Lucene search
K

94 matches found

CNVD
CNVD
added 2017/12/21 12:0 a.m.4 views

Foxit Reader Caret Annotation object style attribute remote code execution vulnerability

Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. A remote code execution vulnerability exists in the style attribute of the Caret Annotation object in Foxit Reader version 8.3.1.21155, where the program fails to validate the existence of an object before performing...

8.8CVSS8.3AI score0.0259EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/21 12:0 a.m.2 views

Foxit Reader FileAttachment annotation object style attribute remote code execution vulnerability

Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. A remote code execution vulnerability exists in the style attribute of the FileAttachment annotation object in Foxit Reader version 8.3.1.21155, where the program fails to validate the existence of an object before...

8.8CVSS8.3AI score0.0259EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/11/14 12:0 a.m.24 views

Foxit Reader FileAttachment Annotations style Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the style attribute...

6.8CVSS8.7AI score0.0259EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/11/14 12:0 a.m.35 views

Foxit Reader Caret Annotations style Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the style attribute...

6.8CVSS8.7AI score0.0259EPSS
Exploits0References1
OSV
OSV
added 2015/02/03 4:59 p.m.2 views

DEBIAN-CVE-2015-1433

program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting XSS attacks via the style attribute in an email...

4.3CVSS7.9AI score0.03279EPSS
Exploits2References1
Prion
Prion
added 2015/02/03 4:59 p.m.27 views

Cross site scripting

program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting XSS attacks via the style attribute in an email...

4.3CVSS6AI score0.03279EPSS
Exploits2References8Affected Software2
OSV
OSV
added 2015/02/03 4:59 p.m.3 views

UBUNTU-CVE-2015-1433

program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting XSS attacks via the style attribute in an email...

4.3CVSS7.2AI score0.03279EPSS
Exploits2References7
UbuntuCve
UbuntuCve
added 2015/02/03 4:59 p.m.19 views

CVE-2015-1433

program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting XSS attacks via the style attribute in an email...

4.3CVSS7.3AI score0.03279EPSS
Exploits2References6
Debian CVE
Debian CVE
added 2015/02/03 4:0 p.m.27 views

CVE-2015-1433

program/lib/Roundcube/rcubewashtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting XSS attacks via the style attribute in an email...

4.3CVSS7.6AI score0.03279EPSS
Exploits2
Symantec
Symantec
added 2014/09/09 12:0 a.m.15 views

Microsoft Internet Explorer 'CAttrValue' Style Attribute Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

0.9AI score
Exploits0References1Affected Software1
OSV
OSV
added 2012/08/23 10:32 a.m.1 views

DEBIAN-CVE-2012-2582

Multiple cross-site scripting XSS vulnerabilities in Open Ticket Request System OTRS Help Desk 2.4.x before 2.4.13, 3.0.x before 3.0.15, and 3.1.x before 3.1.9, and OTRS ITSM 2.1.x before 2.1.5, 3.0.x before 3.0.6, and 3.1.x before 3.1.6, allow remote attackers to inject arbitrary web script or...

4.3CVSS6AI score0.04195EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2012/08/12 9:55 p.m.4 views

CVE-2012-2571

Multiple cross-site scripting XSS vulnerabilities in WinWebMail Server 3.8.1.6 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted Cascading Style Sheets CSS expression property, 3 a CSS expression property in the STYLE...

4.3CVSS5.2AI score0.01319EPSS
Exploits1References2
Prion
Prion
added 2012/08/12 5:55 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Alt-N MDaemon Free 12.5.4 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 the Cascading Style Sheets CSS expression property in conjunction with a CSS comment within the STYLE attribute of an IMG...

4.3CVSS6AI score0.03232EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2012/08/12 5:0 p.m.27 views

CVE-2012-2584

Multiple cross-site scripting XSS vulnerabilities in Alt-N MDaemon Free 12.5.4 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 the Cascading Style Sheets CSS expression property in conjunction with a CSS comment within the STYLE attribute of an IMG...

5.8AI score0.03232EPSS
Exploits1References4
NVD
NVD
added 2009/07/31 8:30 p.m.13 views

CVE-2008-6885

Cross-site scripting XSS vulnerability in pmlite.php in XOOPS 2.3.1 and 2.3.2a allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute in a URL BBcode tag in a private message...

4.3CVSS5.7AI score0.01285EPSS
Exploits1References6
Cvelist
Cvelist
added 2009/07/31 8:0 p.m.21 views

CVE-2008-6885

Cross-site scripting XSS vulnerability in pmlite.php in XOOPS 2.3.1 and 2.3.2a allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute in a URL BBcode tag in a private message...

5.7AI score0.01285EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2009/06/25 4:8 p.m.5 views

kdelibs: KHTML CSS parser - incorrect handling CSS "style" attribute content (DoS, ACE)

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets CSS attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code ...

9.3CVSS6.2AI score0.08462EPSS
Exploits2References4
Oracle linux
Oracle linux
added 2009/06/25 12:0 a.m.61 views

kdelibs security update

3.5.4-22.0.1.el53 - Remove Version branding - Maximum rpm trademark logos removed pics/crystalsvg/-mime-rpm in tarball 3.5.4-22 - Resolves: 505621, CVE-2009-1687, integer overflow in KJS JavaScript garbage collector CVE-2009-1698, KHTML CSS parser - incorrect handling CSS style attribute content...

9.3CVSS2.6AI score0.08462EPSS
Exploits4
Prion
Prion
added 2008/04/17 7:5 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje parameter. NOTE: some of...

4.3CVSS5.5AI score0.01501EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2008/04/17 7:5 p.m.19 views

CVE-2008-1873

Cross-site scripting XSS vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje parameter. NOTE: some of...

4.3CVSS5.2AI score0.01501EPSS
Exploits1References5
Rows per page
Query Builder