Buffer Overflow Vulnerability in Amaya Web Browser by W3C
CVE-2006-1900

Currently unrated

Key Information:

Vendor

W3c

Status
Amaya
Vendor
CVE Published:
20 April 2006

What is CVE-2006-1900?

Multiple buffer overflow vulnerabilities in the Amaya web browser, specifically versions 9.4 and earlier 8.x, can be exploited by remote attackers to execute arbitrary code. This exploitation occurs through excessively long values in specific HTML attributes, including the COMPACT attribute of the COLGROUP element, the ROWS attribute of the TEXTAREA element, and the COLOR attribute of the LEGEND element. Attackers may also leverage other unspecified methods to execute malicious code, highlighting the importance of timely software updates to mitigate these risks.

References

http://www.vupen.com/english/advisories/2006/1351
vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/archive/1/430877/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://morph3us.org/advisories/20060412-amaya-94.txt
x_refsource_MISC

EPSS Score

35% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.