103 matches found
CVE-2016-1927
The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a brute-force approach...
Adobe Reader replace() Heap Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the replace...
Baidu Spark Browser v26.5.9999.3511 Remote Stack Overflow DoS
Exploit for windows platform in category dos / poc...
CVE-2014-5349
Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote attackers to cause a denial of service application crash via nested calls to the window.print JavaScript function...
Stack overflow
Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote attackers to cause a denial of service application crash via nested calls to the window.print JavaScript function...
CVE-2014-5349
Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote attackers to cause a denial of service application crash via nested calls to the window.print JavaScript function...
百度浏览器海外版(Spark Browser) v26.5.9999.3511 - Remote Stack Overflow Vulnerability (DoS)
Vendor: Baidu, Inc. Product web page: http://www.baidu.com Affected version: 26.5.9999.3511 Summary: Spark Browser is a free Internet browser with very sharp UIs and cool utilities. It's based on the Chromium technology platform, giving it fast browsing capabilities. Desc: Spark Browser version...
SeaMonkey < 2.14 Multiple Vulnerabilities
The installed version of SeaMonkey is earlier than 2.14 and thus, is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. CVE-2012-5842, CVE-2012-5843 - An...
Thunderbird 16.x Multiple Vulnerabilities (Mac OS X)
The installed version of Thunderbird 16.x is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. CVE-2012-5842, CVE-2012-5843 - An error exists in the...
Code injection
template/en/default/bug/field-events.js.tmpl in Bugzilla 3.x before 3.6.12, 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 generates JavaScript function calls containing private product names or private component names in certain circumstances...
iOS 5.1.1 Safari Browser Denial Of Service
Exploit for multiple platform in category dos / poc !/usr/bin/env ruby - Title iOS \n\ Crash PoC\n\ \n\ var s = "poc";\n\ s.match"chrbufferlen";\n\ \n\ "; def help puts "iOS = v5.1.1 Safari Browser JS match, search Crash PoC" puts "$0 -p bindport -h bindaddress --verbose" end Parsing options...
lifetype 1.2.11 CSRF Add User
Exploit for php platform in category web applications +---------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title := lifetype 1.2.11 CSRF Add User Date := 05/april/2012 Author := khaled-Ham Software link :...
Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing
No description provided by source. Name: Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information \ Disclosure Vulnerability Author: Adi Cohen of IBM Rational Application Security [email protected] Date: June 14, 2011 Risk: Medium CVE: CVE-2011-1252 Introduction ------------- The...
Firefox < 3.5.15 Buffer Overflow
The installed version of Firefox is earlier than 3.5.15. Such versions are potentially affected by a heap-based buffer overflow vulnerability. The combination of DOM insertions and the handling of the JavaScript function 'document.write' exposes an error that can lead to a heap-based buffer...
Software Index a remote file upload vulnerability-vulnerability warning-the black bar safety net
Upload file filter is not strict, resulting in remote file upload executable code vulnerabilities. Bulk Google Dork : Copyright 2 0 1 0. Software Index Exp: the html head TitleSelect Image File for uploading/Title script language="JavaScript" function checkFile if form1. userfile. value == ""...
Buffer overflow
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by...
CVE-2009-0070
Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary memory locations, cause a denial of service application crash, and probably have unspecified other impact via the array index of the arguments array in a JavaScript function, possibly a related issu...
CVE-2009-0070
Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary memory locations, cause a denial of service application crash, and probably have unspecified other impact via the array index of the arguments array in a JavaScript function, possibly a related issu...
Design/Logic Flaw
Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do not properly check when the Flash module has been dynamically unloaded properly, which allows remote attackers to execute arbitrary code via a crafted SWF file that "dynamically unloads itself from an outside JavaScript...
Mozilla Firefox Flash Player Dynamic Module Unloading Vulnerability
This vulnerability allows remote attackers to execute code on vulnerable installations of Mozilla Firefox with Adobe's Flash Player. User interaction is required in that a user must visit a malicious web site. The specific flaw exists due to a failure to check whether the Flash module has been...