], rider [+], privacy [+], persistent web [+], payloads [+], paul nickerson [+], paper [+], overflows [+], orca [+], new [+], mozilla [+], mike shaver [+], microsoft windows [+], michael sutton [+], malformed [+], malaysia [+], mail handler [+], james shewmaker [+], internet explorer [+], information disclosure [+], henry sudhof [+], hacking [+], hack in the box [+], google [+], gaps [+], flexible interface [+], firebug [+], external mail [+], exploitation techniques [+], element [+], ehsan [+], eduardo vela [+], dos [+], dmitri gribenkodmitri [+], dll [+], deadly cocktail [+], crash [+], control interface [+], content length [+], concept [+], comparison [+], code execution [+], chrome [+], building [+], buffer [+], browser v2 [+], bof [+], beef [+], based buffer overflow [+], attacker [+], alexander miller [+], accuvant [+], ExploitsVulnerabilities [+], opera [+], denial [+], window [+], winamp [+], wildcard [+], web browser security [+], web application developers [+], watering [+], warns [+], vortex [+], visit [+], version [+], vendor [+], validator [+], validation [+], unterschiedlichen [+], und [+], twitter [+], theworld browser [+], theworld [+], symbian os [+], switch [+], surfers [+], sqlite [+], software versions [+], silk [+], session hijacking [+], server firewall [+], selling [+], security concerns [+], rss [+], rogiship [+], researcher [+], remoter [+], remote exploit [+], remote exec [+], remixed [+], pushes [+], proxy [+], probation [+], privacy project [+], port [+], policy violation [+], plugin [+], penetration testers [+], paul theriault [+], passwords [+], open source tools [+], open [+], null byte [+], npjp [+], nokia symbian [+], netscape web [+], nat [+], multitudinous [+], mozilla firefox [+], microsoft browser [+], microsoft active directory [+], marquee [+], marlinspike [+], marketer [+], mantra [+], malicious website [+], malicious attacker [+], lurawave [+], lunascape [+], local [+], little bits [+], kingsoft [+], iphone [+], ipad [+], internet explorer users [+], internet browser [+], internet applications [+], internet [+], interface [+], integer overflow [+], insertion [+], impress [+], howtos [+], home [+], history information [+], history [+], hari kari [+], hardens [+], hacks [+], hacker test [+], hack [+], guided [+], google maps [+], gonzalez accomplice [+], gold [+], girlfriend [+], ghosting [+], generic mechanism [+], fuzzer [+], free [+], forensics [+], flaw [+], flags [+], fingerprints [+], finding gold [+], final builds site [+], feature [+], favourite [+], extension [+], explorer browser [+], explorer [+], evil [+], european internet [+], duba [+], dragon [+], dos vulnerability [+], dom exploiting [+], disclosure [+], directory browser [+], directory [+], detecting [+], destination buffer [+], dan kaminsky [+], crazy browser [+], crazy [+], compromises [+], collusion [+], collection [+], classic [+], chromium [+], cache [+], browser vendors [+], browser interface [+], browser extension [+], browser cache [+], browser 6 [+], brings [+], bounty program [+], boston [+], bar [+], attacks [+], asks [+], art [+], application compatibility [+], anonymisation [+], amazon [+], advisory [+], acoo browser [+], acoo [+], accomplice [+], Tutorials [+], Tools [+], Countermeasures [+], multiple [+], martijn wargers [+], opera web browser [+], flock [+], usa [+], jesse ruderman [+], flock browser [+]

May 18, 2012
7:58
Squiggle 1.7 SVG Browser Java Code Execution
» ‎ Packet Storm Security Exploits

This Metasploit module abuses the SVG support to execute Java Code in the Squiggle Browser included in the Batik framework 1.7 through a crafted svg file referencing a jar file. In order to gain arbitrary code execution, the browser must meet the following conditions: (1) It must support at least SVG version 1.1 or newer, (2) It must support Java code and (3) The "Enforce secure scripting" check must be disabled. The module has been tested against Windows and Linux platforms.
Tags: code browser svg java-code-execution arbitrary-code-execution linux-platforms

7:58
Squiggle 1.7 SVG Browser Java Code Execution
» ‎ Packet Storm Security Recent Files

This Metasploit module abuses the SVG support to execute Java Code in the Squiggle Browser included in the Batik framework 1.7 through a crafted svg file referencing a jar file. In order to gain arbitrary code execution, the browser must meet the following conditions: (1) It must support at least SVG version 1.1 or newer, (2) It must support Java code and (3) The "Enforce secure scripting" check must be disabled. The module has been tested against Windows and Linux platforms.
Tags: code browser svg java-code-execution arbitrary-code-execution linux-platforms

7:58
Squiggle 1.7 SVG Browser Java Code Execution
» ‎ Packet Storm Security Misc. Files

This Metasploit module abuses the SVG support to execute Java Code in the Squiggle Browser included in the Batik framework 1.7 through a crafted svg file referencing a jar file. In order to gain arbitrary code execution, the browser must meet the following conditions: (1) It must support at least SVG version 1.1 or newer, (2) It must support Java code and (3) The "Enforce secure scripting" check must be disabled. The module has been tested against Windows and Linux platforms.
Tags: code browser svg java-code-execution arbitrary-code-execution linux-platforms

7:18
Twitter Backs Browser Privacy Project
» ‎ Packet Storm Security Headlines

Twitter Backs Browser Privacy Project
Tags: twitter privacy browser privacy-project

April 14, 2012
14:00
[dos / poc] - K-Meleon Browser 1.5.4 Denial of Service
» ‎ 1337day (was: Inj3ct0r, 1337db)

[dos / poc] - K-Meleon Browser 1.5.4 Denial of Service
Tags: k-meleon poc browser denial-of-service

10:22
K-Meleon Browser 1.5.4 Denial Of Service
» ‎ Packet Storm Security Exploits

K-Meleon Browser version 1.5.4 suffers from a denial of service vulnerability.
Tags: k-meleon denial browser service-vulnerability denial-of-service

10:22
K-Meleon Browser 1.5.4 Denial Of Service
» ‎ Packet Storm Security Recent Files

K-Meleon Browser version 1.5.4 suffers from a denial of service vulnerability.
Tags: k-meleon denial browser service-vulnerability denial-of-service

10:22
K-Meleon Browser 1.5.4 Denial Of Service
» ‎ Packet Storm Security Misc. Files

K-Meleon Browser version 1.5.4 suffers from a denial of service vulnerability.
Tags: k-meleon denial browser service-vulnerability denial-of-service

March 02, 2012
0:00
Vuln: Multiple Dolphin Browser Applications For Android Multiple Unspecified Security Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Multiple Dolphin Browser Applications For Android Multiple Unspecified Security Vulnerabilities
Tags: multiple dolphin browser security-vulnerabilities

February 08, 2012
7:26
Marlinspike Asks Browser Vendors To Back SSL-Validator
» ‎ Packet Storm Security Headlines

Marlinspike Asks Browser Vendors To Back SSL-Validator
Tags: marlinspike asks browser browser-vendors validator

February 01, 2012
0:00
Vuln: LuraWave JP2 Browser Plug-In 'npjp2.dll' Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

LuraWave JP2 Browser Plug-In 'npjp2.dll' Buffer Overflow Vulnerability
Tags: npjp lurawave browser buffer-overflow-vulnerability

January 20, 2012
8:23
Mozilla Pushes Browser-Based Alternative To Passwords
» ‎ Packet Storm Security Headlines

Mozilla Pushes Browser-Based Alternative To Passwords
Tags: pushes mozilla browser passwords

January 01, 2012
21:35
[Slides] Finding Gold in the Browser Cache
» ‎ SecDocs

Authors: Corentin Chéron
Tags: forensic browser
Event: Black Hat USA 2006

Tags: cache gold browser usa finding-gold black-hat browser-cache

December 14, 2011
16:58
Browser CRM 5.100.01 Cross Site Scripting / SQL Injection
» ‎ Packet Storm Security Exploits

Browser CRM version 5.100.01 suffers from cross site scripting and remote SQL injection vulnerabilities.
Tags: crm cross browser

16:58
Browser CRM 5.100.01 Cross Site Scripting / SQL Injection
» ‎ Packet Storm Security Recent Files

Browser CRM version 5.100.01 suffers from cross site scripting and remote SQL injection vulnerabilities.
Tags: crm cross browser

16:58
Browser CRM 5.100.01 Cross Site Scripting / SQL Injection
» ‎ Packet Storm Security Misc. Files

Browser CRM version 5.100.01 suffers from cross site scripting and remote SQL injection vulnerabilities.
Tags: crm cross browser

9:00
Bugtraq: Multiple vulnerabilities in Browser CRM
» ‎ SecurityFocus Vulnerabilities

Multiple vulnerabilities in Browser CRM
Tags: crm multiple browser vulnerabilities
December 12, 2011
0:00
Vuln: Opera ':visited' Browser History Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

Opera ':visited' Browser History Information Disclosure Vulnerability
Tags: history opera browser information-disclosure-vulnerability history-information

December 10, 2011
14:44
Browser Security Comparison: A Quantitative Approach
» ‎ Packet Storm Security Recent Files

Whitepaper called Browser Security Comparison: A Quantitative Approach. The Accuvant LABS research team completed an extensive security evaluation of the three most widely used browsers – Mozilla Firefox, Google Chrome, and Microsoft Internet Explorer – to determine which browser best secures against attackers. The team used a completely different and more extensive methodology than previous, similar studies. They compared browsers from a layered perspective, taking into account security architecture and anti-exploitation techniques.
Tags: comparison browser security accuvant exploitation-techniques internet-explorer

14:44
Browser Security Comparison: A Quantitative Approach
» ‎ Packet Storm Security Misc. Files

