FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a89b76a7-f6bd-11dd-94d9-0030843d3802	amaya -- multiple buffer overflow vulnerabilities Secunia reports: A boundary error when processing "div" HTML tags can be exploited to cause a stack-based buffer overflow via an overly long "id" parameter. A boundary error exists when processing overly long links. This can be exploited to cause a stack-based buffer overflow by tricking the user into e.g. editing a malicious link. A boundary error when processing e.g. a "bdo" HTML tag having an overly long "dir" attribute can be exploited to cause a stack-based buffer overflow. A boundary error when processing "input" HTML tags can be exploited to cause a stack-based buffer overflow via an overly long e.g. "type" attribute. Discovery 2008-11-25 Entry 2009-02-09 amaya gt 0 CVE-2008-5282 CVE-2009-0323 http://secunia.com/advisories/32848/ http://www.bmgsec.com.au/advisory/41/ http://www.bmgsec.com.au/advisory/40/ http://milw0rm.com/exploits/7467 http://www.coresecurity.com/content/amaya-buffer-overflows
dc930435-d59f-11da-8098-00123ffe8333	amaya -- Attribute Value Buffer Overflow Vulnerabilities Secunia reports: Amaya have two vulnerabilities, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to boundary errors within the parsing of various attribute values. This can be exploited to cause stack-based buffer overflows when a user opens a specially crafted HTML document containing certain tags with overly long attribute values. Successful exploitation allows execution of arbitrary code. Discovery 2006-04-14 Entry 2006-04-27 amaya < 9.5 CVE-2006-1900 http://morph3us.org/advisories/20060412-amaya-94.txt http://morph3us.org/advisories/20060412-amaya-94-2.txt http://secunia.com/advisories/19670/

VuXML ID

Description

a89b76a7-f6bd-11dd-94d9-0030843d3802

amaya -- multiple buffer overflow vulnerabilities

Secunia reports:

A boundary error when processing "div" HTML tags can be exploited to cause a stack-based buffer overflow via an overly long "id" parameter.

A boundary error exists when processing overly long links. This can be exploited to cause a stack-based buffer overflow by tricking the user into e.g. editing a malicious link.

A boundary error when processing e.g. a "bdo" HTML tag having an overly long "dir" attribute can be exploited to cause a stack-based buffer overflow.

A boundary error when processing "input" HTML tags can be exploited to cause a stack-based buffer overflow via an overly long e.g. "type" attribute.

Discovery 2008-11-25
Entry 2009-02-09
amaya

gt 0

CVE-2008-5282
CVE-2009-0323
http://secunia.com/advisories/32848/
http://www.bmgsec.com.au/advisory/41/
http://www.bmgsec.com.au/advisory/40/
http://milw0rm.com/exploits/7467
http://www.coresecurity.com/content/amaya-buffer-overflows

dc930435-d59f-11da-8098-00123ffe8333

amaya -- Attribute Value Buffer Overflow Vulnerabilities

Secunia reports:

Amaya have two vulnerabilities, which can be exploited by malicious people to compromise a user's system.

The vulnerabilities are caused due to boundary errors within the parsing of various attribute values. This can be exploited to cause stack-based buffer overflows when a user opens a specially crafted HTML document containing certain tags with overly long attribute values.

Successful exploitation allows execution of arbitrary code.

Discovery 2006-04-14
Entry 2006-04-27
amaya

< 9.5

CVE-2006-1900
http://morph3us.org/advisories/20060412-amaya-94.txt
http://morph3us.org/advisories/20060412-amaya-94-2.txt
http://secunia.com/advisories/19670/