Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-1021

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-1244 1 Microsoft 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more 2022-02-28 5.8 MEDIUM N/A
Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content access, which allows remote attackers to obtain sensitive information or conduct clickjacking attacks via a crafted web site, aka "Frame Tag Information Disclosure Vulnerability."
CVE-2005-2407 1 Opera 1 Opera Browser 2022-02-28 5.1 MEDIUM N/A
A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code by overlaying a malicious new window above a file download dialog box, then tricking the user into double-clicking on the "Run" button, aka "link hijacking".
CVE-2014-1483 5 Canonical, Mozilla, Opensuse and 2 more 8 Ubuntu Linux, Firefox, Seamonkey and 5 more 2020-10-23 5.0 MEDIUM N/A
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions.
CVE-2013-5614 7 Canonical, Fedoraproject, Mozilla and 4 more 16 Ubuntu Linux, Fedora, Firefox and 13 more 2020-08-21 4.3 MEDIUM N/A
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site.
CVE-2014-1480 5 Canonical, Mozilla, Opensuse and 2 more 8 Ubuntu Linux, Firefox, Seamonkey and 5 more 2020-08-21 4.3 MEDIUM N/A
The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.