Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an "HTML GI" in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
w3 amaya 缓冲区溢出漏洞
Vulnerability Description
W3C Amaya Web浏览器10.0和11.0版本存在多个栈缓冲区溢出漏洞。远程攻击者可以借助(1)输入标签中的一个长类型参数(未被EndOfXmlAttributeValue函数进行正确的处理);(2)开始标签中的一个"HTML GI"(未被ProcessStartGI函数进行正确的处理);(3)html2thot.c和(4)xml2thot.c中的未明向量,执行任意代码。这些漏洞与msgBuffer变量有关。
CVSS Information
N/A
Vulnerability Type
N/A