Html Exploits
2,054 exploits tracked across all sources.
Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial of Service
by 599eme Man
LANDesk Management Gateway 4.x - Multiple Vulnerabilities
by Aureliano Calvo
TVUPlayer 2.4.4.9beta1 - 'PlayerOcx.ocx' ActiveX Control Arbitrary File Overwrite
by Evdokimov Dmitriy
WebKit <r53607 - SSRF
WebKit before r53607, as used in Google Chrome before 4.0.249.89, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value, related to an IFRAME element.
by Cesar Cerrudo
Microsoft Windows Live Messenger 2009 - ActiveX Heap Overflow (PoC)
by SarBoT511
AOL <9.5 - Buffer Overflow
AOL versions up to and including 9.5 includes an ActiveX control (Phobos.dll) that exposes a method called Import() via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation allows remote attackers to execute arbitrary code in the context of the user, but only when the malicious HTML file is opened locally, due to the control not being marked safe for scripting or initialization. AOL remains an active and supported brand offering services like AOL Mail and AOL Desktop Gold, but the legacy AOL 9.5 desktop software—specifically the version containing the vulnerable Phobos.dll ActiveX control—is long discontinued and no longer maintained.
by Dz_attacker
Microsoft Windows Defender - ActiveX Heap Overflow (PoC)
by SarBoT511
Foxit Reader 3.1.4.1125 - ActiveX Heap Overflow (PoC)
by SarBoT511 & D3V!L FUCKER
Gracenote CDDBControl - ActiveX Control 'ViewProfile' Method Heap Buffer Overflow (PoC)
by karak0rsan
NOS Microsystems getPlus Helper <1.6.2.49 - Buffer Overflow
Multiple stack-based buffer overflows in the NOS Microsystems getPlus Helper ActiveX control before 1.6.2.49 in gp.ocx in the Download Manager in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow remote attackers to execute arbitrary code via unspecified initialization parameters.
by superli
Microsoft Internet Explorer - 'wshom.ocx' ActiveX Control Remote Code Execution
by germaya_x & D3V!L FUCKER
VideoLAN VLC Media Player 0.8.6i - ActiveX Denial of Service (PoC)
by D3V!L FUCKER & germaya_x
Google Chrome < 4.0.249.78 - Resource Management Error
Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving the display of a blocked popup window during navigation to a different web site.
by Cesar Cerrudo
SPlayer XvidDecoder 3.3 - ActiveX Remote Execution (PoC)
by superli
JcomBand toolbar on IE - ActiveX Buffer Overflow
by germaya_x & D3V!L FUCKER
Microsoft Internet Explorer 8 - CSS 'expression' Remote Denial of Service
by MustLive
CMS Made Simple 1.x - Cross-Site Scripting / Cross-Site Request Forgery
by Truong Thao Nguyen
Google Chrome 3.0195.38 - Status Bar Obfuscation
by 599eme Man
SoftCab Sound Converter <1.2 - Path Traversal
Insecure method vulnerability in SoftCab Sound Converter ActiveX control (sndConverter.ocx) 1.2 allows remote attackers to create or overwrite arbitrary files via the SaveFormat method. NOTE: some of these details are obtained from third party information.
by ThE g0bL!N
Mozilla Firefox < 3.0.10 - Access Control
Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.
by Jordi Chancel
By Source