779 matches found
PT-2009-2776 · Microsoft · Internet Explorer
Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer version 7 Description: A remote code execution issue exists in the way Internet Explorer handles Cascading Style Sheets CSS. This could be exploited by an attacker constructing a specially crafted Web page,...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Bioinformatics htmLawed 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script or HTML via invalid Cascading Style Sheets CSS expressions in the style attribute, which is processed by Internet Explorer 7...
CVE-2009-0404
Multiple cross-site scripting XSS vulnerabilities in Bioinformatics htmLawed 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script or HTML via invalid Cascading Style Sheets CSS expressions in the style attribute, which is processed by Internet Explorer 7...
CVE-2008-3632
Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a web page with crafted Cascading Style Sheets CSS import statements...
Memory corruption
Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets CSS selectors, related to a "memory handling erro...
DEBIAN-CVE-2007-6321
Cross-site scripting XSS vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versions, when using Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via style sheets containing expression commands...
Cross site scripting
Cross-site scripting XSS vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versions, when using Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via style sheets containing expression commands...
CVE-2007-6321
Cross-site scripting XSS vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versions, when using Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via style sheets containing expression commands...
CVE-2007-6321
Cross-site scripting XSS vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versions, when using Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via style sheets containing expression commands...
CVE-2007-0943
Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets CSS strings that trigger memory corruption during parsing, related to use of out-of-bounds pointers...
Memory corruption
Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via a crafted Cascading Style Sheets CSS tag that triggers memory corruption...
CVE-2006-5712
Cross-site scripting XSS vulnerability in Mirapoint WebMail allows remote attackers to inject arbitrary web script via the expression Cascading Style Sheets CSS function, as demonstrated using the width style for an IMG element...
CVE-2006-5712
Technical details (affected product/version, root cause, impact, or remediation) are not publicly provided in the connected documents for CVE-2006-5712. Monitor for updates.
[Full-disclosure] Cross Site Scripting (XSS) Vulnerability in Web Mail platform by "Mirapoint"
·= Security Advisory =· Issue: Cross Site Scripting XSS Vulnerability in Web Mail platform by "Mirapoint" Discovered Date: 19/09/2006 Author: Tal Argoni, LegendaryZion. talargoni at gmail.com Product Vendor: http://www.mirapoint.com/ Details: Mirapoint Web Mail platform is prone to a Cross Site...
Cross Site Scripting (XSS) Vulnerability in Web Mail service by "Walla! Communications LTD"
·= Security Advisory =· Issue: Cross Site Scripting XSS Vulnerability in Web Mail service by "Walla! Communications LTD" Discovered Date: 05/10/2006 Author: Tal Argoni, LegendaryZion. talargoni at gmail.com Product Vendor: http://www.walla.co.il/ Details: Walla! Communications LTD Web Mail servic...
Cross Site Scripting (XSS) Vulnerability in iPlanet Messaging Server Messenger Express by "Sun"
·= Security Advisory =· Issue: Cross Site Scripting XSS Vulnerability in iPlanet Messaging Server Messenger Express by "Sun" Discovered Date: 25/09/2006 Author: Tal Argoni, LegendaryZion. talargoni at gmail.com Product Vendor: http://www.sun.com/ Details: iPlanet Messaging Server Messenger Expres...
Update Protection against Microsoft Internet Explorer Memory Corruption Vulnerabilities (MS06-042)
Microsoft Internet Explorer is prone to multiple memory corruption vulnerabilities. The application fails to properly handle un-initialized COM objects and chained Cascading Style Sheets CSS. This flaw allows attackers to cause denial of service and possibly to execute arbitrary code by convincin...
CVE-2006-3451
Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets CSS, which allows remote attackers to execute arbitrary code via unspecified vectors...
Microsoft Internet Explorer Chained Cascading Style Sheets Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to remote code-execution vulnerability. This issue is related to how the browser handles chained CSS Cascading Style Sheets. An attacker could exploit this issue to execute arbitrary code in the context of the user visiting a malicious web page. Th...
CVE-2006-3353
Opera 9 allows remote attackers to cause a denial of service crash via a crafted web page that triggers an out-of-bounds memory access, related to an iframe and JavaScript that accesses certain style sheets properties...