> [...]
        >
CVE-2006-1900
CVSS7.6
发布时间 :2006-04-20 06:02:00
修订时间 :2011-03-07 21:34:31
NMCO    

[原文]Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4, and possibly other versions including 8.x before 8.8.5, allow remote attackers to execute arbitrary code via a long value in (1) the COMPACT attribute of the COLGROUP element, (2) the ROWS attribute of the TEXTAREA element, and (3) the COLOR attribute of the LEGEND element; and via other unspecified attack vectors consisting of "dozens of possible snippets."


[CNNVD]W3C Amaya多个远程溢出漏洞(CNNVD-200604-389)

        W3C的Amaya是一个所见即所得的Web浏览器和认证程序。
        Amaya实现上存在多个漏洞,远程攻击者可能导致程序崩溃或执行任意指令。
        以下代码段(可能还有其他类似的代码段)可以强迫Amaya崩溃:
        >