OTRS Open Technology Real Services 3.1.8 and 3.1.9 XSS Vulnerability

No description provided by source. !/usr/bin/python ''' Author: Mike Eduard - Znuny - Enterprise Services for OTRS Product: OTRS Open Technology Real Services Version: 3.1.8 and 3.1.9 Vendor Homepage: http://otrs.org CVE: 2012-4600 Timeline: 22 Aug 2012: Vulnerability reported to vendor and CERT ...

Windows 95/98 UNC Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/779/info There is a overflowable buffer in the networking code for Windows 95 and 98 all versions. The buffer is in the part of the code that handles filenames. By specifying an exceptionally long filename, an attacker ca...

Webmin 1.x HTML Email Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11122/info Webmin / Usermin are reportedly affected by a command execution vulnerability when rendering HTML email messages. This issue is due to a failure to sanitize HTML email messages and may allow an attacker to...

KDE KMail 1.7.1 HTML EMail Remote Email Content Spoofing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13085/info A remote email message content spoofing vulnerability affects KDE KMail. This issue is due to a failure of the application to properly sanitize HTML email messages. An attacker may leverage this issue to spoof...

Microsoft Internet Explorer 5/6 XML Redirect File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5560/info A flaw in Microsoft Internet Explorer may reveal the entire contents of XML files and partial contents of other files to attackers. This vulnerability allows an attacker to read the entire contents of XML files,...

Microsoft Virtual Machine Arbitrary Java Codebase Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1812/info An attacker may gain read access on remote systems by specifying a custom codebase in a Java applet, and delivering to the victims via HTML email or a website. Any arbitrary codebase can be referenced by a java...

Microsoft Outlook 2002 Mailto Parameter Quoting Zone Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9827/info Microsoft Outlook is prone to a vulnerability that may permit execution of arbitrary code on client systems. This issue is exposed through Outlook, but will reportedly cause Internet Explorer to load malicious...

MS IE 5.0,Netscape Communicator 4.0/4.5/4.6 Javascript STYLE Vulnerability

No description provided by source. Microsoft Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4,Netscape Communicator 4.0/4.5/4.6 Javascript STYLE Vulnerability source: http://www.securityfocus.com/bid/630/info The HTML STYLE command can be used to embed Javascript into...

Qualcomm Eudora 5.2.1/6.x Embedded Hyperlink Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10298/info Qualcomm Eudora is reported to be prone to a remotely exploitable buffer overrun vulnerability. The issue is exposed when an excessively long hyperlink to a file resource is embedded in an HTML e-mail. This may...

Apple Mac OS X 10.3.x Help Protocol Remote Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10356/info It has been reported that Mac OS X may be prone to a vulnerability that could allow a remote attacker to execute arbitrary script code on a vulnerable system. The issue presents itself due to the 'help:' protoc...

Windows 95/98 UNC Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/779/info There is a overflowable buffer in the networking code for Windows 95 and 98 all versions. The buffer is in the part of the code that handles filenames. By specifying an exceptionally long filename, an attacker ca...

Alleged Outlook Express 5/6 Link Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5682/info Reportedly, when decoding a HTML email, Outlook Express will stop responding upon encountering a A HREF link longer than 4095 characters. It is not confirmed why this behaviour occurs...

HTML Email Creator 2.42 build 718 Buffer Overflow Exploit (SEH)

No description provided by source. .-----.--.--.--.----.----.-.---| | | | | | | | -| | | |||||| || By MadjiX Sec4ever.com Title : HTML Email Creator 2.42 build 718 - 0day buffer overflow exploit SEH author : MadjiX Dz8Hotmailcom Gr33tz : His0k4 , Bibi-info , volc4n0 version 2.3 :...

Microsoft Internet Explorer 6.0 mms Protocol Handler Executable Command Line Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10879/info A vulnerability has been reported to exist in Microsoft Internet Explorer that may allow remote attackers to pass arbitrary command line arguments to an application associated with the mms: URI protocol handler...

Roundcube Webmail 0.1 CSS Expression Input Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26800/info Roundcube Webmail is prone to an input-validation vulnerability because it fails to sanitize HTML email messages. Attackers can exploit this issue to execute arbitrary script code in the browser of an...

Good for Enterprise 2.2.2.1611 - XSS Vulnerability

No description provided by source. The vulnerable versions are v2.2.2.1611 and earlier Proof of Concept: HTML Email including the following payload will execute Javascript statements when the victim open the email using the vulnerable version. Payload: body div scriptalert'XSS Here'/script /div...

Microsoft Internet Explorer 5.0.1 Content Advisor File Handling Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13117/info Microsoft Internet Explorer is prone to a remote buffer overflow vulnerability when handling malformed Content Advisor files. An attacker can exploit this issue by crafting a Content Advisor file with excessive...

HTML Email Creator & Sender 2.3 - Local Buffer Overflow PoC (SEH)

No description provided by source. /0day HTML Email Creator & Sender v2.3 Local Buffer OverflowSeh Poc Debugging info Seh handler is overwriten , the offset is at 60 bytes in our buffer so you have to build your buffer as follows: PONTER TO NEXT SEH-------SEH HANDLER----NOP------SHELLCODE | | | |...

Microsoft Internet Explorer 6.0 Codebase Double Backslash Local Zone File Execution Weakness

No description provided by source. source: http://www.securityfocus.com/bid/10344/info A vulnerability has been reported that may potentially permit HTML documents to gain unauthorized access to local resources by using specific syntax when referencing said resource as a value for the CODEBASE...

MS IE 4/5/5.5/5.0.1 external.NavigateAndFind() Cross-Frame Vulnerability

No description provided by source. Microsoft Internet Explorer 4.0 for WfW/Windows 3.1/Windows 95/Windows NT 3/Windows NT 4,Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4,Internet Explorer 5.5,Internet Explorer 5.0.1,Internet Explorer for Unix 5.0 external.NavigateAndFi...