CyberSecurityBoard
Sponsor Register Login

CVE-2005-0145

Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature.

Publication date: Mon, 24 Jan 2005 11:00:00 +0000


Cyber News related to CVE-2005-0145

CVE-2005-0145 - Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature. ...
7 years ago
CVE-2017-0144 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
6 years ago
CVE-2017-0148 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
5 months ago
CVE-2017-0143 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
6 years ago
CVE-2017-0145 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
6 years ago
CVE-2017-0146 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
6 years ago
CVE-2007-0145 - PHP remote file inclusion vulnerability in bn_smrep1.php in BinGoPHP News (BP News) 3.01 allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter, a different vector than CVE-2006-4648 and CVE-2006-4649. ...
7 years ago
CVE-2021-44429 - Serva 4.4.0 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1, a related issue to CVE-2013-0145. ...
3 years ago
CVE-2008-0145 - Unspecified vulnerability in glob in PHP before 4.4.8, when open_basedir is enabled, has unknown impact and attack vectors. NOTE: this issue reportedly exists because of a regression related to CVE-2007-4663. ...
7 years ago
CVE-2010-0145 - Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to execute arbitrary code via unknown ...
14 years ago
CVE-2013-0145 - Buffer overflow in the TFTPD service in Serva32 2.1.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in a read request. ...
11 years ago
CVE-2015-0145 - Cross-site request forgery (CSRF) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to hijack the authentication of arbitrary users for requests ...
9 years ago
CVE-2002-0145 - chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root. ...
7 years ago
CVE-2009-0145 - CoreGraphics in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a ...
7 years ago
CVE-2011-0145 - WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different ...
7 years ago
CVE-2003-0145 - Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093. ...
7 years ago
CVE-2001-0145 - Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field. ...
6 years ago
CVE-2012-0145 - Cross-site scripting (XSS) vulnerability in wizardlist.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via JavaScript sequences in ...
6 years ago
CVE-2016-0145 - The font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold and 1511; Office 2007 SP3 and 2010 SP2; Word Viewer; .NET Framework 3.0 ...
6 years ago
CVE-2006-0145 - The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and ...
1 year ago
CVE-1999-0145 - Sendmail WIZ command enabled, allowing root access. ...
5 years ago
CVE-2018-0145 - A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface of ...
5 years ago
CVE-2020-0145 - In btm_simple_pair_complete of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction ...
4 years ago
CVE-2021-0145 - Improper initialization of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. ...
2 years ago
CVE-2022-0145 - Cross-site Scripting (XSS) - Stored in GitHub repository forkcms/forkcms prior to 5.11.1. ...
2 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)