176 matches found
Microsoft Internet Explorer DHTML objects contain a race condition
Overview A race condition in the way that Internet Explorer handles DHTML objects may allow a remote attacker to execute arbitrary code on a vulnerable system. Description According to Microsoft:Dynamic HTML DHTML is built on an object model that extends the traditional static HTML document which...
CVE-2002-1640
Affected software: Oracle Configurator. Vulnerable versions: before 11.5.7.17.32 and 11.5.6.16.53. The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML. Affected components: Text Features in the DHTML UI and the test parameter ...
CVE-2002-1640
Multiple cross-site scripting XSS vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via 1 Text Features in the DHTML UI or 2 the test parameter to the oracle.apps.cz.servlet.UiServlet servlet...
CVE-2003-1107
Technical details about CVE-2003-1107 are not publicly provided in the supplied documents. Monitor for updates from official advisories or vendor advisories.
[Full Disclosure] Using DHTML XSS to launch HHCTRL exploit
Full Disclosure Using DHTML XSS to launch HHCTRL exploit GeCAD NET Security Advisory 2005.02.16 Original notice requires authentication: http://www.gecadnet.ro/windows/?AID=1414 February 16th 2005 1. Past Events On January 20th 2005, GeCAD NET released a security advisory warning that the exploit...
Microsoft Internet Explorer DHTML Edit and Help ActiveX crossite scripting
DHTML ActiveX and Help allows code injection into context of different server. By combining this vulnerability it's psosible to execute code in local machine zone. This vulnerability can potentially be used for silent spyware/adware installation...
CVE-2005-0055
CVE-2005-0055 concerns a remote code execution vulnerability in Internet Explorer 5.01, 5.5, and 6, caused by improper buffer validation when handling certain DHTML methods (notably createControlRange). Exploitation requires a user to view a malicious Web page or HTML email; the attacker gains th...
CVE-2005-0055
Internet Explorer 5.01, 5.5, and 6 does not properly validate buffers when handling certain DHTML methods including the createControlRange Javascript function, which allows remote attackers to execute arbitrary code, aka the "DHTML Method Heap Memory Corruption Vulnerability."...
MS05-013: Vulnerability in the DHTML Editing Component may allow code execution (891781)
The remote host is running a version of Windows which contains a flaw in the DHTML Editing Component ActiveX Control. An attacker could exploit this flaw to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to construct a malicious web page and lure a victim...
Microsoft Internet Explorer contains a DHTML method heap memory corruption vulnerability
Overview Microsoft Internet Explorer contains a flaw in DHTML method handling which may allow a remote attacker to execute arbitrary code. Description The DHTML method handling in Internet Explorer fails to perform proper bounds checking. This vulnerability may allow data to be written outside th...
CVE-2004-1319
The CVE-2004-1319 issue concerns the DHTML Editing Component ActiveX control (dhtmled.ocx) used by Internet Explorer. The vulnerability is cross-domain in nature and could allow remote code execution or information disclosure by exploiting the control from a malicious page, potentially granting a...
CVE-2004-1319
The DHTML Edit Control dhtmled.ocx allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as...
Microsoft Internet Explorer DHTML Editing ActiveX control contains a cross-domain vulnerability
Overview A cross-domain vulnerability exists in the DHTML Editing ActiveX control. An attacker may be able to execute arbitrary script in the Local Machine Zone or read or modify data in other domains. For example, the attacker could execute arbitrary commands with parameters, download and execut...
CVE-2004-1173
Internet Explorer 6 allows remote attackers to bypass the popup blocker via the document object model DOM methods in the DHTML Dynamic HTML DHTML Editing Component DEC and Javascript that calls showModalDialog...
CVE-2004-1173
Internet Explorer 6 contains a vulnerability where remote attackers can bypass the popup blocker using DOM methods in the DHTML Editing Component (DEC) and showModalDialog calls. Root cause: the DHTML Editing Component/DEC enables a bypass via its DOM API. Impact described as bypassing the popup ...
CVE-2004-1173
Internet Explorer 6 allows remote attackers to bypass the popup blocker via the document object model DOM methods in the DHTML Dynamic HTML DHTML Editing Component DEC and Javascript that calls showModalDialog...
CVE-2004-1319
The DHTML Edit Control dhtmled.ocx allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as...
MSIE DHTML Edit Control Cross Site Scripting Vulnerability
Note: This vulnerability as well as many more can be seen at http://freehost07.websamba.com/greyhats/ MSIE DHTML Edit Control Cross Site Scripting Vulnerability Tested IEXPLORE.EXE file version 6.0.2900.2180 MSHTML.DLL file version 6.00.2800.1400 Microsoft Windows XP Home SP2 Discussion I...
Microsoft Internet Explorer allows mouse events to manipulate window objects and perform "drag and drop" operations
Overview Microsoft Internet Explorer IE dynamic HTML DHTML mouse events can manipulate windows to copy objects from one domain to another, including the Local Machine Zone. This vulnerability could allow an attacker to write arbitrary files to the local file system. Description In IE, certain DHT...
CVE-2003-1107
The DHTML capability in Microsoft Windows Media Player WMP 6.4, 7.0, 7.1, and 9 may run certain URL commands from a security zone that is less trusted than the current zone, which allows attackers to bypass intended access restrictions...