6660 matches found
Clever Copy 2.03.0 - Multiple HTML Injection Vulnerabilities
Clever Copy 2.03.0 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/16607/info Clever Copy is prone to multiple HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content...
Clever Copy 2.0/3.0 - Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/16607/info Clever Copy is prone to multiple HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the...
DEBIAN-CVE-2006-0297
Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the 1 EscapeAttributeValue in jsxml.c for E4X, 2 nsSVGCairoSurface::Init in SVG, and 3...
DSA-961-1 pdfkit.framework - buffer overflows
Bulletin has no description...
Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows
Background Xpdf is a PDF file viewer that runs under the X Window System. Poppler is a PDF rendering library based on the Xpdf 3.0 code base. GPdf is a PDF file viewer for the GNOME 2 platform, also based on Xpdf. libextractor is a library which includes Xpdf code to extract arbitrary meta-data...
AZ Bulletin Board 1.0.x1.1 - post.php HTML Injection
AZ Bulletin Board 1.0.x1.1 - post.php HTML Injection source: https://www.securityfocus.com/bid/16351/info AZbb is prone to HTML-injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-suppli...
AZ Bulletin Board 1.0.x/1.1 - 'post.php' HTML Injection
source: https://www.securityfocus.com/bid/16351/info AZbb is prone to HTML-injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the...
SaralBlog 1.0 - Multiple Input Validation Vulnerabilities
SaralBlog 1.0 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/16306/info saralblog is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of...
Use MS0601 vulnerability do web Trojan generator-vulnerability warning-the black bar safety net
We first need to understand this vulnerability you! Applicable system: Microsoft Windows 2 0 0 0 Service Pack 4 – download the update Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2 – Download the update Microsoft Windows XP Professional x64 Edition – download the upda...
Ubuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-38-1)
CAN-2004-0814 : Vitaly V. Bursov discovered a Denial of Service vulnerability in the 'serio' code; opening the same tty device twice and doing some particular operations on it caused a kernel panic and/or a system lockup. Fixing this vulnerability required a change in the Application Binary...
Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities
Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities by cocoruder page:http://ruder.cdut.net email:frankruderathotmail.com Last Update:2006.01.07 class:design error Remote:yes local:yes Product Affected: Microsoft Windows XP SP2 Microsoft Windows XP SP1 Microsoft Windows Serve...
[UPDATE]Microsoft Windows GRE WMF Format Multiple Unauthorized Memory Access Vulnerabilities
Microsoft Windows GRE WMF Format Multiple Unauthorized Memory Access Vulnerabilities //this bug report is update for Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities by cocoruder 2006.01.07 by cocoruder page:http://ruder.cdut.net email:frankruderathotmail.com Last...
CVE-2006-0143
Microsoft Windows Graphics Rendering Engine GRE allows remote attackers to corrupt memory and cause a denial of service crash via a WMF file containing 1 ExtCreateRegion or 2 ExtEscape function calls with arguments with inconsistent lengths...
Code injection
Microsoft Windows Graphics Rendering Engine GRE allows remote attackers to corrupt memory and cause a denial of service crash via a WMF file containing 1 ExtCreateRegion or 2 ExtEscape function calls with arguments with inconsistent lengths...
CVE-2006-0143
The Connected advisory CPAI-2006-171 documents a denial-of-service flaw in Microsoft Windows’ Graphics Rendering Engine (GRE) when parsing certain WMF files. Specifically, a crafted WMF with ExtCreateRegion or ExtEscape calls can trigger a memory read/parse error in GRE, causing the host applicat...
CVE-2006-0143
Microsoft Windows Graphics Rendering Engine GRE allows remote attackers to corrupt memory and cause a denial of service crash via a WMF file containing 1 ExtCreateRegion or 2 ExtEscape function calls with arguments with inconsistent lengths...
Microsoft Windows - Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities
Microsoft Windows - Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities source: https://www.securityfocus.com/bid/16167/info Microsoft Windows WMF graphics-rendering engine is affected by multiple memory-corruption vulnerabilities. These issues affect the 'ExtCreateRegion' and...
Microsoft Windows - Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities
source: https://www.securityfocus.com/bid/16167/info Microsoft Windows WMF graphics-rendering engine is affected by multiple memory-corruption vulnerabilities. These issues affect the 'ExtCreateRegion' and 'ExtEscape' functions. These problems present themselves when a user views a malicious...
PHP-Nuke News Submission Story - Text Field Cross-Site Scripting
PHP-Nuke News Submission Story - Text Field Cross-Site Scripting source: https://www.securityfocus.com/bid/16192/info The PHPNuke Pool and News Modules are prone to an HTML injection vulnerability. This issue is due to a failure in the application modules to properly sanitize user-supplied input...
Microsoft Security Bulletin MS06-001 Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)
Microsoft Security Bulletin MS06-001 Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution 912919 Published: January 5, 2006 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severi...