Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.800313
Kategorie:Buffer overflow
Titel:W3C Amaya Multiple Buffer Overflow Vulnerabilities - Dec08 (Linux)
Zusammenfassung:This host is installed with W3C Amaya Web Browser and is prone to; multiple stack based Buffer Overflow vulnerabilities.
Beschreibung:Summary:
This host is installed with W3C Amaya Web Browser and is prone to
multiple stack based Buffer Overflow vulnerabilities.

Vulnerability Insight:
The flaws are due to boundary error when processing,

- HTML
tag with a long id field.

- link with a long HREF attribute.

Vulnerability Impact:
Successful exploitation could allow execution of arbitrary code or
crash an affected browser.

Affected Software/OS:
W3C Amaya Web Browser Version 10.0.1 and prior on Linux.

Solution:
Update to a later version. Please see the references for more info.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 32442
Common Vulnerability Exposure (CVE) ID: CVE-2008-5282
http://www.securityfocus.com/bid/32442
Bugtraq: 20081124 Amaya (URL Bar) Remote Stack Overflow Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/498578/100/0/threaded
Bugtraq: 20081124 Amaya (id) Remote Stack Overflow Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/498583/100/0/threaded
http://www.bmgsec.com.au/advisory/40/
http://www.bmgsec.com.au/advisory/41/
http://osvdb.org/50282
http://osvdb.org/50283
http://secunia.com/advisories/32848
http://securityreason.com/securityalert/4657
http://www.vupen.com/english/advisories/2008/3255
CopyrightCopyright (C) 2008 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.