CVE-2009-0323
CRITICAL
10.0
CVSS Severity Score
Vulnerability Description
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an "HTML GI" in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005.
Affected Platforms (CPE)
📦
W3
Amaya
<= 11.0📦
W3
Amaya
= 0.9📦
W3
Amaya
= 0.95b📦
W3
Amaya
= 1.0📦
W3
Amaya
= 1.0a📦
W3
Amaya
= 1.1📦
W3
Amaya
= 1.1a📦
W3
Amaya
= 1.1c📦
W3
Amaya
= 1.2📦
W3
Amaya
= 1.2a📦
W3
Amaya
= 1.3📦
W3
Amaya
= 1.3a📦
W3
Amaya
= 1.3b📦
W3
Amaya
= 1.4📦
W3
Amaya
= 1.4a📦
W3
Amaya
= 2.0📦
W3
Amaya
= 2.1📦
W3
Amaya
= 2.2📦
W3
Amaya
= 2.3📦
W3
Amaya
= 2.4📦
W3
Amaya
= 3.0📦
W3
Amaya
= 3.1📦
W3
Amaya
= 3.2📦
W3
Amaya
= 3.2.1📦
W3
Amaya
= 4.0📦
W3
Amaya
= 4.1📦
W3
Amaya
= 4.2📦
W3
Amaya
= 4.2.1📦
W3
Amaya
= 4.3📦
W3
Amaya
= 4.3.1📦
W3
Amaya
= 4.3.2📦
W3
Amaya
= 5.0📦
W3
Amaya
= 5.1📦
W3
Amaya
= 5.2📦
W3
Amaya
= 5.3📦
W3
Amaya
= 6.0📦
W3
Amaya
= 6.1📦
W3
Amaya
= 6.2📦
W3
Amaya
= 6.3📦
W3
Amaya
= 6.4📦
W3
Amaya
= 7.0📦
W3
Amaya
= 7.1📦
W3
Amaya
= 7.2📦
W3
Amaya
= 8.0📦
W3
Amaya
= 8.1📦
W3
Amaya
= 8.1a📦
W3
Amaya
= 8.1b📦
W3
Amaya
= 8.2📦
W3
Amaya
= 8.3📦
W3
Amaya
= 8.4📦
W3
Amaya
= 8.5📦
W3
Amaya
= 8.6📦
W3
Amaya
= 8.7📦
W3
Amaya
= 8.7.1📦
W3
Amaya
= 8.7.2📦
W3
Amaya
= 8.8.1📦
W3
Amaya
= 8.8.3📦
W3
Amaya
= 8.8.4📦
W3
Amaya
= 8.8.5📦
W3
Amaya
= 8.52📦
W3
Amaya
= 9.0📦
W3
Amaya
= 9.1📦
W3
Amaya
= 9.2.1📦
W3
Amaya
= 9.3📦
W3
Amaya
= 9.4📦
W3
Amaya
= 9.5📦
W3
Amaya
= 9.52📦
W3
Amaya
= 9.53📦
W3
Amaya
= 9.54📦
W3
Amaya
= 9.55📦
W3