146 matches found
CVE-2007-3417
Multiple cross-site scripting XSS vulnerabilities in cgi-bin/cgi-lib/search.pl in web-app.org WebAPP before 0.9.9.7 allow remote attackers to inject arbitrary web script or HTML via a search string, which is not sanitized when an HREF attribute is printed by the 1 processsearch or 2...
CVE-2007-3417
Multiple cross-site scripting XSS vulnerabilities in cgi-bin/cgi-lib/search.pl in web-app.org WebAPP before 0.9.9.7 allow remote attackers to inject arbitrary web script or HTML via a search string, which is not sanitized when an HREF attribute is printed by the 1 processsearch or 2...
CVE-2007-3006
Buffer overflow in Acoustica MP3 CD Burner 4.32 allows user-assisted remote attackers to execute arbitrary code via a .asx playlist file with a REF element containing a long string in the HREF attribute. NOTE: it was later claimed that 4.51 Build 147 is also affected...
Input validation
The 4thPass browser BlackBerry Browser on the RIM BlackBerry 8100 Pearl before 4.2.1 allows remote attackers to cause a denial of service temporary functionality loss via a long href attribute in a link in a WML page...
A very large href attribute value in HTML can crash Opera
A Web page containing a very large href attribute value cancause Opera to crash.This exploit causes Opera to access the wrong location inmemory, so Opera is forced to quit. It is not possibleexploit this to run arbitrary code...
Re: Microsoft Media Player ASX Parser buffer overflow vulnerability
I found yet another bof condition in the ASX VERSION tag : an .ASX file with the contents : ASX VERSION="AAAAAAAAAAA ... AAAAAAA" crashes MPLAYER 6.4 in dxmasf.dll... greetz, ByteRage [email protected] http://elf.box.sk/byterage REVELATION: HREF attribute of BANNER tag can be abused to smash our...