FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

amaya -- Attribute Value Buffer Overflow Vulnerabilities

Affected packages
amaya < 9.5


VuXML ID dc930435-d59f-11da-8098-00123ffe8333
Discovery 2006-04-14
Entry 2006-04-27

Secunia reports:

Amaya have two vulnerabilities, which can be exploited by malicious people to compromise a user's system.

The vulnerabilities are caused due to boundary errors within the parsing of various attribute values. This can be exploited to cause stack-based buffer overflows when a user opens a specially crafted HTML document containing certain tags with overly long attribute values.

Successful exploitation allows execution of arbitrary code.


CVE Name CVE-2006-1900