CVE-2008-6005
published 2009-01-28CVE-2008-6005: Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 11.0.1, might allow remote…
PriorityP346critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
4.60%
90.5th percentile
Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 11.0.1, might allow remote attackers to execute arbitrary code via "duplicated" attribute value inputs.
Affected
73 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| w3 | amaya | <= 11.0 | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
| w3 | amaya | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pp86-pm93-fc5h: Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10
ghsa_unreviewed·2022-05-17
CVE-2008-6005 [HIGH] CWE-119 GHSA-pp86-pm93-fc5h: Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10
Multiple buffer overflows in the CheckUniqueName function in W3C Amaya Web Browser 10.0.1, and possibly other versions including 11.0.1, might allow remote attackers to execute arbitrary code via "duplicated" attribute value inputs.
GHSA
GHSA-hw93-jhp7-rqq6: Multiple stack-based buffer overflows in W3C Amaya Web Browser 10
ghsa_unreviewed·2022-05-02·CVSS 10.0
CVE-2009-0323 [CRITICAL] CWE-119 GHSA-hw93-jhp7-rqq6: Multiple stack-based buffer overflows in W3C Amaya Web Browser 10
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an "HTML GI" in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2009-01-28
Published