Whitepaper called Browser Security Comparison: A Quantitative Approach. The Accuvant LABS research team completed an extensive security evaluation of the three most widely used browsers – Mozilla Firefox, Google Chrome, and Microsoft Internet Explorer – to determine which browser best secures against attackers. The team used a completely different and more extensive methodology than previous, similar studies. They compared browsers from a layered perspective, taking into account security architecture and anti-exploitation techniques.
Tags: comparison browser security accuvant exploitation-techniques internet-explorer

December 09, 2011
6:57
Chrome Is The Most Secured Browser - New Study
» ‎ Packet Storm Security Headlines

Chrome Is The Most Secured Browser - New Study
Tags: chrome new browser

November 22, 2011
0:00
Vuln: Opera Web Browser Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser Information Disclosure Vulnerability
Tags: web opera browser opera-web-browser information-disclosure-vulnerability
November 16, 2011
0:00
Vuln: Opera Web Browser Information Disclosure and Unspecified Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser Information Disclosure and Unspecified Vulnerabilities
Tags: web opera browser opera-web-browser information-disclosure

November 03, 2011
15:50
Web File Browser 0.4b14 File Download
» ‎ Packet Storm Security Exploits

Web File Browser version 0.4b14 suffers from a remote file download vulnerability.
Tags: file web browser vulnerability

15:50
Web File Browser 0.4b14 File Download
» ‎ Packet Storm Security Recent Files

Web File Browser version 0.4b14 suffers from a remote file download vulnerability.
Tags: file web browser vulnerability

15:50
Web File Browser 0.4b14 File Download
» ‎ Packet Storm Security Misc. Files

Web File Browser version 0.4b14 suffers from a remote file download vulnerability.
Tags: file web browser vulnerability

October 28, 2011
0:00
Vuln: Multiple Browser Wild Card Certificate Spoofing Vulnerability
» ‎ SecurityFocus Vulnerabilities

Multiple Browser Wild Card Certificate Spoofing Vulnerability
Tags: wild multiple browser wild-card vulnerability

October 20, 2011
16:21
Amazon's Silk Browser: Now EFF Approved. Really!
» ‎ Packet Storm Security Headlines

Amazon's Silk Browser: Now EFF Approved. Really!
Tags: amazon silk browser

October 19, 2011
0:00
Vuln: Opera Web Browser Information Disclosure and Unspecified Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser Information Disclosure and Unspecified Vulnerabilities
Tags: web opera browser opera-web-browser information-disclosure

October 11, 2011
9:04
File Disclosure Browser – Tool To Explore .DS_Store Files
» ‎ Darknet

The File Disclosure Browser takes .DS_Store files found on websites and parses through them to find a list of all potential files in the directory. It can then either just display the URLs for the files or if you give it a proxy it can browse to the files itself. The author wrote it after [...]

Read the full post at darknet.org.uk

Tags: disclosure file browser read darknet proxy forensics

October 10, 2011
19:08
Zombie Browser With Evil Past Returns From The Grave
» ‎ Packet Storm Security Headlines

Zombie Browser With Evil Past Returns From The Grave
Tags: zombie evil browser

17:53
Opera Browser 10/11/12 (SVG layout) Memory Corruption
» ‎ Packet Storm Security Exploits

This Metasploit module exploits a vulnerability in the bad nesting with SVG tags. Successfully exploiting leads to remote code execution or denial of service condition under Windows XP SP3 (DEP = off).
Tags: opera browser svg memory-corruption code-execution opera-browser

17:53
Opera Browser 10/11/12 (SVG layout) Memory Corruption
» ‎ Packet Storm Security Misc. Files

This Metasploit module exploits a vulnerability in the bad nesting with SVG tags. Successfully exploiting leads to remote code execution or denial of service condition under Windows XP SP3 (DEP = off).
Tags: opera browser svg memory-corruption code-execution opera-browser

October 06, 2011
0:00
Vuln: Opera Web Browser Frameset Constructs Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser Frameset Constructs Memory Corruption Vulnerability
Tags: web opera browser opera-web-browser memory-corruption vulnerability

October 02, 2011
17:14
Browser Exploit Against SSL/TLS
» ‎ Packet Storm Security Exploits

Browser Exploit Against SSL/TLS, or BEAST, is a proof of concept tool that demonstrates a weakness in the SSL protocol. It allows attackers to silently decrypt data that's passing between a webserver and an end-user browser.
Tags: exploit ssl browser ssl-protocol proof-of-concept decrypt

17:14
Browser Exploit Against SSL/TLS
» ‎ Packet Storm Security Recent Files

Browser Exploit Against SSL/TLS, or BEAST, is a proof of concept tool that demonstrates a weakness in the SSL protocol. It allows attackers to silently decrypt data that's passing between a webserver and an end-user browser.
Tags: exploit ssl browser ssl-protocol proof-of-concept decrypt

17:14
Browser Exploit Against SSL/TLS
» ‎ Packet Storm Security Misc. Files

Browser Exploit Against SSL/TLS, or BEAST, is a proof of concept tool that demonstrates a weakness in the SSL protocol. It allows attackers to silently decrypt data that's passing between a webserver and an end-user browser.
Tags: exploit ssl browser ssl-protocol proof-of-concept decrypt

September 27, 2011
7:21
Free Browser Extension Protects Against Likejacking Attacks
» ‎ Packet Storm Security Headlines

Free Browser Extension Protects Against Likejacking Attacks
Tags: free extension browser browser-extension

September 22, 2011
13:33
[Paper] Hacking Browser's DOM - Exploiting Ajax and RIA
» ‎ SecDocs

Authors: Shreeraj Shah
Tags: AJAX XSS Rich Internet Applications
Event: Black Hat USA 2010
Abstract: Web 2.0 applications are using dynamic DOM manipulations extensively for presenting JSON or XML streams in the browser. These DOM calls mixed with XMLHttpRequest (XHR) object are part of client side logic written in JavaScript or part of any other client side technology be it Flash or Silverlight. DOM driven XSS is a sleeping giant in the application code and it can be exploited by an attacker to gain access to the end user’s browser/desktop. This can become a root cause of following set of interesting vulnerabilities – Cross Widget Sniffing, RSS feed reader exploitation, XHR response stealing, Mashup hacking, Malicious code injection, Spreading Worm etc. This set of vulnerability needs innovative way of scanning the application and corresponding methodology needs to be tweaked. We have seen DOM driven XSS exploited in various different popular portals to spread worm or virus. This is a significant threat on the rise and should be mitigated by validating un-trusted content poisoning Ajax or Flash routines. DOM driven XSS, Cross Domain Bypass and CSRF can cause a deadly cocktail to exploit Web 2.0 applications across Internet. This presentation will be covering following important issues and concepts.
Tags: xss ajax browser ria authors shah-tags dom rich-internet usa deadly-cocktail sleeping-giant
13:33
[Slides] Hacking Browser's DOM - Exploiting Ajax and RIA
» ‎ SecDocs

Authors: Shreeraj Shah
Tags: AJAX XSS Rich Internet Applications
Event: Black Hat USA 2010
Abstract: Web 2.0 applications are using dynamic DOM manipulations extensively for presenting JSON or XML streams in the browser. These DOM calls mixed with XMLHttpRequest (XHR) object are part of client side logic written in JavaScript or part of any other client side technology be it Flash or Silverlight. DOM driven XSS is a sleeping giant in the application code and it can be exploited by an attacker to gain access to the end user’s browser/desktop. This can become a root cause of following set of interesting vulnerabilities – Cross Widget Sniffing, RSS feed reader exploitation, XHR response stealing, Mashup hacking, Malicious code injection, Spreading Worm etc. This set of vulnerability needs innovative way of scanning the application and corresponding methodology needs to be tweaked. We have seen DOM driven XSS exploited in various different popular portals to spread worm or virus. This is a significant threat on the rise and should be mitigated by validating un-trusted content poisoning Ajax or Flash routines. DOM driven XSS, Cross Domain Bypass and CSRF can cause a deadly cocktail to exploit Web 2.0 applications across Internet. This presentation will be covering following important issues and concepts.
Tags: xss ajax browser ria authors shah-tags dom rich-internet usa deadly-cocktail sleeping-giant

September 21, 2011
7:12
Dolphin Browser HD Cross Application Scripting
» ‎ Packet Storm Security Exploits

Dolphin Browser HD versions prior to 6.1.0 suffer from a cross applications scripting vulnerability.
Tags: cross dolphin browser cross-application vulnerability

7:12
Dolphin Browser HD Cross Application Scripting
» ‎ Packet Storm Security Recent Files

Dolphin Browser HD versions prior to 6.1.0 suffer from a cross applications scripting vulnerability.
Tags: cross dolphin browser cross-application vulnerability

7:12
Dolphin Browser HD Cross Application Scripting
» ‎ Packet Storm Security Misc. Files

Dolphin Browser HD versions prior to 6.1.0 suffer from a cross applications scripting vulnerability.
Tags: cross dolphin browser cross-application vulnerability

September 20, 2011
13:00
Bugtraq: Advisory: Dolphin Browser HD Cross-Application Scripting
» ‎ SecurityFocus Vulnerabilities

Advisory: Dolphin Browser HD Cross-Application Scripting
Tags: advisory dolphin browser cross-application bugtraq

September 19, 2011
5:18
Google Patches 32 Chrome Browser Bugs & Releases Version 14
» ‎ Darknet

Google and their Chrome browser have really been stepping things up lately when it comes to security and browsing, we reported not along ago on Google Chrome To Protect Users Against Malicious Executables. Also since we reported on the Chrome bug bounty program back in February 2010 – Google Willing To Pay Bounty For Chrome [...]

