Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
11 vulnerabilities by w3
CVE-2025-1781 (GCVE-0-2025-1781)
Vulnerability from cvelistv5 – Published: 2025-03-28 13:48 – Updated: 2025-03-28 14:31
VLAI
Summary
There is a XXE in W3CSS Validator versions before cssval-20250226 that allows an attacker to use specially-crafted XML objects to coerce server-side request forgery (SSRF). This could be exploited to read arbitrary local files if an attacker has access to exception messages.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| W3C | CSS Validator |
Affected:
< cssval-20250226
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1781",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-28T14:31:41.439285Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T14:31:48.212Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CSS Validator",
"vendor": "W3C",
"versions": [
{
"status": "affected",
"version": "\u003c cssval-20250226"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There is a XXE in W3CSS Validator versions before\u0026nbsp;cssval-20250226 that allows an attacker to use specially-crafted XML objects to coerce server-side request forgery (SSRF).\u0026nbsp; This could be exploited to read arbitrary local files if an attacker has access to exception messages."
}
],
"value": "There is a XXE in W3CSS Validator versions before\u00a0cssval-20250226 that allows an attacker to use specially-crafted XML objects to coerce server-side request forgery (SSRF).\u00a0 This could be exploited to read arbitrary local files if an attacker has access to exception messages."
}
],
"impacts": [
{
"capecId": "CAPEC-228",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-228 DTD Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T13:48:22.127Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://github.com/google/security-research/security/advisories/GHSA-745m-xmq6-g6x7"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2025-1781",
"datePublished": "2025-03-28T13:48:22.127Z",
"dateReserved": "2025-02-28T15:27:33.252Z",
"dateUpdated": "2025-03-28T14:31:48.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-125108 (GCVE-0-2014-125108)
Vulnerability from cvelistv5 – Published: 2023-12-23 16:31 – Updated: 2024-08-06 14:10
VLAI
Title
w3c online-spellchecker-py spellchecker cross site scripting
Summary
A vulnerability was found in w3c online-spellchecker-py up to 20140130. It has been rated as problematic. This issue affects some unknown processing of the file spellchecker. The manipulation leads to cross site scripting. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The identifier of the patch is d6c21fd8187c5db2a50425ff80694149e75d722e. It is recommended to apply a patch to fix this issue. The identifier VDB-248849 was assigned to this vulnerability.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Cross Site Scripting
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.248849 | vdb-entry |
| https://vuldb.com/?ctiid.248849 | signaturepermissions-required |
| https://github.com/w3c/online-spellchecker-py/com… | patch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| w3c | online-spellchecker-py |
Affected:
20140130
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2014-125108",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T21:32:30.345733Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T21:32:36.021Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:10:56.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://vuldb.com/?id.248849"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.248849"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/w3c/online-spellchecker-py/commit/d6c21fd8187c5db2a50425ff80694149e75d722e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "online-spellchecker-py",
"vendor": "w3c",
"versions": [
{
"status": "affected",
"version": "20140130"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "VulDB GitHub Commit Analyzer"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in w3c online-spellchecker-py up to 20140130. It has been rated as problematic. This issue affects some unknown processing of the file spellchecker. The manipulation leads to cross site scripting. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The identifier of the patch is d6c21fd8187c5db2a50425ff80694149e75d722e. It is recommended to apply a patch to fix this issue. The identifier VDB-248849 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in w3c online-spellchecker-py bis 20140130 ausgemacht. Sie wurde als problematisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei spellchecker. Durch das Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Die Ausnutzbarkeit gilt als schwierig. Der Patch wird als d6c21fd8187c5db2a50425ff80694149e75d722e bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-23T16:31:04.015Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.248849"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.248849"
},
{
"tags": [
"patch"
],
"url": "https://github.com/w3c/online-spellchecker-py/commit/d6c21fd8187c5db2a50425ff80694149e75d722e"
}
],
"timeline": [
{
"lang": "en",
"time": "2014-01-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2014-01-31T00:00:00.000Z",
"value": "Countermeasure disclosed"
},
{
"lang": "en",
"time": "2023-12-22T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-12-22T08:10:36.000Z",
"value": "VulDB entry last update"
}
],
"title": "w3c online-spellchecker-py spellchecker cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2014-125108",
"datePublished": "2023-12-23T16:31:04.015Z",
"dateReserved": "2023-12-22T07:04:45.294Z",
"dateUpdated": "2024-08-06T14:10:56.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30300 (GCVE-0-2023-30300)
Vulnerability from cvelistv5 – Published: 2023-05-03 00:00 – Updated: 2025-01-30 20:57
VLAI
Summary
An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop.
