537 matches found
Cross site scripting
The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for embedded content in an HTML document, which allows...
CVE-2011-1894
The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for embedded content in an HTML document, which allows...
CVE-2011-1894
The CVE-2011-1894 issue affects the MHTML protocol handler used by Microsoft Windows components (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/R2, Windows 7 SP1). The vulnerability arises from improper handling of a MIME format in requests for embedded content within an HTML docume...
IPComp - encapsulation Kernel Memory Corruption
// source: http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080031.html BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload ------------------------------------------------------------------------------- Gruezi, this document describes CVE-2011-1547. RFC31...
CVE-2011-0096
The CVE describes a vulnerability in the MHTML protocol handler where improper processing of MIME-formatted requests for content blocks can allow a remote attacker to trigger client-side effects in Internet Explorer. Connected advisories (MS11-026 and related OpenVAS/Nessus listings) frame this a...
PT-2011-2085 · Microsoft · Windows Xp +5
Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 through SP2 Microsoft Windows Server 2008 versions Gold through R2 SP1 Microsoft Windows 7 versions Gold through SP1...
Microsoft Internet Explorer MHTML Protocol Handler XSS
Exploit for windows platform in category local exploits Ph4nt0m Webzine 0x05 http://secinn.appspot.com/pstzine Was finally released yesterday, There are two articles about the browser security0x05 and 0x06.If the combination of both, we can complete a lot of interesting attacks... 1.Cross Site...
Microsoft Internet Explorer - MHTML Protocol Handler Cross-Site Scripting
Hacking with mhtml protocol handler Author: www.80vul.com Email:5up3rh3igmail.com Release Date: 2011/1/15 References: http://www.80vul.com/mhtml/Hacking%20with%20mhtml%20protocol%20handler.txt Ph4nt0m Webzine 0x05 http://secinn.appspot.com/pstzine Was finally released yesterday, There are two...
Microsoft Internet Explorer - MHTML Protocol Handler Cross-Site Scripting
Microsoft Internet Explorer - MHTML Protocol Handler Cross-Site Scripting Hacking with mhtml protocol handler Author: www.80vul.com Email:5up3rh3igmail.com Release Date: 2011/1/15 References: http://www.80vul.com/mhtml/Hacking%20with%20mhtml%20protocol%20handler.txt Ph4nt0m Webzine 0x05...
Microsoft Internet Explorer MHTML Cross Site Scripting
Hacking with mhtml protocol handler Author: www.80vul.com Email:5up3rh3igmail.com Release Date: 2011/1/15 References: http://www.80vul.com/mhtml/Hacking%20with%20mhtml%20protocol%20handler.txt Ph4nt0m Webzine 0x05 http://secinn.appspot.com/pstzine Was finally released yesterday, There are two...
Microsoft Outlook Express/Windows Mail MHTML URI Handler Information Disclosure Vulnerability (929123)
This host is missing a critical security update according to Microsoft Bulletin MS07-034. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Outlook Express/Windows Mail MHTML URI Handler Information Disclosure Vulnerability (929123)
This host is missing a critical security update according to Microsoft Bulletin MS07-034. OpenVAS Vulnerability Test $Id: gbms07-034.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft Outlook Express/Windows Mail MHTML URI Handler Information Disclosure Vulnerability 929123 Authors: Madhuri D...
Researcher Publishes Method for Bypassing Flash Local-with-filesystem Sandbox
A security researcher has published a simple method for bypassing one of the sandboxes that Adobe has implemented to prevent Flash files from taking unwanted or malicious actions on users’ PCs. Billy Rios, a well-known application security researcher, developed a quick method for bypassing the...
CVE-2010-3751
Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 allow remote attackers to execute arbitrary code via a long .smil argument to the 1 tfile, 2 pnmm, or 3 cdda protocol handler...
CVE-2010-3625
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."...
acroread: multiple code execution flaws (APSB10-21)
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."...
Microsoft Help Center XSS and Command Execution
Help and Support Center is the default application provided to access online documentation for Microsoft Windows. Microsoft supports accessing help documents directly via URLs by installing a protocol handler for the scheme "hcp". Due to an error in validation of input to hcp:// combined with a...
Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly ---------------------------------------------------------------------------- Help and Support Centre is the default application provided to access online documentation for Microsoft Windows. Microsoft supports accessing...
Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly (MS03-044)
Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly ---------------------------------------------------------------------------- Help and Support Centre is the default application provided to access online documentation for Microsoft Windows. Microsoft supports accessing...
Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly (MS03-044)
Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly MS03-044 Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly ---------------------------------------------------------------------------- Help and Support Centre is the default application...