CVE-2005-1342

The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands...

[Full-disclosure] Advisories for 4 vulnerabilities addressed by Apple SU 2005-005

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have published advisories for 4 security vulnerabilities in Mac OS X that were addressed by Apple Security Update 2005-005, released today. http://docs.info.apple.com/article.html?artnum=301528. This email contains brief summaries of the problems...

GLSA-200405-19 : Opera telnet URI handler file creation/truncation vulnerability

The remote host is affected by the vulnerability described in GLSA-200405-19 Opera telnet URI handler file creation/truncation vulnerability The telnet URI handler in Opera does not check for leading '-' characters in the host name. Consequently, a maliciously-crafted telnet:// link may be able t...

GLSA-200405-11 : KDE URI Handler Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200405-11 KDE URI Handler Vulnerabilities The telnet, rlogin, ssh and mailto URI handlers in KDE do not check for '-' at the beginning of the hostname passed. By crafting a malicious URI and entice an user to click on it, it is...

Skype Technologies URI Handler Remote Code Execution

Binary data 4531.prm...

AOL Instant Messenger buffer overflow

Buffer overflow in aim:goaway URI handler...

Mozilla fails to restrict access to the "shell:" URI handler

Overview A vulnerability in the way Mozilla and its derived programs handle certain types of links could allow an attacker to run local programs on a vulnerable system. Description Versions of the Mozilla, Firefox, and Thunderbird programs for Microsoft Windows will handle URIs of the form shell:...

CVE-2004-0489

Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to 1 execute arbitrary code via the ProxyCommand option or 2 conduct port forwarding via the -R option...

[Full-Disclosure] iDEFENSE Security Advisory 06.23.04: Lotus Notes URI Handler Argument Injection Vulnerability

Lotus Notes URI Handler Argument Injection Vulnerability iDEFENSE Security Advisory 06.23.04 www.idefense.com/application/poi/display?id=111&type=vulnerabilities June 23, 2004 I. BACKGROUND Lotus Notes combines enterprise-class messaging, calendaring and scheduling capabilities with a robust...

[SECURITY] [DSA 518-1] New kdelibs packages fix URI handler vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 518-1 [email protected] http://www.debian.org/security/ Martin Schulze June 14th, 2004 http://www.debian.org/security/faq -...

CVE-2004-0489

CVE-2004-0489 describes an argument injection vulnerability in the SSH URI handler for Safari on macOS 10.3.3 and earlier. The flaw allows remote attackers to execute arbitrary code via the ProxyCommand option or to perform port forwarding using the -R option. Affected software is Safari on macOS...

CVE-2004-0489

Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to 1 execute arbitrary code via the ProxyCommand option or 2 conduct port forwarding via the -R option...

PT-2004-1607 · Apple · Apple Macos +1

Name of the Vulnerable Software and Affected Versions: Safari versions prior to 10.3.3 on Mac OS Description: The issue concerns an argument injection vulnerability in the SSH URI handler for Safari. This vulnerability allows remote attackers to execute arbitrary code via the ProxyCommand option ...

Apple Mac OS X "disk://" URI handler stores arbitrary files in a known location

Overview A vulnerability has been reported in the default "disk://" protocol handler installed on Apple Mac OS X systems. Remote attackers may potentially use this vulnerability to create files on the local system without explicit user consent. We have not independently verified the scope of this...

KDE Security Advisory: URI Handler Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KDE Security Advisory: URI Handler Vulnerabilities Original Release Date: 2004-05-17 URL: http://www.kde.org/info/security/advisory-20040517-1.txt 0. References http://www.idefense.com/application/poi/display?id=104...

Re: [Full-Disclosure] iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability

Another minor issue has also been corrected in Opera Browser version 7.50, allowing malicious websites to spoof the address bar. The solutions remains the same, therefore no need to paste our full advisory here. However, if you wish further details, they can be found at:...

[Full-Disclosure] iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability

Opera Telnet URI Handler File Creation/Truncation Vulnerability iDEFENSE Security Advisory 05.12.04 www.idefense.com/application/poi/display?id=104&type=vulnerabilities May 12, 2004 I. BACKGROUND Opera is a cross-platform web browser. More information is available from http://www.opera.com/ II...

Microsoft Windows XP - HCP URI Handler Arbitrary Command Execution

Microsoft Windows XP - HCP URI Handler Arbitrary Command Execution source: https://www.securityfocus.com/bid/9621/info The Microsoft Windows XP HCP URI handler has been reported prone to a vulnerability that may provide for arbitrary command execution. The issue is reported to present itself when...

Microsoft Windows XP - HCP URI Handler Arbitrary Command Execution

source: https://www.securityfocus.com/bid/9621/info The Microsoft Windows XP HCP URI handler has been reported prone to a vulnerability that may provide for arbitrary command execution. The issue is reported to present itself when a specially formatted HCP URI that references a local resource is...

Opera Web Browser 7.x - URI Handler Directory Traversal

Opera Web Browser 7.x - URI Handler Directory Traversal source: https://www.securityfocus.com/bid/9021/info It has been reported that Opera is vulnerable to a directory traversal issue that may allow an attacker to access sensitive information. The problem presents itself due to insufficient...