Search
Keyword: HTML_SOHANAD
openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters." apache
5.5.0 through 5.5.23, and 6.0.0 through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via the test parameter and unspecified vectors. Apache Tomcat 4.0.0,Apache Tomcat 4.0.1,Apache
HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method. apache tomcat 4.1.0,apache tomcat 4.1.1,apache tomcat 4.1.10,apache tomcat 4.1.12,apache tomcat
HTML via certain header values. Apache Tomcat 5.0.0,Apache Tomcat 5.0.1,Apache Tomcat 5.0.10,Apache Tomcat 5.0.11,Apache Tomcat 5.0.12,Apache Tomcat 5.0.13,Apache Tomcat 5.0.14,Apache Tomcat
allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors. NOTE: this may be related to CVE-2006-0254.1. Apache Software
CVE-2007-3384 Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML
file in the src descriptor of an @font-face Cascading Style Sheets (CSS) rule in an HTML document, possibly related to the Embedded OpenType (EOT) Font Engine, a different vulnerability than
CVE-2009-0850 Cross-site scripting (XSS) vulnerability in BitDefender Internet Security 2009 allows user-assisted remote attackers to inject arbitrary web script or HTML via the filename of a
inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server. mozilla firefox 1.0,mozilla firefox 1.0.1,mozilla firefox 1.0.2,mozilla firefox 1.0.3,mozilla
script or HTML via (1) the siteloc parameter in a displayaddsite action, the site parameter in a (2) generalproperties or (3) clusterserviceproperties action, (4) the adminurl parameter in a global action,
arbitrary web script or HTML via unspecified vectors. sun java_system_access_manager 6,sun java_system_access_manager 6.0_2005q1,sun java_system_access_manager 7.0,sun java_system_access_manager
remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "UAG XSS Allows EOP Vulnerability." microsoft forefront_unified_access_gateway 2010 Apply associated Trend Micro DPI
or HTML via unspecified vectors. vmware view_manager 3.1.1,vmware view_manager 3.1.2,vmware view_manager 3.1.3 Apply associated Trend Micro DPI Rules. 1000552| 1000552 - Generic Cross Site Scripting
remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "XSS Issue on UAG Mobile Portal Website in Forefront Unified Access Gateway Vulnerability." microsoft
CVE-2009-3955 Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream
CVE-2009-3958 Buffer overflow in the Download Manager in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via
CVE-2009-3956 The default configuration of Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, does not properly support the Enhanced Security feature, which has
CVE-2009-1729 Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express 6 2005Q4 (aka 6.2) and 6.3 allow remote attackers to inject arbitrary web script or HTML
writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654. mozilla firefox 0.1,mozilla firefox 0.10,mozilla firefox 0.10.1,mozilla firefox 0.2,mozilla firefox
CVE-2009-2519 The DHTML Editing Component ActiveX control in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly format HTML markup, which allows remote attackers to