Google Code Archive - Long-term storage for Google Code Project Hosting.

ID	Status	Summary
38	`Reported`	MSIE 621937 - MSIE 9 preview - Using an iframe inside a foreignObject in an svg file causes a NULL ptr crash Severity-Low Cause-NullCheckMissing Risk-DoS
37	`Reported`	MSIE 621938 - XHTML JavaScript generating nested elements displayed as "inline-block" cause stack exhaustion Cause-Recursion Severity-Low Risk-DoS Mitigation-JavaScriptNeeded Published
36	`Fix-Unreleased`	Windows Vista WinINET.dll Proxy authentication NULL ptr Cause-NullCheckMissing Severity-Low Risk-DoS
34	`Fix-Verified`	MSIE 6 - new Image().ownerDocument.writeln; NULL ptr Published Cause-NullCheckMissing Severity-Low Mitigation-JavaScriptNeeded Risk-DoS
33	`Fix-Verified`	Opera 315902 - designmode/queryCommandSupported use of uninitialized memory Published Cause-UninitializedMemory Severity-Low Risk-DoS Mitigation-JavaScriptNeeded
32	`Fix-Verified`	Oracle 17519335 - Plugin2 memory corruption Published Cause-Unknown Severity-Low Risk-DoS
31	`Fix-Verified`	MSIE CTreePos::GetCpAndMarkup ReadAV@NULL (e6783248e1c977599d2ffcb13159c52e) Cause-NullCheckMissing Risk-DoS Mitigation-JavaScriptNeeded Published
30	`Fix-Verified`	Unknown NULL ptr in Opera Published Cause-Unknown Risk-DoS
28	`WontFixNow`	Opera 312859: IMG with inline SVG read of unallocated memory Published Cause-Unknown Risk-DoS Mitigation-JavaScriptNeeded
27	`Fix-Verified`	Opera 312848: add detached range to selection various NULL pointer crashes. Cause-Unknown Severity-Low Risk-DoS Mitigation-JavaScriptNeeded Published
26	`Fix-Verified`	Opera 312843: SVG stack recursion Published Cause-Logic Severity-Low Risk-DoS
25	`Fix-Unreleased`	Oracle Java OBJECT tag "dnsResolve" method NULL pointer Cause-NullCheckMissing Severity-Low Risk-DoS Mitigation-JavaScriptNeeded Published
23	`Fix-Verified`	Oracle 18381831 - Java OBJECT tag "launchjnlp"/"docbase" property stack buffer overflow Published Cause-BoundsCheckMissing Severity-Critical Risk-UserCodeExecution Mitigation-JavaNeeded
21	`Fix-Verified`	MSRC 10150 - WMP memory corruption using popups Published Cause-Unknown Severity-Critical Risk-UserCodeExecution
19	`Fix-Verified`	MSIE 6,7 Calling a method without an instance Cause-NullCheckMissing Severity-Low Risk-DoS Mitigation-JavaScriptNeeded Published
18	`Fix-Verified`	Oracle 17660133 - Java APPLET tag children property memory corruption Published Cause-Reentrancy Severity-Critical Risk-UserCodeExecution Mitigation-JavaScriptNeeded
17	`Fix-Verified`	Msxml2.XMLHTTP.3.0 response handling memory corruption [9951np, ms10-051, CVE-2010-2561] Published Cause-Unknown Severity-Critical Risk-UserCodeExecution Mitigation-JavaScriptNeeded
16	`Fix-Verified`	MSIE 7 - CMarkup..HasLookasidePtr ReadAV@NULL (8aba81aab003a040448f1dd22fdab2f0) Cause-NullCheckMissing Severity-Low Risk-DoS Mitigation-JavaScriptNeeded Published
15	`WontFixNow`	MSIE 6,7, 8 & 9 insertAdjacentElement NULL ptr Cause-NullCheckMissing Severity-Low Risk-DoS Mitigation-JavaScriptNeeded Published
14	`WontFixNow`	MSIE 8,9 (X)HTML stack exhaustion Cause-Recursion Severity-Low Risk-DoS Published
13	`Fix-Verified`	MSIE 9 regular expression related crashes Cause-Unknown Severity-Critical Risk-UserCodeExecution Mitigation-JavaScriptNeeded Published
12	`Fix-Verified`	MSIE 9 selection related crashes Cause-Unknown Risk-DoS Severity-Low Mitigation-JavaScriptNeeded Published
11	`Fix-Verified`	Apple QuickTime memory corruption when loading BMP file. Cause-Unknown Severity-Critical Risk-UserCodeExecution Published
10	`Fix-Verified`	Chromium Issue 31324 - Chrome hangs when processing a 100 response. Cause-Logic Severity-Low Risk-DoS Published
9	`Fix-Verified`	Chromium Issue 29854/WebKit Bug 32316 - WebCore::RenderObject::arenaDelete ExecAV@??? (292164e5b2ee939ff3ddf062439c2a3e) Cause-Logic Severity-High Mitigation-Sandbox Risk-RestrictedCodeExecution Published
8	`Invalid`	MSIE BMP file excessive memory consumption. Cause-BoundsCheckMissing Severity-Low Risk-DoS Published
7	`Duplicate`	Scale424 ReadAV@Arbitrary (aec1920d2aa1c95f6e90f435d7379a71) Cause-BoundsCheckMissing Published
6	`WontFixNow`	MSRC 9830jr - Windows ICO file Scale*24 arbitrary read access violations Cause-BoundsCheckMissing Risk-DoS Severity-Low Published
5	`Invalid`	MSRC 9825jr - VML IMAGEDATA GIF image use after free memory corruption Published
4	`Fix-Verified`	MSRC 9604jr - MSIE 6/7 "document.createElement("li").value=3" NULL pointer Cause-Logic Severity-Low Risk-DoS Mitigation-JavaScriptNeeded Published
3	`WontFixNow`	MSRC 9754jr - Windows .ANI file BITMAPINFOHEADER.biClrUsed bounds check missing Cause-BoundsCheckMissing Severity-Low Risk-DoS Published
2	`Fix-Verified`	Stack buffer overrun vulnerability in UEdit32 throught GNU Aspell Cause-Unknown Severity-High Risk-UserCodeExecution Published

