CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 1CVE-2007-6536
https://notcve.org/view.php?id=CVE-2007-6536
The Custom Button Installer dialog in Google Toolbar 4 and 5 beta presents certain domain names in the (1) "Downloaded from" and (2) "Privacy considerations" sections without verifying domain names, which makes it easier for remote attackers to spoof domain names and trick users into installing malicious button XML files, as demonstrated by presenting www.google.com when the button was downloaded from an arbitrary site through an open redirector on www.google.com. El diálogo Instalador de Botón Personalizado (Custom Button Installer) en Google Toolbar 4 y 5 beta presenta determinados nombres de dominio en las secciones (1) "Descargado desde" (Downloaded from) y (2) "Consideraciones de privacidad" (Privacy considerations) sin verificar los nombres de dominio, lo cual facilita a los atacantes falsificar nombres de dominio y engañar a los usuarios para que instalen archivos XML de botones maliciosos, como se ha demostrado presentando www.google.com cuando el botón se descargó de un sitio arbitrario a través de un redirector abierto en www.google.com. • http://aviv.raffon.net/2007/12/18/GoogleToolbarDialogSpoofingVulnerability.aspx http://secunia.com/advisories/28166 http://securityreason.com/securityalert/3491 http://www.osvdb.org/39499 http://www.securityfocus.com/archive/1/485288/100/0/threaded http://www.securityfocus.com/bid/26923 https://exchange.xforce.ibmcloud.com/vulnerabilities/39164 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 53%CPEs: 1EXPL: 2CVE-2007-6228 – Yahoo! Toolbar 1.4.1 Helper - Class ActiveX Control Remote Buffer Overflow (Denial of Service) (PoC)
https://notcve.org/view.php?id=CVE-2007-6228
Stack-based buffer overflow in the Helper class in the yt.ythelper.2 ActiveX control in Yahoo! Toolbar 1.4.1 allows remote attackers to cause a denial of service (browser crash) via a long argument to the c method. Desbordamiento de búfer basado en pila en la clase Helper en el controlado ActiveX yt.ythelper.2 en Yahoo! Toolbar 1.4.1 permite a atacantes remotos provocar denegación de servicio (caida de navegador) a través de un argumento largo en el método c. • https://www.exploit-db.com/exploits/30832 http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058725.html http://www.securityfocus.com/bid/26656 https://exchange.xforce.ibmcloud.com/vulnerabilities/38769 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 26%CPEs: 1EXPL: 2CVE-2007-3955 – LinkedIn Toolbar 3.0.2.1098 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-3955
Buffer overflow in the IEToolbar.IEContextMenu.1 ActiveX control in LinkedInIEToolbar.dll in the LinkedIn Toolbar 3.0.2.1098 allows remote attackers to execute arbitrary code via a long second argument (varBrowser argument) to the search method. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer en el control ActiveX IEToolbar.IEContextMenu.1 en LinkedInIEToolbar.dll en la LinkedIn Toolbar 3.0.2.1098 permite a atacantes remotos ejecutar código de su elección a través de un segundo argumento largo (argumento varBrowser) en el método search. NOTA: algunos de estos detalles se obtuvieron de terceras fuentes de información. • https://www.exploit-db.com/exploits/4217 http://osvdb.org/37696 http://secunia.com/advisories/26181 http://www.securityfocus.com/bid/25032 http://www.vdalabs.com/tools/linkedin.html http://www.vupen.com/english/advisories/2007/2620 https://exchange.xforce.ibmcloud.com/vulnerabilities/35578 •
CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 3CVE-2007-1402 – Rediff Toolbar - ActiveX Control Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-1402
The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denial of service via unspecified manipulations, possibly involving improper initialization or blank arguments. El control ActiveX Rediff Toolbar 2.0 en redifftoolbar.dll permite a atacantes remotos provocar denegación de servicio a través de manipulaciones no especificadas, posiblemente afectando a la inicializaciones no adecuadas o discusiones en blanco. • https://www.exploit-db.com/exploits/3433 http://downloads.securityfocus.com/vulnerabilities/exploits/21924.html http://osvdb.org/36899 http://www.securityfocus.com/bid/21924 •
CVSS: 4.3EPSS: 3%CPEs: 18EXPL: 4CVE-2004-2475 – Google Toolbar 1.1.x - About.HTML HTML Injection
https://notcve.org/view.php?id=CVE-2004-2475
Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it is not allowed in the Internet Zone. Thus this might not be a vulnerability. • https://www.exploit-db.com/exploits/24607 http://archives.neohapsis.com/archives/bugtraq/2004-09/0226.html http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0629.html http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0639.html http://securitytracker.com/id?1011351 http://www.osvdb.org/10037 http://www.securityfocus.com/bid/11210 https://exchange.xforce.ibmcloud.com/vulnerabilities/17435 •