Microsoft Windows XP/2000/2003 MHTML URI Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18198/info DEFAULT BASEURL= InternetShortcut...

Microsoft Outlook Express 5/6 MHTML URL Handler File Rendering Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5473/info Microsoft Outlook Express introduced a URL handler called MHTML MIME Encapsulation of Aggregate HTML. This allows Internet Explorer to pass MHTML files to Outlook Express for rendering. The MHTML URL handler doe...

Microsoft Outlook Express 6.0 MHTML Forced File Execution Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component...

Outlook Express 5.5/6.0,Windows Mail MHTML URI Handler Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17717/info Outlook Express and Windows Mail are prone to a cross-domain information-disclosure vulnerability. This vulnerability may let a malicious website access properties of a site in an arbitrary external domain in t...

Microsoft Outlook Express 6.0 MHTML Forced File Execution Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component...

Microsoft Internet Explorer MHTML Protocol Handler XSS

No description provided by source. Hacking with mhtml protocol handler Author: www.80vul.com Email:5up3rh3igmail.com Release Date: 2011/1/15 References: http://www.80vul.com/mhtml/Hacking%20with%20mhtml%20protocol%20handler.txt Ph4nt0m Webzine 0x05 http://secinn.appspot.com/pstzine Was finally...

DSA-2939-1 chromium-browser - security update

Bulletin has no description...

CVE-2014-1747

Cross-site scripting XSS vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS UXSS."...

UBUNTU-CVE-2014-1747

Cross-site scripting XSS vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS UXSS."...

CVE-2014-1747

Cross-site scripting XSS vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS UXSS."...

Cross site scripting

Cross-site scripting XSS vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS UXSS."...

CVE-2014-1747

CVE-2014-1747 is a UXSS-type XSS in Blink's DocumentLoader::maybeCreateArchive used by Google Chrome prior to 35.0.1916.114. The vulnerability allows remote attackers to inject arbitrary script/HTML via crafted MHTML content. Affected component is Blink/WebKit's MHTML handling in Chrome versions ...

CVE-2014-1747

Removed by vendor...

CVE-2013-5406

Multiple cross-site scripting XSS vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, leading to improper interaction with the Windows MHTML protocol handler...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, leading to improper interaction with the Windows MHTML protocol handler...

CVE-2013-5406

Multiple cross-site scripting XSS vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, leading to improper interaction with the Windows MHTML protocol handler...

CVE-2012-5762

Cross-site scripting XSS vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject arbitrary web script or HTML via vectors involving the MHTML protocol...

Cross site scripting

Cross-site scripting XSS vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject arbitrary web script or HTML via vectors involving the MHTML protocol...

CVE-2012-5762

Cross-site scripting XSS vulnerability in the WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza allows remote authenticated users to inject arbitrary web script or HTML via vectors involving the MHTML protocol...

CVE-2012-5762

CVE-2012-5762 affects IBM Netezza WebAdmin (versions 6.0.5, 6.0.8 and 7.0 before P2). The vulnerability is an XSS allowing remote authenticated users to inject arbitrary script/HTML via MHTML protocol vectors. IBM’s bulletin for this family notes multiple issues and lists CVE-2012-5762 among them...