Network Security News – Saturday, November 05, 2005 Events
Apple QuickTime Embedded Pascal Style String Overflow
A remote overflow exists in Quicktime. The program fails to validate movie files resulting in an integer overflow. With a specially crafted file containing an embedded "Pascal" style string, an attacker can cause a very large memory copy leading to remote code execution, resulting in a loss of integrity.. Read more at osvdb.org/20475
Apple QuickTime .mov File Attributes Overflow
A local overflow exists in Quicktime. The program fails to validate movie attributes contained in a file resulting in an integer overflow. With a specially crafted file, an attacker can cause a very large memory copy resulting in a loss of integrity.. Read more at osvdb.org/20476
cPanel Entropy Chat Message Field XSS
cPanel contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate input passed in the message field upon submission to the Entropy Chat script. This could allow a user to create a specially crafted chat message that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20459
Sun Java System Communications Express Remote Configuration File Disclosure
Sun Java Communications Express contains a flaw that may lead to an information disclosure to a local or remote unprivileged user. The issue is triggered when an unspecified error occurs, which will disclose sensitive information of the Communications Express application configuration files resulting in a loss of confidentiality.. Read more at osvdb.org/20448
Cisco Wireless LWAPP Mode MAC Spoofing Encryption Bypass
Cisco Aironet Series Access Points controlled by Airespace Wireless LAN (WLAN) Controllers contain a flaw that may allow a malicious user to bypass certain security restrictions. The issue is due to an error in Cisco Access Points operating in Lightweight Access Point Protocol (LWAPP) mode that accepts unencrypted traffic from end hosts even when configured to encrypt traffic. It is possible that the flaw may allow unauthenticated end hosts to send unencrypted traffic to a secure network by sending frames from the Media Access Control (MAC) address of an already authenticated end host resulting in a loss of integrity.. Read more at osvdb.org/20454
Oracle HTMLDB f p Variable XSS
Oracle HTML DB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'p' variable upon submission to the 'f' servlet. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20051
Oracle HTMLDB wwv_flow.accept p_t02 Variable XSS
Oracle HTML DB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'p_t02' variable upon submission to the 'wwv_flow.accept' servlet. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20052
Oracle XML DB oradb XSS
The XML DB component in Oracle Database Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user-supplied input upon submission to the 'oradb' servlet. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20054
Mantis Unspecified XSS
Mantis contains a flaw that allows a remote cross site scripting attack. No further details have been provided.. Read more at osvdb.org/20321
Leave a Reply