CVE-2009-3008
https://notcve.org/view.php?id=CVE-2009-3008
K-Meleon 1.5.3 allows context-dependent attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary file: URL after a victim has visited any file: URL, as demonstrated by a visit to a file: document written by the attacker. K-Meleon v1.5.3 permite falsificar la barra de direcciones a atacantes, dependiendo del contexto, a través de window.open con una URI relativa, para que muestre una URL de tipo file: después de que una victima haya visitado ficha URI de tipo file: , como se demuestra al acceder a un documento file: escrito por el atacante. • http://lostmon.blogspot.com/2009/08/multiple-browsers-fake-url-folder-file.html https://exchange.xforce.ibmcloud.com/vulnerabilities/53011 •
CVE-2006-3491 – Kaillera 0.86 - Message Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-3491
Stack-based buffer overflow in Kaillera Server 0.86 and earlier allows remote attackers to execute arbitrary code via a long nickname. Desbordamiento de búfer basado en pila en Kaillera Server 0.86 y anteriores permite a atacantes remotos ejecutar código de su elección a través de un alias largo. • https://www.exploit-db.com/exploits/28186 http://aluigi.altervista.org/adv/kailleraex-adv.txt http://marc.info/?l=full-disclosure&m=115220500707900&w=2 http://secunia.com/advisories/20973 http://www.osvdb.org/27041 http://www.securityfocus.com/archive/1/439455/100/0/threaded http://www.securityfocus.com/bid/18871 http://www.vupen.com/english/advisories/2006/2696 https://exchange.xforce.ibmcloud.com/vulnerabilities/27680 •