96 matches found
RealNetworks RealPlayer Multiple Vulnerabilities (Aug 2011) - Windows
RealPlayer is prone to multiple vulnerabilities SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RealPlayer for Windows < Build 12.0.1.666 Multiple Vulnerabilities
According to its build number, the installed version of RealPlayer on the remote Windows host is affected by multiple vulnerabilities : - A cross-zone scripting vulnerability exists in the RealPlayer ActiveX control and can allow injection of arbitrary web script or HTML in the 'Local Zone' via a...
CVE-2011-2947
Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document...
CVE-2011-2947
Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document...
CVE-2011-2947
CVE-2011-2947 relates to a cross-zone scripting vulnerability in the RealPlayer ActiveX control. Affected products include RealPlayer 11.0–11.1 and 14.0.0–14.0.5, as well as RealPlayer SP 1.0–1.1.5 (per the description). The flaw allows remote attackers to inject arbitrary web script or HTML into...
RealNetworks RealPlayer Cross-Zone Scripting Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to the fact...
CVE-2010-4396
Cross-zone scripting vulnerability in the HandleAction method in a certain ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 allows remote attackers to inject arbitrary web script or HTML in the Local Zone by specifying ...
CVE-2010-4396
CVE-2010-4396 involves a Cross-zone scripting vulnerability in RealNetworks RealPlayer's ActiveX control (NavigateToURL path) affecting RealPlayer 11.0–11.1, RealPlayer SP 1.0–1.1.5, and RealPlayer Enterprise 2.1.2. The HandleAction method can be exploited to inject arbitrary web script/HTML into...
Zend Studio Cross Zone Command Execution
Author: www.80vul.com Email: [email protected] Release Date: 2010/7/10 References: http://80vul.com/Zend%20studio/Zend%20studio%20location%20Cross.htm Zend Studio is a commercial, proprietary integrated development environment IDE for PHP developed by Zend Technologies, based on the PHP...
CVE-2009-3266
Opera before 10.01 is vulnerable to cross-site scripting via crafted RSS/Atom feeds due to improper HTML restriction when processing application/rss+xml as scripted content. This can enable remote XSS and cross-zone scripting on the Feed Subscription Page to read feeds or create subscriptions. Af...
IE Print Table of Links Cross-Zone Scripting
No description provided by source. html body 点击选项,选中打印链表列表,点打印 a href=”http://www.bl.com?zzz=dsasad script defer var ForWriting = 2; var strFile = ‘c:\test2.js’; var objFSO = new ActiveXObject’Scripting.FileSystemObject’; var objStream = objFSO.OpenTextFilestrFile,ForWriting,true,false;...
CVE-2008-3567
Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp before 5.541 allows remote attackers to conduct cross-site scripting XSS attacks via an MP3 file with JavaScript in id3 tags...
CVE-2008-3567
CVE-2008-3567 affects Winamp before 5.541: cross-zone scripting via the NowPlaying feature allows XSS through an MP3 file with JavaScript in id3 tags. Vulnerable component is Winamp’s NowPlaying metadata handling; root cause is unsanitized id3 tag content rendered by the embedded browser. Observe...
Cross site scripting
Cross-zone scripting vulnerability in the Print Table of Links feature in Internet Explorer 6.0, 7.0, and 8.0b allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via an HTML document with a link containing JavaScript sequences, which are evaluat...
CVE-2008-2281
The CVE-2008-2281 entry describes a cross-zone scripting vulnerability in Internet Explorer’s Print Table of Links feature affecting IE 6.0, 7.0, and 8.0b. The issue allows user-assisted remote attackers to inject arbitrary web script or HTML into the Local Machine Zone via an HTML document conta...
CVE-2008-2281
Cross-zone scripting vulnerability in the Print Table of Links feature in Internet Explorer 6.0, 7.0, and 8.0b allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via an HTML document with a link containing JavaScript sequences, which are evaluat...
MS Internet Explorer (Print Table of Links) Cross-Zone Scripting PoC
No description provided by source. !-- Internet Explorer "Print Table of Links" Cross-Zone Scripting Vulnerability Author: Aviv Raff http://aviv.raffon.net/ Summary Internet Explorer is prone to a Cross-Zone Scripting vulnerability in ...
Aviv Raff of IE0day, published-vulnerability warning-the black bar safety net
MS Internet Explorer "Print Table of Links" Cross-Zone Scripting Vulnerability Specific details: If you enable the "Print Table of Links", in printing a web page, it is possible to cause the execution of arbitrary code, and of course VISTA UAC may block it : Reproduce: 1. Below this place on the...
msie-crosszone.txt
!-- Internet Explorer "Print Table of Links" Cross-Zone Scripting Vulnerability Author: Aviv Raff http://aviv.raffon.net/ Summary Internet Explorer is prone to a Cross-Zone Scripting vulnerability in its “Print Table of Links” feature. This feature allows users to add to a printed web page an...
MS Internet Explorer (Print Table of Links) Cross-Zone Scripting PoC
Exploit for unknown platform in category remote exploits ==================================================================== MS Internet Explorer Print Table of Links Cross-Zone Scripting PoC ==================================================================== !-- Internet Explorer "Print Table ...