Severity
5.5 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/WebAssembly/wabt/issues/2180 | |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:21:44.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/WebAssembly/wabt/issues/2180"
},
{
"name": "FEDORA-2023-ab291ca614",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OSFFCKXUQ5PAC5UVXY7N6HEHVQ3AC2RG/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-30300",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T20:56:34.847077Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T20:57:27.430Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-26T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/WebAssembly/wabt/issues/2180"
},
{
"name": "FEDORA-2023-ab291ca614",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OSFFCKXUQ5PAC5UVXY7N6HEHVQ3AC2RG/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-30300",
"datePublished": "2023-05-03T00:00:00.000Z",
"dateReserved": "2023-04-07T00:00:00.000Z",
"dateUpdated": "2025-01-30T20:57:27.430Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-4296 (GCVE-0-2021-4296)
Vulnerability from cvelistv5 – Published: 2022-12-29 08:52 – Updated: 2024-08-03 17:23
VLAI
Title
w3c Unicorn ValidatorNuMessage.java ValidatorNuMessage cross site scripting
Summary
A vulnerability, which was classified as problematic, has been found in w3c Unicorn. This issue affects the function ValidatorNuMessage of the file src/org/w3c/unicorn/response/impl/ValidatorNuMessage.java. The manipulation of the argument message leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 51f75c31f7fc33859a9a571311c67ae4e95d9c68. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217019.
Severity
CWE
- CWE-79 - Cross Site Scripting
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.217019 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.217019 | signaturepermissions-required |
| https://github.com/w3c/Unicorn/pull/212 | issue-tracking |
| https://github.com/w3c/Unicorn/commit/51f75c31f7f… | patch |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:23:10.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.217019"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.217019"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/w3c/Unicorn/pull/212"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/w3c/Unicorn/commit/51f75c31f7fc33859a9a571311c67ae4e95d9c68"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Unicorn",
"vendor": "w3c",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "VulDB GitHub Commit Analyzer"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in w3c Unicorn. This issue affects the function ValidatorNuMessage of the file src/org/w3c/unicorn/response/impl/ValidatorNuMessage.java. The manipulation of the argument message leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 51f75c31f7fc33859a9a571311c67ae4e95d9c68. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217019."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in w3c Unicorn entdeckt. Sie wurde als problematisch eingestuft. Hierbei geht es um die Funktion ValidatorNuMessage der Datei src/org/w3c/unicorn/response/impl/ValidatorNuMessage.java. Dank der Manipulation des Arguments message mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Patch wird als 51f75c31f7fc33859a9a571311c67ae4e95d9c68 bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-29T08:52:08.121Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.217019"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.217019"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/w3c/Unicorn/pull/212"
},
{
"tags": [
"patch"
],
"url": "https://github.com/w3c/Unicorn/commit/51f75c31f7fc33859a9a571311c67ae4e95d9c68"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-12-29T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2022-12-29T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2022-12-29T09:57:05.000Z",
"value": "VulDB last update"
}
],
"title": "w3c Unicorn ValidatorNuMessage.java ValidatorNuMessage cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2021-4296",
"datePublished": "2022-12-29T08:52:08.121Z",
"dateReserved": "2022-12-29T08:51:01.214Z",
"dateUpdated": "2024-08-03T17:23:10.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-6079 (GCVE-0-2012-6079)
Vulnerability from cvelistv5 – Published: 2019-11-22 18:55 – Updated: 2024-08-06 21:21
VLAI
Summary
W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys.
