20 matches found
EUVD-2013-5436
Malware in sbrugna...
CVE-2015-7776
CVE-2015-7776 affects Cybozu Garoon 3.x and 4.x prior to 4.2.0. The vulnerability arises from improper restriction on loading IMG elements in HTML email, enabling remote attackers to track users via crafted messages. The issue is explicitly described as a different vulnerability from CVE-2016-119...
CVE-2016-0028
Outlook Web Access OWA in Microsoft Exchange Server 2013 SP1, Cumulative Update 11, and Cumulative Update 12 and 2016 Gold and Cumulative Update 1 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, aka...
Information disclosure
Outlook Web Access OWA in Microsoft Exchange Server 2013 SP1, Cumulative Update 11, and Cumulative Update 12 and 2016 Gold and Cumulative Update 1 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, aka...
Microsoft Internet Explorer CImgElement Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...
Microsoft Internet Explorer CImgElement Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...
MS Internet Explorer <= 6.x (IMG / XML elements) Denial of Service
No description provided by source. !-- Discovered by Inge Henriksen [email protected] http://ingehenriksen.blogspot.com/ -- table tr tdIMG align=leftX X X?xml:namespace prefix=v v:X style=HEIGHT:1/td /tr /table milw0rm.com 2006-01-18...
Race condition
The cycle collection CC implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial ...
CVE-2010-1176
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via vectors related to an array of long strings, an array of IMG elements with crafted strings in their SRC attributes, a TBODY element with no...
Design/Logic Flaw
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via vectors related to an array of long strings, an array of IMG elements with crafted strings in their SRC attributes, a TBODY element with no...
CVE-2010-0054
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving HTML IMG elements...
Design/Logic Flaw
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving HTML IMG elements...
CVE-2010-0054
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving HTML IMG elements...
CVE-2010-0054
Removed by vendor...
MS Internet Explorer <= 6.x (IMG / XML elements) Denial of Service
No description provided by source. !-- Discovered by Inge Henriksen [email protected] http://ingehenriksen.blogspot.com/ -- table tr tdIMG align=leftX X X?xml:namespace prefix=v v:X style="HEIGHT:1"/td /tr /table...
Mozilla products allows the src attribute in an img element to be changed to a JavaScript URI
Overview Mozilla products contain a cross-site scripting vulnerability due to a vulnerability in the way IMG elements are loaded. Description A vulnerability in the way Mozilla products load IMG elements in a frame may cause a cross-site script injection. According to Mozilla Foundation Security...
Code injection
Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of service via a web page with a large number of IMG elements in which the SRC attribute is a mailto URI. NOTE: another researcher found that the web page caused a temporary browser slowdown instead of a crash...
CVE-2006-2332
Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of service via a web page with a large number of IMG elements in which the SRC attribute is a mailto URI. NOTE: another researcher found that the web page caused a temporary browser slowdown instead of a crash...
CVE-2006-2332
Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of service via a web page with a large number of IMG elements in which the SRC attribute is a mailto URI. NOTE: another researcher found that the web page caused a temporary browser slowdown instead of a crash...
CVE-2006-2332
Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of service via a web page with a large number of IMG elements in which the SRC attribute is a mailto URI. NOTE: another researcher found that the web page caused a temporary browser slowdown instead of a crash...