148 matches found
Design/Logic Flaw
The execcommand function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute...
Code injection
The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to discover sensitive URLs via an HREF attribute associated with a redirecting URL...
CVE-2010-1393
The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to discover sensitive URLs via an HREF attribute associated with a redirecting URL...
Apple Safari Multiple Vulnerabilities
This host is installed with Apple Safari Web Browser and is prone to to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbapplesafarimultvulnjan10.nasl 7174 2017-09-18 11:48:08Z asteins $ Apple Safari Multiple Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone...
CVE-2010-0314
The connected SSV entry (SSV:19008) documents CVE-2010-0314 as a redirect-target disclosure in Apple Safari: if a site URL is placed in the HREF of a stylesheet LINK element, a user’s session can read document.styleSheets[0].href to reveal the redirect URL. It notes Safari 4.0.4 and describes the...
CVE-2009-4363
TextFilter/lib/Horde/Text/Filter/Xss.php in Horde Application Framework before 3.3.6, Horde Groupware before 1.2.5, and Horde Groupware Webmail Edition before 1.2.5 does not properly handle data: URIs, which allows remote attackers to conduct cross-site scripting XSS attacks via data:text/html...
SDP Downloader ASX File Heap Buffer Overflow Vulnerability
This host is installed with SDP Downloader and is prone to Buffer Overflow vulnerability. OpenVAS Vulnerability Test $Id: secpodsdpdownloaderbofvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ SDP Downloader ASX File Heap Buffer Overflow Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2009...
CVE-2009-1641
Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execute arbitrary code via 1 a long rtsp URL in a .ram file and 2 a long string in the HREF attribute of a REF element in a .asx file...
Stack overflow
Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execute arbitrary code via 1 a long rtsp URL in a .ram file and 2 a long string in the HREF attribute of a REF element in a .asx file...
CVE-2008-6682
Multiple cross-site scripting XSS vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of 1 " double quote characters in the href attribute of an s:a tag and 2...
VUPlayer .asx Playlist File Buffer Overflow Vulnerability
This host is installed with VUPlayer and is prone to Buffer Overflow vulnerability. OpenVAS Vulnerability Test $Id: secpodvuplayerasxplaylistbofvuln.nasl 5148 2017-01-31 13:16:55Z teissa $ VUPlayer .asx Playlist File Buffer Overflow Vulnerability Authors: Sharath S Copyright: Copyright c 2009...
CVE-2008-5839
Buffer overflow in Foxmail 6.5 allows remote attackers to execute arbitrary code via a long mailto URI in the HREF attribute of an A element...
Buffer overflow
Buffer overflow in Foxmail 6.5 allows remote attackers to execute arbitrary code via a long mailto URI in the HREF attribute of an A element...
CVE-2008-5839
Buffer overflow in Foxmail 6.5 allows remote attackers to execute arbitrary code via a long mailto URI in the HREF attribute of an A element...
CVE-2008-5839
CVE-2008-5839 describes a buffer overflow in FoxMail Client (FoxMail 6.5) triggered by a long mailto URI in the HREF attribute of an A element, allowing remote code execution. Affected component: FoxMail Client; root cause: improper handling/overflow in mailto URI parsing. Impact: potential arbit...
CVE-2008-5282
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1 allow remote attackers to execute arbitrary code via 1 a link with a long HREF attribute, and 2 a DIV tag with a long id attribute...
CVE-2008-5282
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1 allow remote attackers to execute arbitrary code via 1 a link with a long HREF attribute, and 2 a DIV tag with a long id attribute...
CVE-2008-3360
Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code via a long URL in the HREF attribute of an A element, a different vulnerability than CVE-2006-2494...
CVE-2008-3360
Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code via a long URL in the HREF attribute of an A element, a different vulnerability than CVE-2006-2494...
JFreeChart: XSS vulnerabilities in the image map feature
Multiple cross-site scripting XSS vulnerabilities in the image map feature in JFreeChart 1.0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 chart name or 2 chart tool tip text; or the 3 href, 4 shape, or 5 coords attribute of a chart area...