FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  374986
Date:      2014-12-20
Time:      00:21:30Z
Committer: delphij

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a89b76a7-f6bd-11dd-94d9-0030843d3802amaya -- multiple buffer overflow vulnerabilities

Secunia reports:

A boundary error when processing "div" HTML tags can be exploited to cause a stack-based buffer overflow via an overly long "id" parameter.

A boundary error exists when processing overly long links. This can be exploited to cause a stack-based buffer overflow by tricking the user into e.g. editing a malicious link.

A boundary error when processing e.g. a "bdo" HTML tag having an overly long "dir" attribute can be exploited to cause a stack-based buffer overflow.

A boundary error when processing "input" HTML tags can be exploited to cause a stack-based buffer overflow via an overly long e.g. "type" attribute.


Discovery 2008-11-25
Entry 2009-02-09
amaya
gt 0

CVE-2008-5282
CVE-2009-0323
http://secunia.com/advisories/32848/
http://www.bmgsec.com.au/advisory/41/
http://www.bmgsec.com.au/advisory/40/
http://milw0rm.com/exploits/7467
http://www.coresecurity.com/content/amaya-buffer-overflows
dc930435-d59f-11da-8098-00123ffe8333amaya -- Attribute Value Buffer Overflow Vulnerabilities

Secunia reports:

Amaya have two vulnerabilities, which can be exploited by malicious people to compromise a user's system.

The vulnerabilities are caused due to boundary errors within the parsing of various attribute values. This can be exploited to cause stack-based buffer overflows when a user opens a specially crafted HTML document containing certain tags with overly long attribute values.

Successful exploitation allows execution of arbitrary code.


Discovery 2006-04-14
Entry 2006-04-27
amaya
lt 9.5

CVE-2006-1900
http://morph3us.org/advisories/20060412-amaya-94.txt
http://morph3us.org/advisories/20060412-amaya-94-2.txt
http://secunia.com/advisories/19670/
a89b76a7-f6bd-11dd-94d9-0030843d3802amaya -- multiple buffer overflow vulnerabilities

Secunia reports:

A boundary error when processing "div" HTML tags can be exploited to cause a stack-based buffer overflow via an overly long "id" parameter.

A boundary error exists when processing overly long links. This can be exploited to cause a stack-based buffer overflow by tricking the user into e.g. editing a malicious link.

A boundary error when processing e.g. a "bdo" HTML tag having an overly long "dir" attribute can be exploited to cause a stack-based buffer overflow.

A boundary error when processing "input" HTML tags can be exploited to cause a stack-based buffer overflow via an overly long e.g. "type" attribute.


Discovery 2008-11-25
Entry 2009-02-09
amaya
gt 0

CVE-2008-5282
CVE-2009-0323
http://secunia.com/advisories/32848/
http://www.bmgsec.com.au/advisory/41/
http://www.bmgsec.com.au/advisory/40/
http://milw0rm.com/exploits/7467
http://www.coresecurity.com/content/amaya-buffer-overflows
dc930435-d59f-11da-8098-00123ffe8333amaya -- Attribute Value Buffer Overflow Vulnerabilities

Secunia reports:

Amaya have two vulnerabilities, which can be exploited by malicious people to compromise a user's system.

The vulnerabilities are caused due to boundary errors within the parsing of various attribute values. This can be exploited to cause stack-based buffer overflows when a user opens a specially crafted HTML document containing certain tags with overly long attribute values.

Successful exploitation allows execution of arbitrary code.


Discovery 2006-04-14
Entry 2006-04-27
amaya
lt 9.5

CVE-2006-1900
http://morph3us.org/advisories/20060412-amaya-94.txt
http://morph3us.org/advisories/20060412-amaya-94-2.txt
http://secunia.com/advisories/19670/