8 matches found
EUVD-2010-1668
Malware in sbrugna...
CVE-2013-3918
The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remo...
Microsoft Internet Explorer 6 - IFRAME Tag Buffer Overflow
BoF PoC exploit iS' ,SS" Copyright C 2003, 2004 by Berend-Jan Wever. YS, .ss ,sY" http://www.edup.tudelft.nl/bjwever "YSSP" sSS This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2, 1991 as published by the Free Softwa...
Sun Java Virtual Machine 1.x - Font.createFont Method Insecure Temporary File Creation
Sun Java Virtual Machine 1.x - Font.createFont Method Insecure Temporary File Creation source: https://www.securityfocus.com/bid/10685/info Sun Java Virtual Machine is a component of the Sun Java infrastructure that performs the handling of Java applets and other programs. It is available for Uni...
Microsoft Windows Program Group Converter Filename Local Buffer Overrun Vulnerability
Description Microsoft Windows Program Group Converter grpconv.exe is reported prone to a buffer overrun vulnerability. The issue is reported to exist due to a lack of sufficient validation performed on filename data. An attacker may craft a malicious file and present it to a victim in order to...
Microsoft Internet Explorer 6 - Scrollbar-Base-Color Partial Denial of Service
source: https://www.securityfocus.com/bid/8874/info It has been reported that Microsoft Internet Explorer is prone to a vulnerability that may allow an attacker to cause a denial of service condition in the software. The problem occurs due to improper handling of scrollbar-base-color attribute of...
CVE-2002-0027
Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in...
hotmail.java.txt
Georgi Guninski security advisory 5, 2000 Yet another Hotmail security hole - injecting JavaScript using "jvascript:" Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact that Georgi Guninski ...