Severity
No CVSS data available.
CWE
- Other
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2012/12/30/3 | x_refsource_MISC |
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://www.w3-edge.com/weblog/2013/01/security-w… | x_refsource_CONFIRM |
| https://www.acunetix.com/vulnerabilities/web/word… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| W3 | Total Cache |
Affected:
0.9.2.5
|
Date Public
2013-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:21:28.524Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/30/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-6079"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Total Cache",
"vendor": "W3",
"versions": [
{
"status": "affected",
"version": "0.9.2.5"
}
]
}
],
"datePublic": "2013-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-22T18:55:08.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/30/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-6079"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-6079",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Total Cache",
"version": {
"version_data": [
{
"version_value": "0.9.2.5"
}
]
}
}
]
},
"vendor_name": "W3"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.openwall.com/lists/oss-security/2012/12/30/3",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/12/30/3"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2012-6079",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2012-6079"
},
{
"name": "https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/",
"refsource": "CONFIRM",
"url": "https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/"
},
{
"name": "https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/",
"refsource": "MISC",
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-6079",
"datePublished": "2019-11-22T18:55:08.000Z",
"dateReserved": "2012-12-06T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:21:28.524Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-6078 (GCVE-0-2012-6078)
Vulnerability from cvelistv5 – Published: 2019-11-22 18:50 – Updated: 2024-08-06 21:21
VLAI
Summary
W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes.
Severity
No CVSS data available.
CWE
- Password
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/12/30/3 | x_refsource_MISC |
| https://www.w3-edge.com/weblog/2013/01/security-w… | x_refsource_CONFIRM |
| https://www.acunetix.com/vulnerabilities/web/word… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| W3 | Total Cache |
Affected:
0.9.2.5
|
Date Public
2013-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:21:28.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-6078"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/30/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Total Cache",
"vendor": "W3",
"versions": [
{
"status": "affected",
"version": "0.9.2.5"
}
]
}
],
"datePublic": "2013-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Password",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-22T18:50:14.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-6078"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/30/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-6078",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Total Cache",
"version": {
"version_data": [
{
"version_value": "0.9.2.5"
}
]
}
}
]
},
"vendor_name": "W3"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to predict the values of the hashes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Password"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2012-6078",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2012-6078"
},
{
"name": "http://www.openwall.com/lists/oss-security/2012/12/30/3",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/12/30/3"
},
{
"name": "https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/",
"refsource": "CONFIRM",
"url": "https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/"
},
{
"name": "https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/",
"refsource": "MISC",
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-6078",
"datePublished": "2019-11-22T18:50:14.000Z",
"dateReserved": "2012-12-06T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:21:28.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-6077 (GCVE-0-2012-6077)
Vulnerability from cvelistv5 – Published: 2019-11-22 18:44 – Updated: 2024-08-06 21:21
VLAI
Summary
W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files.
Severity
No CVSS data available.
