814 matches found
CVE-2010-2809
The default configuration of the binding in Uzbl before 2010.08.05 does not properly use the @SELECTEDURI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document...
Default configuration
The default configuration of the binding in Uzbl before 2010.08.05 does not properly use the @SELECTEDURI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document...
CVE-2010-2809
The default configuration of the binding in Uzbl before 2010.08.05 does not properly use the @SELECTEDURI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document...
CVE-2010-2809
Removed by vendor...
CVE-2009-3737
The Oracle Siebel Option Pack for IE ActiveX control does not properly initialize memory that is used by the NewBusObj method, which allows remote attackers to execute arbitrary code via a crafted HTML document...
Design/Logic Flaw
The Oracle Siebel Option Pack for IE ActiveX control does not properly initialize memory that is used by the NewBusObj method, which allows remote attackers to execute arbitrary code via a crafted HTML document...
CVE-2009-3737
The Oracle Siebel Option Pack for IE ActiveX control does not properly initialize memory that is used by the NewBusObj method, which allows remote attackers to execute arbitrary code via a crafted HTML document...
CVE-2010-2991
The IICAClient interface in the ICAClient library in the ICA Client ActiveX Object aka ICO component in Citrix Online Plug-in for Windows for XenApp & XenDesktop before 12.0.3 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted HTML...
Memory corruption
The IICAClient interface in the ICAClient library in the ICA Client ActiveX Object aka ICO component in Citrix Online Plug-in for Windows for XenApp & XenDesktop before 12.0.3 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted HTML...
CVE-2010-2991
The IICAClient interface in the ICAClient library in the ICA Client ActiveX Object aka ICO component in Citrix Online Plug-in for Windows for XenApp & XenDesktop before 12.0.3 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted HTML...
KLA10110 ACE vulnerability in Citrix
An unspecified vulnerability was found in Citrix products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely at a point related to the ICA graphics packet via a specially designed HTML or ICA document. Original advisories...
Oracle Siebel Option Pack for IE ActiveX control memory initialization vulnerability
Overview The Oracle Siebel Option Pack for IE ActiveX control fails to properly initialize memory, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Siebel Option Pack for IE is an ActiveX control that is provided by Oracle Siebel...
CVE-2010-1784
The counters functionality in the Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of servi...
CVE-2010-1790
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle just-in-time JIT compiled JavaScript stubs, which allows remote attackers to execute arbitrary code or cause a denial of service...
CVE-2010-1784
The counters functionality in the Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of servi...
Memory corruption
The counters functionality in the Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of servi...
Memory corruption
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service memory...
CVE-2010-1783
Removed by vendor...
CVE-2010-1784
The counters functionality in the Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of servi...
CVE-2010-1784
Removed by vendor...