819 matches found
CVE-2016-0869
Heap-based buffer overflow in MICROSYS PROMOTIC before 8.3.11 allows remote authenticated users to cause a denial of service via a malformed HTML document...
Heap overflow
Heap-based buffer overflow in MICROSYS PROMOTIC before 8.3.11 allows remote authenticated users to cause a denial of service via a malformed HTML document...
CVE-2016-0869
Heap-based buffer overflow in MICROSYS PROMOTIC before 8.3.11 allows remote authenticated users to cause a denial of service via a malformed HTML document...
MS15-134 Microsoft Windows Media Center MCL Information Disclosure
This module exploits a vulnerability found in Windows Media Center. It allows an MCL file to render itself as an HTML document in the local machine zone by Internet Explorer, which can be used to leak files on the target machine. Please be aware that if this exploit is used against a patched...
CVE-2015-7186
Mozilla Firefox before 42.0 on Android allows user-assisted remote attackers to bypass the Same Origin Policy and trigger 1 a download or 2 cached profile-data reading via a file: URL in a saved HTML document...
CVE-2008-5822
Memory leak in Libxul, as used in Mozilla Firefox 3.0.5 and other products, allows remote attackers to cause a denial of service memory consumption and browser hang via a long CLASS attribute in an HR element in an HTML document...
Apple Mac OS X Multiple Vulnerabilities-06 (Oct 2015)
Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-1303
Removed by vendor...
CVE-2015-5624
Buffer overflow in the ExecCall method in c2lv6.ocx in the FreeBit ELPhoneBtnV6 ActiveX control allows remote attackers to execute arbitrary code via a crafted HTML document, related to the discontinued "Click to Live" service...
Buffer overflow
Buffer overflow in the ExecCall method in c2lv6.ocx in the FreeBit ELPhoneBtnV6 ActiveX control allows remote attackers to execute arbitrary code via a crafted HTML document, related to the discontinued "Click to Live" service...
CVE-2015-5624
CVE-2015-5624 describes a buffer overflow in the ExecCall() method of the FreeBit ELPhoneBtnV6 ActiveX control (c2lv6.ocx). The vulnerability allows a remote attacker to execute arbitrary code by prompting a user to view a specially crafted HTML document. The ActiveX control is part of the discon...
CVE-2015-5624
Buffer overflow in the ExecCall method in c2lv6.ocx in the FreeBit ELPhoneBtnV6 ActiveX control allows remote attackers to execute arbitrary code via a crafted HTML document, related to the discontinued "Click to Live" service...
CVE-2015-2980
The Yodobashi application 1.2.1.0 and earlier for Android allows remote attackers to execute arbitrary Java methods, and consequently obtain sensitive information or execute OS commands, via a crafted HTML document...
Design/Logic Flaw
The Yodobashi application 1.2.1.0 and earlier for Android allows remote attackers to execute arbitrary Java methods, and consequently obtain sensitive information or execute OS commands, via a crafted HTML document...
CVE-2015-2980
The Yodobashi application 1.2.1.0 and earlier for Android allows remote attackers to execute arbitrary Java methods, and consequently obtain sensitive information or execute OS commands, via a crafted HTML document...
CVE-2015-2976
Multiple cross-site scripting XSS vulnerabilities in Research Artisan Lite before 1.18 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted HTML document or 2 a crafted URL that is mishandled during access-log analysis...
CVE-2015-2976
Multiple cross-site scripting XSS vulnerabilities in Research Artisan Lite before 1.18 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted HTML document or 2 a crafted URL that is mishandled during access-log analysis...
CVE-2015-0140
An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 on 32-bit platforms allows remote attackers to execute arbitrary code via a crafted HTML document...
Hardcoded credentials
An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 on 32-bit platforms allows remote attackers to execute arbitrary code via a crafted HTML document...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via document.implementation.createHTMLDocument function. In Firefox and Safari an attacker can use an malicious inert document created using the vulnerable function. Details Cross-site scripting or XSS is a code...