3943 matches found
CVE-2007-0180
Stack-based buffer overflow in EF Commander 5.75 allows user-assisted attackers to execute arbitrary code via a crafted ISO file containing a file within several nested directories, which produces a large filename that triggers the overflow...
Mozilla Firefox JavaScript处理程序竞争条件内存破坏漏洞
Mozilla Firefox是一款开放源代码的WEB浏览器。 Mozilla Firefox处理信号存在竞争条件问题,远程攻击者可以利用漏洞进行内存破坏攻击,可能以进程权限执行任意指令。 Firefox当处理深层嵌套的XML文档显示时被javascript处理程序中断,如果浏览器之后通过脚本重定向到新的位置,那么所有未完成的解析过程会中断,其所有结构也被释放,之间就可能存在两次释放而造成的内存破坏问题,可使应用程序崩溃,可能以进程权限执行任意指令。 Mozilla Firefox 1.5 beta 2 Mozilla Firefox 1.5 beta 1 Mozilla Firefox...
security flaw
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads...
security flaw
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads...
DEBIAN-CVE-2006-4253
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads...
PT-2006-1093 · K Meleon +4 · K-Meleon +4
Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions 1.5.0.6 and earlier K-Meleon version 1.0.1 and earlier Netscape Navigator version 8.1 and earlier Description: The issue is related to insufficient access control and concurrency vulnerabilities, allowing a remote...
security flaw
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...
security flaw
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...
security flaw
The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is use...
security flaw
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...
security flaw
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and migh...
DEBIAN-CVE-2006-1173
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and migh...
DEBIAN-CVE-2006-2779
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...
CVE-2006-2784
The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is use...
DEBIAN-CVE-2006-2723
Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service crash via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified...
CVE-2006-2723
Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service crash via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified...
CVE-2006-2723
Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service crash via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified...
CVE-2006-2723
Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service crash via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified...
Super Link Exchange Script v1.0
Super Link Exchange Script v1.0 Homepage: http://www.ebizunion.com/guidetosuper.php Description: Main Features: 1. Add unlimited nested category/sub-category, 2. Can check reciprocal link back, 3. Can hide and delete no link back sites. 4. Template can be edited and suitable to fit your current...
[Full-disclosure] MSIE Nested Object Vulnerability Is Exploitable
Hello, There has recently been some discussion regarding whether or not the MSIE Nested Object Vulnerability reported by Michal Zalewski is exploitable or not. Link to Michal Zalewski Full-Disclosure Posting: http://lists.grok.org.uk/pipermail/full-disclosure/2006- April/045422.html Because of...