Lucene search
K

403 matches found

CERT
CERT
added 2005/02/08 12:0 a.m.46 views

Microsoft Hyperlink Object Library buffer overflow

Overview A buffer overflow exists in the Microsoft Windows system library used when handling hyperlinks. All currently supported versions of Microsoft Windows are affected. Description An unchecked buffer in the Microsoft Object Library is vulnerable to attack when malformed hyperlinks are handle...

7.5CVSS7.1AI score0.41139EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2005/02/08 12:0 a.m.19 views

MS05-015: Vulnerability in the Hyperlink Object Library may allow code execution (888113)

The remote host is running a version of Windows that contains a flaw in the Hyperlink Object Library that can be abused to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to construct a malicious hyperlink and lure a victim into clicking it. C Tenable Netwo...

7.5CVSS5.8AI score0.41139EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2004/07/13 12:0 a.m.39 views

Microsoft Outlook Express - JavaScript Execution

From: To: Subject:MSOE Scripting Example Content-Type:text/html click here to test milw0rm.com 2004-07-13...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2004/02/09 12:0 a.m.30 views

The Palace 3.x (Client) Stack Overflow Vulnerability

The Palace 3.x Client Stack Overflow Vulnerability Credit: Author : Peter Winter-Smith Software: Packages : The Palace 3.5 Client Version : 3.5 and below Vendor : 'Copyright © 1996-2000 Communities.com' Vendor Url : http://www.thepalace.com/ Vulnerability: Bug Type : Stack-based Buffer Overflow...

8.5AI score
Exploits0
Packet Storm
Packet Storm
added 2004/01/08 12:0 a.m.26 views

firstclass71.txt

Product: FirstClass Desktop Client 7.1 Developer: SoftArc URL: http://www.softarc.com/ Description: Users clicking on a maliciously crafted link will result in local file execution. Details: FirstClass RTF formatted messages can include hyper-links to web URL's. When the messages recipient clicks...

7.4AI score
Exploits0
CVE
CVE
added 2003/06/18 4:0 a.m.85 views

CVE-2003-0434

Vulnerability CVE-2003-0434 affects multiple PDF viewers, notably Adobe Acrobat 5.0 and Xpdf 1.01. The issue arises from shell metacharacters in embedded hyperlinks, allowing remote attackers to execute arbitrary commands when a user opens a specially crafted PDF. Impact is described as remote co...

7.5CVSS7.5AI score0.40942EPSS
Exploits0References9Affected Software2
exploitpack
exploitpack
added 2003/06/13 12:0 a.m.13 views

Adobe Acrobat Reader (UNIX) 5.0 6 Xpdf 0.9x Hyperlinks - Arbitrary Command Execution

Adobe Acrobat Reader UNIX 5.0 6 Xpdf 0.9x Hyperlinks - Arbitrary Command Execution source: https://www.securityfocus.com/bid/7912/info A vulnerability has been reported for multiple PDF viewers for Unix variant operating systems. The problem is said to occur when hyperlinks have been enabled with...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/13 12:0 a.m.35 views

Adobe Acrobat Reader (UNIX) 5.0 6 / Xpdf 0.9x Hyperlinks - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/7912/info A vulnerability has been reported for multiple PDF viewers for Unix variant operating systems. The problem is said to occur when hyperlinks have been enabled within the viewer. Allegedly, by placing a specially formatted hyperlink within a PDF...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/10/23 12:0 a.m.92 views

AIM 4.8.2790 remote file execution vulnerability

Description: AOL Instant Messenger version 4.8.2790 will execute programs when a user clicks on a not-so-specially crafted hypertext link. Versions affected: AOL Instant Messenger 4.8.2790. 4.7.2480 is not vulnerable and neither is 5.0.2938. This bug was confirmed on both Windows 2000 and Windows...

1.6AI score
Exploits0
Debian
Debian
added 2002/08/27 1:1 p.m.20 views

[SECURITY] [DSA 158-1] New gaim packages fix arbitrary program execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 158-1 [email protected] http://www.debian.org/security/ Martin Schulze August 27th, 2002 http://www.debian.org/security/faq -...

7.9AI score
Exploits0
OSV
OSV
added 2002/08/27 12:0 a.m.25 views

DSA-158 gaim - arbitrary program execution

Bulletin has no description...

7.5CVSS6.3AI score0.0319EPSS
Exploits1
securityvulns
securityvulns
added 2002/05/11 12:0 a.m.51 views

Hole in AOL Instant Messenger

Hello all, This morning I noticed something while playing around with the aim:AddBuddy hyperlink for AIM. If you add many characters separated by commas you can crash the aim when a user clicks it. An example: aim:AddBuddy? ScreenName=InterWN,InterWN,InterWN,InterWN,InterWN,InterWN,I...

0.7AI score
Exploits0
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.25 views

CVE-2001-0828

A cross-site scripting vulnerability in Caucho Technology Resin before 1.2.4 allows a malicious webmaster to embed Javascript in a hyperlink that ends in a .jsp extension, which causes an error message that does not properly quote the Javascript...

5.9AI score0.02773EPSS
Exploits1References6
exploitpack
exploitpack
added 2002/03/01 12:0 a.m.20 views

AOL Instant Messenger 4.x - Hyperlink Denial of Service

AOL Instant Messenger 4.x - Hyperlink Denial of Service source: https://www.securityfocus.com/bid/4244/info AOL Instant Messenger AIM is a real time messaging service. The AIM client runs on Microsoft Windows operating systems. It is possible to crash the AIM client by sending a specially formatt...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2002/03/01 12:0 a.m.36 views

AOL Instant Messenger 4.x - Hyperlink Denial of Service

source: https://www.securityfocus.com/bid/4244/info AOL Instant Messenger AIM is a real time messaging service. The AIM client runs on Microsoft Windows operating systems. It is possible to crash the AIM client by sending a specially formatted hyper-link to a user. When the user attempts to launc...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/04/17 12:0 a.m.130 views

StarOffice 5.1

Do you remember recent Microsoft Word and Wordpad vulnerabilities while reading .rtf documents? I realized that Sun StarOffice 5.1 is at least so buggy as M$ products. There are a lot of ways to cause overflow and crash or execution of arbitrary code while viewing documents - starting from html...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.37 views

aol.aim.url.DoS.txt

Date: Mon, 19 Apr 1999 22:00:00 -0500 From: Adam Brown To: [email protected] Subject: AOL Instant Messenger URL Crash There is a bug in the newer versions of AOL's Instant Messenger that will cause the client to crash when exploited. All builds of version 2.0 that I've tested seem to be...

7.4AI score
Exploits0
NVD
NVD
added 1998/02/01 5:0 a.m.21 views

CVE-1999-0486

Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash...

5CVSS0.01823EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 1998/02/01 12:0 a.m.5 views

PT-1998-1087 · Aol · Aol Instant Messenger

Name of the Vulnerable Software and Affected Versions: AOL Instant Messenger affected versions not specified Description: The issue allows a remote attacker to cause a denial of service in AOL Instant Messenger by sending a malicious hyperlink to the receiving client, potentially resulting in a...

5CVSS6.5AI score0.01823EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.61 views

Security update 1970-01-01

...

7AI score
Exploits0
Rows per page
Query Builder