CVE-2006-2723

Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service crash via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified...

CVE-2006-2723

Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service crash via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified...

CVE-2006-2723

Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service crash via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified...

Super Link Exchange Script v1.0

Super Link Exchange Script v1.0 Homepage: http://www.ebizunion.com/guidetosuper.php Description: Main Features: 1. Add unlimited nested category/sub-category, 2. Can check reciprocal link back, 3. Can hide and delete no link back sites. 4. Template can be edited and suitable to fit your current...

[Full-disclosure] MSIE Nested Object Vulnerability Is Exploitable

Hello, There has recently been some discussion regarding whether or not the MSIE Nested Object Vulnerability reported by Michal Zalewski is exploitable or not. Link to Michal Zalewski Full-Disclosure Posting: http://lists.grok.org.uk/pipermail/full-disclosure/2006- April/045422.html Because of...

CVE-2006-1992

mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service crash via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of code execution was originally theorized, but...

Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Michal Zalewski wrote: Perhaps not surprisingly, there appears to be a vulnerability in how Microsoft Internet Explorer handles or fails to handle certain combinations of nested OBJECT tags. This was tested with MSIE 6.0.2900.2180.xpsp.040806-182...

Microsoft Internet Explorer 6 - Nested OBJECT Tag Memory Corruption

source: https://www.securityfocus.com/bid/17658/info Microsoft Internet Explorer is prone to a memory-corruption vulnerability. This issue is due to a flaw in the application in handling nested OBJECT tags in HTML content. An attacker could exploit this issue via a malicious web page to potential...

CVE-2006-1901

Mozilla Camino 1.0 and earlier allow remote attackers to cause a denial of service null dereference and application crash or hang via HTML with certain improperly nested elements. NOTE: this might be the same issue as CVE-2006-1724...

CVE-2006-1901

Mozilla Camino 1.0 and earlier allow remote attackers to cause a denial of service null dereference and application crash or hang via HTML with certain improperly nested elements. NOTE: this might be the same issue as CVE-2006-1724...

Support nested groups

panel:title=Resolved in Confluence 3.5|borderStyle=solid|borderColor=3C78B5|titleBGColor=3C78B5|bgColor=E7F4FA We are pleased to advise that support for nested groups is available in Confluence 3.5. You can find instructions on how to configure nested groups in our documentation: Configuring User...

Support nested groups

panel:title=Resolved in Confluence 3.5|borderStyle=solid|borderColor=3C78B5|titleBGColor=3C78B5|bgColor=E7F4FA We are pleased to advise that support for nested groups is available in Confluence 3.5. You can find instructions on how to configure nested groups in our documentation: Configuring User...

Cross site scripting

The cross-site scripting XSS countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "AAA", possibly due to nested or empty tags...

Symantec Brightmail AntiSpam: Nested Zip File, Denial of Service

SUMMARY Risk Impact Low Remote Access | Yes incoming mail ---|--- Local Access | No Authentication Required | No Exploit publicly available | NA AFFECTED PRODUCTS Product | Version | Build | Solution ---|---|---|--- Symantec Brightmail AntiSpam | 6.0 | 1 | Update Symantec Brightmail AntiSpam | 6....

security flaw

Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier PEAR XML-RPC for PHP, as used in multiple products including 1 Drupal, 2 phpAdsNew, 3 phpPgAds, and 4 phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be...

PT-2005-3398 · Php +1 · Phpxmlrpc +1

Name of the Vulnerable Software and Affected Versions: PHPXMLRPC versions 1.1.1 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document. These tags are injected into an eval function call. This is exploited by using...

CVE-2005-2414

Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service application crash via a large HTML file that loads a DOM call from within nested DIV tags, which causes part of the currently rendering...

CVE-2005-2414

CVE-2005-2414 describes a race condition in the xpcom library (used by Firefox, Mozilla, Netscape, Galeon) that can crash the target browser. An attacker could trigger a hard crash by rendering a large HTML file that loads a DOM call from within nested DIV tags, causing parts of the currently ren...

CVE-2005-2414

Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service application crash via a large HTML file that loads a DOM call from within nested DIV tags, which causes part of the currently rendering...

CVE-2005-2414

Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service application crash via a large HTML file that loads a DOM call from within nested DIV tags, which causes part of the currently rendering...