8415 matches found
CVE-2014-2013
Stack-based buffer overflow in the xpsparsecolor function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element...
CVE-2014-2013
Stack-based buffer overflow in the xpsparsecolor function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element...
Stack overflow
Stack-based buffer overflow in the xpsparsecolor function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element...
UBUNTU-CVE-2014-2013
Stack-based buffer overflow in the xpsparsecolor function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element...
CVE-2014-2013
Stack-based buffer overflow in the xpsparsecolor function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element...
CVE-2014-0046
Cross-site scripting XSS vulnerability in the link-to helper in Ember.js 1.2.x before 1.2.2, 1.3.x before 1.3.2, and 1.4.x before 1.4.0-beta.6, when used in non-block form, allows remote attackers to inject arbitrary web script or HTML via the title attribute...
CVE-2014-0853
The CVE-2014-0853 issue affects IBM Rational Focal Point 6.4.x and 6.5.x prior to 6.5.2.3, and 6.6.x prior to 6.6.1. The vulnerability involves multiple cross-site scripting (XSS) flaws in the ForwardController and AttributeEditor scripts, allowing remote authenticated users to inject arbitrary w...
Ember.js XSS Vulnerability With {{link-to}} Helper in Non-block Form
In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, a change made to the implementation of the link-to helper means that any user-supplied data bound to the link-to helper's title attribute will not be escaped...
kernel: security and bugfix update (important)
The Linux kernel was updated to fix various bugs and security issues: - mm/page-writeback.c: do not count anon pages as dirtyable memory reclaim stalls. - mm/page-writeback.c: fix dirtybalancereserve subtraction from dirtyable memory reclaim stalls. - compatsysrecvmmsg X32 fix bnc860993...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in widget/screen/ModelScreenWidget.java in Apache Open For Business Project aka OFBiz 10.04.x before 10.04.05, 11.04.01, and possibly 09.04.x allow remote authenticated users to inject arbitrary web script or HTML via the 1 Screenlet.title or 2...
Modern Browser XSS Filter Evasion
Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the "injected" code normally, JavaScript or HTML is not executed inside victim's browser. Chrome calls this filter...
XSS Filter Bypass Bug Found in Chrome and Safari
There is a bug in the anti-cross site scripting filter in Chrome and Safari that enables an attacker to bypass the filter in some cases and use an XSS flaw on a given site to compromise visitors’s machines. The vulnerability is fairly simple to exploit and a researcher has posted proof-of-concept...
RealPlayer RMP File Version Attribute Buffer Overflow
Added: 12/27/2013 CVE: CVE-2013-6877 BID: 64398 OSVDB: 101356 Background RealNetworks RealPlayer includes an embedded player which plays media embedded in a web page. Problem RealNetworks Windows RealPlayer 17.0.2.206 and earlier versions are vulnerable to remote code execution due to improper...
RealPlayer RMP File Version Attribute Buffer Overflow
Added: 12/27/2013 CVE: CVE-2013-6877 BID: 64398 OSVDB: 101356 Background RealNetworks RealPlayer includes an embedded player which plays media embedded in a web page. Problem RealNetworks Windows RealPlayer 17.0.2.206 and earlier versions are vulnerable to remote code execution due to improper...
RealNetworks RealPlayer 16 Buffer Overflow
!/usr/bin/perl ----------------------------------------------------------------------------- Exploit Title: RealNetworks RealPlayer Version Attribute Buffer Overflow Date: Dec 20, 2013 Exploit Author: Gabor Seljan Vendor Homepage: http://www.real.com Software Link:...
RealNetworks RealPlayer 16.0.3.5116.0.2.32 - .rmp Version Attribute Buffer Overflow
RealNetworks RealPlayer 16.0.3.5116.0.2.32 - .rmp Version Attribute Buffer Overflow !/usr/bin/perl ----------------------------------------------------------------------------- Exploit Title: RealNetworks RealPlayer Version Attribute Buffer Overflow Date: Dec 20 2013 Exploit Author: Gabor Seljan...
RealNetworks RealPlayer Version Attribute Buffer Overflow
This module exploits a stack-based buffer overflow vulnerability in version 16.0.3.51 and 16.0.2.32 of RealNetworks RealPlayer, caused by improper bounds checking of the version and encoding attributes inside the XML declaration. By persuading the victim to open a specially-crafted .RMP file, a...
Design/Logic Flaw
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site...
CVE-2013-5614
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site...
CVE-2013-5614
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site...