Opera_software opera_web_browser 9.50 Beta.An attacker can create a malicious Web site containing dangerous URL links, which if accessed by a victim, allows the attacker to gain control of the victim's client browser. This signature detects attempts to exploit a known vulnerability in Opera Software (version 9.62 and prior). HTTP:STC:OPERA:FILE-URL-OF - HTTP: Opera File URL Overflow Severity: HIGH Description: Nortel_networks contact_center_multimedia.Microsoft internet_explorer 5.0.1 For Windows NT 4.0.Microsoft internet_explorer 5.0.1 For Windows 98.Microsoft internet_explorer 5.0.1 For Windows 95.A successful attack can lead to arbitrary code execution. It is due to a design error in the way Internet Explorer accesses a style sheet object that has been deleted. This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. HTTP:STC:IE:STYLESHEET-MC - HTTP: Microsoft Internet Explorer Stylesheet Memory Corruption Severity: HIGH Description: Nortel_networks self-service_media_processing_server.Nortel_networks media_processing_svr_500_rel 3.0.Nortel_networks media_processing_svr_1000_rel 3.0.Avaya messaging_application_server MM 3.0.Nortel_networks contact_center_administration_ccma 6.0.Nortel_networks contact_center_administration_ccma 7.0.Avaya messaging_application_server MM 2.0.Avaya messaging_application_server MM 1.1.Nortel_networks self-service_peri_application.Avaya meeting_exchange-web_conferencing_server.Avaya meeting_exchange-streaming_server.Avaya meeting_exchange-recording_server.Avaya meeting_exchange-client_registration_server.Microsoft internet_explorer 5.0.1 For Windows 2000.Nortel_networks media_processing_server.Nortel_networks contact_center_multimedia_&_outbound 6.0.Nortel_networks self-service_speech_server.Avaya messaging_application_server MM 3.1.Nortel_networks self-service_peri_workstation.Nortel_networks media_processing_svr_100.Nortel_networks contact_center_multimedia_&_outbound 7.0.A successful attack can result in arbitrary code execution with privileges of the targeted user. A remote attacker can exploit this by enticing a target user to open a maliciously crafted HTML document. ![]() It is due to insufficient input validation in the DOM mergeAttributes script method. This signature detects attempts to exploit a known memory corruption vulnerability in Microsoft Internet Explorer. HTTP:STC:IE:MERGE-ATTRIB - HTTP: Microsoft Internet Explorer DOM mergeAttributes Memory Corruption Severity: HIGH Description: HTTP: Microsoft Edge CVE-2017-0069 Address Bar Forgeryĭetails of the signatures included within this bulletin: HTTP: Windows Live Messenger Unsafe ActiveX Method (CVE-2008-0082) HTTP: Apple Safari CVE-2017-2464 Memory Corruption HTTP: Firefox Webgl Bufferedata Integer Overflow HTTP: Multiple Browser Tag Handling Remote Code Execution HTTP: Microsoft Edge Chakra Eval CVE-2017-8641 Integer Overflow HTTP: Microsoft Internet Explorer Uninitialized DOM Memory Corruption HTTP: Firefox Object Offset Calculation Memory Corruption HTTP: Microsoft Internet Explorer 10 Object Remote Code Execution HTTP: Microsoft Internet Explorer Native Function Iterator Denial Of Service HTTP: Microsoft Internet Explorer 9 Information disclosure HTTP: Microsoft Internet Explorer Stylesheet Memory Corruption HTTP: Microsoft Internet Explorer DOM mergeAttributes Memory Corruption HTTP: Microsoft Edge Chakra ToDefiniteAnyNumber Type Confusion
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |