FreeBSD : coppermine -- Multiple File Extensions Vulnerability (0b628470-e9a6-11da-b9f4-00123ffe8333)

Secunia reports : Coppermine Photo Gallery have a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to an error in the handling of file uploads where a filename has multiple file extensions. This can be exploited to upload...

Code injection

Coppermine galleries before 1.4.6, when running on Apache with modmime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions...

Design/Logic Flaw

ICQ Inc. formerly Mirabilis ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions and bypass Windows security warnings via a filename that ends in an assumed-safe extension such as JPG, and possibly...

Design/Logic Flaw

GUI display truncation vulnerability in ICQ Inc. formerly Mirabilis ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a...

CVE-2006-0765

GUI display truncation vulnerability in ICQ Inc. formerly Mirabilis ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a...

CVE-2006-0766

CVE-2006-0766 affects ICQ software on Windows (ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions). The vulnerability stems from the ability for an attacker to craft a filename that ends with a commonly trusted extension (e.g., .JPG) and potentially alter properties like co...

CVE-2006-0760

LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive filesystem, allows remote attackers to bypass URL checks and obtain sensitive information via file extensions with unexpected capitalization, as demonstrated by a request for index.PHP when the configuration invokes the PHP...

CVE-2006-0766

ICQ Inc. formerly Mirabilis ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions and bypass Windows security warnings via a filename that ends in an assumed-safe extension such as JPG, and possibly...

CVE-2006-0695

Ansilove before 1.03 does not filter uploaded file extensions, which allows remote attackers to execute arbitrary code by uploading arbitrary files with dangerous extensions, then accessing them directly in the upload directory...

CVE-2005-3484

Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions such as ZIP, AVI, JPG, TXT, and HTML via ".." and hex-encoded 1 slash "/" "%2f" or 2 backslash "" "%5c" sequences...

NeroNet1202.txt

Luigi Auriemma Application: NeroNET http://www.nero.com Versions: = 1.2.0.2 Platforms: Windows Bug: limited directory traversal Exploitation: remote Date: 02 Nov 2005 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1 Introduction 2 Bug 3 The Code 4 Fix...

[Full-disclosure] Limited directory traversal in NeroNET 1.2.0.2

Luigi Auriemma Application: NeroNET http://www.nero.com Versions: = 1.2.0.2 Platforms: Windows Bug: limited directory traversal Exploitation: remote Date: 02 Nov 2005 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1 Introduction 2 Bug 3 The Code 4 Fix...

CVE-2005-3430

Incomplete blacklist vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions, such as 1 .unk, 2 .asa, and possibly 3 .htr and 4 .aspx, which are not filtered like the .asp extension...

CVE-2005-2955

config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute arbitrary code by uploading files with other executable extensions such as .inc, .php4, or others...

CVE-2005-2955

config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute arbitrary code by uploading files with other executable extensions such as .inc, .php4, or others...

CVE-2005-2733

uploadimgcgi.php in Simple PHP Blog SPHPBlog does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code...

CVE-2005-2733

The CVE-2005-2733 issue affects Simple PHP Blog (SPHPBlog) where upload_img_cgi.php does not properly restrict uploaded file extensions, enabling remote code execution. The vulnerability is documented in NVD with a base score of 7.5 (HIGH) and is evidenced by the SPHPBlog file-upload weakness des...

CVE-2005-2733

uploadimgcgi.php in Simple PHP Blog SPHPBlog does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code...

CVE-2005-2437

Website Baker Project does not properly verify the file extensions of uploaded files, which allows remote attackers to upload and execute arbitrary PHP code...

CVE-2005-2405

Opera 8.01 is affected when Arial Unicode MS (ARIALUNI.TTF) is installed: extended ASCII in the file-download dialog can be spoofed, potentially leading users to execute arbitrary code. The issue is documented in CVE-2005-2405; OpenVAS notes vulnerability in Opera