IPS-1 Protection Update for WWW2 (Version 27)

Microsoft IIS decodes Unicode character sets in a variety of ways. There is an uncommon way of creating Unicode characters in HTTP, which IIS but no other known web servers decode. It is in the form of percent-u-hexchar-hexchar-hexchar-hexchar. The IPS-1 WWW2 protocol subsystem has been updated t...

Apache mod_jk: Directory traversal

Background Apache modjk is a connector for the Tomcat web server. Description Apache modjk decodes the URL within Apache before passing them to Tomcat, which decodes them a second time. Impact A remote attacker could browse a specially crafted URL on an Apache server running modjk, possibly gaini...

Re: GDI+ and Internet Explorer question

IE has its own image decoders for many image types jpeg, ico, etc. You can trigger this bug remotely by renaming your .ico to .emf or .wmf, which forces it be opened by the Picture and Fax Viewer using GDI+. -HD On Saturday 09 June 2007 06:40, [email protected] wrote: fails to crash my Internet...

[SECURITY] Fedora 7 Update: zvbi-0.2.25-1.fc7

ZVBI provides functions to capture and decode VBI data. The vertical blanki ng interval VBI is an interval in a television signal that temporarily suspe nds transmission of the signal for the electron gun to move back up to the first line of the television screen to trace the next screen field. T...

Avira Antivir integer overflow

Integer overflow during .LZH archive parsing leads to buffer overflow. Devision by zero on UPX decoding. Infinite loop on TAR parsing...

mod_jk sends decoded URL to tomcat

modjk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. dot dot sequences and...

CVE-2007-1860

modjk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. dot dot sequences and...

CVE-2007-1860

modjk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly involving double-encoded .. dot dot sequences and...

[SECURITY] [DSA 1292-1] New qt4-x11 packages fix cross-site scripting vulnerability

------------------------------------------------------------------------ Debian Security Advisory DSA-1292-1 [email protected] http://www.debian.org/security/ Noah Meyerhans May 15, 2007 - ------------------------------------------------------------------------ Package : qt4-x11 Vulnerability :...

DSA-1292-1 qt4-x11

Bulletin has no description...

CVE-2007-0213

Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows remote attackers to execute arbitrary code via a crafted base64-encoded MIME e-mail message...

TPTI-07-06: Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption

TPTI-07-06: Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption http://dvlabs.tippingpoint.com/advisory/TPTI-07-06 May 2, 2007 -- CVE ID: CVE-2007-2418 -- Affected Vendor: Cerulean Studios -- Affected Products: Trillian Pro 3.1 build 121 and below -- TippingPointTM IPS Customer Protection:...

Immunity Canvas: GROUPWISE_WEBACCESS

Name| groupwisewebaccess ---|--- CVE| CVE-2007-2171 Exploit Pack| CANVAS Description| Novell GroupWise WebAccess Base64 Decoding Stack Overflow Notes| CVE Name: CVE-2007-2171 VENDOR: Novell VersionsAffected: Repeatability: References: http://www.zerodayinitiative.com/advisories/ZDI-07-015.html CV...

Novell Groupwise WebAccess GWINTER.EXE Base64 Decoding Remote Overflow

The remote host is running a version of GroupWise WebAccess from Novell that is vulnerable to a stack overflow in the way it handles HTTP Basic Authentication. By sending a specially crafted request, an attacker can exploit this flaw to execute code on the remote host with administrative...

Novell Groupwise WebAccess buffer overflow

Stack buffer overflow stack overrun during TCP/7205 TCP/7211 HTTP basic authentication on base64 decoding...

ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability

ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-015.html April 18, 2007 -- CVE ID: CVE-2007-2171 -- Affected Vendor: Novell -- Affected Products: Groupwise WebAccess -- TippingPointTM IPS Customer Protection:...

Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists in the GWINTER.exe process bound by default on TCP ports 7205 and 7211. During the...

QT / KJS UTF-8 decoding security vulnerability

Oversized UTF-8 sequences are not blocking, making it possible to conduct cross-site scripting and directory traversal attacks...

Mandrake Linux Security Advisory : kdelibs (MDKSA-2007:076)

A bug was discovered in KJS where UTF8 decoding did not reject overlong sequences. This vulnerability is similar to that discovered by Andreas Nolden in QT3 and QT4, but at this current time there is no known exploit for this issue. Updated packages have been patched to address this issue...

CVE-2007-1505

Fujitsu FENCE-Pro before V5L01, and Systemwalker Desktop Encryption V12.0L10, V12.0L10A, V12.0L10B, V12.0L20 and V13.0.0 allows local users to obtain sensitive information by extracting the decoding password from certain "self-decoding" file types...