[VulnWatch] administrivia: cross-site tracing

There's been a lot of back and forth about the recent WhiteHat Security XST bug. Sensationalism aside, the fact still remains: 1. Access to cookies, particularly the 'httponly' add-on by IE, is limited by browser security restrictions. And I don't recall any browser being able to legitimately...

CVE-2002-1918

Buffer overflow in Microsoft Active Data Objects ADO in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED...

Microsoft Security Bulletin MS02-069: Flaw in Microsoft VM Could Enable System Compromise (810030)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Flaw in Microsoft VM Could Enable System Compromise 810030 Date: 11 December 2002 Software: Microsoft VM Impact: Eight vulnerabilities, the most serious of which would enable an...

Microsoft Internet Explorer does not adequately validate references to cached objects and methods

Overview Microsoft Internet Explorer does not adequately validate references to cached objects and methods across domains and security zones. The impact is similar to that of a cross-site scripting vulnerability, allowing an attacker to access data in other sites, including the Local Computer zon...

gm012-more-ie.txt

GreyMagic Security Advisory GM012-IE ===================================== By GreyMagic Software, Israel. 22 Oct 2002. Available in HTML format at http://security.greymagic.com/adv/gm012-ie/. Topic: Vulnerable cached objects in IE 9 advisories in 1. Discovery date: 4 Oct 2002, 17 Oct 2002, 21 Oct...

Vulnerable cached objects in IE (9 advisories in 1)

GreyMagic Security Advisory GM012-IE ===================================== By GreyMagic Software, Israel. 22 Oct 2002. Available in HTML format at http://security.greymagic.com/adv/gm012-ie/. Topic: Vulnerable cached objects in IE 9 advisories in 1. Discovery date: 4 Oct 2002, 17 Oct 2002, 21 Oct...

Microsoft Internet Explorer 5/6 - Cached Objects Zone Bypass

source: https://www.securityfocus.com/bid/6028/info Multiple vulnerabilities have been reported for Microsoft Internet Explorer. These vulnerabilities have been reported to affect Internet Explorer 5.5 to 6.0. Internet Explorer 6.0 with Service Pack 1 and Internet Explorer 5 with Service Pack 2 a...

File deletion via Windows XP Help Center

By usgin hcp:// URL it's possible to remove file sustem objects...

Code execution via Microsoft Office XP

It's possible to include scripting object which fill be activated in case user reply or forward e-mail message. Host method of spreadsheet object allows creation and execution of arbitrary files...

Microsoft Internet Explorer 5/6 - Self-Referential Object Denial of Service

source: https://www.securityfocus.com/bid/4564/info Microsoft Internet Explorer is vulnerable to a denial of service due to an error in handling certain self-referential definitions in HTML documents. This occurs when an object of type "text/html" is specified, with the DATA field referencing the...

Локальный DoS против Windows NT (mutex)

Пользователь может захватить все mutex-объекты, после чего другие приложения не смогут работать с сетью...

Borland/Inprise Interbase SQL database server contains backdoor superuser account with known password

Overview Description Interbase is an open source database package that is distributed by Borland/Inprise. The server contains a compiled-in backdoor account with a known password.In the following interbase code, references are made about a LOCKSMITH user: ./jrd/dyn.e ./jrd/isc.c ./jrd/jrd.c...

Утечка информации в Novell Netware (Object enumeration)

Сервера Netware с поддержкой TCP/IP сообщают информацию об объектах NDS через анонимное соединение TCP/524...

Microsoft Virtual Machine 2000/3100/3200/3300 Series - 'com.ms.activeX.ActiveXComponent' Arbitrary Program Execution

source: https://www.securityfocus.com/bid/1754/info If a malicious website operator were to embed a specially crafted java object into a HTML document, it would be possible to execute arbitrary programs on a target host viewing the webpage through either Microsoft Internet Explorer or Outlook. Th...

Пользователь может обойти Inherited Rights Filters (IRF) в Novell Netware

Права на избранные свойства Selected Property Rights в Novell Netware могут наследоваться, но не могут быть блокированы с помощью IRF. Таким образом пользователь, имеющий права на родительский объект может овладеть дочерним объектом NDS, установив права на родительский объект и объявив их...

Очередная уязвимость IE при работе с объектами Office

Создавая ActiveX-объекты для файлов .xla, .ppt, .mdb можно получить доступ к методу SaveAs, сохранить любой файл локально и запустить его на выполнение...

wordpad-ie.txt

Georgi Guninski security advisory 7, 2000 Wordpad vulnerability, exploitable also in IE for Win9x Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact that Georgi Guninski is not liable for an...

ie50.xml.txt

Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact that Georgi Guninski is not liable for any damages caused by direct or indirect use of the information or functionality provided by this...

CVE-1999-1204

Check Point Firewall-1 does not properly handle certain restricted keywords e.g., Mail, auth, time in user-defined objects, which could produce a rule with a default "ANY" address and result in access to more systems than intended by the administrator...

Security Update for Windows Server 2003 64-bit Itanium Edition (KB901017)

A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system using Collaboration Data Objects CDO and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have ...