FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  374986
Date:      2014-12-20
Time:      00:21:30Z
Committer: delphij

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a89b76a7-f6bd-11dd-94d9-0030843d3802amaya -- multiple buffer overflow vulnerabilities

Secunia reports:

A boundary error when processing "div" HTML tags can be exploited to cause a stack-based buffer overflow via an overly long "id" parameter.

A boundary error exists when processing overly long links. This can be exploited to cause a stack-based buffer overflow by tricking the user into e.g. editing a malicious link.

A boundary error when processing e.g. a "bdo" HTML tag having an overly long "dir" attribute can be exploited to cause a stack-based buffer overflow.

A boundary error when processing "input" HTML tags can be exploited to cause a stack-based buffer overflow via an overly long e.g. "type" attribute.


Discovery 2008-11-25
Entry 2009-02-09
amaya
gt 0

CVE-2008-5282
CVE-2009-0323
http://secunia.com/advisories/32848/
http://www.bmgsec.com.au/advisory/41/
http://www.bmgsec.com.au/advisory/40/
http://milw0rm.com/exploits/7467
http://www.coresecurity.com/content/amaya-buffer-overflows
a89b76a7-f6bd-11dd-94d9-0030843d3802amaya -- multiple buffer overflow vulnerabilities

Secunia reports:

A boundary error when processing "div" HTML tags can be exploited to cause a stack-based buffer overflow via an overly long "id" parameter.

A boundary error exists when processing overly long links. This can be exploited to cause a stack-based buffer overflow by tricking the user into e.g. editing a malicious link.

A boundary error when processing e.g. a "bdo" HTML tag having an overly long "dir" attribute can be exploited to cause a stack-based buffer overflow.

A boundary error when processing "input" HTML tags can be exploited to cause a stack-based buffer overflow via an overly long e.g. "type" attribute.


Discovery 2008-11-25
Entry 2009-02-09
amaya
gt 0

CVE-2008-5282
CVE-2009-0323
http://secunia.com/advisories/32848/
http://www.bmgsec.com.au/advisory/41/
http://www.bmgsec.com.au/advisory/40/
http://milw0rm.com/exploits/7467
http://www.coresecurity.com/content/amaya-buffer-overflows