CVE-2008-3444

The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted but well-formed web page that contains "a simple set of legitimate HTML tags."...

Null pointer dereference

The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted but well-formed web page that contains "a simple set of legitimate HTML tags."...

CVE-2008-3444

The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted but well-formed web page that contains "a simple set of legitimate HTML tags."...

SuSE 10 Security Update : Qt3 (ZYPP Patch Number 3898)

Format string bugs in QTextEdit can be exploited via specially crafted HTML tags to potentially execute code. CVE-2007-3388 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

CVE-2004-2709

Buffer overflow in the striphtmltags method for Gyach Enhanced Gyach-E before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors involving HTML tags...

[SECURITY] Fedora 7 Update: elinks-0.11.3-1.fc7

Links is a text-based Web browser. Links does not display any images, but it does support frames, tables and most other HTML tags. Links' advantage over graphical browsers is its speed--Links starts and exits quickly and swiftly displays Web pages...

KDE Konqueror DoS

Crash on invalid sequences of open and close HTML tags...

PR07-18: Cross-site Scripting (XSS) / HTML injection on Webbler CMS admin login page (1)

PR07-18: Cross-site Scripting XSS / HTML injection on Webbler CMS admin login page 1 This advisory has been published following consultation with UK CPNI formerly known as NISCC Date Found: 14th June 2007 Successfully tested on: Webbler CMS version 3.1.3. Earlier versions are possibly affected as...

Insanely simple blog - Multiple vulnerabilities

Insanely simple blog version 0.5 and below http://sourceforge.net/projects/insanelysimple2 ISB contains multple vulnerabilities including both XSS, and SQL injection. First off, the search action fails to strip user content for html allowing a user to input tags. Next, anonymous blog entries can...

Heap overflow

Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via 1 a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or 2 a font HTML ta...

CVE-2007-1736

Mozilla Firefox 2.0.0.3 does not check URLs embedded in 1 object or 2 iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection...

CVE-2007-1454

ext/filter in PHP 5.2.0, when FILTERSANITIZESTRING is used with the FILTERFLAGSTRIPLOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting XSS attacks via HTML with a '' character followed by certain whitespace characters, which passes one filter...

Cross site scripting

ext/filter in PHP 5.2.0, when FILTERSANITIZESTRING is used with the FILTERFLAGSTRIPLOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting XSS attacks via HTML with a '' character followed by certain whitespace characters, which passes one filter...

Microsoft Internet Explorer 6 - Local File Access

Microsoft Internet Explorer 6 - Local File Access source: https://www.securityfocus.com/bid/22621/info Microsoft Internet Explorer is reportedly prone to multiple local file-access weaknesses because the application fails to properly handle HTML tags. These issues are triggered when an attacker...

Microsoft Internet Explorer 6 - Local File Access

source: https://www.securityfocus.com/bid/22621/info Microsoft Internet Explorer is reportedly prone to multiple local file-access weaknesses because the application fails to properly handle HTML tags. These issues are triggered when an attacker entices a victim user to visit a malicious website...

CVE-2006-6660

The nodeType function in KDE libkhtml 4.2.0 and earlier, as used by Konquerer, KMail, and other programs, allows remote attackers to cause a denial of service crash via malformed HTML tags, possibly involving a COL SPAN tag embedded in a RANGE tag...

CVE-2006-6660

The nodeType function in KDE libkhtml 4.2.0 and earlier, as used by Konquerer, KMail, and other programs, allows remote attackers to cause a denial of service crash via malformed HTML tags, possibly involving a COL SPAN tag embedded in a RANGE tag...

mojoxss.txt

SOFTWARE: ========= MojoScripts' mojoGallery All version DESCRIPTION: ============ dork: "Powered by mojoGallery" add to last path /admin.cgi , admin and password input alert"lol" or all html tags ===================== mail: [email protected] , [email protected] web: www.ayyildiz.org special...

MojoScripts' xss vulnerable

SOFTWARE: ========= MojoScripts' mojoGallery All version DESCRIPTION: ============ dork: "Powered by mojoGallery" add to last path /admin.cgi , admin and password input scriptalert"lol"/script or all html tags ===================== mail: [email protected] , [email protected] web:...

CVE-2006-3366

Multiple cross-site scripting XSS vulnerabilities in V3 Chat allow remote attackers to inject arbitrary web script or HTML via crafted HTML tags, as demonstrated by the IMG tag, in the 1 id parameter in a mail/index.php and b mail/reply.php; 2 loginid parameter in c members/isonline.php; 3 siteid...