CVE-2009-0323
CRITICAL
10.0
CVSS Severity Score
Vulnerability Description
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an "HTML GI" in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005.
Affected Platforms (CPE)
π¦
W3
Amaya
<= 11.0π¦
W3
Amaya
= 0.9π¦
W3
Amaya
= 0.95bπ¦
W3
Amaya
= 1.0π¦
W3
Amaya
= 1.0aπ¦
W3
Amaya
= 1.1π¦
W3
Amaya
= 1.1aπ¦
W3
Amaya
= 1.1cπ¦
W3
Amaya
= 1.2π¦
W3
Amaya
= 1.2aπ¦
W3
Amaya
= 1.3π¦
W3
Amaya
= 1.3aπ¦
W3
Amaya
= 1.3bπ¦
W3
Amaya
= 1.4π¦
W3
Amaya
= 1.4aπ¦
W3
Amaya
= 2.0π¦
W3
Amaya
= 2.1π¦
W3
Amaya
= 2.2π¦
W3
Amaya
= 2.3π¦
W3
Amaya
= 2.4π¦
W3
Amaya
= 3.0π¦
W3
Amaya
= 3.1π¦
W3
Amaya
= 3.2π¦
W3
Amaya
= 3.2.1π¦
W3
Amaya
= 4.0π¦
W3
Amaya
= 4.1π¦
W3
Amaya
= 4.2π¦
W3
Amaya
= 4.2.1π¦
W3
Amaya
= 4.3π¦
W3
Amaya
= 4.3.1π¦
W3
Amaya
= 4.3.2π¦
W3
Amaya
= 5.0π¦
W3
Amaya
= 5.1π¦
W3
Amaya
= 5.2π¦
W3
Amaya
= 5.3π¦
W3
Amaya
= 6.0π¦
W3
Amaya
= 6.1π¦
W3
Amaya
= 6.2π¦
W3
Amaya
= 6.3π¦
W3
Amaya
= 6.4π¦
W3
Amaya
= 7.0π¦
W3
Amaya
= 7.1π¦
W3
Amaya
= 7.2π¦
W3
Amaya
= 8.0π¦
W3
Amaya
= 8.1π¦
W3
Amaya
= 8.1aπ¦
W3
Amaya
= 8.1bπ¦
W3
Amaya
= 8.2π¦
W3
Amaya
= 8.3π¦
W3
Amaya
= 8.4π¦
W3
Amaya
= 8.5π¦
W3
Amaya
= 8.6π¦
W3
Amaya
= 8.7π¦
W3
Amaya
= 8.7.1π¦
W3
Amaya
= 8.7.2π¦
W3
Amaya
= 8.8.1π¦
W3
Amaya
= 8.8.3π¦
W3
Amaya
= 8.8.4π¦
W3
Amaya
= 8.8.5π¦
W3
Amaya
= 8.52π¦
W3
Amaya
= 9.0π¦
W3
Amaya
= 9.1π¦
W3
Amaya
= 9.2.1π¦
W3
Amaya
= 9.3π¦
W3
Amaya
= 9.4π¦
W3
Amaya
= 9.5π¦
W3
Amaya
= 9.52π¦
W3
Amaya
= 9.53π¦
W3
Amaya
= 9.54π¦
W3
Amaya
= 9.55π¦
W3