20 matches found
CVE-2005-4717
Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service client crash via a certain combination of a malformed HTML file and a CSS file that triggers a null dereferenc...
SUSE CVE-2014-1539
Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image...
UBUNTU-CVE-2017-0371
MediaWiki before 1.23.16, 1.24.x through 1.27.x before 1.27.2, and 1.28.x before 1.28.1 allows remote attackers to discover the IP addresses of Wiki visitors via a style="background-image: attrtitle url;" attack within a DIV element that has an attacker-controlled URL in the title attribute...
CVE-2020-9013
Arvato Skillpipe 3.0 allows attackers to bypass intended print restrictions by deleting from the HTML source code...
CVE-2014-1539
Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image...
[CAL-2012-0026] Microsfot IE Same ID Property Remote Code Execution Vulnerability
CAL-2012-0026 Microsfot IE Same ID Property Remote Code Execution Vulnerability CVE ID: CVE-2012-1875 http://technet.microsoft.com/en-us/security/bulletin/ms12-037 http://blog.vulnhunt.com/index.php/2012/06/13/cal-2012-0026-microsfot-ie-same-id-property-remote-code-execution-vulnerability/ 1...
Mozilla crash and remote code execution using HTML tags inside a XUL tree (MFSA 2010-77)
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element...
Mozilla crash and remote code execution using HTML tags inside a XUL tree (MFSA 2010-77)
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element...
Mozilla crash and remote code execution using HTML tags inside a XUL tree (MFSA 2010-77)
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element...
Design/Logic Flaw
The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service Safari, Mail, or Springboard crash via a crafted innerHTML property of a DIV element, related to a "malformed character" issue...
CVE-2010-1226
The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service Safari, Mail, or Springboard crash via a crafted innerHTML property of a DIV element, related to a "malformed character" issue...
CVE-2009-2764
Microsoft Internet Explorer 8.0.7100.0 on Windows 7 RC on the x64 platform allows remote attackers to cause a denial of service application crash via a certain DIV element in conjunction with SCRIPT elements that have empty contents and no reference to a valid external script location...
Cross site scripting
Cross-site scripting XSS vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje parameter. NOTE: some of...
CVE-2008-1873
CVE-2008-1873 is a cross-site scripting (XSS) vulnerability in Nuke ET’s private message feature affecting Nuke ET 3.2 and 3.4. The flaw allows remote authenticated users to inject arbitrary script/HTML via a CSS property in the STYLE attribute of a DIV element within the mensaje parameter, with ...
CVE-2008-1873
Cross-site scripting XSS vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje parameter. NOTE: some of...
CVE-2008-0298
KHTML WebKit as used in Apple Safari 2.x allows remote attackers to cause a denial of service browser crash via a crafted web page, possibly involving a STYLE attribute of a DIV element...
CVE-2008-0298
Removed by vendor...
CVE-2008-0298
CVE-2008-0298 affects KHTML WebKit as used in Apple Safari 2.x. The vulnerability arises in the browser when rendering crafted pages, potentially involving a STYLE attribute of a DIV element, leading to remote denial of service (browser crash). Connected sources (NVD and related advisories) confi...
CVE-2003-1505
Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service crash by creating a web page or HTML e-mail with a textarea in a div element whose scrollbar-base-color is modified by a CSS style, which is then moved...
CVE-2005-4717
Microsoft Internet Explorer 6.0 on Windows NT 4.0 SP6a, Windows 2000 SP4, Windows XP SP1, Windows XP SP2, and Windows Server 2003 SP1 allows remote attackers to cause a denial of service client crash via a certain combination of a malformed HTML file and a CSS file that triggers a null dereferenc...