CWE
- Password
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/12/30/3 | x_refsource_MISC |
| https://www.checkpoint.com/defense/advisories/pub… | x_refsource_MISC |
| https://www.w3-edge.com/weblog/2013/01/security-w… | x_refsource_CONFIRM |
| https://www.acunetix.com/vulnerabilities/web/word… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| W3 | Total Cache |
Affected:
0.9.2.5
|
Date Public
2013-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:21:28.514Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-6077"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/30/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.checkpoint.com/defense/advisories/public/2013/cpai-24-oct2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Total Cache",
"vendor": "W3",
"versions": [
{
"status": "affected",
"version": "0.9.2.5"
}
]
}
],
"datePublic": "2013-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Password",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-22T18:44:55.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-6077"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/30/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.checkpoint.com/defense/advisories/public/2013/cpai-24-oct2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-6077",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Total Cache",
"version": {
"version_data": [
{
"version_value": "0.9.2.5"
}
]
}
}
]
},
"vendor_name": "W3"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Password"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2012-6077",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2012-6077"
},
{
"name": "http://www.openwall.com/lists/oss-security/2012/12/30/3",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/12/30/3"
},
{
"name": "https://www.checkpoint.com/defense/advisories/public/2013/cpai-24-oct2.html",
"refsource": "MISC",
"url": "https://www.checkpoint.com/defense/advisories/public/2013/cpai-24-oct2.html"
},
{
"name": "https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/",
"refsource": "CONFIRM",
"url": "https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/"
},
{
"name": "https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/",
"refsource": "MISC",
"url": "https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-6077",
"datePublished": "2019-11-22T18:44:55.000Z",
"dateReserved": "2012-12-06T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:21:28.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9487 (GCVE-0-2016-9487)
Vulnerability from cvelistv5 – Published: 2018-07-13 20:00 – Updated: 2024-08-06 02:50
VLAI
Title
EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks
Summary
EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf, abusing the victim's trust relationship with other entities.
Severity
No CVSS data available.
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.kb.cert.org/vuls/id/779243 | third-party-advisoryx_refsource_CERT-VN |
| https://www.securityfocus.com/bid/94864/ | vdb-entryx_refsource_BID |
Date Public
2016-12-13 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:38.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#779243",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/779243"
},
{
"name": "94864",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/94864/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EpubCheck",
"vendor": "EpubCheck",
"versions": [
{
"status": "affected",
"version": "4.0.1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Craig Arendt for reporting this vulnerability."
}
],
"datePublic": "2016-12-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf, abusing the victim\u0027s trust relationship with other entities."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-13T19:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#779243",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/779243"
},
{
"name": "94864",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "https://www.securityfocus.com/bid/94864/"
}
],
"solutions": [
{
"lang": "en",
"value": "EpubCheck has released version 4.0.2 to address the vulnerability."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-9487",
"STATE": "PUBLIC",
"TITLE": "EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EpubCheck",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "4.0.1",
"version_value": "4.0.1"
}
]
}
}
]
},
"vendor_name": "EpubCheck"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Craig Arendt for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf, abusing the victim\u0027s trust relationship with other entities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#779243",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/779243"
},
{
"name": "94864",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/94864/"
}
]
},
"solution": [
{
"lang": "en",
"value": "EpubCheck has released version 4.0.2 to address the vulnerability."
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-9487",
"datePublished": "2018-07-13T20:00:00.000Z",
"dateReserved": "2016-11-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:50:38.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5928 (GCVE-0-2017-5928)
Vulnerability from cvelistv5 – Published: 2017-02-27 07:25 – Updated: 2024-08-05 15:18
VLAI
Summary
The W3C High Resolution Time API, as implemented in various web browsers, does not consider that memory-reference times can be measured by a performance.now "Time to Tick" approach even with the https://bugzilla.mozilla.org/show_bug.cgi?id=1167489#c9 protection mechanism in place, which makes it easier for remote attackers to conduct AnC attacks via crafted JavaScript code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.cs.vu.nl/~herbertb/download/papers/anc… | x_refsource_MISC |
| http://www.securityfocus.com/bid/97036 | vdb-entryx_refsource_BID |
| https://www.vusec.net/projects/anc | x_refsource_MISC |
Date Public