Read the full post at darknet.org.uk

Tags: chrome google browser read bounty-program darknet Countermeasures

September 14, 2011
2:45
[Slides] How I Met Your Girlfriend
» ‎ SecDocs

Authors: Samy Kamkar
Tags: web social engineering
Event: Black Hat USA 2010
Abstract: How I Met Your Girlfriend: The discovery and execution of entirely new classes of attacks executed from the Web in order to meet your girlfriend. This includes newly discovered attacks including HTML5 client-side XSS (without XSS hitting the server!), PHP session hijacking and weak random numbers (accurately guessing PHP session cookies), browser protocol confusion (turning a browser into an SMTP server), firewall and NAT penetration via Javascript (turning your router against you), remote iPhone Google Maps hijacking (iPhone penetration combined with HTTP man-in-the-middle), extracting extremely accurate geolocation information from a Web browser (not using IP geolocation), and more.
Tags: web browser girlfriend nat usa google-maps session-hijacking server-firewall

August 02, 2011
8:42
Android Browser Cross Application Scripting
» ‎ Packet Storm Security Exploits

A 3rd party application may exploit Android's Browser URL loading process in order to inject JavaScript code into an arbitrary domain thus break Android's sandboxing. Versions 2.3.4 and 3.1 have been found vulnerable.
Tags: application android browser cross-application party-application

8:42
Android Browser Cross Application Scripting
» ‎ Packet Storm Security Recent Files

A 3rd party application may exploit Android's Browser URL loading process in order to inject JavaScript code into an arbitrary domain thus break Android's sandboxing. Versions 2.3.4 and 3.1 have been found vulnerable.
Tags: application android browser cross-application party-application

8:42
Android Browser Cross Application Scripting
» ‎ Packet Storm Security Misc. Files

A 3rd party application may exploit Android's Browser URL loading process in order to inject JavaScript code into an arbitrary domain thus break Android's sandboxing. Versions 2.3.4 and 3.1 have been found vulnerable.
Tags: application android browser cross-application party-application

July 22, 2011
14:18
Marketer Taps Browser Flaw To See If You're Pregnant
» ‎ Packet Storm Security Headlines

Marketer Taps Browser Flaw To See If You're Pregnant
Tags: flaw marketer browser

July 21, 2011
16:27
iDefense Security Advisory 07.20.11 - Safari Memory Corruption
» ‎ Packet Storm Security Advisories

iDefense Security Advisory 07.20.11 - Remote exploitation of a memory corruption vulnerability in Apple Inc.'s Safari browser could allow an attacker to execute arbitrary code with the privileges of the current user. Safari is Apple's Web browser and is based on the open source WebKit browser engine. This vulnerability occurs when Safari incorrectly handles an error state when encountering a broken XHTML tag. Specifically, the tag enclosing the tag being processed is freed and is then referenced after it has already been freed. This can lead to the execution of arbitrary code. Safari versions prior to 5.1 and 5.0.6 are vulnerable.
Tags: safari browser tag idefense-security-advisory memory-corruption safari-browser

16:27
iDefense Security Advisory 07.20.11 - Safari Memory Corruption
» ‎ Packet Storm Security Recent Files

iDefense Security Advisory 07.20.11 - Remote exploitation of a memory corruption vulnerability in Apple Inc.'s Safari browser could allow an attacker to execute arbitrary code with the privileges of the current user. Safari is Apple's Web browser and is based on the open source WebKit browser engine. This vulnerability occurs when Safari incorrectly handles an error state when encountering a broken XHTML tag. Specifically, the tag enclosing the tag being processed is freed and is then referenced after it has already been freed. This can lead to the execution of arbitrary code. Safari versions prior to 5.1 and 5.0.6 are vulnerable.
Tags: safari browser tag idefense-security-advisory memory-corruption safari-browser

16:27
iDefense Security Advisory 07.20.11 - Safari Memory Corruption
» ‎ Packet Storm Security Misc. Files

iDefense Security Advisory 07.20.11 - Remote exploitation of a memory corruption vulnerability in Apple Inc.'s Safari browser could allow an attacker to execute arbitrary code with the privileges of the current user. Safari is Apple's Web browser and is based on the open source WebKit browser engine. This vulnerability occurs when Safari incorrectly handles an error state when encountering a broken XHTML tag. Specifically, the tag enclosing the tag being processed is freed and is then referenced after it has already been freed. This can lead to the execution of arbitrary code. Safari versions prior to 5.1 and 5.0.6 are vulnerable.
Tags: safari browser tag idefense-security-advisory memory-corruption safari-browser

July 15, 2011
2:13
Mantra Security Toolkit 0.6.1 Released – Browser Based Hacking Framework
» ‎ Darknet

Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. The software is intended to be lite, flexible,...

Read the full post at darknet.org.uk

Tags: mantra browser security read web-application-developers open-source-tools penetration-testers hacking Tools

June 24, 2011
2:08
xAurora Web Browser 10.00 DLL Hijack
» ‎ Packet Storm Security Exploits

xAurora Web Browser version 10.00 DLL hijacking exploit.
Tags: web browser xaurora web-browser-version hijacking

2:08
xAurora Web Browser 10.00 DLL Hijack
» ‎ Packet Storm Security Recent Files

xAurora Web Browser version 10.00 DLL hijacking exploit.
Tags: web browser xaurora web-browser-version hijacking

2:08
xAurora Web Browser 10.00 DLL Hijack
» ‎ Packet Storm Security Misc. Files

xAurora Web Browser version 10.00 DLL hijacking exploit.
Tags: web browser xaurora web-browser-version hijacking

0:00
Vuln: Opera Web Browser Frameset Constructs Memory Corruption Vulnerability
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser Frameset Constructs Memory Corruption Vulnerability
Tags: web opera browser opera-web-browser memory-corruption vulnerability

June 17, 2011
12:52
[Paper] Building and Breaking the Browser
» ‎ SecDocs

Authors: Mike Shaver Window Snyder
Tags: browser SDLC secure development
Event: Black Hat USA 2007

Tags: building browser paper mike-shaver usa black-hat
12:52
[Slides] Building and Breaking the Browser
» ‎ SecDocs

Authors: Mike Shaver Window Snyder
Tags: browser SDLC secure development
Event: Black Hat USA 2007

Tags: authors building browser mike-shaver usa black-hat slides

June 08, 2011
16:42
Zero Day Initiative Advisory 11-182
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 11-182 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Sun Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JP2IEXP.dll browser plugin. The module creates a window hook when an applet is instantiated within the context of a browser. If the underlying DOM element is cloned and the parent object removed, a dangling reference can exist. When the module attempts to walk the relationship list to call the window hook, the process can be made to jump into uninitialized heap memory. This can be exploited by an attacker to execute code under the context of the user running the browser.
Tags: day zero browser dom sun-java-runtime heap-memory zero-day

16:42
Zero Day Initiative Advisory 11-182
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 11-182 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Sun Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JP2IEXP.dll browser plugin. The module creates a window hook when an applet is instantiated within the context of a browser. If the underlying DOM element is cloned and the parent object removed, a dangling reference can exist. When the module attempts to walk the relationship list to call the window hook, the process can be made to jump into uninitialized heap memory. This can be exploited by an attacker to execute code under the context of the user running the browser.
Tags: day zero browser dom sun-java-runtime heap-memory zero-day

16:42
Zero Day Initiative Advisory 11-182
» ‎ Packet Storm Security Misc. Files

Zero Day Initiative Advisory 11-182 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Sun Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JP2IEXP.dll browser plugin. The module creates a window hook when an applet is instantiated within the context of a browser. If the underlying DOM element is cloned and the parent object removed, a dangling reference can exist. When the module attempts to walk the relationship list to call the window hook, the process can be made to jump into uninitialized heap memory. This can be exploited by an attacker to execute code under the context of the user running the browser.
Tags: day zero browser dom sun-java-runtime heap-memory zero-day

May 31, 2011
21:00
[remote exploits] - iPhone 3g/3gs (safari browser) Remote Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

[remote exploits] - iPhone 3g/3gs (safari browser) Remote Exploit
Tags: browser safari iphone remote-exploit safari-browser

May 13, 2011
2:02
Web File Browser 0.4b14 Shell Upload
» ‎ Packet Storm Security Exploits

Web File Browser version 0.4.b14 suffers from a remote shell upload vulnerability.
Tags: file web browser remote-shell file-browser b14

2:02
Web File Browser 0.4b14 Shell Upload
» ‎ Packet Storm Security Recent Files

Web File Browser version 0.4.b14 suffers from a remote shell upload vulnerability.
Tags: file web browser remote-shell file-browser b14

2:02
Web File Browser 0.4b14 Shell Upload
» ‎ Packet Storm Security Misc. Files

Web File Browser version 0.4.b14 suffers from a remote shell upload vulnerability.
Tags: file web browser remote-shell file-browser b14

May 01, 2011
21:00
[local exploits] - Opera Browser 11.10 DLL Hijacking Exploit(opera.dll)
» ‎ 1337day (was: Inj3ct0r, 1337db)

[local exploits] - Opera Browser 11.10 DLL Hijacking Exploit(opera.dll)
Tags: dll opera browser opera-browser exploits
14:00
[local exploits] - Opera Browser 11.10 DLL Hijacking Exploit(opera.dll)
» ‎ 1337day (was: Inj3ct0r, 1337db)

[local exploits] - Opera Browser 11.10 DLL Hijacking Exploit(opera.dll)
Tags: dll opera browser opera-browser exploits

April 26, 2011
0:00
Vuln: Opera Web Browser Prior to 10.63 Multiple Security Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser Prior to 10.63 Multiple Security Vulnerabilities
Tags: web opera browser opera-web security-vulnerabilities

April 25, 2011
8:50
RealPlayer 11 Browser Active-X Code Execution
» ‎ Packet Storm Security Exploits

RealPlayer 11 Browser suffers from an active-x related arbitrary code execution vulnerability.
Tags: execution realplayer browser x-code arbitrary-code-execution active-x vulnerability

8:50
RealPlayer 11 Browser Active-X Code Execution
» ‎ Packet Storm Security Recent Files

RealPlayer 11 Browser suffers from an active-x related arbitrary code execution vulnerability.
Tags: execution realplayer browser x-code arbitrary-code-execution active-x vulnerability

