CVE-2009-2419

CVE-2009-2419 is a use-after-free vulnerability in WebKit’s servePendingRequests within Apple Safari 4.0 and 4.0.1. The issue can let remote attackers crash the browser or possibly execute arbitrary code via a crafted HTML document that references a zero-length .js file and the JavaScript reload ...

Design/Logic Flaw

Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via a crafted HTML document, as demonstrated by a URL with...

Design/Logic Flaw

Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML document, as demonstrated by a "web bug" in an e-mail message, or web...

CVE-2009-1840

Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML document, as demonstrated by a "web bug" in an e-mail message, or web...

Memory corruption

Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code by repeatedly adding HTML document nodes and calling event handlers, which...

CVE-2009-1530

Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code by repeatedly adding HTML document nodes and calling event handlers, which...

Design/Logic Flaw

WebKit in Apple Safari before 4.0 does not prevent references to file: URLs within 1 audio and 2 video elements, which allows remote attackers to determine the existence of arbitrary files via a crafted HTML document...

Hardcoded credentials

WebKit in Apple Safari before 4.0 does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted HTML document...

CVE-2009-1711

WebKit in Apple Safari before 4.0 does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted HTML document...

CVE-2009-1703

Removed by vendor...

CVE-2009-1711

Removed by vendor...

CVE-2009-1698

Removed by vendor...

CVE-2009-1711

WebKit in Apple Safari before 4.0 does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted HTML document...

CVE-2009-1698

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets CSS attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code ...

Microsoft Internet Explorer Event Handler Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when repeatedly calling event handle...

CVE-2009-1687

The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption a...

Microsoft Whale Client Components ActiveX (WhlMgr.dll) Multiple Method Overflows

The version of the Whale Client Components ActiveX control, a component of Microsoft Whale Intelligent Application Gateway product and installed on the remote Windows host, reportedly contains multiple stack-based buffer overflows that can be triggered using long arguments to the 'CheckForUpdates...

Symantec Fax Viewer Control ActiveX Control AppendFax Overflow

The version of the Symantec Fax Viewer Control ActiveX control, a component included with Symantec Winfax Pro and installed on the remote Windows host, reportedly contains a stack-based buffer overflow that can be triggered by calling the 'AppendFax' method with an overly long argument. If an...

SAP GUI KWEdit ActiveX Control SaveDocumentAs() Insecure Method

The version of the KWEdit ActiveX control on the remote host is reportedly affected by a remote code execution vulnerability. The control provides the insecure method 'SaveDocumentAs', which saves an HTML document to a specified location. This can be exploited in combination with e.g. the...

Update Protection against IBM Access Support ActiveX GetXMLValue Method Buffer Overflow

IBM Access Support ActiveX Control contains a buffer overflow vulnerability. The IBM Access Support ActiveX control is used by the vendor to collect system information, such as make, model, serial number, OS version, etc. This control is available on the IBM / Lenovo web site, and may also come...