2017-02-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:18:48.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"name": "97036",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97036"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vusec.net/projects/anc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The W3C High Resolution Time API, as implemented in various web browsers, does not consider that memory-reference times can be measured by a performance.now \"Time to Tick\" approach even with the https://bugzilla.mozilla.org/show_bug.cgi?id=1167489#c9 protection mechanism in place, which makes it easier for remote attackers to conduct AnC attacks via crafted JavaScript code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-24T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"name": "97036",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97036"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vusec.net/projects/anc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5928",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The W3C High Resolution Time API, as implemented in various web browsers, does not consider that memory-reference times can be measured by a performance.now \"Time to Tick\" approach even with the https://bugzilla.mozilla.org/show_bug.cgi?id=1167489#c9 protection mechanism in place, which makes it easier for remote attackers to conduct AnC attacks via crafted JavaScript code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf",
"refsource": "MISC",
"url": "http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf"
},
{
"name": "97036",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97036"
},
{
"name": "https://www.vusec.net/projects/anc",
"refsource": "MISC",
"url": "https://www.vusec.net/projects/anc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5928",
"datePublished": "2017-02-27T07:25:00.000Z",
"dateReserved": "2017-02-07T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:18:48.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1209 (GCVE-0-2009-1209)
Vulnerability from cvelistv5 – Published: 2009-04-01 10:00 – Updated: 2024-08-07 05:04
VLAI
Summary
Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers to execute arbitrary code via a script tag with a long defer attribute.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2009/0889 | vdb-entryx_refsource_VUPEN |
| https://www.exploit-db.com/exploits/8314 | exploitx_refsource_EXPLOIT-DB |
| https://www.exploit-db.com/exploits/8321 | exploitx_refsource_EXPLOIT-DB |
| http://secunia.com/advisories/34531 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/34295 | vdb-entryx_refsource_BID |
Date Public
2009-03-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-0889",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0889"
},
{
"name": "8314",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8314"
},
{
"name": "8321",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8321"
},
{
"name": "34531",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34531"
},
{
"name": "amaya-htmltag-bo(47399)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47399"
},
{
"name": "34295",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34295"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers to execute arbitrary code via a script tag with a long defer attribute."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-0889",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0889"
},
{
"name": "8314",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8314"
},
{
"name": "8321",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8321"
},
{
"name": "34531",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34531"
},
{
"name": "amaya-htmltag-bo(47399)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47399"
},
{
"name": "34295",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34295"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers to execute arbitrary code via a script tag with a long defer attribute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-0889",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0889"
},
{
"name": "8314",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8314"
},
{
"name": "8321",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8321"
},
{
"name": "34531",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34531"
},
{
"name": "amaya-htmltag-bo(47399)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47399"
},
{
"name": "34295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34295"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1209",
"datePublished": "2009-04-01T10:00:00.000Z",
"dateReserved": "2009-03-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:49.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0323 (GCVE-0-2009-0323)
Vulnerability from cvelistv5 – Published: 2009-01-28 20:00 – Updated: 2024-08-07 04:31
VLAI
Summary
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an "HTML GI" in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/500492/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.coresecurity.com/content/amaya-buffer-… | x_refsource_MISC |
| https://www.exploit-db.com/exploits/7902 | exploitx_refsource_EXPLOIT-DB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2009-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:31:25.549Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090128 CORE-2008-1211: Amaya web editor XML and HTML parser vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/500492/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/amaya-buffer-overflows"
},
{
"name": "7902",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7902"
},
{
"name": "amaya-html-tags-bo(48325)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48325"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an \"HTML GI\" in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20090128 CORE-2008-1211: Amaya web editor XML and HTML parser vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/500492/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/amaya-buffer-overflows"
},
{
"name": "7902",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7902"
},
{
"name": "amaya-html-tags-bo(48325)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48325"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an \"HTML GI\" in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090128 CORE-2008-1211: Amaya web editor XML and HTML parser vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500492/100/0/threaded"
},
{
"name": "http://www.coresecurity.com/content/amaya-buffer-overflows",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/amaya-buffer-overflows"
},
{
"name": "7902",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7902"
},
{
"name": "amaya-html-tags-bo(48325)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48325"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0323",
"datePublished": "2009-01-28T20:00:00.000Z",
"dateReserved": "2009-01-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:31:25.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}