CVE-2016-10521

jshamcrest is vulnerable to regular expression denial of service ReDoS when certain types of user input is passed in to the emailAddress validator...

Regular Expression Denial of Service

Overview The jshamcrest package is affected by a regular expression denial of service vulnerability when certain types of user input are passed in to the emailAddress validator. Proof of concept var js = require'jshamcrest' var emailAddress = new js.JsHamcrest.Matchers.emailAddress; var genstr =...

Microsoft Outlook 'S/MIME EmailAddress'属性错配安全漏洞

BUGTRAQ ID: 60591 Microsoft Outlook是Office套件所捆绑的邮件客户端。 Microsoft Outlook所有版本存在S/MIME不完整的问题，对于X509 EmailAddress属性不匹配邮件的“From”地址的数字签名MIME邮件，Outlook并不发出警告。攻击者可利用此漏洞执行钓鱼攻击。 0 Microsoft Outlook 厂商补丁： Microsoft --------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

CVE-2007-6517

SQL injection vulnerability in the forget password section LostPwd.asp in Eagle Software Aeries Browser Interface ABI 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information...

CVE-2005-1784

Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers to steal passwords and gain privileges via a modified emailaddress parameter in an updateprofile action for UserProfile.asp...