8:50
RealPlayer 11 Browser Active-X Code Execution
» ‎ Packet Storm Security Misc. Files

RealPlayer 11 Browser suffers from an active-x related arbitrary code execution vulnerability.
Tags: execution realplayer browser x-code arbitrary-code-execution active-x vulnerability

8:47
Maxthon Browser 3.22.2000 Denial Of Service
» ‎ Packet Storm Security Exploits

Maxthon Browser version 3.22.2000 denial of service exploit.
Tags: denial maxthon browser maxthon-browser denial-of-service

8:47
Maxthon Browser 3.22.2000 Denial Of Service
» ‎ Packet Storm Security Recent Files

Maxthon Browser version 3.22.2000 denial of service exploit.
Tags: denial maxthon browser maxthon-browser denial-of-service

8:47
Maxthon Browser 3.22.2000 Denial Of Service
» ‎ Packet Storm Security Misc. Files

Maxthon Browser version 3.22.2000 denial of service exploit.
Tags: denial maxthon browser maxthon-browser denial-of-service

April 24, 2011
21:00
[remote exploits] - RealPlayer 11 Browser (res://ieframe.dll) Remote Arbitrary Code
» ‎ 1337day (was: Inj3ct0r, 1337db)

[remote exploits] - RealPlayer 11 Browser (res://ieframe.dll) Remote Arbitrary Code
Tags: realplayer remote browser arbitrary-code exploits
21:00
[dos / poc] - Maxthon Browser 3.22.2000 0day BOF/DOS Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

[dos / poc] - Maxthon Browser 3.22.2000 0day BOF/DOS Exploit
Tags: poc maxthon browser maxthon-browser bof
14:00
[dos / poc] - Maxthon Browser 3.22.2000 0day BOF/DOS Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

[dos / poc] - Maxthon Browser 3.22.2000 0day BOF/DOS Exploit
Tags: poc maxthon browser maxthon-browser bof
14:00
[remote exploits] - RealPlayer 11 Browser (res://ieframe.dll) Remote Arbitrary Code
» ‎ 1337day (was: Inj3ct0r, 1337db)

[remote exploits] - RealPlayer 11 Browser (res://ieframe.dll) Remote Arbitrary Code
Tags: realplayer remote browser arbitrary-code exploits
April 22, 2011
14:00
[dos / poc] - QtWeb Browser Version: 3.7.2 (latest) Denial of Service
» ‎ 1337day (was: Inj3ct0r, 1337db)

[dos / poc] - QtWeb Browser Version: 3.7.2 (latest) Denial of Service
Tags: poc qtweb browser denial-of-service

April 21, 2011
16:54
QtWeb Browser 3.7.2 Denial Of Service
» ‎ Packet Storm Security Exploits

QtWeb Browser version 3.7.2 denial of service exploit.
Tags: qtweb denial browser denial-of-service

16:54
QtWeb Browser 3.7.2 Denial Of Service
» ‎ Packet Storm Security Recent Files

QtWeb Browser version 3.7.2 denial of service exploit.
Tags: qtweb denial browser denial-of-service

16:54
QtWeb Browser 3.7.2 Denial Of Service
» ‎ Packet Storm Security Misc. Files

QtWeb Browser version 3.7.2 denial of service exploit.
Tags: qtweb denial browser denial-of-service

April 12, 2011
0:00
Vuln: Microsoft Windows 'BROWSER ELECTION' Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Microsoft Windows 'BROWSER ELECTION' Buffer Overflow Vulnerability
Tags: microsoft browser windows buffer-overflow-vulnerability microsoft-windows

March 25, 2011
11:27
[Slides] Rip Your Browser for x06 days
» ‎ SecDocs

Authors: James Shewmaker
Tags: browser
Event: DEFCON 18

Tags: authors rip browser james-shewmaker shewmaker slides
11:19
[Audio] Rip Your Browser for x06 days
» ‎ SecDocs

Authors: James Shewmaker
Tags: browser
Event: DEFCON 18

Tags: audio rip browser james-shewmaker shewmaker

March 23, 2011
11:09
Detecting CA Compromises And Web Browser Collusion
» ‎ Packet Storm Security Headlines

Detecting CA Compromises And Web Browser Collusion
Tags: detecting web browser collusion compromises web-browser

March 07, 2011
11:55
Ubuntu Security Notice USN-1049-2
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 1049-2 - USN-1049-1 fixed vulnerabilities in Firefox and Xulrunner. That update introduced a regression where some Java applets would fail to load. This update fixes the problem. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. Zach Hoffman discovered that a recursive call to eval() wrapped in a try/catch statement places the browser into a inconsistent state. It was discovered that memory was used after being freed in a method used by JSON.stringify. Christian Holler discovered multiple buffer overflows in the JavaScript engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. Various other issues were also addressed.
Tags: ubuntu browser security igor-bukanov zach-hoffman martijn-wargers gary-kwong christian-holler henry-sivonen jeff-walden jesse-ruderman

11:55
Ubuntu Security Notice USN-1049-2
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1049-2 - USN-1049-1 fixed vulnerabilities in Firefox and Xulrunner. That update introduced a regression where some Java applets would fail to load. This update fixes the problem. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. Zach Hoffman discovered that a recursive call to eval() wrapped in a try/catch statement places the browser into a inconsistent state. It was discovered that memory was used after being freed in a method used by JSON.stringify. Christian Holler discovered multiple buffer overflows in the JavaScript engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. Various other issues were also addressed.
Tags: ubuntu browser security igor-bukanov zach-hoffman martijn-wargers gary-kwong christian-holler henry-sivonen jeff-walden jesse-ruderman

11:55
Ubuntu Security Notice USN-1049-2
» ‎ Packet Storm Security Misc. Files

Ubuntu Security Notice 1049-2 - USN-1049-1 fixed vulnerabilities in Firefox and Xulrunner. That update introduced a regression where some Java applets would fail to load. This update fixes the problem. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. Zach Hoffman discovered that a recursive call to eval() wrapped in a try/catch statement places the browser into a inconsistent state. It was discovered that memory was used after being freed in a method used by JSON.stringify. Christian Holler discovered multiple buffer overflows in the JavaScript engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. Various other issues were also addressed.
Tags: ubuntu browser security igor-bukanov zach-hoffman martijn-wargers gary-kwong christian-holler henry-sivonen jeff-walden jesse-ruderman

March 03, 2011
8:15
Ubuntu Security Notice USN-1050-1
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 1050-1 - Multiple vulnerabilities have been addressed in the thunderbird package. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. Roberto Suggi Liverani discovered a possible issue with unsafe JavaScript execution in chrome documents. A malicious extension could exploit this to execute arbitrary code with chrome privileges. Jordi Chancel discovered a buffer overflow in the JPEG decoding engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program.
Tags: code ubuntu browser igor-bukanov jordi-chancel gary-kwong martijn-wargers roberto-suggi jeff-walden henry-sivonen jesse-ruderman

8:15
Ubuntu Security Notice USN-1050-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1050-1 - Multiple vulnerabilities have been addressed in the thunderbird package. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. Roberto Suggi Liverani discovered a possible issue with unsafe JavaScript execution in chrome documents. A malicious extension could exploit this to execute arbitrary code with chrome privileges. Jordi Chancel discovered a buffer overflow in the JPEG decoding engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program.
Tags: code ubuntu browser igor-bukanov jordi-chancel gary-kwong martijn-wargers roberto-suggi jeff-walden henry-sivonen jesse-ruderman

8:15
Ubuntu Security Notice USN-1050-1
» ‎ Packet Storm Security Misc. Files

Ubuntu Security Notice 1050-1 - Multiple vulnerabilities have been addressed in the thunderbird package. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. Roberto Suggi Liverani discovered a possible issue with unsafe JavaScript execution in chrome documents. A malicious extension could exploit this to execute arbitrary code with chrome privileges. Jordi Chancel discovered a buffer overflow in the JPEG decoding engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program.
Tags: code ubuntu browser igor-bukanov jordi-chancel gary-kwong martijn-wargers roberto-suggi jeff-walden henry-sivonen jesse-ruderman

February 22, 2011
0:00
Vuln: Microsoft Windows 'BROWSER ELECTION' Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Microsoft Windows 'BROWSER ELECTION' Buffer Overflow Vulnerability
Tags: microsoft browser windows buffer-overflow-vulnerability microsoft-windows

February 18, 2011
8:36
4 In 5 Surfers Open To Browser Exploits From Fixed Flaws
» ‎ Packet Storm Security Headlines

4 In 5 Surfers Open To Browser Exploits From Fixed Flaws
Tags: surfers open browser exploits

February 16, 2011
0:00
Vuln: Microsoft Active Directory 'BROWSER ELECTION' Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Microsoft Active Directory 'BROWSER ELECTION' Buffer Overflow Vulnerability
Tags: directory microsoft browser buffer-overflow-vulnerability microsoft-active-directory directory-browser

February 03, 2011
21:25
[Audio] How Unique Is Your Browser?
» ‎ SecDocs

Authors: Peter Eckersley
Tags: fingerprinting browser privacy
Event: DEFCON 18

Tags: audio unique browser peter-eckersley privacy-event eckersley
21:25
[Video] How Unique Is Your Browser?
» ‎ SecDocs

Authors: Peter Eckersley
Tags: fingerprinting browser privacy
Event: DEFCON 18

Tags: video unique browser peter-eckersley privacy-event eckersley
21:25
[Slides] How Unique Is Your Browser?
» ‎ SecDocs

Authors: Peter Eckersley
Tags: fingerprinting browser privacy
Event: DEFCON 18

Tags: authors unique browser peter-eckersley privacy-event eckersley slides

January 31, 2011
4:11
Maxthon Browser 3.0.20.1000 Denial Of Service
» ‎ Packet Storm Security Exploits

