FreeBSD : amaya -- Attribute Value Buffer Overflow Vulnerabilities (dc930435-d59f-11da-8098-00123ffe8333)
High Nessus Plugin ID 21520
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
Amaya have two vulnerabilities, which can be exploited by malicious people to compromise a user's system.
The vulnerabilities are caused due to boundary errors within the parsing of various attribute values. This can be exploited to cause stack-based buffer overflows when a user opens a specially crafted HTML document containing certain tags with overly long attribute values.
Successful exploitation allows execution of arbitrary code.
SolutionUpdate the affected package.