Search
Keyword: HTML_SOHANAD
Microsoft Internet Explorer is prone to a denial-of-service vulnerability because the application fails to handle certain HTML code. This issue is triggered when a remote attacker entices a victim
deleted, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Uninitialized Memory Corruption Vulnerability." microsoft internet_explorer 5.01,microsoft internet_explorer
remote attackers to download arbitrary files to a client machine via a crafted HTML document or e-mail message, probably involving use of the SnapshotPath and CompressedPath properties and the
"Office Web Components HTML Script Vulnerability." microsoft isa_server 2004,microsoft isa_server 2006,microsoft office 2003,microsoft office_web_components 2003,microsoft office_web_components
CVE-2005-0563 Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange Server 5.5 allows remote attackers to inject arbitrary web script or HTML via an
filename that contains encoded ..\ (%2e%2e%5c) sequences and whose extension contains the CLSID Key identifier for HTML Applications (HTA), also known as "Folder GUID Code Execution Vulnerability."
CVE-2007-5095 Microsoft Windows Media Player (WMP) 9 on Windows XP SP2 invokes Internet Explorer to render HTML documents contained inside some media files, regardless of what default web browser is
allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter. microsoft sharepoint_server 2007,microsoft sharepoint_services 3.0 Apply associated Trend Micro DPI Rules. 1000552
directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, aka "CSS Memory Corruption Vulnerability." Trend Micro Deep Security shields networks through Deep Packet
enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. apache http_server 1.3.11,apache http_server 1.3.1,apache http_server 1.3.12,apache http_server 1.3.2,apache
CVE-2010-1292 The implementation of pami RIFF chunk parsing in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations,
CVE-2008-2168 Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled
execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability." Mozilla FireFox 0.1,Mozilla FireFox 0.10,Mozilla FireFox 0.10.1,Mozilla FireFox 0.2,Mozilla FireFox
JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges. Mozilla Firefox,Red
exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed to the "base_archivo" parameter in cuenta/cuerpo.php is not properly verified
code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a "memory handling error" that triggers memory corruption. microsoft office 2000,microsoft office
allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Windows Search Parsing Vulnerability." Based on MS08-075 , Windows Search Parsing Vulnerability - CVE-2008-4269 is a
CVE-2007-5947 The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 retrieves the inner URL regardless of its MIME type, and considers HTML documents within a jar
arbitrary code via an RSS feed with crafted HTML attributes, which are not properly removed and are rendered in the local zone. Microsoft Windows-NT Vista Trend Micro Deep Security shields networks through
5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a