RSS   Podatności dla 'UZBL'   RSS

2019-11-19
 
CVE-2012-0843

CWE-200
 

 
uzbl: Information disclosure via world-readable cookies storage file

 
2010-08-19
 
CVE-2010-2809

CWE-94
 

 
The default configuration of the <Button2> binding in Uzbl before 2010.08.05 does not properly use the @SELECTED_URI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document.

 
2010-02-25
 
CVE-2010-0011

CWE-264
 

 
The eval_js function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl object, which allows remote attackers to execute arbitrary commands via JavaScript code.

 


Copyright 2020, cxsecurity.com

 

Back to Top