jetlib.sec » Tags » css

Feeds

133341 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

35 items tagged "css"

Related tags: webkit [+], information disclosure vulnerability [+], import [+], html engine [+], arbitrary code execution [+], internet explorer 8 [+], internet [+], explorer [+], denial of service [+], vulnerability [+], mozilla [+], microsoft [+], selectors [+], module [+], mediawiki [+], html [+], format [+], domain information [+], css selectors [+], css format [+], validation [+], token [+], style tag [+], service vulnerability [+], remote [+], iphone [+], imperva [+], firewall products [+], firewall [+], exploits [+], css selector [+], cross site scripting [+], crash [+], application firewall [+], apple safari [+], win [+], table [+], security vulnerabilities [+], safer use [+], run in [+], remote security [+], read [+], poc [+], origin [+], new bug [+], mozilla firefox [+], memory [+], maxthon [+], history information [+], google [+], denial [+], darknet [+], comments [+], cisco css [+], cisco [+], circumstantial evidence [+], chrome [+], apple webkit [+], ace [+], ExploitsVulnerabilities [+], memory corruption [+]

• March 27, 2012
• 0:00

  Vuln: WebKit CSS 'format()' Arguments Memory Corruption Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  WebKit CSS 'format()' Arguments Memory Corruption Vulnerability

  Tags:  format webkit css memory-corruption css-format  

• December 12, 2011
• 0:00

  Vuln: Mozilla Firefox CSS ':visited' Browser History Information Disclosure Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Mozilla Firefox CSS ':visited' Browser History Information Disclosure Vulnerability

  Tags:  mozilla css information-disclosure-vulnerability mozilla-firefox history-information  

• November 21, 2011
• 0:00

  Vuln: WebKit CSS 'format()' Arguments Memory Corruption Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  WebKit CSS 'format()' Arguments Memory Corruption Vulnerability

  Tags:  format webkit css memory-corruption css-format  

• April 22, 2011
• 0:00

  Vuln: Google Chrome CSS Handling Status Bar Spoofing Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Google Chrome CSS Handling Status Bar Spoofing Vulnerability

  Tags:  chrome google css vulnerability  

• April 21, 2011
• 0:00

  Vuln: MediaWiki CSS Comments Cross Site Scripting Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  MediaWiki CSS Comments Cross Site Scripting Vulnerability

  Tags:  mediawiki css comments vulnerability  

• March 10, 2011
• 0:00

  Vuln: WebKit CSS Token Sequences Handling Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  WebKit CSS Token Sequences Handling Denial of Service Vulnerability

  Tags:  token webkit css service-vulnerability denial-of-service  

• February 10, 2011
• 9:22

  Internet Explorer CSS Recursive Import Use After Free

   » ‎ Packet Storm Security Exploits
  This Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 'mscorie.dll' module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions with .NET 2.0.50727 installed.

  Tags:  css import module arbitrary-code-execution memory-corruption html-engine  

• 9:22

  Internet Explorer CSS Recursive Import Use After Free

   » ‎ Packet Storm Security Recent Files
  This Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 'mscorie.dll' module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions with .NET 2.0.50727 installed.

  Tags:  css import module arbitrary-code-execution memory-corruption html-engine  

• 9:22

  Internet Explorer CSS Recursive Import Use After Free

   » ‎ Packet Storm Security Misc. Files
  This Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 'mscorie.dll' module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions with .NET 2.0.50727 installed.

  Tags:  css import module arbitrary-code-execution memory-corruption html-engine  

• January 25, 2011
• 0:00

  Vuln: WebKit CSS Token Sequences Handling Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  WebKit CSS Token Sequences Handling Denial of Service Vulnerability

  Tags:  token webkit css service-vulnerability denial-of-service  

• December 21, 2010
• 9:45

  Internet Explorer CSS Recursive Import Use After Free

   » ‎ Packet Storm Security Exploits
  This Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution.

  Tags:  css html import arbitrary-code-execution memory-corruption html-engine  

• 9:45

  Internet Explorer CSS Recursive Import Use After Free

   » ‎ Packet Storm Security Recent Files
  This Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution.

  Tags:  css html import arbitrary-code-execution memory-corruption html-engine  

• 9:45

  Internet Explorer CSS Recursive Import Use After Free

   » ‎ Packet Storm Security Misc. Files
  This Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution.

  Tags:  css html import arbitrary-code-execution memory-corruption html-engine  

• December 16, 2010
• 15:40

  Internet Explorer 8 CSS Parser Exploit

   » ‎ Packet Storm Security Exploits
  This is a CSS parser exploit for Microsoft Internet Explorer 8.

  Tags:  internet explorer css internet-explorer-8 microsoft  

• 15:40

  Internet Explorer 8 CSS Parser Exploit

   » ‎ Packet Storm Security Recent Files
  This is a CSS parser exploit for Microsoft Internet Explorer 8.

  Tags:  internet explorer css internet-explorer-8 microsoft  

• 15:40

  Internet Explorer 8 CSS Parser Exploit

   » ‎ Packet Storm Security Misc. Files
  This is a CSS parser exploit for Microsoft Internet Explorer 8.

