Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-2057 | 3 Avant Force, Microsoft, Mozilla | 4 Avant Browser, Ie, Outlook and 1 more | 2018-10-18 | 5.0 MEDIUM | N/A |
Argument injection vulnerability in Mozilla Firefox 1.0.6 allows user-assisted remote attackers to modify command line arguments to an invoked mail client via " (double quote) characters in a mailto: scheme handler, as demonstrated by launching Microsoft Outlook with an arbitrary filename as an attachment. NOTE: it is not clear whether this issue is implementation-specific or a problem in the Microsoft API. | |||||
CVE-2006-2058 | 1 Avant Force | 1 Avant Browser | 2018-10-18 | 5.0 MEDIUM | N/A |
Argument injection vulnerability in Avant Browser 10.1 Build 17 allows user-assisted remote attackers to modify command line arguments to an invoked mail client via " (double quote) characters in a mailto: scheme handler, as demonstrated by launching Microsoft Outlook with an arbitrary filename as an attachment. NOTE: it is not clear whether this issue is implementation-specific or a problem in the Microsoft API. | |||||
CVE-2007-1501 | 1 Avant Force | 1 Avant Browser | 2017-10-10 | 9.3 HIGH | N/A |
Stack-based buffer overflow in Avant Browser 11.0 build 26 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Content-Type HTTP header. | |||||
CVE-2003-1321 | 1 Avant Force | 1 Avant Browser | 2017-07-28 | 7.5 HIGH | N/A |
Buffer overflow in Avant Browser 8.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL in an HTTP request. | |||||
CVE-2009-3004 | 1 Avant Force | 1 Avant Browser | 2009-08-30 | 4.3 MEDIUM | N/A |
Avant Browser 11.7 Builds 35 and 36 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site containing that page. NOTE: a related attack was reported in which an arbitrary file: URL is shown. |