Maxthon Browser version 3.0.20.1000 .ref .replace denial of service exploit.
Tags: denial maxthon browser maxthon-browser denial-of-service

4:11
Maxthon Browser 3.0.20.1000 Denial Of Service
» ‎ Packet Storm Security Recent Files

Maxthon Browser version 3.0.20.1000 .ref .replace denial of service exploit.
Tags: denial maxthon browser maxthon-browser denial-of-service

4:11
Maxthon Browser 3.0.20.1000 Denial Of Service
» ‎ Packet Storm Security Misc. Files

Maxthon Browser version 3.0.20.1000 .ref .replace denial of service exploit.
Tags: denial maxthon browser maxthon-browser denial-of-service

January 27, 2011
0:00
Vuln: Opera Web Browser 'Select' HTML Element Integer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser 'Select' HTML Element Integer Overflow Vulnerability
Tags: web opera browser integer-overflow-vulnerability opera-web element

January 25, 2011
13:11
Opera Web Browser 11.00 Denial Of Service
» ‎ Packet Storm Security Exploits

Opera Web Browser version 11.00 suffers from a denial of service vulnerability.
Tags: web opera browser web-browser-version service-vulnerability opera-web

13:11
Opera Web Browser 11.00 Denial Of Service
» ‎ Packet Storm Security Recent Files

Opera Web Browser version 11.00 suffers from a denial of service vulnerability.
Tags: web opera browser web-browser-version service-vulnerability opera-web

13:11
Opera Web Browser 11.00 Denial Of Service
» ‎ Packet Storm Security Misc. Files

Opera Web Browser version 11.00 suffers from a denial of service vulnerability.
Tags: web opera browser web-browser-version service-vulnerability opera-web

January 24, 2011
0:00
Vuln: Opera Web Browser 'Select' HTML Element Integer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser 'Select' HTML Element Integer Overflow Vulnerability
Tags: web opera browser integer-overflow-vulnerability opera-web element
December 23, 2010
0:00
Vuln: Opera Web Browser Prior to 11.00 Multiple Security Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser Prior to 11.00 Multiple Security Vulnerabilities
Tags: web opera browser opera-web security-vulnerabilities
November 11, 2010
0:00
Vuln: QtWeb Browser Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

QtWeb Browser Buffer Overflow Vulnerability
Tags: buffer qtweb browser buffer-overflow-vulnerability

November 10, 2010
18:01
qtwebbrowser-overflow.txt
» ‎ Packet Storm Security Exploits

Qtweb Browser version 3.5 suffers from a buffer overflow vulnerability.
Tags: txt browser qtweb buffer-overflow-vulnerability
17:26
Qtweb Browser 3.5 Buffer Overflow
» ‎ Packet Storm Security Exploits

Qtweb Browser version 3.5 suffers from a buffer overflow vulnerability.
Tags: buffer browser qtweb buffer-overflow-vulnerability

November 07, 2010
23:07
Researcher Releases Android Exploit In Webkit Browser Engine
» ‎ Darknet

And Android security hits the news once again, it’s not a vulnerability in the OS per-say but rather in the browser based on the Webkit engine. It does highlight the inherent fragmentation problems with the Android platform and the security concerns that come with running old OS and software versions. It’s a problem that is [...]

Read the full post at darknet.org.uk

Tags: android browser webkit read browser-engine software-versions darknet ExploitsVulnerabilities

November 03, 2010
0:00
Vuln: Multiple Browser Wild Card Certificate Spoofing Vulnerability
» ‎ SecurityFocus Vulnerabilities

Multiple Browser Wild Card Certificate Spoofing Vulnerability
Tags: wild multiple browser wild-card vulnerability
October 28, 2010
0:00
Vuln: Multiple Browser Wild Card Certificate Spoofing Vulnerability
» ‎ SecurityFocus Vulnerabilities

Multiple Browser Wild Card Certificate Spoofing Vulnerability
Tags: wild multiple browser wild-card vulnerability
October 27, 2010
0:00
Vuln: Multiple Browser Wild Card Certificate Spoofing Vulnerability
» ‎ SecurityFocus Vulnerabilities

Multiple Browser Wild Card Certificate Spoofing Vulnerability
Tags: wild multiple browser wild-card vulnerability

October 20, 2010
15:01
USN-997-1.txt
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 997-1 - Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov, Josh Soref, Gary Kwong, Martijn Wargers, Siddharth Agarwal and Michal Zalewski discovered various flaws in the browser engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. Alexander Miller, Sergey Glazunov, and others discovered several flaws in the JavaScript engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. Robert Swiecki discovered that Firefox did not properly validate Gopher URLs. If a user were tricked into opening a crafted file via Gopher, an attacker could possibly run arbitrary JavaScript. Eduardo Vela Nava discovered that Firefox could be made to violate the same-origin policy by using modal calls with JavaScript. An attacker could exploit this to steal information from another site. Dmitri GribenkoDmitri Gribenko discovered that Firefox did not properly setup the LD_LIBRARY_PATH environment variable. A local attacker could exploit this to execute arbitrary code as the user invoking the program.
Tags: user attacker browser eduardo-vela igor-bukanov dmitri-gribenkodmitri martijn-wargers gary-kwong robert-swiecki paul-nickerson alexander-miller

15:00
USN-997-1.txt
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 997-1 - Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov, Josh Soref, Gary Kwong, Martijn Wargers, Siddharth Agarwal and Michal Zalewski discovered various flaws in the browser engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. Alexander Miller, Sergey Glazunov, and others discovered several flaws in the JavaScript engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. Robert Swiecki discovered that Firefox did not properly validate Gopher URLs. If a user were tricked into opening a crafted file via Gopher, an attacker could possibly run arbitrary JavaScript. Eduardo Vela Nava discovered that Firefox could be made to violate the same-origin policy by using modal calls with JavaScript. An attacker could exploit this to steal information from another site. Dmitri GribenkoDmitri Gribenko discovered that Firefox did not properly setup the LD_LIBRARY_PATH environment variable. A local attacker could exploit this to execute arbitrary code as the user invoking the program.
Tags: user attacker browser eduardo-vela igor-bukanov dmitri-gribenkodmitri martijn-wargers gary-kwong robert-swiecki paul-nickerson alexander-miller

0:00
Vuln: Multiple Browser Wild Card Certificate Spoofing Vulnerability
» ‎ SecurityFocus Vulnerabilities

Multiple Browser Wild Card Certificate Spoofing Vulnerability
Tags: wild multiple browser wild-card vulnerability

October 19, 2010
18:02
USN-1006-1.txt
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 1006-1 - A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Please consult the bug listed at the top of this advisory to get the exact list of CVE numbers fixed for each release.
Tags: browser security usn arbitrary-code-execution web-browser-security malicious-website

October 12, 2010
0:00
Vuln: Opera Web Browser Prior to 10.63 Multiple Security Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser Prior to 10.63 Multiple Security Vulnerabilities
Tags: web opera browser opera-web security-vulnerabilities
September 24, 2010
7:00
Bugtraq: Re: Netscape Web Browser (CSS) Cross Domain Vulnerability
» ‎ SecurityFocus Vulnerabilities

Re: Netscape Web Browser (CSS) Cross Domain Vulnerability
Tags: netscape web browser vulnerability web-browser
7:00
Bugtraq: Re: Opera Web Browser v10.62 (CSS) Cross Domain Vulnerability
» ‎ SecurityFocus Vulnerabilities

Re: Opera Web Browser v10.62 (CSS) Cross Domain Vulnerability
Tags: web opera browser opera-web-browser vulnerability
September 23, 2010
14:00
Bugtraq: Netscape Web Browser (CSS) Cross Domain Vulnerability
» ‎ SecurityFocus Vulnerabilities

Netscape Web Browser (CSS) Cross Domain Vulnerability
Tags: netscape web browser netscape-web vulnerability web-browser
14:00
Bugtraq: Re: Opera Web Browser v10.62 (CSS) Cross Domain Vulnerability
» ‎ SecurityFocus Vulnerabilities

Re: Opera Web Browser v10.62 (CSS) Cross Domain Vulnerability
Tags: web opera browser opera-web-browser vulnerability
8:00
Bugtraq: Opera Web Browser v10.62 (CSS) Cross Domain Vulnerability
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser v10.62 (CSS) Cross Domain Vulnerability
Tags: web opera browser opera-web-browser vulnerability
September 14, 2010
14:00
Bugtraq: [FLOCK-SA-2010-04] Flock Browser: window.open() Method Javascript Same-Origin Policy Violation (XSS)
» ‎ SecurityFocus Vulnerabilities

[FLOCK-SA-2010-04] Flock Browser: window.open() Method Javascript Same-Origin Policy Violation (XSS)
Tags: flock window browser flock-browser bugtraq policy-violation
13:00
Bugtraq: [FLOCK-SA-2010-01] Flock Browser: A malformed favourite can bypass cross origin protection (XSS)
» ‎ SecurityFocus Vulnerabilities

[FLOCK-SA-2010-01] Flock Browser: A malformed favourite can bypass cross origin protection (XSS)
Tags: favourite flock browser flock-browser bugtraq
13:00
Bugtraq: [FLOCK-SA-2010-02] Flock Browser: A malicious RSS feed can bypass cross origin protection (XSS)
» ‎ SecurityFocus Vulnerabilities

[FLOCK-SA-2010-02] Flock Browser: A malicious RSS feed can bypass cross origin protection (XSS)
Tags: rss flock browser flock-browser bugtraq
13:00
Bugtraq: [FLOCK-SA-2010-03] Flock Browser: javascript: url with a leading NULL byte can bypass cross origin protection (XSS)
» ‎ SecurityFocus Vulnerabilities

[FLOCK-SA-2010-03] Flock Browser: javascript: url with a leading NULL byte can bypass cross origin protection (XSS)
Tags: flock javascript browser null-byte flock-browser bugtraq
0:00
Vuln: Flock Browser Malformed Bookmark HTML Injection Vulnerability
» ‎ SecurityFocus Vulnerabilities