38

Reported

MSIE 621937 - MSIE 9 preview - Using an iframe inside a foreignObject in an svg file causes a NULL ptr crash Severity-Low Cause-NullCheckMissing Risk-DoS

37

Reported

MSIE 621938 - XHTML JavaScript generating nested elements displayed as "inline-block" cause stack exhaustion Cause-Recursion Severity-Low Risk-DoS Mitigation-JavaScriptNeeded Published

36

Fix-Unreleased

Windows Vista WinINET.dll Proxy authentication NULL ptr Cause-NullCheckMissing Severity-Low Risk-DoS

34

Fix-Verified

MSIE 6 - new Image().ownerDocument.writeln; NULL ptr Published Cause-NullCheckMissing Severity-Low Mitigation-JavaScriptNeeded Risk-DoS

33

Fix-Verified

Opera 315902 - designmode/queryCommandSupported use of uninitialized memory Published Cause-UninitializedMemory Severity-Low Risk-DoS Mitigation-JavaScriptNeeded

32

Fix-Verified

Oracle 17519335 - Plugin2 memory corruption Published Cause-Unknown Severity-Low Risk-DoS

31

Fix-Verified

MSIE CTreePos::GetCpAndMarkup ReadAV@NULL (e6783248e1c977599d2ffcb13159c52e) Cause-NullCheckMissing Risk-DoS Mitigation-JavaScriptNeeded Published

30

Fix-Verified

Unknown NULL ptr in Opera Published Cause-Unknown Risk-DoS

28

WontFixNow

Opera 312859: IMG with inline SVG read of unallocated memory Published Cause-Unknown Risk-DoS Mitigation-JavaScriptNeeded

27

Fix-Verified

Opera 312848: add detached range to selection various NULL pointer crashes. Cause-Unknown Severity-Low Risk-DoS Mitigation-JavaScriptNeeded Published

