CVE ID: CVE-2005-3688
Assigner: mitre
Date Published: 2005-11-19T01:00:00
Affected Products:
- n/a n/a: From (including) n/a
Cross-site scripting (XSS) vulnerability in members.php in XMB 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Your Current Mood" field in the registration page.
.
CVE ID: CVE-2006-6252
Assigner: mitre
Date Published: 2006-12-04T11:00:00
Affected Products:
- n/a n/a: From (including) n/a
Microsoft Windows Live Messenger 8.0 and earlier, when gestual emoticons are enabled, allows remote attackers to cause a denial of service (CPU consumption) via a long string composed of ":D" sequences, which are interpreted as emoticons.
.
CVE ID: CVE-2016-3969
Assigner: mitre
Date Published: 2016-04-06T18:00:00
Affected Products:
- n/a n/a: From (including) n/a
Cross-site scripting (XSS) vulnerability in McAfee Email Gateway (MEG) 7.6.x before 7.6.404, when File Filtering is enabled with the action set to ESERVICES:REPLACE, allows remote attackers to inject arbitrary web script or HTML via an attachment in a blocked email.
.
CVE ID: CVE-2012-4581
Assigner: mitre
Date Published: 2022-10-03T16:15:34
Affected Products:
- n/a n/a: From (including) n/a
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, does not disable the server-side session token upon the closing of the Management Console/Dashboard, which makes it easier for remote attackers to hijack sessions by capturing a session cookie and then modifying the response to a login attempt, related to a "Logout Failure" issue.
.
CVE ID: CVE-2014-7216
Assigner: mitre
Date Published: 2015-09-11T20:00:00
Affected Products:
- n/a n/a: From (including) n/a
Multiple stack-based buffer overflows in Yahoo! Messenger 11.5.0.228 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) shortcut or (2) title keys in an emoticons.xml file.
.
CVE ID: CVE-2008-1083
Assigner: microsoft
Date Published: 2008-04-08T23:00:00
Affected Products:
- n/a n/a: From (including) n/a
Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed header that triggers an integer overflow, aka "GDI Heap Overflow Vulnerability."
.
CVE ID: CVE-2005-0803
Assigner: mitre
Date Published: 2005-03-20T05:00:00
Affected Products:
- n/a n/a: From (including) n/a
The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows 2000 allows remote attackers to cause a denial of service (application crash) via a crafted Enhanced Metafile (EMF) file that causes invalid (1) end, (2) emreof, or (3) palent offsets to be used, aka "Enhanced Metafile Vulnerability."
.
CVE ID: CVE-2016-8005
Assigner: intel
Date Published: 2017-03-14T22:00:00
Affected Products:
- Intel McAfee Email Gateway (MEG): From (including) before 7.6.404h1128596
File extension filtering vulnerability in Intel Security McAfee Email Gateway (MEG) before 7.6.404h1128596 allows attackers to fail to identify the file name properly via scanning an email with a forged attached filename that uses a null byte within the filename extension.
.
CVE ID: CVE-2005-0336
Assigner: mitre
Date Published: 2005-02-10T05:00:00
Affected Products:
- n/a n/a: From (including) n/a
Cross-site scripting (XSS) vulnerability in EMotion MediaPartner Web Server 5.0 allows remote attackers to inject arbitrary HTML or web script, as demonstrated using a URL containing .. sequences and HTML, which results in a directory browsing page that does not properly filter the HTML.
.
CVE ID: CVE-2013-3059
Assigner: mitre
Date Published: 2022-10-03T16:14:45
Affected Products:
- n/a n/a: From (including) n/a
Cross-site scripting (XSS) vulnerability in the Voting plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
.