c**t
发帖数: 2744 | 1 【 以下文字转载自 Security 讨论区 】
【 原文由 cogt 所发表 】
http://secunia.com/advisories/15292
Secunia Advisory: SA15292
Release Date: 2005-05-08
Last Update: 2005-05-09
Critical:
Extremely critical
Impact: Cross Site Scripting
System access
Where: From remote
Solution Status: Unpatched
Software: Mozilla Firefox 1.x
Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.
Description:
Two vulnerabilities have been discovered in Firefox, which can be exploited by mali |
|
c**t
发帖数: 2744 | 2 http://secunia.com/advisories/15292
Secunia Advisory: SA15292
Release Date: 2005-05-08
Last Update: 2005-05-09
Critical:
Extremely critical
Impact: Cross Site Scripting
System access
Where: From remote
Solution Status: Unpatched
Software: Mozilla Firefox 1.x
Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.
Description:
Two vulnerabilities have been discovered in Firefox, which can be exploited by malicious people to conduct cross-site scripti |
|
a***a
发帖数: 40617 | 3 Secunia ranks Apple first in software insecurity, Safari said to have
AutoFill vulnerability |
|
j**e
发帖数: 1059 | 4 【 以下文字转载自 PhotoGear 讨论区 】
发信人: anoia (high estrogen man), 信区: PhotoGear
标 题: 果粉长期吹嘘的安全性泡沫也破了
发信站: BBS 未名空间站 (Thu Jul 22 17:42:58 2010, 美东)
Secunia ranks Apple first in software insecurity, Safari said to have
AutoFill vulnerability |
|
N**D
发帖数: 10322 | 5 【 以下文字转载自 Hardware 讨论区 】
发信人: anoia (high estrogen man), 信区: Hardware
标 题: 果粉长期吹嘘的安全性泡沫也破了
发信站: BBS 未名空间站 (Thu Jul 22 17:44:10 2010, 美东)
发信人: anoia (high estrogen man), 信区: PhotoGear
标 题: 果粉长期吹嘘的安全性泡沫也破了
发信站: BBS 未名空间站 (Thu Jul 22 17:42:58 2010, 美东)
Secunia ranks Apple first in software insecurity, Safari said to have
AutoFill vulnerability |
|
a***a
发帖数: 40617 | 6 【 以下文字转载自 PhotoGear 讨论区 】
发信人: anoia (high estrogen man), 信区: PhotoGear
标 题: 果粉长期吹嘘的安全性泡沫也破了
发信站: BBS 未名空间站 (Thu Jul 22 17:42:58 2010, 美东)
Secunia ranks Apple first in software insecurity, Safari said to have
AutoFill vulnerability |
|
c**t
发帖数: 2744 | 7 【 以下文字转载自 Windows 讨论区 】
【 原文由 cogt 所发表 】
Here we go again, fully patched systems, even with SP2 allow this bug to
slip through:
http://secunia.com/advisories/12321/
The vulnerability is caused due to insufficient validation of drag and drop
events issued from the "Internet" zone to local resources. This can be
exploited by a malicious website to e.g. plant an arbitrary executable
file in a user's startup folder, which will get executed the next time
Windows starts up. |
|
c**t
发帖数: 2744 | 8 Here we go again, fully patched systems, even with SP2 allow this bug to
slip through:
http://secunia.com/advisories/12321/
The vulnerability is caused due to insufficient validation of drag and drop
events issued from the "Internet" zone to local resources. This can be
exploited by a malicious website to e.g. plant an arbitrary executable
file in a user's startup folder, which will get executed the next time
Windows starts up. |
|
o******t
发帖数: 1144 | 9 Secunia, Kaspersky and others have alerts up today about a new vulnerability
in the way Windows handles Metafile files (*.wmf). It's a bad one: it has the
highest possible risk rating, there aren't patches yet, and there are known
exploits in the wild that take advantage of the hole.
According to Kaspersky, it hits IE and "may function in Firefox if certain
conditions are met." The AV company's post lists two Web sites that attempt to
install a Trojan using the hole.
Both notices strongly cautio |
|
