SecurityReason.com - Our Reason is

Security

Register | Forget Password | Login
SecurityReason
IT News
Search
SecurityAlert Database
About SecurityAlert
ExploitAlert Database
SecurityReason Research
WLB
WLB Database
Send to WLB
About WLB
Services
Security Audit
Schedule
Prices of services
Contact
RSS
SecurityReason IT News
SecurityAlert
World Laboratory of Bugtraq
ExploitAlert
Apache
PHP
Corporate
Contact
About SecurityReason
Note

If you have found a vulnerability, please send to our SecurityAlert Database :
secalert()securityreason()com

Also if you have new ( 0-day ) exploit, please send to our ExploitAlert Archive :
exploit()securityreason()com
Home arrow World Laboratory of Bugtraq Database

Arrow  Topic :

Firefox 3.0.5 remote vulnerability via queryCommandState


Arrow  WLB : WLB-2009010021  (About)
Arrow  SecurityAlert : None
Arrow  Date : 2009-01-08
Arrow  Credit          : carl hardwick
Arrow  SecurityRisk : Medium  Security Risk Medium  (About)
Arrow  Remote : Yes
Arrow  Local     : No
Arrow  Status   : Trick

Arrow  History : [2009-01-08] Started

Arrow  Affected software :  http://groups.google.it/group/carl-hardwick/web/Firefox305RemoteDoS.htm



Arrow  Text :  

An unpatched security flaw has been discovered in the latest version
of Firefox 3.0.5 which allows a remote attacker to crash the browser
with a special crafted HTML page using a queryCommandState:

PoC:
http://groups.google.it/group/carl-hardwick/web/Firefox305RemoteDoS.htm




If you want change this note, please use UCP
Alert

libopie __readrec() off-by-one

Security Risk Medium- 2010-04-23

This advisory is related to new FreeBSD advisory FreeBSD-SA-10:05.opie.
Apache RSS Apache Alert

» Apache ActiveMQ 5.4.0
   source code disclosure
   vulnerability

» Apache ActiveMQ 5.3.0
   Persistent Cross-Site
   Scripting

» Apache CouchDB 0.10.1
   Timing Attack
   Vulnerability

» Apache 1.3.41 mod_proxy
   Integer overflow (code
   execution)
Copyright © SecurityReason.com. All Rights Reserved.