Searching property software vulnerabilities

The XMLHttpRequest object (XMLHTTP) in Netscape

XMLHttpRequest | object |

The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.


Internet Explorer 5.0 through 6.0 allows remote

references | attackers | determine | existence | Internet | property | elements | Explorer | certain | through | target | dynsrc | object | allows | remote | client | which | image | files | sets | size | such | file | via | IMG | tag |

Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size.


The "XMLURL" property in the Spreadsheet compon

Spreadsheet | Components | component | "XMLURL" | property | Office | Web |

The "XMLURL" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files.


The "ConnectionFile" property in the DataSource

DataSourceControl | "ConnectionFile" | Components | component | property | Office | Web |

The "ConnectionFile" property in the DataSourceControl component in Office Web Components (OWC) 10 allows remote attackers to determine the existence of local files by detecting an exception.


Buffer overflow in Microsoft Internet Explorer

Microsoft | Internet | Explorer | overflow | Buffer |

Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page.


Buffer overflow in Internet Explorer 6 SP1 for

double-byte | encodings | languages | overflow | Internet | Explorer | support | certain | Buffer | SP1 |

Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte encodings (e.g., Japanese) allows remote attackers to execute arbitrary code via the Type property of an Object tag, a variant of CVE-2003-0344.


Buffer overflow in blaxxun 3D 7.0 allows remote

attackers | arbitrary | overflow | property | execute | blaxxun | object | inside | remote | allows | Buffer | code | long | tag | URL | via |

Buffer overflow in blaxxun 3D 7.0 allows remote attackers to execute arbitrary code via a long URL property inside an object tag.


Buffer overflow in ascontrol.dll in Panda Activ

Internacional | ascontroldll | ActiveScan | attackers | arbitrary | followed | overflow | property | execute | allows | Buffer | string | remote | Panda | long | code | via |

Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to execute arbitrary code via the Internacional property followed by a long string.


Maxthon 1.2.0 allows remote malicious web sites

Maxthon |

Maxthon 1.2.0 allows remote malicious web sites to obtain potentially sensitive data from the search bar via the m2_search_text property.


The OLE2 unpacker in clamd in Clam AntiVirus (C

AntiVirus | unpacker | clamd | OLE2 | Clam |

The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2_walk_property_tree function.


Internet Explorer 6 allows remote attackers to

attackers | Explorer | Internet | service | denial | allows | remote | cause |

Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) via any scrollbar Cascading Style Sheets (CSS) property.


Microsoft Internet Explorer 6 allows remote att

attackers | Microsoft | Explorer | Internet | service | denial | allows | remote | cause |

Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the location or URL property of a MHTMLFile ActiveX object.


SQL injection vulnerability in vir_Login.asp in

vulnerability | vir_Loginasp | arbitrary | injection | attackers | commands | UserName | Property | execute | allows | remote | field | SQL | Pro | via |

SQL injection vulnerability in vir_Login.asp in Property Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the UserName field.


Cross-site scripting (XSS) vulnerability in lis

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in listings.asp in MGinternet Property Site Manager allows remote attackers to inject arbitrary web script or HTML via the s parameter.


BEA WebLogic Server 6.1 through 6.1 SP7, 7.0 th

class-path | attackers | arbitrary | manifest | property | WebLogic | exploded | utility | through | inside | Server | allows | remote | point | files | read | SP7 | jar | BEA | SP5 | via | ear | use |

BEA WebLogic Server 6.1 through 6.1 SP7, 7.0 through 7.0 SP7, and 8.1 through 8.1 SP5 allows remote attackers to read arbitrary files inside the class-path property via .ear or exploded .ear files that use the manifest class-path property to point to utility jar files.


Microsoft Internet Explorer 6 SP1 on Windows 20

Microsoft | Explorer | Internet | Windows | SP1 |

Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and 7 on Windows Vista allows remote attackers to execute arbitrary code via certain property methods that may trigger memory corruption, aka "Property Memory Corruption Vulnerability."


Buffer overflow in the ActSoft DVD-Tools Active

DVD-Tools | overflow | control | ActiveX | ActSoft | Buffer |

Buffer overflow in the ActSoft DVD-Tools ActiveX control (dvdtools.ocx) allows remote attackers to execute arbitrary code via a long DVD_TOOLS.OpenDVD property value.


Buffer overflow in the PhPInfo ActiveX control

FileVersionof | PhotoParade | PhPCtrldll | arbitrary | attackers | overflow | property | Callisto | execute | ActiveX | PhPInfo | control | Buffer | Player | remote | allows | code | via |

Buffer overflow in the PhPInfo ActiveX control in PhPCtrl.dll in Callisto PhotoParade Player allows remote attackers to execute arbitrary code via the FileVersionof property.


Multiple unspecified "input validation error" v

vulnerabilities | NavComUIdll | unspecified | validation | AntiVirus | products | Security | Internet | Multiple | controls | ActiveX | "input | System | Norton | error" | Works | used |

Multiple unspecified "input validation error" vulnerabilities in multiple ActiveX controls in NavComUI.dll, as used in multiple Norton AntiVirus, Internet Security, and System Works products for 2006, allows remote attackers to execute arbitrary code via (1) the AnomalyList property to AxSysListView32 and (2) Anomaly property to AxSysListView32OAA.


KDE Konqueror 3.5.7 allows remote attackers to

Konqueror | KDE |

KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property.


Software vulnerabilities results 1 to 20 of 100     
Page: 123456