Design/Logic Flaw

The SAP Application Interface Message Monitoring - versions 600, 700, allows an authorized attacker to input links or headings with custom CSS classes into a comment. The comment will render links and custom CSS classes as HTML objects. After successful exploitations, an attacker can cause limite...

CVE-2023-29112 Code Injection vulnerability in SAP Application Interface Framework (Message Monitoring)

The SAP Application Interface Message Monitoring - versions 600, 700, allows an authorized attacker to input links or headings with custom CSS classes into a comment. The comment will render links and custom CSS classes as HTML objects. After successful exploitations, an attacker can cause limite...

CVE-2023-29112

CVE-2023-29112 affects SAP Application Interface Framework (Message Monitoring) versions 600 and 700. An authorized attacker can insert links or headings with custom CSS classes into a comment; the comment renders those links/classes as HTML objects, potentially resulting in limited impact on con...

CHM Help Files Deliver Brazilian Banking Trojan

Security researchers are warning of a new spam campaign targeting Brazilian institutions that contain Compiled HTML file attachments that are used to deliver a banking Trojan. Spam messages contain a malicious CHM attachment called “comprovante.chm”, wrote Rodel Mendrez, senior security researche...

CVE-2014-4459

Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document...

Microsoft Internet Explorer 7 HTML Object Memory Corruption (CVE-2007-0947)

Microsoft Internet Explorer IE is a web browser application that is capable of rendering both static and dynamic web content. The application is primarily used for tasks related to browsing the web, such as displaying HTML encoded pages, downloading files, etc. Extensions to the basic HTML standa...

Memory corruption

Microsoft Internet Explorer 8 for Windows XP SP2 and SP3; 8 for Server 2003 SP2; 8 for Vista Gold, SP1, and SP2; and 8 for Server 2008 SP2 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via "malformed row property references" that trigger an...

CVE-2009-1530

Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code by repeatedly adding HTML document nodes and calling event handlers, which...

Cumulative Security Update for Internet Explorer (950759)

This host has Microsoft Internet Explorer installed, which is prone to HTTP request splitting/smuggling and HTML Objects Memory Corruption Vulnerabilities. OpenVAS Vulnerability Test $Id: gbms08-031.nasl 5863 2017-04-05 07:38:11Z antu123 $ Cumulative Security Update for Internet Explorer 950759...

Memory corruption

Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service crash and execute arbitrary code via vectors related to a document object "appended in a specific order," aka "HTML Objects Memory Corruption...

Memory corruption

Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service crash and execute arbitrary code via vectors related to a document object "appended in a specific order" with "particular functions...

VulnCheck KEV: CVE-2007-5347

Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via "unexpected method calls to HTML objects," aka "DHTML Object Memory Corruption Vulnerability."...

Memory corruption

Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML...

CVE-2007-0946

Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the first of two "HTML Objects Memory Corruption...

CVE-2007-0947

Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML...

Memory corruption

Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the first of two "HTML Objects Memory Corruption...

CVE-2007-0947

Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML...

CVE-2007-0946

CVE-2007-0946 describes a memory corruption vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1/SP2, and Windows Vista, triggered by crafted HTML objects. The underlying issue is the improper handling of HTML objects, leading to memory corruption and potentia...

CVE-2007-0946

Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the first of two "HTML Objects Memory Corruption...