SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Search Results

IDDate
Public		Name
VU#92350806/18/2008Microsoft Internet Explorer 6 contains a cross-domain vulnerability
VU#47136106/04/2007Microsoft Internet Explorer cross-domain frame race condition
VU#93573712/19/2007Adobe Flash Player may load arbitrary, malformed cross-domain policy files
VU#25276408/08/2006Microsoft Internet Explorer source element cross-domain vulnerability
VU#28998806/25/2007Apple Safari cross-domain HTTP redirection race condition
VU#35660012/15/2004Microsoft Internet Explorer DHTML Editing ActiveX control contains a cross-domain vulnerability
VU#65192809/14/2004Mozilla may allow violation of cross-domain scripting policies via dragging
VU#46245102/21/2002Microsoft Internet Explorer allows read access to local files via incorrect VBScript handling
VU#88310806/27/2006Microsoft Internet Explorer HTML Document object cross-domain vulnerability
VU#78410211/25/2003Microsoft Internet Explorer does not properly validate source of URL stored in Travel Log
VU#84570806/21/2007Apple WebCore XMLHttpRequest fails to properly serialize headers into an HTTP request
VU#32641209/10/2003Microsoft Internet Explorer execCommand method does not properly validate URL source
VU#65245209/10/2003Microsoft Internet Explorer does not adequately validate javascript: protocol URL
VU#71387806/03/2004Microsoft Internet Explorer does not properly validate source of redirected frame
VU#14329706/04/2007Mozilla Firefox allows cross-domain iframe access via JavaScript
VU#58029902/08/2005Microsoft Internet Explorer contains URL decoding cross-domain vulnerability
VU#97241512/21/2004Microsoft Windows HTML Help ActiveX control does not adequately validate window source
VU#20514808/20/2003Microsoft Internet Explorer does not properly evaluate Content-Type and Content-Disposition headers
VU#77160409/10/2003Microsoft Internet Explorer does not properly validate URL sources
VU#99836904/16/2005Apple Web Kit-based browsers may allow remote access to local filesystem contents
VU#28830812/28/2003Microsoft Internet Information Server (IIS) vulnerable to cross-site scripting via HTTP TRACK method
VU#88575302/14/2007Mozilla browsers "location.hostname" cross-domain vulnerability
VU#99679807/13/2005Mozilla Firefox insecurely handles content from external applications
VU#82397102/08/2005Microsoft Internet Explorer contains a Channel Definition Format (CDF) cross-domain vulnerability
VU#86759301/20/2003Web servers enable HTTP TRACE method by default
VU#20726407/11/2004Microsoft Internet Explorer does not properly handle function redirection
VU#32307011/25/2003Outlook Express MHTML protocol handler does not properly validate source of alternate content
VU#51662705/12/2008Microsoft Internet Explorer fails to properly restrict access to frames
VU#53471005/07/2005Mozilla fails to properly prevent "JavaScript:" URIs containing "eval()" from being executed in the context of other URIs in the history list
VU#48481405/11/2004Microsoft Help and Support Center (HCP) fails to properly validate HCP URLs
VU#24472912/03/2002Microsoft Internet Explorer does not adequately validate window ornament parameters in dialog frames
VU#41388609/10/2003Microsoft Internet Explorer allows mouse events to manipulate window objects and perform "drag and drop" operations
VU#34781201/15/2008UPnP enabled by default in multiple devices
VU#30406401/03/2007Apple Quicktime HREFTrack Cross-Zone Scripting vulnerability
VU#72856304/17/2002Microsoft Internet Explorer does not adequately validate source of dialog frame

If this page is empty, your search did not match any documents.

Produced 2010 by US-CERT, a government organization
Disclaimers and copyright information