508 matches found
CVE-2008-5282
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1 allow remote attackers to execute arbitrary code via 1 a link with a long HREF attribute, and 2 a DIV tag with a long id attribute...
Amaya browser multiplesecurity vulnerabilities
Buffer overflow on oversized href in a tag, buffer overflow on oversized id in div tag...
Google Chrome畸形'href'标签拒绝服务漏洞
BUGTRAQ ID: 31034 CNCAN ID:CNCAN-2008090602 Google Chrome是一款谷歌公司新开发的WEB浏览器。 Google Chrome处理特殊构建的'href'标签存在问题,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 攻击者需要诱使用户访问包含恶意href'标签链接的WEB页来触发此漏洞。 Google Chrome 0.2.149 27 目前没有解决方案提供: http://www.google.com/chrome !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"...
Google Chrome 0.2.149.27 - A HREF Denial of Service
Google Chrome 0.2.149.27 - A HREF Denial of Service Google Chrome Browser 0.2.149.27 Remote DoS Google Chrome Browser 0.2.149.27 Remote DoS Description: Google's chrome browser suffers from a remote denial of service vulnerability when trying to follow a href link of the following form: a...
Google Chrome 0.2.149.27 - A HREF Denial of Service
Google Chrome Browser 0.2.149.27 Remote DoS Google Chrome Browser 0.2.149.27 Remote DoS Description: Google's chrome browser suffers from a remote denial of service vulnerability when trying to follow a href link of the following form: a href="/crash/crash/crash/.../crash/crash"crashme/a Please...
CVE-2008-3360
Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code via a long URL in the HREF attribute of an A element, a different vulnerability than CVE-2006-2494...
CVE-2008-3360
Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code via a long URL in the HREF attribute of an A element, a different vulnerability than CVE-2006-2494...
JFreeChart: XSS vulnerabilities in the image map feature
Multiple cross-site scripting XSS vulnerabilities in the image map feature in JFreeChart 1.0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 chart name or 2 chart tool tip text; or the 3 href, 4 shape, or 5 coords attribute of a chart area...
JFreeChart: XSS vulnerabilities in the image map feature
Multiple cross-site scripting XSS vulnerabilities in the image map feature in JFreeChart 1.0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 chart name or 2 chart tool tip text; or the 3 href, 4 shape, or 5 coords attribute of a chart area...
JFreeChart: XSS vulnerabilities in the image map feature
Multiple cross-site scripting XSS vulnerabilities in the image map feature in JFreeChart 1.0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 chart name or 2 chart tool tip text; or the 3 href, 4 shape, or 5 coords attribute of a chart area...
Mozilla URL token stealing flaw
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original UR...
Mozilla URL token stealing flaw
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original UR...
Mozilla URL token stealing flaw
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original UR...
DEBIAN-CVE-2007-5935
Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag...
CVE-2007-5935
Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag...
CVE-2007-5935
Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag...
CVE-2007-3417
Multiple cross-site scripting XSS vulnerabilities in cgi-bin/cgi-lib/search.pl in web-app.org WebAPP before 0.9.9.7 allow remote attackers to inject arbitrary web script or HTML via a search string, which is not sanitized when an HREF attribute is printed by the 1 processsearch or 2...
CVE-2007-3417
Multiple cross-site scripting XSS vulnerabilities in cgi-bin/cgi-lib/search.pl in web-app.org WebAPP before 0.9.9.7 allow remote attackers to inject arbitrary web script or HTML via a search string, which is not sanitized when an HREF attribute is printed by the 1 processsearch or 2...
CVE-2007-3006
Buffer overflow in Acoustica MP3 CD Burner 4.32 allows user-assisted remote attackers to execute arbitrary code via a .asx playlist file with a REF element containing a long string in the HREF attribute. NOTE: it was later claimed that 4.51 Build 147 is also affected...
Input validation
The 4thPass browser BlackBerry Browser on the RIM BlackBerry 8100 Pearl before 4.2.1 allows remote attackers to cause a denial of service temporary functionality loss via a long href attribute in a link in a WML page...