ImageVue 0.16.1 - upload.php Unrestricted Arbitrary File Upload

ImageVue 0.16.1 - upload.php Unrestricted Arbitrary File Upload source: https://www.securityfocus.com/bid/16594/info ImageVue is prone to multiple vulnerabilities, including unauthorized uploading of files with arbitrary extensions, authentication bypass, information disclosure, and content...

Buffer overflow

Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector...

Microsoft Windows Metafile handler SETABORTPROC GDI Escape vulnerability

Overview Microsoft Windows is vulnerable to remote code execution via an error in handling files using the Windows Metafile image format. Exploit code has been publicly posted and used to successfully attack fully-patched Windows XP SP2 systems. However, other versions of the Windows operating...

CVE-2005-4189

Multiple cross-site scripting XSS vulnerabilities in Horde Kronolith H3 before 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via 1 the Calendar name field when creating calendars, 2 event title field when deleting events, the 3 Category and 4 Location search fields...

Opera Web Browser 8.08.5 - HTML Form Status Bar Misrepresentation

Opera Web Browser 8.08.5 - HTML Form Status Bar Misrepresentation source: https://www.securityfocus.com/bid/15472/info A vulnerability has been identified in Opera Web browser that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead into...

[Full-disclosure] CYBSEC - Security Advisory: Phishing Vector in SAP WAS

The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSECSecurityAdvisoryPhishingVectorinSAPWAS.pdf CYBSEC S.A. www.cybsec.com Advisory Name: Phishing Vector in SAP WAS Web Application Server Vulnerability Class: Phishing Vector / Improper Input...

Dia: Arbitrary code execution through SVG import

Background Dia is a gtk+ based diagram creation program released under the GPL license. Description Joxean Koret discovered that the SVG import plugin in Dia fails to properly sanitise data read from an SVG file. Impact An attacker could create a specially crafted SVG file, which, when imported...

SoftiaCom wMailServer 1.0 - Local Information Disclosure

// source: https://www.securityfocus.com/bid/14212/info SoftiaCom WMailserver is prone to a local information disclosure vulnerability. The application stores passwords in the windows registry. A local attacker may exploit this issue to disclose potentially sensitive information. / Vulnerability:...

ATutor 1.4.3 - search.php Multiple Cross-Site Scripting Vulnerabilities

ATutor 1.4.3 - search.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...

BookReview 1.0 - 'add_booklist.htm?node' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

phpMyAdmin 2.x - 'server_databases.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15196/info phpMyAdmin is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...

Serendipity < 0.80 RC7 Multiple Vulnerabilities

Binary data 2920.prm...

PT-2005-1945 · Adobe · Svg Viewer

Name of the Vulnerable Software and Affected Versions: Adobe SVG Viewer versions 3.02 and earlier Description: The issue allows remote attackers to determine the existence of arbitrary files by setting the src property to the target filename and using Javascript to determine if the web page...

Multiple XSS issues in Sun AnswerBook2

PTT SECURITY ADVISORY DATE: 08-02-2005 AUTHOR: THOMAS LIAM ROMANIS CURRENT EMPLOYER: Echelon Ltd VENDOR: Sun PRODUCT: Sun AnswerBook2 VERSIONS TESTED: 1.4.4 on Solaris 8.0 Sparc TITLE: Multiple issues in Sun Answerbook2 Full Disclosure. Summary. A number of issues have been identified in Sun...

answerbook2.txt

PTT SECURITY ADVISORY DATE: 08-02-2005 AUTHOR: THOMAS LIAM ROMANIS CURRENT EMPLOYER: Echelon Ltd VENDOR: Sun PRODUCT: Sun AnswerBook2 VERSIONS TESTED: 1.4.4 on Solaris 8.0 Sparc TITLE: Multiple issues in Sun Answerbook2 Full Disclosure. Summary. A number of issues have been identified in Sun...

Smail 3.2.0.120 Remote Root Heap Overflow Exploit

Exploit for linux platform in category remote exploits ================================================= Smail 3.2.0.120 Remote Root Heap Overflow Exploit ================================================= / 0 smail preparseaddress1 heap bof remote root exploit infamous42md AT hotpop DOT com Shout...

kayakoXSS2.txt

GulfTech Security Research March 22, 2005 Vendor : Kayako Web Solutions URL : http://www.kayako.com/ Version : Kayako eSupport v2.3 Risk : Cross Site Scripting Description: Kayako eSupport is a popular helpdesk, and support software. It is used by many businesses for customer support purposes...

PHP-Fusion 5.0 - BBCode IMG Tag Script Injection

PHP-Fusion 5.0 - BBCode IMG Tag Script Injection source: https://www.securityfocus.com/bid/12751/info PHP-Fusion is reported prone to a script injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input prior to including it in dynamically...

Sylpheed < 1.0.3 Invalid Header Overflow

Binary data 2672.prm...

CVE-2005-0593

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via 1 a web site that does not finish loading, which shows the lock of the previous site, 2 a non-HTTP server that uses SSL, which causes the lock to be displayed when the SSL handshake ...