stylesheets software vulnerabilities
vulnerabilities.aspcode.net
Searching stylesheets software vulnerabilities
Internet Explorer 5.0 and 5.5, and Outlook Expr
stylesheets
|
Scripting
|
attackers
|
including
|
Internet
|
Explorer
|
disabled
|
scripts
|
Outlook
|
Express
|
execute
|
Active
|
remote
|
allow
|
XML
|
Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets (XSL) that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host (WSH).
Microsoft Internet Explorer 5 SP4 and 6 do not
collection"
|
styleSheets
|
"multiple
|
Cascading
|
construct
|
Microsoft
|
Explorer
|
properly
|
Internet
|
imports
|
collect
|
garbage
|
Sheets
|
chain
|
Style
|
used
|
not
|
SP4
|
Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets (CSS), which allows remote attackers to execute arbitrary code via unspecified vectors.
Multiple vulnerabilities in Mozilla Firefox bef
vulnerabilities
|
Multiple
|
Firefox
|
Mozilla
|
before
|
Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.
Sun Java System Application Server and Web Serv
Application
|
through
|
Server
|
before
|
System
|
Java
|
Sun
|
Web
|
Sun Java System Application Server and Web Server 7.0 through 9.0 before Tuesday, July 10, 2007 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3716.
The Java XML Digital Signature implementation i
context-dependent
|
implementation
|
CVE-2007-3715
|
stylesheets
|
transforms
|
signatures
|
stylesheet
|
arbitrary
|
Signature
|
attackers
|
properly
|
crafted
|
execute
|
Digital
|
related
|
process
|
allows
|
before
|
Update
|
issue
|
which
|
code
|
XSLT
|
does
|
Java
|
not
|
JRE
|
Sun
|
XML
|
via
|
JDK
|
The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715.
Sun Java System Portal Server 7.0 does not prop
context-dependent
|
CVE-2007-3715
|
stylesheets
|
transforms
|
stylesheet
|
signatures
|
arbitrary
|
attackers
|
properly
|
execute
|
process
|
related
|
crafted
|
System
|
method
|
allows
|
Server
|
Portal
|
issue
|
which
|
Java
|
XSLT
|
does
|
Sun
|
not
|
XML
|
via
|
Sun Java System Portal Server 7.0 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3715.
Software vulnerabilities results 1 to 7 of 7
Page:
1