Microsoft Windows Graphics Rendering Engine buffer overflow vulnerability

Overview Microsoft Windows Graphics Rendering Engine contains a buffer overflow that may allow a remote attacker to execute arbitrary code on a vulnerable system. Description The Microsoft Windows Graphics Rendering Engine supports a number of image formats including Windows Metafile WMF and...

CVE-2005-3312

The HTML rendering engine in Microsoft Internet Explorer 6.0 allows remote attackers to conduct cross-site scripting XSS attacks via HTML in corrupted images and other files such as .GIF, JPG, and WAV, which is rendered as HTML when the user clicks on the link, even though the web server response...

Zomplog 3.33.4 - detail.php HTML Injection

Zomplog 3.33.4 - detail.php HTML Injection source: https://www.securityfocus.com/bid/15168/info Zomplog is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

security flaw

Direct Rendering Manager DRM driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service X Server crash and possibly modify the video output...

Fedora Core 3 : firefox-1.0.2-1.3.1 (2005-246)

A buffer overflow bug was found in the way Firefox processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the...

Fedora Core 3 : firefox-1.0.1-1.3.1 (2005-182)

This update fixes several security vulnerabilities in Firefox 1.0. It is recommended that all users update to Firefox 1.0.1. Additionally, this update backports several fixes from rawhide. This update enables pango font rendering by default. This update enables smooth scrolling by default. On...

Fedora Core 3 : thunderbird-1.0.2-1.3.1 (2005-247)

A buffer overflow bug was found in the way Thunderbird processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned...

Unclassified NewsBoard 1.5.3 - 'Description' HTML Injection

source: https://www.securityfocus.com/bid/14748/info Unclassified NewsBoard is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed i...

Foojan PHPWeblog - Html Injection

source: https://www.securityfocus.com/bid/14658/info Foojan PHPWeblog is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input. Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially...

Soft4e ECW-Shop 6.0.2 - 'index.php' HTML Injection

source: https://www.securityfocus.com/bid/14579/info ECW Shop is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...

Microsoft Internet Explorer JPEG rendering library vulnerable to buffer overflow

Overview A vulnerability in the Microsoft Internet Explorer JPEG image rendering routines may allow an attacker to remotely execute arbitrary code. Description Microsoft Internet Explorer is a web browser that is available for a variety of platforms and devices. A flaw in the image rendering...

MS05-038: Cumulative Security Update for Internet Explorer (896727)

The remote host contains a version of the Internet Explorer that is vulnerable to multiple security flaws JPEG Rendering, Web Folder, COM Object that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web pag...

CVE-2005-2414

Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service application crash via a large HTML file that loads a DOM call from within nested DIV tags, which causes part of the currently rendering...

CVE-2005-2414

Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service application crash via a large HTML file that loads a DOM call from within nested DIV tags, which causes part of the currently rendering...

Fedora Core 4 : epiphany-1.6.3-2 (2005-620)

Epiphany is a simple GNOME web browser based on the Mozilla rendering engine. There were several security flaws found in the mozilla package, which epiphany depends on. Users of epiphany are advised to upgrade to this updated package which has been rebuilt against a version of mozilla not...

Microsoft Internet Explorer 5.0.1 - .JPEG Image Rendering CMP Fencepost Denial of Service

Microsoft Internet Explorer 5.0.1 - .JPEG Image Rendering CMP Fencepost Denial of Service source: https://www.securityfocus.com/bid/14284/info Microsoft Internet Explorer is prone to an unspecified denial of service vulnerability in the JPEG image rendering library used by the browser. This issue...

Microsoft Internet Explorer 5.0.1 - .JPEG Image Rendering Buffer Overflow

Microsoft Internet Explorer 5.0.1 - .JPEG Image Rendering Buffer Overflow source: https://www.securityfocus.com/bid/14282/info Microsoft Internet Explorer is prone to a buffer overflow vulnerability in the JPEG image rendering library used by the browser. This issue is due to a failure of the...

Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering CMP Fencepost Denial of Service

source: https://www.securityfocus.com/bid/14284/info Microsoft Internet Explorer is prone to an unspecified denial of service vulnerability in the JPEG image rendering library used by the browser. This issue is reportedly similar to the one described in BID 14282. This issue was identified by...

Mensajeitor 1.8.9 - IP HTML Injection

Mensajeitor 1.8.9 - IP HTML Injection source: https://www.securityfocus.com/bid/14071/info Mensajeitor is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

Microsoft Internet Explorer Unspecified GIF And BMP Denial Of Service Vulnerability

Description Microsoft Internet Explorer is prone to a denial of service vulnerability when rendering malformed GIF and BMP images. Malformed images for other file formats may also cause a similar condition, though the vendor has not provided any further information. The vendor has not released an...