Flock Browser Malformed Bookmark HTML Injection Vulnerability
Tags: flock malformed browser flock-browser vulnerability

September 13, 2010
17:12
RogiShip Explorer [browser] 1.3 - Crash POC
» ‎ 1337day (was: Inj3ct0r, 1337db)

RogiShip Explorer [browser] 1.3 - Crash POC
Tags: rogiship browser explorer explorer-browser crash

September 09, 2010
14:00
Web controlled watering can
» ‎ Hack a Day

Here’s a watering can and water vortex that are controlled with a webkit browser interface. The interface displays a drawing of the watering can on your browser. If you grab one of the handles on the circle around the image and move it, the can will rotate as well. Okay, so this isn’t going to [...]
Tags: interface browser watering browser-interface webkit vortex home hacks

13:13
[Slides] Browser Ghosting Attacks
» ‎ SecDocs

Authors: Paul Theriault
Tags: browser
Event: Hack In The Box 2009 Malaysia

Tags: authors ghosting browser paul-theriault malaysia hack-in-the-box slides

0:00
Vuln: Avant Browser and Orca Browser 'browser:home' Multiple HTML Injection Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Avant Browser and Orca Browser 'browser:home' Multiple HTML Injection Vulnerabilities
Tags: avant orca browser avant-browser
August 27, 2010
9:00
Bugtraq: wp-10-0001: Multiple Browser Wildcard Cerficate Validation Weakness
» ‎ SecurityFocus Vulnerabilities

wp-10-0001: Multiple Browser Wildcard Cerficate Validation Weakness
Tags: multiple wildcard browser validation

August 20, 2010
19:00
flockbrowser-xss.txt
» ‎ Packet Storm Security Exploits

Flock Browser version 3.0.0.3989 suffers from a malformed bookmark cross site scripting vulnerability.
Tags: txt flock browser flock-browser vulnerability

August 19, 2010
9:00
Bugtraq: Flock Browser 3.0.0.3989 Malformed Bookmark XSS and script insertion
» ‎ SecurityFocus Vulnerabilities

Flock Browser 3.0.0.3989 Malformed Bookmark XSS and script insertion
Tags: flock malformed browser flock-browser xss insertion

August 12, 2010
4:40
[Audio] A Wolf in Sheep's Clothing: The Dangers of Persistent Web Browser Storage
» ‎ SecDocs

Authors: Michael Sutton
Tags: exploiting Web 2.0 browser
Event: Black Hat DC 2009

Tags: audio web browser wolf michael-sutton persistent-web black-hat
4:40
[Video] A Wolf in Sheep's Clothing: The Dangers of Persistent Web Browser Storage
» ‎ SecDocs

Authors: Michael Sutton
Tags: exploiting Web 2.0 browser
Event: Black Hat DC 2009

Tags: video web browser wolf michael-sutton persistent-web black-hat

August 11, 2010
17:00
Arora browser + Mozilla Firefox + IE6&IE7 Remote Denial fo Service
» ‎ 1337day (was: Inj3ct0r, 1337db)

Arora browser + Mozilla Firefox + IE6&IE7 Remote Denial fo Service
Tags: arora mozilla browser mozilla-firefox denial
August 08, 2010
8:04
Secure Browser 2.0 DOS Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

Secure Browser 2.0 DOS Exploit
Tags: dos exploit browser

August 06, 2010
12:01
ZDI-10-140.txt
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 10-140 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Novell iPrint Client Browser Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within handling plugin parameters. Specifically, a long value for the operation parameter can trigger a stack-based buffer overflow. Successful exploitation leads to execution of arbitrary code under the context of the user running the browser process.
Tags: code vulnerability browser novell-iprint based-buffer-overflow target

12:01
ZDI-10-139.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-139 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Novell iPrint Client browser plugin. User interaction is required in that a target must visit a malicious web page. The specific flaw exists within handling plugin parameters. The application does not properly verify the name of parameters passed via <embed> tags. If a malicious attacker provides a long enough value a destination buffer can be overflowed. Successful exploitation leads to execution of arbitrary code under the context of the user owning the browser process.
Tags: plugin code browser novell-iprint malicious-attacker destination-buffer
12:01
ZDI-10-140.txt
» ‎ Packet Storm Security Advisories

Zero Day Initiative Advisory 10-140 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Novell iPrint Client Browser Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within handling plugin parameters. Specifically, a long value for the operation parameter can trigger a stack-based buffer overflow. Successful exploitation leads to execution of arbitrary code under the context of the user running the browser process.
Tags: code vulnerability browser novell-iprint based-buffer-overflow target

August 01, 2010
21:12
[Video] How To Impress Girls With Browser Memory Protection Bypasses
» ‎ SecDocs

Authors: Alexander Sotirov Mark Dowd
Tags: memory exploiting browser
Event: Black Hat USA 2008

Tags: video memory browser alexander-sotirov mark-dowd usa memory-protection how-to-impress-girls black-hat
21:12
[Slides] How To Impress Girls With Browser Memory Protection Bypasses
» ‎ SecDocs

Authors: Alexander Sotirov Mark Dowd
Tags: memory exploiting browser
Event: Black Hat USA 2008

Tags: impress memory browser alexander-sotirov mark-dowd usa memory-protection how-to-impress-girls black-hat
July 31, 2010
21:11
[Paper] How To Impress Girls With Browser Memory Protection Bypasses
» ‎ SecDocs

Authors: Alexander Sotirov Mark Dowd
Tags: memory exploiting browser
Event: Black Hat USA 2008

Tags: memory browser paper alexander-sotirov mark-dowd usa memory-protection how-to-impress-girls black-hat
21:11
[Audio] How To Impress Girls With Browser Memory Protection Bypasses
» ‎ SecDocs

Authors: Alexander Sotirov Mark Dowd
Tags: memory exploiting browser
Event: Black Hat USA 2008

Tags: audio memory browser alexander-sotirov mark-dowd usa memory-protection how-to-impress-girls black-hat

July 23, 2010
12:03
USN-957-1.txt
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 957-1 - Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. Various integer overflows and other issues have also been addressed.
Tags: user browser usn browser-engine arbitrary-code overflows

12:03
USN-957-1.txt
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 957-1 - Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. Various integer overflows and other issues have also been addressed.
Tags: user browser usn browser-engine arbitrary-code overflows

1:00
Clickjacking Web Browser Multiple Vulnerability (FF3.6.7/SM 2.0.6)
» ‎ 1337day (was: Inj3ct0r, 1337db)

Clickjacking Web Browser Multiple Vulnerability (FF3.6.7/SM 2.0.6)
Tags: multiple web browser vulnerability web-browser

0:00
Vuln: Multiple Browser JavaScript Engine 'Math.Random()' Cross Domain Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

Multiple Browser JavaScript Engine 'Math.Random()' Cross Domain Information Disclosure Vulnerability
Tags: javascript multiple browser information-disclosure-vulnerability engine-math domain-information

0:00
Safari Browser Hack Reveals AutoFill Security Concerns
» ‎ Packet Storm Security Headlines

Safari Browser Hack Reveals AutoFill Security Concerns
Tags: safari hack browser safari-browser security-concerns

July 17, 2010
1:00
Avant Browser (V11.7 build 45) Clickjacking Vulnerability
» ‎ 1337day (was: Inj3ct0r, 1337db)

Avant Browser (V11.7 build 45) Clickjacking Vulnerability
Tags: avant clickjacking browser vulnerability avant-browser
1:00
Netscape Browser v9.0.0.6 Clickjacking Vulnerability
» ‎ 1337day (was: Inj3ct0r, 1337db)

Netscape Browser v9.0.0.6 Clickjacking Vulnerability
Tags: netscape clickjacking browser vulnerability
1:00
Safari Browser v4.0.2 Clickjacking Vulnerability
» ‎ 1337day (was: Inj3ct0r, 1337db)

Safari Browser v4.0.2 Clickjacking Vulnerability
Tags: safari clickjacking browser safari-browser vulnerability
1:00
Opera Browser v10.60 Clickjacking Vulnerability
» ‎ 1337day (was: Inj3ct0r, 1337db)

Opera Browser v10.60 Clickjacking Vulnerability
Tags: opera clickjacking browser opera-browser vulnerability

July 13, 2010
22:51
arora-dos.txt
» ‎ Packet Storm Security Recent Files

Arora Browser version 0.10.0-1 remote denial of service exploit.
Tags: txt arora browser denial-of-service

22:49
arora-dos.txt
» ‎ Packet Storm Security Exploits

Arora Browser version 0.10.0-1 remote denial of service exploit.
Tags: txt arora browser denial-of-service

July 12, 2010
1:00
Avant Browser Denial of Service
» ‎ 1337day (was: Inj3ct0r, 1337db)

Avant Browser Denial of Service
Tags: denial avant browser denial-of-service avant-browser
July 08, 2010
1:00
Flock Browser 2.x.x Denial of Service Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

Flock Browser 2.x.x Denial of Service Exploit
Tags: flock denial browser denial-of-service flock-browser
June 30, 2010
1:00
Lunascape Browser 6.1.6 Denial of Service Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

Lunascape Browser 6.1.6 Denial of Service Exploit
Tags: denial browser lunascape browser-6 denial-of-service
June 29, 2010
1:00
Internet Browser Classic (IBC 0-6-1) DOS Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

Internet Browser Classic (IBC 0-6-1) DOS Exploit
Tags: internet classic browser internet-browser
1:00
Netscape Browser 9.x Denial of Service Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

Netscape Browser 9.x Denial of Service Exploit
Tags: netscape denial browser denial-of-service
1:00
Acoo Browser 1.98.744 Denial of Service Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

Acoo Browser 1.98.744 Denial of Service Exploit
Tags: acoo denial browser acoo-browser denial-of-service
1:00
TheWorld Browser 3.1.6.8 DOS Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

