Lucene search
K

96 matches found

OpenVAS
OpenVAS
added 2011/08/31 12:0 a.m.28 views

RealNetworks RealPlayer Multiple Vulnerabilities (Aug 2011) - Windows

RealPlayer is prone to multiple vulnerabilities SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.5AI score0.28612EPSS
Exploits8References7
Tenable Nessus
Tenable Nessus
added 2011/08/19 12:0 a.m.31 views

RealPlayer for Windows < Build 12.0.1.666 Multiple Vulnerabilities

According to its build number, the installed version of RealPlayer on the remote Windows host is affected by multiple vulnerabilities : - A cross-zone scripting vulnerability exists in the RealPlayer ActiveX control and can allow injection of arbitrary web script or HTML in the 'Local Zone' via a...

10CVSS6.8AI score0.28612EPSS
Exploits11References19
ATTACKERKB
ATTACKERKB
added 2011/08/18 11:55 p.m.2 views

CVE-2011-2947

Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document...

4.3CVSS5.7AI score0.01059EPSS
Exploits0References6
NVD
NVD
added 2011/08/18 11:55 p.m.20 views

CVE-2011-2947

Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document...

4.3CVSS5.8AI score0.01059EPSS
Exploits0References3
CVE
CVE
added 2011/08/18 11:0 p.m.58 views

CVE-2011-2947

CVE-2011-2947 relates to a cross-zone scripting vulnerability in the RealPlayer ActiveX control. Affected products include RealPlayer 11.0–11.1 and 14.0.0–14.0.5, as well as RealPlayer SP 1.0–1.1.5 (per the description). The flaw allows remote attackers to inject arbitrary web script or HTML into...

4.3CVSS5.9AI score0.01059EPSS
Exploits0References3Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2011/08/16 12:0 a.m.30 views

RealNetworks RealPlayer Cross-Zone Scripting Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to the fact...

9CVSS3.4AI score0.01059EPSS
Exploits0References1
NVD
NVD
added 2010/12/14 4:0 p.m.19 views

CVE-2010-4396

Cross-zone scripting vulnerability in the HandleAction method in a certain ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 allows remote attackers to inject arbitrary web script or HTML in the Local Zone by specifying ...

4.3CVSS5.9AI score0.01157EPSS
Exploits0References4
CVE
CVE
added 2010/12/14 3:0 p.m.50 views

CVE-2010-4396

CVE-2010-4396 involves a Cross-zone scripting vulnerability in RealNetworks RealPlayer's ActiveX control (NavigateToURL path) affecting RealPlayer 11.0–11.1, RealPlayer SP 1.0–1.1.5, and RealPlayer Enterprise 2.1.2. The HandleAction method can be exploited to inject arbitrary web script/HTML into...

4.3CVSS6AI score0.01157EPSS
Exploits0References4Affected Software1
Packet Storm
Packet Storm
added 2010/07/13 12:0 a.m.33 views

Zend Studio Cross Zone Command Execution

Author: www.80vul.com Email: [email protected] Release Date: 2010/7/10 References: http://80vul.com/Zend%20studio/Zend%20studio%20location%20Cross.htm Zend Studio is a commercial, proprietary integrated development environment IDE for PHP developed by Zend Technologies, based on the PHP...

Exploits0
CVE
CVE
added 2009/09/18 10:0 p.m.58 views

CVE-2009-3266

Opera before 10.01 is vulnerable to cross-site scripting via crafted RSS/Atom feeds due to improper HTML restriction when processing application/rss+xml as scripted content. This can enable remote XSS and cross-zone scripting on the Feed Subscription Page to read feeds or create subscriptions. Af...

4.3CVSS5.4AI score0.0268EPSS
Exploits1References15Affected Software1
seebug.org
seebug.org
added 2009/01/09 12:0 a.m.19 views

IE Print Table of Links Cross-Zone Scripting

No description provided by source. html body 点击选项,选中打印链表列表,点打印 a href=”http://www.bl.com?zzz=dsasad script defer var ForWriting = 2; var strFile = ‘c:\test2.js’; var objFSO = new ActiveXObject’Scripting.FileSystemObject’; var objStream = objFSO.OpenTextFilestrFile,ForWriting,true,false;...

