38 matches found
Microsoft Internet Explorer 10 MSHTML CElement::GetPlainTextInScope Out-Of-Bounds Read
Throughout November, I plan to release details on vulnerabilities I found in web-browsers which I've not released before. This is the third entry in that series. The below information is also available on my blog at http://blog.skylined.nl/20161103001.html. There you can find a repro that trigger...
UBUNTU-CVE-2012-4230
The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyMCE security policy for the 1 encoding directive and 2 validelements attribute, which allows attackers to conduct cross-site scripting XSS attacks via application-specific vectors, as demonstrated using a textarea element...
CVE-2012-4230
The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyMCE security policy for the 1 encoding directive and 2 validelements attribute, which allows attackers to conduct cross-site scripting XSS attacks via application-specific vectors, as demonstrated using a textarea element...
Cross site scripting
The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyMCE security policy for the 1 encoding directive and 2 validelements attribute, which allows attackers to conduct cross-site scripting XSS attacks via application-specific vectors, as demonstrated using a textarea element...
Opera Multiple Denial of Service Vulnerabilities - June12 (Linux)
The host is installed with Opera and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultdosvulnjune12lin.nasl 6018 2017-04-24 09:02:24Z teissa $ Opera Multiple Denial of Service Vulnerabilities - June12 Linux Authors: Sooraj KS Copyright: Copyright ...
Opera Multiple Denial of Service Vulnerabilities - June12 (Mac OS X)
The host is installed with Opera and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultdosvulnjune12macosx.nasl 5912 2017-04-10 09:01:51Z teissa $ Opera Multiple Denial of Service Vulnerabilities - June12 Mac OS X Authors: Sooraj KS Copyright:...
Opera Multiple Denial of Service Vulnerabilities (Jun 2012) - Mac OS X
Opera is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Buffer overflow
Opera before 12.00 Beta allows remote attackers to cause a denial of service application hang via an absolutely positioned wrap=off TEXTAREA element located next to an "overflow: auto" block element...
CVE-2011-5048
Multiple cross-site scripting XSS vulnerabilities in IBM Web Experience Factory aka WEF, formerly WebSphere Portlet Factory 7.0 and 7.0.1 allow remote attackers to inject arbitrary web script or HTML via a 1 text INPUT element or 2 TEXTAREA element, related to an interaction between Smart Refresh...
CVE-2011-1121
Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element...
Integer overflow
Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element...
CVE-2011-1121
Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element...
CVE-2011-1121
Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element...
CVE-2011-1121
CVE-2011-1121 concerns Google Chrome prior to 9.0.597.107. The issue is an integer overflow in a TEXTAREA-related path, allowing a remote attacker to trigger a denial of service and potentially other impact. Affected product: Google Chrome (pre-9.0.597.107); root cause: integer overflow in a comp...
CVE-2011-1121
Removed by vendor...
Cross site scripting
Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML in a TEXTAREA element...
CVE-2010-1762
Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML in a TEXTAREA element...
CVE-2010-1762
Removed by vendor...