In case anyone is interested, I was able to port the old CSS history hacking stuff that Jeremiah Grossman originally found to a version that does not require JavaScript to fire using images and conditional logic built into CSS using a:visited and display attributes. …

Read More…
Source: Full Disclosure

See Using CSS :visited with CSS background-image is a nice idea (not sure whether new, would need to read the bug). Note that this is not an implementation but, but a problem in the CSS spec. RSnake wrote: …

Read More…
Source: Full Disclosure

Ubuntu Security Notice USN-428-1 February 26, 2007 firefox vulnerabilities CVE-2006-6077, CVE-2007-0008, CVE-2007-0009, CVE-2007-0775, CVE-2007-0776, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995, CVE-2007-0996, CVE-2007-1092 A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.10 This advisory also applies to the corresponding versions of …

Read More…
Source: Full Disclosure

Mozilla Suite And Firefox DOM Property Overrides Code Execution Vulnerability
>> Advertisement <<
ALERT: “How A Hacker Launches A Blind SQL Injection Attack Step-by-Step”!” - White Paper
Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!
https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=701600000004c29

Read More…
Source: Security Focus

[USN-428-1] Firefox vulnerabilities

Read More…
Source: Security Focus

Two vulnerabilities have been uncovered in Microsoft’s Windows Vista operating system (OS) and Internet Explorer 7 (IE7).

Read More…
Source: SC Magazine

Hermes JMS Browser is a Java/Swing application for
interacting with and monitoring queues/topics. In addition to
normal JMS functionality, it supports plugins for gaining
access to provider administrative functionality. This could be
used to efficiently query queue depths. It is especially useful
when dealing with a very mixed environment of messaging
providers and need a single tool to interact and monitor them
all.

Read More…
Source: Freshmeat Daily News

RE: MSIE7 browser entrapment vulnerability (probably Firefox, too)

Read More…
Source: Security Focus

Wireless security: IT pros warily watching mobile phone threats Security experts have warned repeatedly that mobile phone attacks will grow as the devices become more sophisticated. IT administrators are starting to believe them.
[SearchSecurity.com]
Security, compliance, disaster recovery are top IT concerns at remote and branch offices
Security, compliance, and disaster recovery top the list of […]

Read More…
Source: Tech Target

Mozilla GIF Image Processing Library Remote Heap Overflow Vulnerability

Read More…
Source: Security Focus