7.1AI score
Exploits0
NVD
NVD
added 2008/08/10 8:41 p.m.24 views

CVE-2008-3567

Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp before 5.541 allows remote attackers to conduct cross-site scripting XSS attacks via an MP3 file with JavaScript in id3 tags...

4.3CVSS5.7AI score0.01875EPSS
Exploits0References6
CVE
CVE
added 2008/08/10 8:0 p.m.45 views

CVE-2008-3567

CVE-2008-3567 affects Winamp before 5.541: cross-zone scripting via the NowPlaying feature allows XSS through an MP3 file with JavaScript in id3 tags. Vulnerable component is Winamp’s NowPlaying metadata handling; root cause is unsanitized id3 tag content rendered by the embedded browser. Observe...

4.3CVSS5.7AI score0.01875EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2008/05/18 2:20 p.m.28 views

Cross site scripting

Cross-zone scripting vulnerability in the Print Table of Links feature in Internet Explorer 6.0, 7.0, and 8.0b allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via an HTML document with a link containing JavaScript sequences, which are evaluat...

9.3CVSS6.5AI score0.23212EPSS
Exploits1References6Affected Software2
CVE
CVE
added 2008/05/18 2:0 p.m.55 views

CVE-2008-2281

The CVE-2008-2281 entry describes a cross-zone scripting vulnerability in Internet Explorer’s Print Table of Links feature affecting IE 6.0, 7.0, and 8.0b. The issue allows user-assisted remote attackers to inject arbitrary web script or HTML into the Local Machine Zone via an HTML document conta...

9.3CVSS6.1AI score0.23212EPSS
Exploits1References6Affected Software2
Cvelist
Cvelist
added 2008/05/18 2:0 p.m.35 views

CVE-2008-2281

Cross-zone scripting vulnerability in the Print Table of Links feature in Internet Explorer 6.0, 7.0, and 8.0b allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via an HTML document with a link containing JavaScript sequences, which are evaluat...

6.1AI score0.23212EPSS
Exploits1References6
seebug.org
seebug.org
added 2008/05/17 12:0 a.m.29 views

MS Internet Explorer (Print Table of Links) Cross-Zone Scripting PoC

No description provided by source. !-- Internet Explorer "Print Table of Links" Cross-Zone Scripting Vulnerability Author: Aviv Raff http://aviv.raffon.net/ Summary Internet Explorer is prone to a Cross-Zone Scripting vulnerability in ...

7.1AI score
Exploits0
myhack58
myhack58
added 2008/05/16 12:0 a.m.9 views

Aviv Raff of IE0day, published-vulnerability warning-the black bar safety net

MS Internet Explorer "Print Table of Links" Cross-Zone Scripting Vulnerability Specific details: If you enable the "Print Table of Links", in printing a web page, it is possible to cause the execution of arbitrary code, and of course VISTA UAC may block it : Reproduce: 1. Below this place on the...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2008/05/15 12:0 a.m.20 views

msie-crosszone.txt

!-- Internet Explorer "Print Table of Links" Cross-Zone Scripting Vulnerability Author: Aviv Raff http://aviv.raffon.net/ Summary Internet Explorer is prone to a Cross-Zone Scripting vulnerability in its “Print Table of Links” feature. This feature allows users to add to a printed web page an...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/05/14 12:0 a.m.17 views

MS Internet Explorer (Print Table of Links) Cross-Zone Scripting PoC

Exploit for unknown platform in category remote exploits ==================================================================== MS Internet Explorer Print Table of Links Cross-Zone Scripting PoC ==================================================================== !-- Internet Explorer "Print Table ...

7.1AI score
Exploits0
Rows per page
Query Builder