CVE-2011-2932

CVE-2011-2932 is a cross-site scripting (XSS) vulnerability in Ruby on Rails’ activesupport core:_string/output_safety.rb, linked to a UTF-8 escaping issue. Affected versions include Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5. The issue enables remote injection of sc...

Internet Explorer findText Unicode Parsing Denial of Service (CVE-2009-2655)

Microsoft Internet Explorer is the most widely used Internet browser. A denial of service vulnerability has been reported in the way Microsoft Internet Explorer parses HTML pages. The vulnerability is due to an error in the mshtml.dll library. A remote attacker might exploit this issue by...

CA Internet Security Suite 2010 - 'KmxSbx.sys' Kernel Pool Overflow

/ Exploit Title: CA Internet Security Suite 2010 KmxSbx.sys Kernel Pool Overflow 0-day Exploit Date: 2010-11-28 Author: Nikita Tarakanov CISS Research Team Software Link: http://shop.ca.com/ca/products/internetsecurity/internetsecuritysuite.asp Version: up to date, KmxSbx.sys version 6.2.0.22...

Microsoft Internet Explorer 'findText()' Unicode Parsing DoS Vulnerability

Internet Explorer is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Opera Unicode String Denial Of Service Vulnerability (Linux)

This host is installed with Opera and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodoperaunicodestrdosvulnlin.nasl 5122 2017-01-27 12:16:00Z teissa $ Opera Unicode String Denial Of Service Vulnerability Linux Authors: Sharath S Updated for New CVE's - By Shara...

Google Chrome Unicode String Denial Of Service Vulnerability

This host is installed with Google Chrome and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodgooglechromeunicodestrdosvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Google Chrome Unicode String Denial Of Service Vulnerability Authors: Sharath S Copyright: Copyrig...

Opera Unicode String Denial Of Service Vulnerability - Linux

Opera is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Internet Explorer Unicode String DoS Vulnerability

Internet Explorer is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome Unicode String Denial Of Service Vulnerability

Google Chrome is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Opera Unicode String Denial Of Service Vulnerability - Windows

Opera is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sql injection

Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service CPU and memory consumption via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. NOTE: it was later reported that 7.0.6000.16473 and earlier are also...

CVE-2009-2578

Google Chrome 2.x through 2.0.172 allows remote attackers to cause a denial of service application crash via a long Unicode string argument to the write method, a related issue to CVE-2009-2479...

CVE-2009-2576

CVE-2009-2576 refers to a Denial of Service in Microsoft Internet Explorer (IE) where a long Unicode string passed to the write method can consume CPU/memory. The OpenVAS entry OpenVAS:900400 explicitly links CVE-2009-2576 to IE Unicode String DoS and lists a base CVSS v2 score of 5.0 (AV:N/AC:L/...

CVE-2009-2578

Removed by vendor...

Multiple browsers DoS

Crash or resources exhaustion on oversized unicode string operations via Javascript...

CVE-2009-2479

Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote attackers to cause a denial of service uncaught exception and application crash via a long Unicode string argument to the write method. NOTE: this was originally reported as a stack-based buffer overflow. NOTE: on Linux and Mac OS X, ...

CVE-2009-2479

Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote attackers to cause a denial of service uncaught exception and application crash via a long Unicode string argument to the write method. NOTE: this was originally reported as a stack-based buffer overflow. NOTE: on Linux and Mac OS X, ...

Buffer overflow

Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service memory corruption and possibly have unspecified other impact via 1 a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or ...

CVE-2009-1633

Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service memory corruption and possibly have unspecified other impact via 1 a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or ...

CVE-2009-1633

The CVE-2009-1633 issue affects the Linux kernel CIFS subsystem prior to 2.6.29.4. It describes multiple buffer overflows in CIFS that can be triggered by a malformed Unicode string (Unicode string area alignment in fs/cifs/sess.c) or long Unicode characters (fs/cifs/cifssmb.c and fs/cifs/readdir...