Berend-Jan Wever

#10278of 53,633
26.9Total CVSS
Vulnerabilities · 4
Medium
2
High
2
PT-2010-2399
9.3
2010-02-18
Google · Google Chrome · CVE-2010-0647
**Name of the Vulnerable Software and Affected Versions** WebKit versions before r53525 Google Chrome versions before 4.0.249.89 **Description** The issue allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed RUBY element. This can be demonstrated by a specific sequence, such as a `<ruby>><table><rt>` sequence. **Recommendations** For WebKit versions before r53525, update to version r53525 or later. For Google Chrome versions before 4.0.249.89, update to version 4.0.249.89 or later.
PT-2005-1605
5.1
2005-04-13
Microsoft · Internet Explorer · CVE-2005-0553
**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer versions 5.01 through 6 **Description** A race condition exists in the memory management routines of the DHTML object processor, allowing remote attackers to execute arbitrary code via a malicious web page or HTML e-mail. **Recommendations** For Microsoft Internet Explorer versions 5.01 through 6, update to a version that contains a fix for this issue.
PT-2004-1598
5.0
2004-05-20
Microsoft · Internet Explorer · CVE-2004-0479
**Name of the Vulnerable Software and Affected Versions** Internet Explorer version 6 **Description** The issue allows remote attackers to cause a denial of service, resulting in a crash. This is achieved through the use of Javascript that creates a new popup window and disables the imagetoolbar functionality with a META tag, triggering a null dereference. **Recommendations** For Internet Explorer version 6, consider disabling Javascript execution in popup windows as a temporary workaround until a patch is available. Restrict the use of META tags that modify imagetoolbar functionality to minimize the risk of exploitation.
PT-2003-2072
7.5
2003-12-31
Seti@Home · Seti@Home Client · CVE-2003-1118
**Name of the Vulnerable Software and Affected Versions** SETI@home client versions 3.03 and other versions **Description** The issue allows remote attackers to cause a denial of service, resulting in a client crash, and potentially execute arbitrary code. This is achieved by sending a spoofed server response containing a long string followed by a newline character. **Recommendations** For version 3.03 and other affected versions, at the moment, there is no information about a newer version that contains a fix for this vulnerability.