  Tags:  internet explorer css internet-explorer-8 microsoft  

• December 15, 2010
• 14:00

  [remote exploits] - Internet Explorer 8 CSS Parser Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [remote exploits] - Internet Explorer 8 CSS Parser Exploit

  Tags:  internet explorer css internet-explorer-8 exploits  

• December 14, 2010
• 14:00

  [remote exploits] - Internet Explorer 8 CSS Parser Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [remote exploits] - Internet Explorer 8 CSS Parser Exploit

  Tags:  internet explorer css internet-explorer-8 exploits  

• November 02, 2010
• 15:00

  [dos / poc] - Maxthon 3.0.18.1000 CSS Denial of Service

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [dos / poc] - Maxthon 3.0.18.1000 CSS Denial of Service

  Tags:  poc css maxthon denial-of-service  

• September 08, 2010
• 2:53

  Microsoft Investigates IE CSS Cross-Origin Theft Vulnerability

   » ‎ Darknet
  There’s a lot of circumstantial evidence surround this as Microsoft themselves haven’t clarified or publicly announced anything related to the CSS Cross-Origin Theft bug – but it seems fairly clear. Some media sources are quoting it as a ‘new bug‘ – which it isn’t, according to other sources it has been...
  
  Read the full post at darknet.org.uk

  
  

  

  Tags:  origin microsoft css read circumstantial-evidence new-bug darknet ExploitsVulnerabilities  

• August 09, 2010
• 0:00

  Vuln: WebKit CSS Counters Remote Memory Corruption Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  WebKit CSS Counters Remote Memory Corruption Vulnerability

  Tags:  css remote memory memory-corruption webkit vulnerability  

• August 05, 2010
• 17:08

  Table2CSS Denial of Service PoC

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Table2CSS Denial of Service PoC

  Tags:  table css denial denial-of-service  

• August 02, 2010
• 0:00

  Vuln: Multiple Mozilla Products CSS Selectors Cross Domain Information Disclosure Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Multiple Mozilla Products CSS Selectors Cross Domain Information Disclosure Vulnerability

  Tags:  mozilla css selectors information-disclosure-vulnerability css-selectors domain-information  

• July 27, 2010
• 0:00

  Vuln: Multiple Mozilla Products CSS Selectors Cross Domain Information Disclosure Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Multiple Mozilla Products CSS Selectors Cross Domain Information Disclosure Vulnerability

  Tags:  mozilla css selectors information-disclosure-vulnerability css-selectors domain-information  

• July 23, 2010
• 0:00

  Vuln: Multiple Mozilla Products CSS Selectors Cross Domain Information Disclosure Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Multiple Mozilla Products CSS Selectors Cross Domain Information Disclosure Vulnerability

  Tags:  mozilla css selectors information-disclosure-vulnerability css-selectors domain-information  

• July 15, 2010
• 0:00

  Vuln: Cisco CSS/ACE Multiple Remote Security Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  Cisco CSS/ACE Multiple Remote Security Vulnerabilities

  Tags:  css cisco ace cisco-css remote-security security-vulnerabilities  

• April 29, 2010
• 1:00

  Apple Safari 4.0.3 (Win32) CSS Remote Denial Of Service Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Apple Safari 4.0.3 (Win32) CSS Remote Denial Of Service Exploit

  Tags:  css remote win apple-safari denial-of-service  

• April 27, 2010
• 0:00

  Vuln: MediaWiki 'CSS validation' Information Disclosure Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  MediaWiki 'CSS validation' Information Disclosure Vulnerability

  Tags:  mediawiki css validation information-disclosure-vulnerability  

• April 15, 2010
• 16:00

  CSS10-01.txt

   » ‎ Packet Storm Security Recent Files
  Imperva SecureSphere Web Application Firewall and Database Firewall products can be bypassed by appending specially crafted data to requests. Protection provided by the Imperva device against attacks such as SQL injection and Cross-Site Scripting is negated, allowing unfiltered requests through to protected applications.

  Tags:  imperva css firewall application-firewall firewall-products cross-site-scripting  

• 16:00

  CSS10-01.txt

   » ‎ Packet Storm Security Advisories
  Imperva SecureSphere Web Application Firewall and Database Firewall products can be bypassed by appending specially crafted data to requests. Protection provided by the Imperva device against attacks such as SQL injection and Cross-Site Scripting is negated, allowing unfiltered requests through to protected applications.

  Tags:  imperva css firewall application-firewall firewall-products cross-site-scripting  

• March 23, 2010
• 0:00

  Vuln: WebKit CSS 'format()' Arguments Memory Corruption Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  WebKit CSS 'format()' Arguments Memory Corruption Vulnerability

  Tags:  format webkit css memory-corruption css-format  

• 0:00

  Vuln: MediaWiki 'CSS validation' Information Disclosure Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  MediaWiki 'CSS validation' Information Disclosure Vulnerability

  Tags:  mediawiki css validation information-disclosure-vulnerability  

• March 16, 2010
• 20:12

  Apple WebKit CSS Run-in Attribute Rendering Vulnerability

   » ‎ SecuriTeam
  This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari and other WebKit based browsers.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  vulnerability css run-in apple-safari apple-webkit safer-use webkit  

• February 25, 2010
• 0:00

  iphone_crash.py.txt

   » ‎ Packet Storm Security Recent Files
  iPhone CSS::Selector crash exploit that acts as a web server that sends a malformed long string to the CSS style tag.

  Tags:  crash iphone css css-selector style-tag  

• February 24, 2010
• 23:00

  iphone_crash.py.txt

   » ‎ Packet Storm Security Exploits
  iPhone CSS::Selector crash exploit that acts as a web server that sends a malformed long string to the CSS style tag.

  Tags:  crash iphone css css-selector style-tag