6635 matches found
Debian DSA-1046-1 : mozilla - several vulnerabilities
Several security related problems have been discovered in Mozilla. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2005-2353 The 'run-mozilla.sh' script allows local users to create or overwrite arbitrary files when debugging is enabled via a...
Microsoft Windows / Internet Explorer 0-day vulnerability
Microsoft Vector Graphics Rendering Library vulnerability is used for hidden malware installation...
CVE-2006-4868
CVE-2006-4868: A stack-based buffer overflow in VGX.dll (VML processing) used by Microsoft Outlook and Internet Explorer on Windows XP SP2 enables remote code execution via a crafted VML rect tag with a long fill parameter. Affected: Internet Explorer/VML handling. Impact per sources: arbitrary c...
phpMyAdmin 2.x - Multiple Script Array Handling Full Path Disclosures
phpMyAdmin 2.x - Multiple Script Array Handling Full Path Disclosures source: https://www.securityfocus.com/bid/21137/info phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure...
Sage 1.3.6 - Input Validation
source: https://www.securityfocus.com/bid/19928/info The application is prone to an input-validation vulnerability that allows malicious HTML and script code to be injected before it is used in dynamically generated content. Attacker-supplied HTML and script code would execute in the context of t...
SYMSA-2006-004 (Full Details): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID : SYMSA-2006-004 Advisory Title: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution Author : Peter Ferrie / [email protected]...
SYMSA-2006-004: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID : SYMSA-2006-004 Advisory Title: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution Author : Peter Ferrie / [email protected]...
Buffer overflow
Buffer overflow in the ART Image Rendering component jgdw400.dll in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption...
CVE-2006-2378
CVE-2006-2378 is a heap-based buffer overflow in the ART Image Rendering component (jgdw400.dll) used by AOL ART images in Microsoft Windows XP (SP1/SP2), Windows Server 2003 (SP1), and older/related OSes (including 98/Me). A crafted ART image can cause heap corruption, enabling remote code execu...
Integer overflow
Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile WMF or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based...
CVE-2006-2376
Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile WMF or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based...
CVE-2006-2376
Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile WMF or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based...
CVE-2006-2376
A remote code execution vulnerability exists in Microsoft Windows’ Graphics Rendering Engine due to an integer overflow in the WMF/EMF PolyPolygon handling. The heap-based overflow is triggered when the sum of vertex counts and the number of polygons is added and multiplied without 32-bit overflo...
Microsoft Graphics Rendering Engine fails to properly handle WMF images
Overview Microsoft Windows Graphics Rendering Engine contains a vulnerability that may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Windows Graphics Rendering Engine supports a number of image formats including Windows Metafile WMF. An...
Microsoft Security Bulletin MS06-026 Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (918547)
Microsoft Security Bulletin MS06-026 Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution 918547 Published: June 13, 2006 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Critical Maximum Severity Rating: Remo...
Microsoft Security Bulletin MS06-022 Vulnerability in ART Image Rendering Could Allow Remote Code Execution (918439)
Microsoft Security Bulletin MS06-022 Vulnerability in ART Image Rendering Could Allow Remote Code Execution 918439 Published: June 13, 2006 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Ratin...
Microsoft Windows GDI WMF Handling Heap Overflow Vulnerability
Description The Microsoft Windows GDI Graphics Rendering Engine is prone to a heap-overflow vulnerability. This issue is exposed when the component loads a specially crafted WMF Windows Metafile image. If this issue is exploited, a malicious WMF or EMF file could potentially corrupt heap-based...
Five Star Review Script - 'report.php?item_id' Cross-Site Scripting
source: https://www.securityfocus.com/bid/18390/info Five Star Review Script is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to run arbitrary HTML and script code in the browser of a...
TAL RateMyPic 1.0 - Multiple Input Validation Vulnerabilities
TAL RateMyPic 1.0 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/18230/info TAL RateMyPic is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can...
DSA-1076-1 lynx - programming error
Bulletin has no description...