CVE-2010-3751

Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 allow remote attackers to execute arbitrary code via a long .smil argument to the 1 tfile, 2 pnmm, or 3 cdda protocol handler...

CVE-2010-3625

Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."...

acroread: multiple code execution flaws (APSB10-21)

Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."...

Microsoft Help Center XSS and Command Execution

Help and Support Center is the default application provided to access online documentation for Microsoft Windows. Microsoft supports accessing help documents directly via URLs by installing a protocol handler for the scheme "hcp". Due to an error in validation of input to hcp:// combined with a...

Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly

Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly ---------------------------------------------------------------------------- Help and Support Centre is the default application provided to access online documentation for Microsoft Windows. Microsoft supports accessing...

Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly (MS03-044)

Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly ---------------------------------------------------------------------------- Help and Support Centre is the default application provided to access online documentation for Microsoft Windows. Microsoft supports accessing...

Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly (MS03-044)

Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly MS03-044 Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly ---------------------------------------------------------------------------- Help and Support Centre is the default application...

Design/Logic Flaw

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."...

CVE-2010-0191

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."...

CVE-2010-0191

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."...

Acroread: Multiple code execution flaws (APSB10-09)

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."...

Adobe Acrobat < 9.3.2 / 8.2.2 Multiple Vulnerabilities (APSB10-09)

The version of Adobe Acrobat installed on the remote host is earlier than 9.3.2 / 8.2.2. Such versions are reportedly affected by multiple vulnerabilities : - A cross-site scripting issue could lead to code execution. CVE-2010-0190 - A prefix protocol handler vulnerability could lead to code...

Adobe Reader < 9.3.2 / 8.2.2 Multiple Vulnerabilities (APSB10-09)

The version of Adobe Reader installed on the remote host is earlier than 9.3.2 / 8.2.2. Such versions are reportedly affected by multiple vulnerabilities : - A cross-site scripting issue could lead to code execution. CVE-2010-0190 - A prefix protocol handler vulnerability could lead to code...

ZDI-10-027: Skype Protocol Handler datapath Argument Injection Remote Code Execution Vulnerability

ZDI-10-027: Skype Protocol Handler datapath Argument Injection Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-027 March 11, 2010 -- Affected Vendors: Skype -- Affected Products: Skype -- TippingPointTM IPS Customer Protection: TippingPoint IPS customers hav...

Skype Protocol Handler datapath Argument Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Skype. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists with how the OS web-browser passes command line arguments ...

Apple iTunes Protocol Handler Stack Buffer Overflow (CVE-2009-0950)

Apple iTunes is a multimedia player that supports a wide range of media formats. The software supports parsing and displaying picture files. When iTunes is installed, it registers itself with the host Operating System as a protocol handler for several application URL schemes. A buffer overflow...

Zen Cart extras/curltest.php Information Disclosure

The installed version of Zen Cart includes a test script, 'extras/curltest.php', intended for testing that the curl PHP library is installed and working properly. It fails, though, to restrict access and can be abused to access arbitrary URLs, including local files via the 'file' protocol handler...

Design/Logic Flaw

Mozilla Firefox 3.5.2 on Windows XP, in some situations possibly involving an incompletely configured protocol handler, does not properly implement setting the document.location property to a value specifying a protocol associated with an external application, which allows remote attackers to cau...

CVE-2009-2975

Mozilla Firefox 3.5.2 on Windows XP, in some situations possibly involving an incompletely configured protocol handler, does not properly implement setting the document.location property to a value specifying a protocol associated with an external application, which allows remote attackers to cau...

CVE-2009-2975

CVE-2009-2975 concerns Mozilla Firefox 3.5.2 on Windows XP where, in situations involving an incompletely configured protocol handler, the browser does not properly enforce document.location values for protocols linked to external applications. This can enable a remote attacker to trigger a denia...