26

Fix-Verified

Opera 312843: SVG stack recursion Published Cause-Logic Severity-Low Risk-DoS

25

Fix-Unreleased

Oracle Java OBJECT tag "dnsResolve" method NULL pointer Cause-NullCheckMissing Severity-Low Risk-DoS Mitigation-JavaScriptNeeded Published

23

Fix-Verified

Oracle 18381831 - Java OBJECT tag "launchjnlp"/"docbase" property stack buffer overflow Published Cause-BoundsCheckMissing Severity-Critical Risk-UserCodeExecution Mitigation-JavaNeeded

21

Fix-Verified

MSRC 10150 - WMP memory corruption using popups Published Cause-Unknown Severity-Critical Risk-UserCodeExecution

19

Fix-Verified

MSIE 6,7 Calling a method without an instance Cause-NullCheckMissing Severity-Low Risk-DoS Mitigation-JavaScriptNeeded Published

18

Fix-Verified

Oracle 17660133 - Java APPLET tag children property memory corruption Published Cause-Reentrancy Severity-Critical Risk-UserCodeExecution Mitigation-JavaScriptNeeded

17

Fix-Verified

Msxml2.XMLHTTP.3.0 response handling memory corruption [9951np, ms10-051, CVE-2010-2561] Published Cause-Unknown Severity-Critical Risk-UserCodeExecution Mitigation-JavaScriptNeeded

16

Fix-Verified

MSIE 7 - CMarkup..HasLookasidePtr ReadAV@NULL (8aba81aab003a040448f1dd22fdab2f0) Cause-NullCheckMissing Severity-Low Risk-DoS Mitigation-JavaScriptNeeded Published

15

WontFixNow

MSIE 6,7, 8 & 9 insertAdjacentElement NULL ptr Cause-NullCheckMissing Severity-Low Risk-DoS Mitigation-JavaScriptNeeded Published

14

WontFixNow

MSIE 8,9 (X)HTML stack exhaustion Cause-Recursion Severity-Low Risk-DoS Published

13

Fix-Verified

MSIE 9 regular expression related crashes Cause-Unknown Severity-Critical Risk-UserCodeExecution Mitigation-JavaScriptNeeded Published

12

Fix-Verified

MSIE 9 selection related crashes Cause-Unknown Risk-DoS Severity-Low Mitigation-JavaScriptNeeded Published

11

Fix-Verified

Apple QuickTime memory corruption when loading BMP file. Cause-Unknown Severity-Critical Risk-UserCodeExecution Published

10

Fix-Verified

Chromium Issue 31324 - Chrome hangs when processing a 100 response. Cause-Logic Severity-Low Risk-DoS Published

9

Fix-Verified

Chromium Issue 29854/WebKit Bug 32316 - WebCore::RenderObject::arenaDelete ExecAV@??? (292164e5b2ee939ff3ddf062439c2a3e) Cause-Logic Severity-High Mitigation-Sandbox Risk-RestrictedCodeExecution Published

8

Invalid

MSIE BMP file excessive memory consumption. Cause-BoundsCheckMissing Severity-Low Risk-DoS Published

7

Duplicate

Scale424 ReadAV@Arbitrary (aec1920d2aa1c95f6e90f435d7379a71) Cause-BoundsCheckMissing Published

6

WontFixNow

MSRC 9830jr - Windows ICO file Scale*24 arbitrary read access violations Cause-BoundsCheckMissing Risk-DoS Severity-Low Published

5

Invalid

MSRC 9825jr - VML IMAGEDATA GIF image use after free memory corruption Published

4

Fix-Verified

MSRC 9604jr - MSIE 6/7 "document.createElement("li").value=3" NULL pointer Cause-Logic Severity-Low Risk-DoS Mitigation-JavaScriptNeeded Published

3

WontFixNow

MSRC 9754jr - Windows .ANI file BITMAPINFOHEADER.biClrUsed bounds check missing Cause-BoundsCheckMissing Severity-Low Risk-DoS Published

2

Fix-Verified

Stack buffer overrun vulnerability in UEdit32 throught GNU Aspell Cause-Unknown Severity-High Risk-UserCodeExecution Published

skylined