TheWorld Browser 3.1.6.8 DOS Exploit
Tags: theworld dos browser theworld-browser

0:00
Vuln: Multiple Browser JavaScript Engine 'Math.Random()' Cross Domain Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

Multiple Browser JavaScript Engine 'Math.Random()' Cross Domain Information Disclosure Vulnerability
Tags: javascript multiple browser information-disclosure-vulnerability engine-math domain-information

June 26, 2010
1:00
Flock Browser 2.6.0 Denial of Service Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

Flock Browser 2.6.0 Denial of Service Exploit
Tags: flock denial browser denial-of-service flock-browser
June 23, 2010
1:00
Opera Browser 10.54 Denial of Service
» ‎ 1337day (was: Inj3ct0r, 1337db)

Opera Browser 10.54 Denial of Service
Tags: denial opera browser opera-browser denial-of-service

June 22, 2010
0:00
Vuln: Multiple Browser JavaScript Engine 'Math.Random()' Cross Domain Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

Multiple Browser JavaScript Engine 'Math.Random()' Cross Domain Information Disclosure Vulnerability
Tags: javascript multiple browser information-disclosure-vulnerability engine-math domain-information
June 21, 2010
0:00
Vuln: Opera Web Browser prior to 10.54 Multiple Security Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser prior to 10.54 Multiple Security Vulnerabilities
Tags: web opera browser opera-web security-vulnerabilities

June 17, 2010
1:00
Crazy Browser v3.0.5 Remote Denial of Service Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

Crazy Browser v3.0.5 Remote Denial of Service Exploit
Tags: crazy remote browser denial-of-service crazy-browser
June 10, 2010
1:00
Orca Browser Remoter Denial Of Service Exploit 0day
» ‎ 1337day (was: Inj3ct0r, 1337db)

Orca Browser Remoter Denial Of Service Exploit 0day
Tags: remoter browser orca denial-of-service

June 04, 2010
21:03
[Slides] The Fine Art of Hari Kari (.JS), And Other Approaches For The Strange Reality Of Web Defense
» ‎ SecDocs

Authors: Dan Kaminsky
Tags: web application web
Event: Source Conference Boston 2010
Abstract: The web is remarkably difficult to secure. Browsers are ornery, powerful creations, and we security people demand all sorts of things of developers to make them behave. By in large, the developers ignore us. Our asks, they say, are too expensive. Rather than just guilting them, could we make better asks -- of both web developers, and browser manufacturers? Possibly. In this talk, I explore a couple of interesting techniques for easily mitigating entire classes of Cross Site Scripting and Cross Site Request Forgery attacks. They aren't perfect, but they work, and more importantly they represent a new class of ask for browser manufacturers that might even be implementable past the genuinely more powerful forces of application compatibility, performance, and developer compliance. I will also discuss Treelocking, a generic mechanism for mitigating injections into protocols as diverse as SQL, LDAP, XML, and JSON.
Tags: browser web application hari-kari dan-kaminsky art boston application-compatibility generic-mechanism

May 27, 2010
0:00
Researcher Warns Of Browser Tabnapping
» ‎ Packet Storm Security Headlines

Researcher Warns Of Browser Tabnapping
Tags: researcher warns browser

May 26, 2010
1:00
Flock web browser v2.5.6 (Remote Memory Corrupt) Crash Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

Flock web browser v2.5.6 (Remote Memory Corrupt) Crash Exploit
Tags: web flock browser browser-v2 web-browser
May 19, 2010
1:00
QtWeb Browser version 3.3 Dos
» ‎ 1337day (was: Inj3ct0r, 1337db)

QtWeb Browser version 3.3 Dos
Tags: version qtweb browser
May 05, 2010
1:00
Avant Browser Denial of Service Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

Avant Browser Denial of Service Exploit
Tags: denial avant browser denial-of-service

April 09, 2010
22:00
USN-920-1.txt
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 920-1 - Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox. It was discovered that Firefox could be made to access previously freed memory. Paul Stone discovered that Firefox could be made to change a mouse click into a drag and drop event. It was discovered that the XMLHttpRequestSpy module as used by the Firebug add-on could be used to escalate privileges within the browser.
Tags: browser firefox usn martijn-wargers jesse-ruderman josh-soref paul-stone browser-engine firebug ehsan
22:00
USN-921-1.txt
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 921-1 - Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox. It was discovered that Firefox could be made to access previously freed memory. Paul Stone discovered that Firefox could be made to change a mouse click into a drag and drop event. It was discovered that the XMLHttpRequestSpy module as used by the Firebug add-on could be used to escalate privileges within the browser. Henry Sudhof discovered that an image tag could be used as a redirect to a mailto: URL to launch an external mail handler. Wladimir Palant discovered that Firefox did not always perform security checks on XML content.
Tags: browser firefox security martijn-wargers jesse-ruderman henry-sudhof josh-soref paul-stone mail-handler external-mail browser-engine

22:00
USN-920-1.txt
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 920-1 - Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox. It was discovered that Firefox could be made to access previously freed memory. Paul Stone discovered that Firefox could be made to change a mouse click into a drag and drop event. It was discovered that the XMLHttpRequestSpy module as used by the Firebug add-on could be used to escalate privileges within the browser.
Tags: browser firefox usn martijn-wargers jesse-ruderman josh-soref paul-stone browser-engine firebug ehsan
22:00
USN-921-1.txt
» ‎ Packet Storm Security Advisories

Ubuntu Security Notice 921-1 - Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox. It was discovered that Firefox could be made to access previously freed memory. Paul Stone discovered that Firefox could be made to change a mouse click into a drag and drop event. It was discovered that the XMLHttpRequestSpy module as used by the Firebug add-on could be used to escalate privileges within the browser. Henry Sudhof discovered that an image tag could be used as a redirect to a mailto: URL to launch an external mail handler. Wladimir Palant discovered that Firefox did not always perform security checks on XML content.
Tags: browser firefox security martijn-wargers jesse-ruderman henry-sudhof josh-soref paul-stone mail-handler external-mail browser-engine

April 05, 2010
0:00
Browser Exploit Brings Jailbreak To The iPad
» ‎ Packet Storm Security Headlines

Browser Exploit Brings Jailbreak To The iPad
Tags: brings exploit browser ipad

March 29, 2010
3:56
Browser Fingerprints – How Unique Is Your Browser – Panopticlick
» ‎ Darknet

Now this is another interesting attack vector using little bits of data not many people consider. I have heard about this kind of technique before and considered how it’d be done myself. Finally someone has put together a public version of a tool that can tell you how unique your browser footprint is. As for me [...]

Read the full post at darknet.org.uk

Tags: fingerprints unique browser read darknet little-bits privacy

1:00
Tizbal Browser
» ‎ 1337day (was: Inj3ct0r, 1337db)

Tizbal Browser
Tags: browser

March 23, 2010
14:16
Bugtraq: Safari browser port blocking bypassed by integer overflow
» ‎ SecurityFocus Vulnerabilities

Safari browser port blocking bypassed by integer overflow
Tags: safari browser port integer-overflow safari-browser bugtraq
0:00
Vuln: Opera Web Browser 'Content-Length' Header Integer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser 'Content-Length' Header Integer Overflow Vulnerability
Tags: web opera browser integer-overflow-vulnerability opera-web-browser content-length

0:00
Gonzalez Accomplice Gets Probation For Selling Browser Exploit
» ‎ Packet Storm Security Headlines

Gonzalez Accomplice Gets Probation For Selling Browser Exploit
Tags: selling browser probation gonzalez-accomplice accomplice
March 19, 2010
0:00
Google Hardens Browser Ahead Of Critical Hacker Test
» ‎ Packet Storm Security Headlines

Google Hardens Browser Ahead Of Critical Hacker Test
Tags: google hardens browser hacker-test

March 09, 2010
0:00
Vuln: Opera Web Browser 'Content-Length' Header Integer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser 'Content-Length' Header Integer Overflow Vulnerability
Tags: web opera browser integer-overflow-vulnerability opera-web-browser content-length

March 07, 2010
21:02
[Video] Using Guided Missiles in Drive-Bys: Automatic browser fingerprinting and exploitation with Metasploit
» ‎ SecDocs

Authors: James Lee
Tags: Metasploit exploiting browser
Event: DEFCON 17

Tags: video browser metasploit james-lee-tags guided-missiles automatic-browser drive-bys
21:02
[Slides] Using Guided Missiles in Drive-Bys: Automatic browser fingerprinting and exploitation with Metasploit
» ‎ SecDocs

Authors: James Lee
Tags: Metasploit exploiting browser
Event: DEFCON 17

Tags: browser guided metasploit james-lee-tags guided-missiles automatic-browser drive-bys
21:02
[Audio] Using Guided Missiles in Drive-Bys: Automatic browser fingerprinting and exploitation with Metasploit
» ‎ SecDocs

Authors: James Lee
Tags: Metasploit exploiting browser
Event: DEFCON 17

Tags: audio browser metasploit james-lee-tags guided-missiles automatic-browser drive-bys

March 05, 2010
0:00
Vuln: Opera Web Browser 'Content-Length' Header Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Opera Web Browser 'Content-Length' Header Denial of Service Vulnerability
Tags: web opera browser opera-web-browser service-vulnerability denial-of-service

March 01, 2010
0:00
Microsoft Investigating New IE Browser Vulnerability
» ‎ Packet Storm Security Headlines

Microsoft Investigating New IE Browser Vulnerability
Tags: microsoft new browser vulnerability

February 25, 2010
5:00
web browser de anonymisation
» ‎ darkc0de

web browser de anonymisation
Tags: web browser anonymisation web-browser

February 22, 2010
9:00
Winamp 5.57 (Browser) IE Denial of Service Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

Winamp 5.57 (Browser) IE Denial of Service Exploit
Tags: denial winamp browser denial-of-service

