403 matches found
Microsoft Hyperlink Object Library buffer overflow
Overview A buffer overflow exists in the Microsoft Windows system library used when handling hyperlinks. All currently supported versions of Microsoft Windows are affected. Description An unchecked buffer in the Microsoft Object Library is vulnerable to attack when malformed hyperlinks are handle...
MS05-015: Vulnerability in the Hyperlink Object Library may allow code execution (888113)
The remote host is running a version of Windows that contains a flaw in the Hyperlink Object Library that can be abused to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to construct a malicious hyperlink and lure a victim into clicking it. C Tenable Netwo...
Microsoft Outlook Express - JavaScript Execution
From: To: Subject:MSOE Scripting Example Content-Type:text/html click here to test milw0rm.com 2004-07-13...
The Palace 3.x (Client) Stack Overflow Vulnerability
The Palace 3.x Client Stack Overflow Vulnerability Credit: Author : Peter Winter-Smith Software: Packages : The Palace 3.5 Client Version : 3.5 and below Vendor : 'Copyright © 1996-2000 Communities.com' Vendor Url : http://www.thepalace.com/ Vulnerability: Bug Type : Stack-based Buffer Overflow...
firstclass71.txt
Product: FirstClass Desktop Client 7.1 Developer: SoftArc URL: http://www.softarc.com/ Description: Users clicking on a maliciously crafted link will result in local file execution. Details: FirstClass RTF formatted messages can include hyper-links to web URL's. When the messages recipient clicks...
CVE-2003-0434
Vulnerability CVE-2003-0434 affects multiple PDF viewers, notably Adobe Acrobat 5.0 and Xpdf 1.01. The issue arises from shell metacharacters in embedded hyperlinks, allowing remote attackers to execute arbitrary commands when a user opens a specially crafted PDF. Impact is described as remote co...
Adobe Acrobat Reader (UNIX) 5.0 6 Xpdf 0.9x Hyperlinks - Arbitrary Command Execution
Adobe Acrobat Reader UNIX 5.0 6 Xpdf 0.9x Hyperlinks - Arbitrary Command Execution source: https://www.securityfocus.com/bid/7912/info A vulnerability has been reported for multiple PDF viewers for Unix variant operating systems. The problem is said to occur when hyperlinks have been enabled with...
Adobe Acrobat Reader (UNIX) 5.0 6 / Xpdf 0.9x Hyperlinks - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/7912/info A vulnerability has been reported for multiple PDF viewers for Unix variant operating systems. The problem is said to occur when hyperlinks have been enabled within the viewer. Allegedly, by placing a specially formatted hyperlink within a PDF...
AIM 4.8.2790 remote file execution vulnerability
Description: AOL Instant Messenger version 4.8.2790 will execute programs when a user clicks on a not-so-specially crafted hypertext link. Versions affected: AOL Instant Messenger 4.8.2790. 4.7.2480 is not vulnerable and neither is 5.0.2938. This bug was confirmed on both Windows 2000 and Windows...
[SECURITY] [DSA 158-1] New gaim packages fix arbitrary program execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 158-1 [email protected] http://www.debian.org/security/ Martin Schulze August 27th, 2002 http://www.debian.org/security/faq -...
DSA-158 gaim - arbitrary program execution
Bulletin has no description...
Hole in AOL Instant Messenger
Hello all, This morning I noticed something while playing around with the aim:AddBuddy hyperlink for AIM. If you add many characters separated by commas you can crash the aim when a user clicks it. An example: aim:AddBuddy? ScreenName=InterWN,InterWN,InterWN,InterWN,InterWN,InterWN,I...
CVE-2001-0828
A cross-site scripting vulnerability in Caucho Technology Resin before 1.2.4 allows a malicious webmaster to embed Javascript in a hyperlink that ends in a .jsp extension, which causes an error message that does not properly quote the Javascript...
AOL Instant Messenger 4.x - Hyperlink Denial of Service
AOL Instant Messenger 4.x - Hyperlink Denial of Service source: https://www.securityfocus.com/bid/4244/info AOL Instant Messenger AIM is a real time messaging service. The AIM client runs on Microsoft Windows operating systems. It is possible to crash the AIM client by sending a specially formatt...
AOL Instant Messenger 4.x - Hyperlink Denial of Service
source: https://www.securityfocus.com/bid/4244/info AOL Instant Messenger AIM is a real time messaging service. The AIM client runs on Microsoft Windows operating systems. It is possible to crash the AIM client by sending a specially formatted hyper-link to a user. When the user attempts to launc...
StarOffice 5.1
Do you remember recent Microsoft Word and Wordpad vulnerabilities while reading .rtf documents? I realized that Sun StarOffice 5.1 is at least so buggy as M$ products. There are a lot of ways to cause overflow and crash or execution of arbitrary code while viewing documents - starting from html...
aol.aim.url.DoS.txt
Date: Mon, 19 Apr 1999 22:00:00 -0500 From: Adam Brown To: [email protected] Subject: AOL Instant Messenger URL Crash There is a bug in the newer versions of AOL's Instant Messenger that will cause the client to crash when exploited. All builds of version 2.0 that I've tested seem to be...
CVE-1999-0486
Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash...
PT-1998-1087 · Aol · Aol Instant Messenger
Name of the Vulnerable Software and Affected Versions: AOL Instant Messenger affected versions not specified Description: The issue allows a remote attacker to cause a denial of service in AOL Instant Messenger by sending a malicious hyperlink to the receiving client, potentially resulting in a...
Security update 1970-01-01
...