Apple WebKit build 18794 - WebCore Remote Denial of Service

Apple WebKit build 18794 - WebCore Remote Denial of Service source: https://www.securityfocus.com/bid/22059/info Apple WebKit is prone to a denial-of-service vulnerability. Attackers may exploit this issue by enticing victims into opening a malicious HTML document with an application using the...

CVE-2006-6603

Buffer overflow in the YMMAPI.YMailAttach ActiveX control ymmapi.dll before 2005.1.1.4 in Yahoo! Messenger allows remote attackers to execute arbitrary code via a crafted HTML document. NOTE: some details were obtained from third party information...

CVE-2006-6603

Buffer overflow in the YMMAPI.YMailAttach ActiveX control ymmapi.dll before 2005.1.1.4 in Yahoo! Messenger allows remote attackers to execute arbitrary code via a crafted HTML document. NOTE: some details were obtained from third party information...

Apple Mac OS X 2006-007更新修复多个安全漏洞

Mac OS X是苹果家族计算机所使用的操作系统。 Apple 2006-007安全更新修复了Mac OS X中的多个安全漏洞，具体包括： CVE-2006-4396 Apple Type Services服务程序不安全地创建了错误日志文件，允许本地攻击者以系统权限覆盖或创建文件。 CVE-2006-4398 Apple Type Services服务程序中存在多个缓冲区溢出漏洞。本地攻击者可以通过发送特制的服务请求触发这些溢出，导致拒绝服务或以系统权限执行任意指令。 CVE-2006-4400 Apple Type...

CVE-2006-3893

Multiple buffer overflows in the ActiveX controls in Newtone ImageKit 5 before Fix 30 and 6 before Fix 40, as used in CASIO Photo Loader software before 3.01 and possibly other software, allow remote attackers to execute arbitrary code via a crafted HTML document...

US-CERT Technical Cyber Security Alert TA06-270A -- Microsoft Internet Explorer WebViewFolderIcon ActiveX Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-270A Microsoft Internet Explorer WebViewFolderIcon ActiveX Vulnerability Original release date: September 27, 2006 Last revised: -- Source: US-CERT Systems Affected Microsoft Windows...

IBM Access Support eGatherer ActiveX control buffer overflow

Overview The IBM Access Support eGatherer ActiveX control contains a buffer overflow vulnerability, which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The IBM Access Support eGatherer ActiveX control has the ability to collect system...

CVE-2006-4555

Buffer overflow in the Retro64 / Miniclip CR64Loader ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors involving an HTML document that references the CLSID of the control...

CVE-2006-4555

Buffer overflow in the Retro64 / Miniclip CR64Loader ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors involving an HTML document that references the CLSID of the control...

Microsoft Internet Explorer fails to properly interpret layout positioning

Overview Microsoft Internet Explorer fails to properly handle certain combinations of layout positioning. This can allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer contains a vulnerability in the handling of certain combinations of...

Microsoft Internet Explorer Multiple CSS Imports Memory Corruption Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to improper garbage collection when...

CVE-2006-3505

WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTML document that causes WebKit to access an object that has already been deallocated...

Buffer overflow

Buffer overflow in eBay Enhanced Picture Services aka EPUImageControl Class in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item SYI, Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary...

CVE-2006-1176

Buffer overflow in eBay Enhanced Picture Services aka EPUImageControl Class in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item SYI, Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary...

CVE-2006-1176

Buffer overflow in eBay Enhanced Picture Services aka EPUImageControl Class in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item SYI, Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary...

CVE-2006-1176

The CVE-2006-1176 issue is a buffer overflow in the eBay Enhanced Picture Services ActiveX control (EPUImageControl Class) shipped by EUPWALcontrol.dll. Vulnerable when the ActiveX control is version 1.0.3.36 and earlier, used in Sell Your Item (SYI), Setup & Test eBay Enhanced Picture Services, ...

Microsoft Internet Explorer HTML Document object cross-domain vulnerability

Overview Microsoft Internet Explorer contains a cross-domain vulnerability in how it handles redirected object data. This could allow an attacker to access the content of a web page in a different domain. Description The Cross-Domain Security Model IE uses a cross-domain security model to maintai...

Mozilla contains a buffer overflow vulnerability in crypto.signText()

Overview Mozilla products contain a buffer overflow in the crypto.signText method. This may allow a remote attacker to execute arbitrary code. Description crypto.SignText JavaScript contains a crypto.signText method, which allows the user to digitally sign a text string. The problem The Mozilla...

Mozilla contains multiple memory corruption vulnerabilities

Overview Mozilla contains several memory corruption vulnerabilities. This may allow a remote attacker to execute arbitrary code. Description Mozilla team members have discovered multiple vulnerabilities that cause the browser engine to crash. In certain circumstances, these vulnerabilities may...

amaya -- Attribute Value Buffer Overflow Vulnerabilities

Secunia reports: Amaya have two vulnerabilities, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to boundary errors within the parsing of various attribute values. This can be exploited to cause stack-based buffer overflows when a user...