CVE-2000-1212

Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects...

CVE-2000-1212

CVE-2000-1212 concerns Zope 2.2.0–2.2.4, where a data updating method on Image and File objects is not properly protected. This flaw enables attackers with DTML editing privileges to modify the raw data of these objects. The vulnerability is rooted in insufficient access controls on a data update...

[VulnWatch] administrivia: cross-site tracing

There's been a lot of back and forth about the recent WhiteHat Security XST bug. Sensationalism aside, the fact still remains: 1. Access to cookies, particularly the 'httponly' add-on by IE, is limited by browser security restrictions. And I don't recall any browser being able to legitimately...

CVE-2002-1918

Buffer overflow in Microsoft Active Data Objects ADO in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED...

Microsoft Security Bulletin MS02-069: Flaw in Microsoft VM Could Enable System Compromise (810030)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Flaw in Microsoft VM Could Enable System Compromise 810030 Date: 11 December 2002 Software: Microsoft VM Impact: Eight vulnerabilities, the most serious of which would enable an...

Microsoft Internet Explorer does not adequately validate references to cached objects and methods

Overview Microsoft Internet Explorer does not adequately validate references to cached objects and methods across domains and security zones. The impact is similar to that of a cross-site scripting vulnerability, allowing an attacker to access data in other sites, including the Local Computer zon...

gm012-more-ie.txt

GreyMagic Security Advisory GM012-IE ===================================== By GreyMagic Software, Israel. 22 Oct 2002. Available in HTML format at http://security.greymagic.com/adv/gm012-ie/. Topic: Vulnerable cached objects in IE 9 advisories in 1. Discovery date: 4 Oct 2002, 17 Oct 2002, 21 Oct...

Vulnerable cached objects in IE (9 advisories in 1)

GreyMagic Security Advisory GM012-IE ===================================== By GreyMagic Software, Israel. 22 Oct 2002. Available in HTML format at http://security.greymagic.com/adv/gm012-ie/. Topic: Vulnerable cached objects in IE 9 advisories in 1. Discovery date: 4 Oct 2002, 17 Oct 2002, 21 Oct...

Microsoft Internet Explorer 5/6 - Cached Objects Zone Bypass

source: https://www.securityfocus.com/bid/6028/info Multiple vulnerabilities have been reported for Microsoft Internet Explorer. These vulnerabilities have been reported to affect Internet Explorer 5.5 to 6.0. Internet Explorer 6.0 with Service Pack 1 and Internet Explorer 5 with Service Pack 2 a...

File deletion via Windows XP Help Center

By usgin hcp:// URL it's possible to remove file sustem objects...

Code execution via Microsoft Office XP

It's possible to include scripting object which fill be activated in case user reply or forward e-mail message. Host method of spreadsheet object allows creation and execution of arbitrary files...

Microsoft Internet Explorer 5/6 - Self-Referential Object Denial of Service

source: https://www.securityfocus.com/bid/4564/info Microsoft Internet Explorer is vulnerable to a denial of service due to an error in handling certain self-referential definitions in HTML documents. This occurs when an object of type "text/html" is specified, with the DATA field referencing the...

Локальный DoS против Windows NT (mutex)

Пользователь может захватить все mutex-объекты, после чего другие приложения не смогут работать с сетью...

Borland/Inprise Interbase SQL database server contains backdoor superuser account with known password

Overview Description Interbase is an open source database package that is distributed by Borland/Inprise. The server contains a compiled-in backdoor account with a known password.In the following interbase code, references are made about a LOCKSMITH user: ./jrd/dyn.e ./jrd/isc.c ./jrd/jrd.c...

Утечка информации в Novell Netware (Object enumeration)

Сервера Netware с поддержкой TCP/IP сообщают информацию об объектах NDS через анонимное соединение TCP/524...

Microsoft Virtual Machine 2000/3100/3200/3300 Series - 'com.ms.activeX.ActiveXComponent' Arbitrary Program Execution

source: https://www.securityfocus.com/bid/1754/info If a malicious website operator were to embed a specially crafted java object into a HTML document, it would be possible to execute arbitrary programs on a target host viewing the webpage through either Microsoft Internet Explorer or Outlook. Th...

Пользователь может обойти Inherited Rights Filters (IRF) в Novell Netware

Права на избранные свойства Selected Property Rights в Novell Netware могут наследоваться, но не могут быть блокированы с помощью IRF. Таким образом пользователь, имеющий права на родительский объект может овладеть дочерним объектом NDS, установив права на родительский объект и объявив их...

Очередная уязвимость IE при работе с объектами Office

Создавая ActiveX-объекты для файлов .xla, .ppt, .mdb можно получить доступ к методу SaveAs, сохранить любой файл локально и запустить его на выполнение...

wordpad-ie.txt

Georgi Guninski security advisory 7, 2000 Wordpad vulnerability, exploitable also in IE for Win9x Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact that Georgi Guninski is not liable for an...

ie50.xml.txt

Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, especially the fact that Georgi Guninski is not liable for any damages caused by direct or indirect use of the information or functionality provided by this...