CVE-2006-1730

Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow...

CVE-2006-1739

The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via certain Cascading Style Sheets CSS that...

CVE-2006-1730

CVE-2006-1730 is a heap-based buffer overflow vulnerability caused by an integer overflow in the CSS letter-spacing handling, allowing remote code execution. Affected products and versions include Mozilla Firefox and Thunderbird 1.x before 1.5.0.2, and 1.0.x before 1.0.8; Mozilla Suite before 1.7...

CVE-2006-1730

Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow...

CVE-2006-1739

The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via certain Cascading Style Sheets CSS that...

[SA19631] Firefox Multiple Vulnerabilities

TITLE: Firefox Multiple Vulnerabilities SECUNIA ADVISORY ID: SA19631 VERIFY ADVISORY: http://secunia.com/advisories/19631/ CRITICAL: Highly critical IMPACT: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, DoS, System access WHERE: From remote SOFTWARE: Mozilla...

CSS Letter-Spacing Heap Overflow Vulnerability — Mozilla

An anonymous researcher for TippingPoint and the Zero Day Initiative discovered an integer overflow triggered by the CSS letter-spacing property. This results in in under-allocating memory and ultimately a heap buffer overflow which could be exploited to run code of the attacker's choice...

[Full-disclosure] SEC Consult SA-20060314 :: Opera Browser CSS Attribute Integer Wrap / Buffer Overflow

SEC-CONSULT Security Advisory 20060413-0 ======================================== title: Opera Browser CSS Attribute Integer Wrap / Buffer Overflow program: Opera vulnerable version: = 8.52 homepage: www.opera.com found: 2006-03-01 by: SEC Consult / www.sec-consult.com...

Code injection

Internet Explorer 6 allows remote attackers to cause a denial of service application crash via any scrollbar Cascading Style Sheets CSS property...

CVE-2006-1719

Internet Explorer 6 allows remote attackers to cause a denial of service application crash via any scrollbar Cascading Style Sheets CSS property...

CVE-2006-1719

Internet Explorer 6 allows remote attackers to cause a denial of service application crash via any scrollbar Cascading Style Sheets CSS property...

CVE-2006-1719

The CVE-2006-1719 entry concerns Internet Explorer 6. Affected software : Internet Explorer 6. Vulnerability : a flaw in handling any scrollbar CSS property can be exploited to trigger a remote denial of service (application crash). Impact : denial of service on the affected client. Root cause : ...

Design/Logic Flaw

Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service device reload via 1 "valid, but obsolete" or 2 "specially crafted" HTTP requests...

CVE-2006-1631

Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service device reload via 1 "valid, but obsolete" or 2 "specially crafted" HTTP requests...

CVE-2006-1631

Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service device reload via 1 "valid, but obsolete" or 2 "specially crafted" HTTP requests...

CVE-2006-1631

The CVE-2006-1631 entry refers to a vulnerability in Cisco 11500 Series Content Services switches where the HTTP compression feature can be abused to trigger a denial-of-service (device reload) by sending certain HTTP requests (either valid but obsolete or specially crafted). Exploitation details...

IPB v1.x upload html .gif

/ ,, / / '-./.-' .--' '--. / / /"" SpiderZ ForumZ Security | | | | / / '..' = Autore: SpiderZ = IPB v1.x upload html .gif = Sito: www.spiderz.tk 1° Registrati al seguente forum 2° entra con i tuoi dati 3° vai su "My Controls" adesso entra su "Edit Avatar Settings" 4° prepara la tua pagina "exploi...

Mozilla Thunderbird 1.5 - Multiple Remote Information Disclosure Vulnerabilities

source: https://www.securityfocus.com/bid/16881/info Mozilla Thunderbird is susceptible to multiple remote information-disclosure vulnerabilities. These issues are due to the application's failure to properly enforce the restriction for downloading remote content in email messages. These issues...

Gravity Board X <= 1.1 (csscontent) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl Gravity Board X v1.1 possibly prior versions remote code execution exploit coded by 1dt.w0lf 14.08.2005 RST/GHC http://rst.void.ru http://ghc.ru use LWP::UserAgent; if@ARGV1 exit0; $path = $ARGV0; header; print "Creating shell... Please wait\n"; $...

CVE-2005-4717

Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service client crash via a certain combination of a malformed HTML file and a CSS file that triggers a null dereferenc...