631 matches found
CVE-2006-0195
Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to conduct cross-site scripting XSS attacks via style sheet specifiers with invalid 1 "/" and "/" comments, or 2 a newline in a "url" specifier, which is processed by certain web browsers...
CVE-2006-0195
CVE-2006-0195 affects SquirrelMail 1.4.0–1.4.5 and is caused by an interpretation conflict in the MagicHTML filter, enabling remote XSS via style sheet specifiers with invalid /* */ comments or a newline in the url specifier. Public advisories and OpenVAS entries reference related fixes; Debian/C...
Cross site scripting
Interpretation conflict in PostNuke 0.761 and earlier allows remote attackers to conduct cross-site scripting XSS attacks via HTML tags with a trailing "" character by some web browsers but bypasses the blacklist protection in 1 the pnVarCleanFromInput function in pnAPI.php, 2 the pnSecureInput...
CVE-2005-3058
Fortinet FortiGate/FortiOS 2.8MR10 and FortiGate v3beta expose a vulnerability where remote attackers can bypass the URL blocker by using HTTP requests terminated with a line feed (LF) instead of CRLF or by requests without a Host header. This interpretation conflict in parsing HTTP requests is t...
[SECURITY] [DSA 958-1] New drupal packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 958-1 [email protected] http://www.debian.org/security/ Martin Schulze January 27th, 2006 http://www.debian.org/security/faq -...
DSA-958-1 drupal - several
Bulletin has no description...
Ubuntu 4.10 / 5.04 : mozilla-thunderbird vulnerabilities (USN-200-1)
A buffer overflow was discovered in the XBM image handler. By tricking an user into opening a specially crafted XBM image, an attacker could exploit this to execute arbitrary code with the user's privileges. CAN-2005-2701 Mats Palmgren discovered a buffer overflow in the Unicode string parser...
CVE-2005-4426
Interpretation conflict in YaBB before 2.1 allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF file extension, which causes the HTML to be executed by a victim who views the file in Internet Explorer as a result of CVE-2005-3312. NOTE: it could b...
CVE-2005-4426
CVE-2005-4426 involves YaBB before 2.1 where an interpretation conflict allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF extension, causing the HTML to execute in Internet Explorer (as described for CVE-2005-3312). The issue is tied to YaBB’s ...
CVE-2005-3975
Interpretation conflict in file.inc in Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3 allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF or JPEG file extension, which causes the HTML to be executed by a victim who views the file in Internet...
WebCalendar 1.0.1 - 'Layers_Toggle.php' HTTP Response Splitting
source: https://www.securityfocus.com/bid/15673/info WebCalendar is prone to an HTTP response-splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent how web...
WebCalendar 1.0.1 - Layers_Toggle.php HTTP Response Splitting
WebCalendar 1.0.1 - LayersToggle.php HTTP Response Splitting source: https://www.securityfocus.com/bid/15673/info WebCalendar is prone to an HTTP response-splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may...
PHP Handicapper - Process_signup.php HTTP Response Splitting
PHP Handicapper - Processsignup.php HTTP Response Splitting source: https://www.securityfocus.com/bid/15301/info PHP Handicapper is vulnerable to an HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker...
CVE-2005-3399
Multiple interpretation error in CAT-QuickHeal 8.0 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a...
CVE-2005-3400
Multiple interpretation error in Fortinet 2.48.0.0 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a...
CVE-2005-3401
Multiple interpretation error in TheHacker 5.8.4.128 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a...
CVE-2005-3400
The CVE-2005-3400 entry describes a vulnerability in Fortinet 2.48.0.0 identified as a multiple interpretation error. The issue allows remote attackers to bypass virus scanning by submitting a file type such as BAT, HTML, or EML that contains an MZ (EXE) magic byte sequence, causing the file to b...
CVE-2005-3400
Multiple interpretation error in Fortinet 2.48.0.0 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a...
CVE-2005-3401
Multiple interpretation error in TheHacker 5.8.4.128 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a...
CVE-2005-3401
CVE-2005-3401 describes a vulnerability in TheHacker 5.8.4.128 where a multiple interpretation error permits a remote bypass of virus scanning by crafted files (e.g., BAT, HTML, EML) that carry an explicit MZ (EXE) byte sequence. The content can be treated as a safe type while still being executa...