firefox & mozilla -- multiple vulnerabilities

A Mozilla Foundation Security Advisory reports of multiple issues: Heap overrun in XBM image processing jackerror reports that an improperly terminated XBM image ending with space characters instead of the expected end tag can lead to a heap buffer overrun. This appears to be exploitable to insta...

Mozilla Suite, Mozilla Firefox: Multiple vulnerabilities

Background The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader. Mozilla Firefox is the next-generation browser from the Mozilla project. Gecko is the layout engine used in both products. Description The Mozilla Suite and Firefox are both vulnerable to the...

IIS 5.1 allows for remote viewing of source code on FAT/FAT32 volumes using WebDAV

It is possible to remotely view the source code of web script files though a specially crafted WebDAV HTTP request. Only IIS 5.1 seems to be vulnerable. The web script file must be on a FAT or a FAT32 volume, web scripts located on NTFS volumes are not vulnerable. Confirmed vulnerable -Microsoft®...

VulnCheck KEV: CVE-2000-0884

IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability...

[Full-disclosure] Unicode Buffer Overflow in WinFtp Server 1.6.8

Donato Ferrante Application: WinFtp Server http://www.wftpserver.com Version: 1.6.8 Bug: Unicode Buffer Overflow Date: 17-Aug-2005 Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 1...

FreeBSD : opera -- download dialog spoofing vulnerability (a2aa24fd-00d4-11da-bc08-0001020eed82)

A Secunia Advisory reports : Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to an error in the handling of extended ASCII codes in the download dialog. This can be...

Opera < 8.02 Multiple Vulnerabilities

The remote host is using Opera, an alternative web browser. The version of Opera installed on the remote host contains several flaws. One involves imaging dragging and could result in cross-site scripting attacks and user file retrieval. A second may let attackers spoof the file extension in the...

CVE-2005-2405

Opera 8.01 is affected when Arial Unicode MS (ARIALUNI.TTF) is installed: extended ASCII in the file-download dialog can be spoofed, potentially leading users to execute arbitrary code. The issue is documented in CVE-2005-2405; OpenVAS notes vulnerability in Opera

opera -- download dialog spoofing vulnerability

A Secunia Advisory reports: Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to an error in the handling of extended ASCII codes in the download dialog. This can be...

CVE-2004-2215

RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges...

CVE-2004-2215

The CVE-2004-2215 entry concerns RXVT-Unicode 3.4 and 3.5, where file descriptors are not properly closed. This allows local users to access other users’ terminals and potentially gain privileges. The connected sources confirm the affected software and the underlying issue (incomplete fd cleanup)...

CVE-2004-2215

RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges...

FreeBSD : rxvt-unicode -- buffer overflow vulnerability (d4bd4046-93a6-11d9-8378-000bdb1444a4)

A rxvt-unicode changelog reports : Fix a bug that allowed to overflow a buffer via a long escape sequence, which is probably exploitable fix by Rob Holland / Yoann Vandoorselaere / Gentoo Audit Team. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

FreeBSD : Courier mail services: remotely exploitable buffer overflows (98bd69c3-834b-11d8-a41f-0020ed76ef5a)

The Courier set of mail services use a common Unicode library. This library contains buffer overflows in the converters for two popular Japanese character encodings. These overflows may be remotely exploitable, triggered by a maliciously formatted email message that is later processed by one of t...

[NT] PicoWebServer Unicode Stack Overflow

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

PicoWebServer Remote Unicode Stack Overflow

Title: PicoWebServer Remote Unicode Stack Overflow Release Date: 28. May 2005 Author: Dennis Elser dennis backtrace de Vendor: Newmad Technologies http://www.newmad.se Vendor Status: Contacted Product: PicoWebServer Affected Version: 1.0 Platform: Microsoft Windows CE / PocketPC Processor Type: A...

UNICODE BUFFER OVERFLOW IN MS-WORD

UNICODE BUFFER OVERFLOW IN MS-WORD =================================== .mcw is the ms-word format file for Macintosh. the unicode buffer overflow occurs when the user opens the malformed .mcw document. Proof of concept: ----------------- by modifying the .mcw file by using binary editor as follow...

CVE-2005-0764

Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences...

CVE-2005-0764

Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences...

DEBIAN-CVE-2005-0764

Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences...