5392 matches found
CVE-2005-0509
Multiple cross-site scripting XSS vulnerabilities in the Mono 1.0.5 implementation of ASP.NET .Net allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including "" and ""...
rxvt-unicode -- buffer overflow vulnerability
A rxvt-unicode changelog reports: Fix a bug that allowed to overflow a buffer via a long escape sequence, which is probably exploitable fix by Rob Holland / Yoann Vandoorselaere / Gentoo Audit Team...
security flaw
Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service crash or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value...
Internationalized domain names (IDN) can be used for spoofing. – Opera Security Advisories
Internationalized domain names IDN can be used for spoofing. – Opera Security Advisories OPCOM Team | February 25, 2005 Summary Opera supports internationalized domain names IDN, which allowsfor example Russian or Chinese domain names to be written in theirown native scripts. However, this also...
Heap overflow possible in UTF8 to Unicode conversion — Mozilla
It is possible for a UTF8 string with invalid sequences to trigger a heap overflow of converted Unicode data. Exploitability would depend on the attackers ability to get the string into the buggy converter. General web content is converted elsewhere but we can't rule out the possibility of a...
CVE-2005-0509
Multiple cross-site scripting XSS vulnerabilities in the Mono 1.0.5 implementation of ASP.NET .Net allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including "" and ""...
CVE-2005-0509
Multiple cross-site scripting XSS vulnerabilities in the Mono 1.0.5 implementation of ASP.NET .Net allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including "" and ""...
Mono 1.0.5 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities
Mono 1.0.5 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12626/info It is reported that Mono is prone to various cross-site scripting attacks. These issues result from insufficient sanitization of user-supplied data and aris...
Mono 1.0.5 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/12626/info It is reported that Mono is prone to various cross-site scripting attacks. These issues result from insufficient sanitization of user-supplied data and arise when Mono converts Unicode characters ranging from U+ff00-U+ff60 to ASCII. Mono 1.0.5 ...
Microsoft .Net Framework ASP.NET crossite scripting
By using Unicode characters 0xff-0xff60 it's possible to bypass special charactesr filtering in ASP.NET application...
CVE-2005-0452
Multiple cross-site scripting XSS vulnerabilities in Microsoft ASP.NET .Net 1.0 and 1.1 to SP1 allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including "" and ""...
CVE-2005-0452
Multiple cross-site scripting XSS vulnerabilities in Microsoft ASP.NET .Net 1.0 and 1.1 to SP1 allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including "" and ""...
Microsoft ASP.NET 1.01.1 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities
Microsoft ASP.NET 1.01.1 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12574/info It is reported that ASP.NET is prone to various cross-site scripting attacks. These issues when ASP.NET converts Unicode characters ranging fr...
Microsoft ASP.NET 1.0/1.1 - Unicode Character Conversion Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/12574/info It is reported that ASP.NET is prone to various cross-site scripting attacks. These issues when ASP.NET converts Unicode characters ranging from U+ff00-U+ff60 to ASCII. Apparently, the application fails to properly validate Unicode characters...
#11 by unl0ck team
-= Unl0ck Team Security Advisory =- | | | | | | / | | / | | / / / | |/ / | |/ / | | / | | / | | | / / | Y Y |/|| // / | || /|| / / / / / / / / ... the best way of protection is attack http://unl0ck.void.ru Advisory : 11 by unl0ck team Product : Win Ftp Server latest version Vendor :...
CVE-2005-0086
Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted file, as demonstrated using the UTF-8 locale...
DEBIAN-CVE-2004-2215
RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges...
CVE-2004-2215
RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges...
USN-29-1: samba vulnerability
During an audit of the Samba 3.x code base Stefan Esser discovered a Unicode file name buffer overflow within the handling of TRANSACT2QFILEPATHINFO replies. A malicious samba user with write access to a share could exploit this by creating specially crafted path names files with very long names...
[Full-Disclosure] Advisory 13/2004: Samba 3.x QFILEPATHINFO unicode filename buffer overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: Samba 3.x QFILEPATHINFO unicode filename buffer overflow Release Date: 2004/11/15 Last Modified: 2004/11/15 Author: Stefan Esser [email protected] Application: Samba 3 = 3.0.7...