94 matches found
Foxit Reader Caret Annotation object style attribute remote code execution vulnerability
Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. A remote code execution vulnerability exists in the style attribute of the Caret Annotation object in Foxit Reader version 8.3.1.21155, where the program fails to validate the existence of an object before performing...
Foxit Reader FileAttachment annotation object style attribute remote code execution vulnerability
Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. A remote code execution vulnerability exists in the style attribute of the FileAttachment annotation object in Foxit Reader version 8.3.1.21155, where the program fails to validate the existence of an object before...
Foxit Reader FileAttachment Annotations style Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the style attribute...
Foxit Reader Caret Annotations style Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the style attribute...
DEBIAN-CVE-2015-1433
program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting XSS attacks via the style attribute in an email...
Cross site scripting
program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting XSS attacks via the style attribute in an email...
UBUNTU-CVE-2015-1433
program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting XSS attacks via the style attribute in an email...
CVE-2015-1433
program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting XSS attacks via the style attribute in an email...
CVE-2015-1433
program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting XSS attacks via the style attribute in an email...
Microsoft Internet Explorer 'CAttrValue' Style Attribute Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
DEBIAN-CVE-2012-2582
Multiple cross-site scripting XSS vulnerabilities in Open Ticket Request System OTRS Help Desk 2.4.x before 2.4.13, 3.0.x before 3.0.15, and 3.1.x before 3.1.9, and OTRS ITSM 2.1.x before 2.1.5, 3.0.x before 3.0.6, and 3.1.x before 3.1.6, allow remote attackers to inject arbitrary web script or...
CVE-2012-2571
Multiple cross-site scripting XSS vulnerabilities in WinWebMail Server 3.8.1.6 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted Cascading Style Sheets CSS expression property, 3 a CSS expression property in the STYLE...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Alt-N MDaemon Free 12.5.4 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 the Cascading Style Sheets CSS expression property in conjunction with a CSS comment within the STYLE attribute of an IMG...
CVE-2012-2584
Multiple cross-site scripting XSS vulnerabilities in Alt-N MDaemon Free 12.5.4 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 the Cascading Style Sheets CSS expression property in conjunction with a CSS comment within the STYLE attribute of an IMG...
CVE-2008-6885
Cross-site scripting XSS vulnerability in pmlite.php in XOOPS 2.3.1 and 2.3.2a allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute in a URL BBcode tag in a private message...
CVE-2008-6885
Cross-site scripting XSS vulnerability in pmlite.php in XOOPS 2.3.1 and 2.3.2a allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute in a URL BBcode tag in a private message...
kdelibs: KHTML CSS parser - incorrect handling CSS "style" attribute content (DoS, ACE)
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets CSS attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code ...
kdelibs security update
3.5.4-22.0.1.el53 - Remove Version branding - Maximum rpm trademark logos removed pics/crystalsvg/-mime-rpm in tarball 3.5.4-22 - Resolves: 505621, CVE-2009-1687, integer overflow in KJS JavaScript garbage collector CVE-2009-1698, KHTML CSS parser - incorrect handling CSS style attribute content...
Cross site scripting
Cross-site scripting XSS vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje parameter. NOTE: some of...
CVE-2008-1873
Cross-site scripting XSS vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje parameter. NOTE: some of...