Internet Explorer execCommand File Type Spoofing (CVE-2004-1331)

Internet Explorer is a popular web-browser released by the Microsoft Corporation. It supports various content available on the web including HTML documents, images, dynamic scripting, and so on. Internet Explorer also provides the Dynamic Hypertext Markup Language DHTML application programming...

Design/Logic Flaw

Research In Motion RIM BlackBerry Browser on the BlackBerry 8800 allows remote attackers to cause a denial of service application hang via a JavaScript loop that configures the home page by using the setHomePage method and a DHTML behavior property...

CVE-2009-3944

This CVE concerns the BlackBerry Browser on the BlackBerry 8800. It describes a remotely triggerable denial of service caused by a JavaScript loop that configures the home page via the setHomePage method and a DHTML behavior property. The statement implies the vulnerability arises from how the pa...

CVE-2009-3943

CVE-2009-3943 affects Microsoft Internet Explorer 6 (up to build 6.0.2900.2180) and IE7 (up to 7.0.6000.16711). The vulnerability arises when a JavaScript loop configures the home page via the setHomePage method in conjunction with a DHTML behavior property, leading to a denial of service (applic...

Microsoft DHTML编辑组件ActiveX控件远程代码执行漏洞（MS09-046）

BUGTRAQ ID: 36280 CVECAN ID: CVE-2009-2519 Microsoft Windows是微软发布的非常流行的操作系统。 Windows所捆绑的DHTML编辑组件ActiveX控件（triedit.dll）在格式化HTML标记时存在错误。攻击者可以通过创建特制网页来利用这个漏洞，如果用户查看特制的网页，该漏洞可能允许远程执行指令。成功利用这些漏洞的攻击者可以获得与本地用户相同的用户权限。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Server 2003 SP2...

Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)

This host is missing a critical security update according to Microsoft Bulletin MS09-046. OpenVAS Vulnerability Test $Id: secpodms09-046.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability 956844 Authors: Sharath S Copyright: Copyrigh...

Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)

This host is missing a critical security update according to Microsoft Bulletin MS09-046. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft DHTML ActiveX code execution

No description provided...

Microsoft Security Bulletin MS09-046 - Critical Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (956844)

Microsoft Security Bulletin MS09-046 - Critical Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution 956844 Published: September 08, 2009 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in th...

Design/Logic Flaw

The DHTML Editing Component ActiveX control in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly format HTML markup, which allows remote attackers to execute arbitrary code via a crafted web site that triggers "system state" corruption, aka "DHTML Editing Component...

CVE-2009-2519

CVE-2009-2519 describes a remote code execution vulnerability in the DHTML Editing Component ActiveX Control (triedit.dll) bundled with Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The flaw arises when formatting HTML markup, allowing a crafted web page viewed in Internet Explorer to trigge...

Microsoft DHTML Editing Component ActiveX Control Code Execution (MS09-046; CVE-2009-2519)

The DHTML Editing Component ActiveX control provides an HTML editor that can be used to support dynamic Web site HTML editing in software. A remote code execution vulnerability has been reported in the DHTML Editing Component ActiveX Control. The vulnerability is due to a memory corruption error ...

Microsoft Active Template Library Object Type Mismatch Remote Code Execution Vulnerability

Description The Microsoft Active Template Library is prone to a remote code-execution vulnerability. NOTE: This issue affects a private version of the ATL used internally by Microsoft; components written by other vendors are likely unaffected. Remote attackers can exploit this issue to execute...

Joomla! HTTP header cross-site scripting vulnerability-vulnerability warning-the black bar safety net

From the green Alliance:no commercial use indicate in advance Joomla! Is an open source content management system CMS to. Joomla! Not properly filter the user in the HTTP request the the submission of the HTTPREFERER variable, a remote attacker can submit a malicious request to inject JavaScript ...

Microsoft Visual Studio ATL 'VariantClear()' Remote Code Execution Vulnerability

Description Microsoft Visual Studio is prone to a remote code-execution vulnerability in the Active Template Library ATL. Remote attackers can exploit this issue to execute arbitrary code with the privileges of the user running an application built with the affected library. Technologies Affected...

Microsoft Visual Studio Active Template Library COM Object Remote Code Execution Vulnerability

Description Microsoft Visual Studio is prone to a remote code-execution vulnerability in the Active Template Library ATL. Remote attackers can exploit this issue to execute arbitrary code with the privileges of the user running an application built against the affected library. Failed exploit...

Update Protection against Joomla! HTTP Header Script Injection

Joomla! is a content management system CMS designed for building Web sites and online applications. Joomla! fails to parse HTTP headers, allowing an attacker to inject JavaScript or DHTML code that can be executed in the context of a target user browser...

Joomla Multiple Cross Site Scripting Issues

============================================= INTERNET SECURITY AUDITORS ALERT 2009-007 - Original release date: June 30th, 2009 - Last revised: July 2nd, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.8/10 CVSS Base Score ============================================= I. VULNERABILITY...

FortiGuard Advisory: Microsoft Internet Explorer DHTML Handling Remote Memory Corruption Vulnerability

Microsoft Internet Explorer DHTML Handling Remote Memory Corruption Vulnerability 2009.June.09 Fortinet's FortiGuard Global Security Research Team Discovers Memory Corruption Vulnerability in Microsoft's Internet Explorer. Summary: ======== A memory corruption vulnerability exists in the DHTML...

Memory corruption

Microsoft Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2 allows remote attackers to execute arbitrary code via unspecified DHTML function calls related to a tr element and the "insertion, deletion and attributes of a table cell," which trigger memory corruption when the window...