Fedora Core 3 : thunderbird-1.0.2-1.3.1 (2005-247)

A buffer overflow bug was found in the way Thunderbird processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned...

Unclassified NewsBoard 1.5.3 - 'Description' HTML Injection

source: https://www.securityfocus.com/bid/14748/info Unclassified NewsBoard is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed i...

Foojan PHPWeblog - Html Injection

source: https://www.securityfocus.com/bid/14658/info Foojan PHPWeblog is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input. Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially...

Soft4e ECW-Shop 6.0.2 - 'index.php' HTML Injection

source: https://www.securityfocus.com/bid/14579/info ECW Shop is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...

Microsoft Internet Explorer JPEG rendering library vulnerable to buffer overflow

Overview A vulnerability in the Microsoft Internet Explorer JPEG image rendering routines may allow an attacker to remotely execute arbitrary code. Description Microsoft Internet Explorer is a web browser that is available for a variety of platforms and devices. A flaw in the image rendering...

MS05-038: Cumulative Security Update for Internet Explorer (896727)

The remote host contains a version of the Internet Explorer that is vulnerable to multiple security flaws JPEG Rendering, Web Folder, COM Object that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web pag...

CVE-2005-2414

Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service application crash via a large HTML file that loads a DOM call from within nested DIV tags, which causes part of the currently rendering...

CVE-2005-2414

Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service application crash via a large HTML file that loads a DOM call from within nested DIV tags, which causes part of the currently rendering...

Fedora Core 4 : epiphany-1.6.3-2 (2005-620)

Epiphany is a simple GNOME web browser based on the Mozilla rendering engine. There were several security flaws found in the mozilla package, which epiphany depends on. Users of epiphany are advised to upgrade to this updated package which has been rebuilt against a version of mozilla not...

Microsoft Internet Explorer 5.0.1 - .JPEG Image Rendering CMP Fencepost Denial of Service

Microsoft Internet Explorer 5.0.1 - .JPEG Image Rendering CMP Fencepost Denial of Service source: https://www.securityfocus.com/bid/14284/info Microsoft Internet Explorer is prone to an unspecified denial of service vulnerability in the JPEG image rendering library used by the browser. This issue...

Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering CMP Fencepost Denial of Service

source: https://www.securityfocus.com/bid/14284/info Microsoft Internet Explorer is prone to an unspecified denial of service vulnerability in the JPEG image rendering library used by the browser. This issue is reportedly similar to the one described in BID 14282. This issue was identified by...

Microsoft Internet Explorer 5.0.1 - .JPEG Image Rendering Buffer Overflow

Microsoft Internet Explorer 5.0.1 - .JPEG Image Rendering Buffer Overflow source: https://www.securityfocus.com/bid/14282/info Microsoft Internet Explorer is prone to a buffer overflow vulnerability in the JPEG image rendering library used by the browser. This issue is due to a failure of the...

Mensajeitor 1.8.9 - IP HTML Injection

Mensajeitor 1.8.9 - IP HTML Injection source: https://www.securityfocus.com/bid/14071/info Mensajeitor is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

Microsoft Internet Explorer Unspecified GIF And BMP Denial Of Service Vulnerability

Description Microsoft Internet Explorer is prone to a denial of service vulnerability when rendering malformed GIF and BMP images. Malformed images for other file formats may also cause a similar condition, though the vendor has not provided any further information. The vendor has not released an...

Microsoft Internet Explorer buffer overflow in PNG image rendering component

Overview A buffer overflow in the PNG image rendering component of Microsoft Internet Explorer IE may allow a remote attacker to execute code on a vulnerable system. Description The Portable Network Graphics PNG image format is used as an alternative to other image formats such as the Graphics...

Skull-Splitter Guestbook 1.02.02.2 - Multiple HTML Injection Vulnerabilities

Skull-Splitter Guestbook 1.02.02.2 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/13632/info Skull-Splitter Guestbook is prone to multiple HTML injection vulnerabilities. It is possible to inject HTML and script code into the title and content of posted...

CodetoSell ViArt Shop Enterprise 2.1.6 - reviews.php Multiple Cross-Site Scripting Vulnerabilities

CodetoSell ViArt Shop Enterprise 2.1.6 - reviews.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13462/info ViArt Shop is affected by multiple cross-site scripting and HTML injection vulnerabilities. These issues are due to a failure in the application ...

PunBB 1.2.3 - Multiple HTML Injection Vulnerabilities

PunBB 1.2.3 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/12828/info PunBB is reportedly affected by multiple HTML injection vulnerabilities. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also...

PunBB 1.2.3 - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/12828/info PunBB is reportedly affected by multiple HTML injection vulnerabilities. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible such as the theft of cookie-based authentication...

Phorum 5.0.14 - Multiple Subject and Attachment HTML Injection Vulnerabilities

Phorum 5.0.14 - Multiple Subject and Attachment HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/12800/info Phorum is reportedly affected by multiple HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied inp...