-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 --------------------------------------------------- | BuHa Security-Advisory #10 | Apr 12th, 2006 | --------------------------------------------------- | Vendor | W3C's Amaya | | URL | http://www.w3.org/Amaya/ | | Version | <= 9.4 | | Risk | Critical (Remote Code Execution) | --------------------------------------------------- o Description: ============= The current releases, Amaya 9.5, is available for Linux, Windows and now MacOS X (see screenshot). It supports HTML 4.01, XHTML 1.0, XHTML Basic, XHTML 1.1, HTTP 1.1, MathML 2.0, many CSS 2 features, and includes SVG support (transformation, transparency, and SMIL animation). See the "Amaya Overview" page [1] for more details. o Stack overflow: ================ Both of the two below posted code snippets (in fact there are dozens of possible snippets but all of them trigger the same bug) force Amaya 9.4 to crash: > > [...] >