Cross site scripting

Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...

PT-2009-3392 · Apache +2 · Apache Tomcat +2

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 4.1.0 through 4.1.39 Apache Tomcat versions 5.5.0 through 5.5.27 Apache Tomcat versions 6.0.0 through 6.0.18 Description: The issue is related to a cross-site scripting XSS flaw in the calendar application, specifically...

CVE-2007-4999

libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allows remote attackers to cause a denial of service NULL dereference and application crash via a message that contains invalid HTML data, a different vector than CVE-2007-4996...

CVE-2007-4999

libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allows remote attackers to cause a denial of service NULL dereference and application crash via a message that contains invalid HTML data, a different vector than CVE-2007-4996...

DEBIAN-CVE-2007-4999

libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allows remote attackers to cause a denial of service NULL dereference and application crash via a message that contains invalid HTML data, a different vector than CVE-2007-4996...

CVE-2007-4999

libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allows remote attackers to cause a denial of service NULL dereference and application crash via a message that contains invalid HTML data, a different vector than CVE-2007-4996...

Debian DSA-1085-1 : lynx-cur - several vulnerabilities

Several vulnerabilities have been discovered in lynx, the popular text-mode WWW browser. The Common Vulnerabilities and Exposures Project identifies the following vulnerabilities : - CVE-2004-1617 Michal Zalewski discovered that lynx is not able to grok invalid HTML including a TEXTAREA tag with ...

DSA-1076-1 lynx - programming error

Bulletin has no description...

Memory corruption

Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption...

CVE-2006-1185

Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption...

Microsoft Internet Explorer Invalid HTML Parsing Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a vulnerability that may permit remote attackers to execute arbitrary code. This vulnerability occurs when the browser parses invalid HTML. Attackers can exploit this vulnerability through a malicious web page or HTML email. Technologies Affecte...

CVE-2004-1617

CVE-2004-1617 affects Lynx family (lynx, lynx-ssl, lynx-cur) prior to 2.8.6dev.8. Affected component is the HTML parser: processing invalid HTML (notably a TEXTAREA with a large COLS value, or an unterminated large tag name) can cause an infinite loop, i.e., a denial of service. Debians OpenVAS e...

CVE-2004-1617

Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service infinite loop via a web page or HTML email that contains invalid HTML including 1 a TEXTAREA tag with a large COLS value and 2 a large tag name in an element that is not terminated, as demonstrated ...

CVE-2004-1617

Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service infinite loop via a web page or HTML email that contains invalid HTML including 1 a TEXTAREA tag with a large COLS value and 2 a large tag name in an element that is not terminated, as demonstrated ...

CVE-2004-1617

Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service infinite loop via a web page or HTML email that contains invalid HTML including 1 a TEXTAREA tag with a large COLS value and 2 a large tag name in an element that is not terminated, as demonstrated ...

CVE-2004-1617

Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service infinite loop via a web page or HTML email that contains invalid HTML including 1 a TEXTAREA tag with a large COLS value and 2 a large tag name in an element that is not terminated, as demonstrated ...

DEBIAN-CVE-2004-1617

Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service infinite loop via a web page or HTML email that contains invalid HTML including 1 a TEXTAREA tag with a large COLS value and 2 a large tag name in an element that is not terminated, as demonstrated ...