February 19, 2010
6:47
Microsoft browser switch could lead to hack attacks, Sophos warns
» ‎ Sophos security news

European Internet Explorer users invited to choose another browser.
Tags: switch microsoft browser internet-explorer-users microsoft-browser european-internet

February 18, 2010
15:00
BROWSER Crash - Visit LINK :)
» ‎ darkc0de

BROWSER Crash - Visit LINK :)
Tags: visit crash browser

February 16, 2010
11:49
BrowserRider.20090204.zip
» ‎ Packet Storm Security Tools

Browser Rider is a hacking framework to build payloads that exploit the browser. The project aims to provide a powerful, simple and flexible interface to any client side exploit. Browser Rider is not a new concept. Similar tools such as BeEF or Backframe exploited the same concept. However most of the other existing tools out there are unmaintained, not updated and not documented. Browser Rider wants to fill those gaps by providing a better alternative.
Tags: concept rider browser flexible-interface payloads gaps
11:49
beef-0.4.0.0.tar.gz
» ‎ Packet Storm Security Tools

BeEF is a browser exploitation framework. This tool will demonstrate the collecting of zombie browsers and browser vulnerabilities in real-time. It provides a command and control interface which facilitates the targeting of individual or groups of zombie browsers.
Tags: browser beef zombie control-interface tar-gz

11:49
BrowserRider.20090204.zip
» ‎ Packet Storm Security Recent Files

Browser Rider is a hacking framework to build payloads that exploit the browser. The project aims to provide a powerful, simple and flexible interface to any client side exploit. Browser Rider is not a new concept. Similar tools such as BeEF or Backframe exploited the same concept. However most of the other existing tools out there are unmaintained, not updated and not documented. Browser Rider wants to fill those gaps by providing a better alternative.
Tags: concept rider browser flexible-interface payloads gaps
11:49
beef-0.4.0.0.tar.gz
» ‎ Packet Storm Security Recent Files

BeEF is a browser exploitation framework. This tool will demonstrate the collecting of zombie browsers and browser vulnerabilities in real-time. It provides a command and control interface which facilitates the targeting of individual or groups of zombie browsers.
Tags: browser beef zombie control-interface tar-gz

February 14, 2010
17:00
Browser address bar characters into a small feature
» ‎ 1337day (was: Inj3ct0r, 1337db)

Browser address bar characters into a small feature
Tags: bar feature browser
17:00
Multiple Web Browser Vulnerabilities in Nokia Symbian OS 3rd Edition
» ‎ 1337day (was: Inj3ct0r, 1337db)

Multiple Web Browser Vulnerabilities in Nokia Symbian OS 3rd Edition
Tags: multiple web browser nokia-symbian symbian-os vulnerabilities
15:00
Flock browser 2.5.6 (Multitudinous looping) DoS Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

Flock browser 2.5.6 (Multitudinous looping) DoS Exploit
Tags: multitudinous flock browser flock-browser

February 12, 2010
0:00
Chromium Browser Remixed As A Security Dragon
» ‎ Packet Storm Security Headlines

Chromium Browser Remixed As A Security Dragon
Tags: chromium browser remixed dragon

February 07, 2010
13:00
SQLite Browser v2.0b1 Local DoS Vulnerability
» ‎ 1337day (was: Inj3ct0r, 1337db)

SQLite Browser v2.0b1 Local DoS Vulnerability
Tags: sqlite local browser dos-vulnerability browser-v2

February 04, 2010
0:00
Vuln: Multiple Browser Marquee Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Multiple Browser Marquee Denial of Service Vulnerability
Tags: multiple browser marquee service-vulnerability denial-of-service

February 01, 2010
15:33
testing browser attacks
» ‎ remote-exploit & backtrack
Hey Jungs,

bei den typischen Client Side Attacks, die den Browser betreffen, hat man immer das Problem dass man eine Vielzahl von Systemen mit den unterschiedlichen IE oder FF Versionen benötigt!

Es gibt Abhilfe:
- Final Builds Site - Edskes Software Mozilla Firefox Collection
- Final Builds Site - Edskes Software Mozilla Firefox Collection
Ich habe mal ein paar Bilder der Installation und Browser auf meinem Blog hinterlegt ... Browser Collection for Client Side Attacks | www.s3cur1ty.de

hf
m-1-k-3
Tags: attacks collection browser final-builds-site unterschiedlichen Tutorials und howtos

January 27, 2010
0:00
Vuln: Multiple Vendor Browser 'HTMLSelectElement' Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Multiple Vendor Browser 'HTMLSelectElement' Denial of Service Vulnerability
Tags: multiple vendor browser service-vulnerability denial-of-service

January 26, 2010
1:02
Browser Fuzzer 3 (bf3) – Comprehensive Web Browser Fuzzing Tool
» ‎ Darknet

Browser Fuzzer 3, or bf3, is a comprehensive web browser fuzzer. Browser Fuzzer 3 is designed as a hybrid framework/standalone fuzzer; the modules it uses are extensible but also highly integrated into the core. bf3 can be used via command line to set all necessary flags for each fuzzing operation. After initialization, bf3 creates test [...]

Read the full post at darknet.org.uk

Tags: fuzzer web browser read darknet web-browser flags ExploitsVulnerabilities

January 20, 2010
10:02
Bugtraq: Re: Kingsoft DuBa Browser Shield ActiveX Remote Exec 0day POC
» ‎ SecurityFocus Vulnerabilities

Re: Kingsoft DuBa Browser Shield ActiveX Remote Exec 0day POC
Tags: kingsoft browser duba remote-exec

jetlib.sec » Tags » browser

Feeds

215 items tagged "browser"

Tags: code browser svg java-code-execution arbitrary-code-execution linux-platforms

Tags: code browser svg java-code-execution arbitrary-code-execution linux-platforms

Tags: code browser svg java-code-execution arbitrary-code-execution linux-platforms

Tags: twitter privacy browser privacy-project

Tags: k-meleon poc browser denial-of-service

Tags: k-meleon denial browser service-vulnerability denial-of-service

Tags: k-meleon denial browser service-vulnerability denial-of-service

Tags: k-meleon denial browser service-vulnerability denial-of-service

Tags: multiple dolphin browser security-vulnerabilities

Tags: marlinspike asks browser browser-vendors validator

Tags: npjp lurawave browser buffer-overflow-vulnerability

Tags: pushes mozilla browser passwords

Tags: cache gold browser usa finding-gold black-hat browser-cache

Tags: crm cross browser

Tags: crm cross browser

Tags: crm cross browser

Tags: crm multiple browser vulnerabilities

Tags: history opera browser information-disclosure-vulnerability history-information

Tags: comparison browser security accuvant exploitation-techniques internet-explorer

Tags: comparison browser security accuvant exploitation-techniques internet-explorer

Tags: chrome new browser

Tags: web opera browser opera-web-browser information-disclosure-vulnerability

Tags: web opera browser opera-web-browser information-disclosure

Tags: file web browser vulnerability

Tags: file web browser vulnerability

Tags: file web browser vulnerability

Tags: wild multiple browser wild-card vulnerability

Tags: amazon silk browser

Tags: web opera browser opera-web-browser information-disclosure

Tags: disclosure file browser read darknet proxy forensics

Tags: zombie evil browser

Tags: opera browser svg memory-corruption code-execution opera-browser

Tags: opera browser svg memory-corruption code-execution opera-browser

Tags: web opera browser opera-web-browser memory-corruption vulnerability

Tags: exploit ssl browser ssl-protocol proof-of-concept decrypt

Tags: exploit ssl browser ssl-protocol proof-of-concept decrypt

Tags: exploit ssl browser ssl-protocol proof-of-concept decrypt

Tags: free extension browser browser-extension

Tags: xss ajax browser ria authors shah-tags dom rich-internet usa deadly-cocktail sleeping-giant

Tags: xss ajax browser ria authors shah-tags dom rich-internet usa deadly-cocktail sleeping-giant

Tags: cross dolphin browser cross-application vulnerability

Tags: cross dolphin browser cross-application vulnerability

Tags: cross dolphin browser cross-application vulnerability

Tags: advisory dolphin browser cross-application bugtraq

Tags: chrome google browser read bounty-program darknet Countermeasures

Tags: web browser girlfriend nat usa google-maps session-hijacking server-firewall

Tags: application android browser cross-application party-application

Tags: application android browser cross-application party-application

Tags: application android browser cross-application party-application

Tags: flaw marketer browser

Tags: safari browser tag idefense-security-advisory memory-corruption safari-browser

Tags: safari browser tag idefense-security-advisory memory-corruption safari-browser

Tags: safari browser tag idefense-security-advisory memory-corruption safari-browser

Tags: mantra browser security read web-application-developers open-source-tools penetration-testers hacking Tools

Tags: web browser xaurora web-browser-version hijacking

Tags: web browser xaurora web-browser-version hijacking

Tags: web browser xaurora web-browser-version hijacking

Tags: web opera browser opera-web-browser memory-corruption vulnerability

Tags: building browser paper mike-shaver usa black-hat

Tags: authors building browser mike-shaver usa black-hat slides

Tags: day zero browser dom sun-java-runtime heap-memory zero-day

Tags: day zero browser dom sun-java-runtime heap-memory zero-day

Tags: day zero browser dom sun-java-runtime heap-memory zero-day

Tags: browser safari iphone remote-exploit safari-browser

Tags: file web browser remote-shell file-browser b14

Tags: file web browser remote-shell file-browser b14

Tags: file web browser remote-shell file-browser b14

Tags: dll opera browser opera-browser exploits

Tags: dll opera browser opera-browser exploits

Tags: web opera browser opera-web security-vulnerabilities

Tags: execution realplayer browser x-code arbitrary-code-execution active-x vulnerability

Tags: execution realplayer browser x-code arbitrary-code-execution active-x vulnerability

Tags: execution realplayer browser x-code arbitrary-code-execution active-x vulnerability