Microsoft Office XP 20002002 - HTML Link Processing Remote Buffer Overflow

Microsoft Office XP 20002002 - HTML Link Processing Remote Buffer Overflow source: https://www.securityfocus.com/bid/12480/info A remote buffer overflow vulnerability affects Microsoft Office XP. The problem presents itself when an unsuspecting user follows a malicious HTML link that points to a...

Microsoft Office XP 2000/2002 - HTML Link Processing Remote Buffer Overflow

source: https://www.securityfocus.com/bid/12480/info A remote buffer overflow vulnerability affects Microsoft Office XP. The problem presents itself when an unsuspecting user follows a malicious HTML link that points to a Office document. A boundary condition error is exposed during this operatio...

Goolery 0.3 - 'viewalbum.php?page' Cross-Site Scripting

source: https://www.securityfocus.com/bid/11587/info It is reported that Goollery is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These problems present themselves when malicious HTML a...

Microsoft Internet Explorer 6 - Font Tag Denial of Service

Microsoft Internet Explorer 6 - Font Tag Denial of Service source: https://www.securityfocus.com/bid/11536/info Microsoft Internet Explorer is reported prone to a remote denial of service vulnerability. The issue presents itself due to a malfunction that occurs when certain font tags are...

XOOPS viewtopic.php Multiple Parameter XSS

The weblinks module of XOOPS contains a file named 'viewtopic.php' in the '/modules/newbb' directory. The code of the module insufficently filters out user provided data. The URL parameter used by 'viewtopic.php' can be used to insert malicious HTML and/or JavaScript in to the web page...

Verylost LostBook 1.1 - Message Entry HTML Injection

Verylost LostBook 1.1 - Message Entry HTML Injection source: https://www.securityfocus.com/bid/10825/info Reportedly Verylost lostBook is affected by an HTML injection vulnerability in its message entry functionality. This issue is due to a failure of the application to properly validate and...

Verylost LostBook 1.1 - Message Entry HTML Injection

source: https://www.securityfocus.com/bid/10825/info Reportedly Verylost lostBook is affected by an HTML injection vulnerability in its message entry functionality. This issue is due to a failure of the application to properly validate and sanitize user-supplied input before including it in...

Microsoft Internet Explorer 5.0.1 - Style Tag Comment Memory Corruption

Microsoft Internet Explorer 5.0.1 - Style Tag Comment Memory Corruption source: https://www.securityfocus.com/bid/10816/info A heap overflow vulnerability has been discovered in Internet Explorer. It is reported that the issue presents itself when a comment character sequence that is not terminat...

Microsoft Internet Explorer 5.0.1 - Style Tag Comment Memory Corruption

source: https://www.securityfocus.com/bid/10816/info A heap overflow vulnerability has been discovered in Internet Explorer. It is reported that the issue presents itself when a comment character sequence that is not terminated is encountered after a STYLE tag. This issue could be exploited by a...

12Planet Chat Server 2.9 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/10659/info It is reported that 12Planet Chat Server is prone to a cross-site scripting vulnerability. This issue is due to a lack of sanitization of user-supplied data. The problem presents itself when malicious HTML or script code is passed in a URI...

Microsoft Internet Explorer 6 - Shell.Application Object Script Execution

Microsoft Internet Explorer 6 - Shell.Application Object Script Execution source: https://www.securityfocus.com/bid/10652/info Microsoft Internet Explorer is reported prone to a security weakness that may permit malicious HTML documents the ability to execute script code. This script code has the...

ArbitroWeb PHP Proxy 0.50.6 - Cross-Site Scripting

ArbitroWeb PHP Proxy 0.50.6 - Cross-Site Scripting source: https://www.securityfocus.com/bid/10592/info It is reported that ArbitroWeb is susceptible to a cross-site scripting vulnerability in its rawURL URI parameter. The URI parameter passed to 'index.php' called 'rawURL' contains the desired...

SqWebMail 4.0.4.20040524 - Email Header HTML Injection

SqWebMail 4.0.4.20040524 - Email Header HTML Injection source: https://www.securityfocus.com/bid/10588/info SqWebMail is reported to be prone to an email header HTML injection vulnerability. This issue presents itself due to a failure of the application to properly sanitize user-supplied email...

e107 Website System 0.5/0.6 - 'Log.php' HTML Injection

source: https://www.securityfocus.com/bid/10395/info It is reported that e107 website system is prone to a remote HTML injection vulnerability. This issue is due to a failure by the application to properly sanitize user-supplied input. The problem presents itself when a user supplies malicious HT...

Herberlin BremsServer 1.2.4 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/9491/info BremsServer has been reported to contain cross-site scripting vulnerabilities. This issue is due to the server failing to check or filter user strings that are sent to the server. An attacker may exploit these issues by creating a link that...

mIRC 6.1 "IRC" Protocol Remote Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ====================================================== mIRC 6.1 "IRC" Protocol Remote Buffer Overflow Exploit ====================================================== / remote mirc 998 chars to someone on IRC is simply NOT done : Then I...

AldWeb MiniPortail 1.92.x - LNG Cross-Site Scripting

AldWeb MiniPortail 1.92.x - LNG Cross-Site Scripting source: https://www.securityfocus.com/bid/8504/info cross-site scripting vulnerability has been reported for miniPortail. The vulnerability exists due to insufficient sanitization of some user-supplied values. Specifically, malicious HTML code ...

AldWeb MiniPortail 1.9/2.x - 'LNG' Cross-Site Scripting

source: https://www.securityfocus.com/bid/8504/info cross-site scripting vulnerability has been reported for miniPortail. The vulnerability exists due to insufficient sanitization of some user-supplied values. Specifically, malicious HTML code is not sanitized from a URI parameter passed to...

Microsoft Internet Explorer ADODB.Stream Object File Installation Weakness

Description Microsoft Internet Explorer is prone to a security weakness that may permit malicious HTML documents to create or overwrite files on a victim file system when interpreted from the Local Zone or other Security Zones with relaxed security restrictions, such as the Intranet Zone. This...

IdealBB 1.4.9 Beta - HTML Injection

IdealBB 1.4.9 Beta - HTML Injection source: https://www.securityfocus.com/bid/8480/info IdealBB is prone to an HTML injection vulnerability. This could permit remote attackers to inject malicious HTML and script code into board messages. The attacker's code may be rendered in the web browser of t...