CVE-2006-1900
CVE-2006-1900
Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4, and possibly other versions including 8.x before 8.8.5, allow remote attackers to execute arbitrary code via a long value in (1) the COMPACT attribute of the COLGROUP element, (2) the ROWS attribute of the TEXTAREA element, and (3) the COLOR attribute of the LEGEND element; and via other unspecified attack vectors consisting of "dozens of possible snippets."
Affected products
n/a · n/apublic PoCs found — 2
exploitdbwww.exploit-db.com/exploits/27640unverifiedexploitdbwww.exploit-db.com/exploits/27639unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://morph3us.org/advisories/20060412-amaya-94-2.txthttp://morph3us.org/advisories/20060412-amaya-94.txthttp://secunia.com/advisories/19670https://exchange.xforce.ibmcloud.com/vulnerabilities/25791http://www.osvdb.org/24623http://www.osvdb.org/24624http://www.securityfocus.com/archive/1/430877/100/0/threadedhttp://www.securityfocus.com/archive/1/430879/100/0/threadedhttp://www.securityfocus.com/bid/17507http://www.vupen.com/english/advisories/2006/1351