Subdreamer Multiple Script Cookie Content SQL Injection

Network Security News – Sunday, November 06, 2005 Events

Subdreamer Multiple Script Cookie Content SQL Injection

Subdreamer contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to multiple scripts not properly sanitizing user-supplied input included with the cookie variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/20384

Cerberus Helpdesk attachment_send.php Arbitrary Attachment Access

Cerberus Helpdesk contains a flaw that may lead to an unauthorized information disclosure. By manipulating the "file_id" variable used by "attachment_send.php", an attacker can view attachments submitted by other users, resulting in a loss of confidentiality.. Read more at osvdb.org/20461

libungif Crafted .gif File Arbitrary Code Execution

A remote overflow exists in libungif. The library fails to properly validate colormaps in GIF files, resulting in out-of-bounds writes and memory corruption. When a program using libungif opens a specially crafted GIF file, an attacker may be able to cause arbitrary code execution, resulting in a loss of integrity.. Read more at osvdb.org/20471

Macromedia Flash Player Flash.ocx Arbitrary Code Execution

Flash.ocx, part of Macromedia Flash Player, fails to perform proper validation of the frame type identifier from SWF files. The frame type identifier is used as an index into an array of function pointers. With a specially crafted SWF file, a remote attacker can cause arbitrary code execution, resulting in a loss of integrity.. Read more at osvdb.org/18825

HP OpenVMS Unspecified Local DoS

HP OpenView contains a flaw that may allow a malicious user to crash the system. No further details have been provided.. Read more at osvdb.org/20487

MWChat chat.php Username Variable SQL Injection

MWChat contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'chat.php' script not properly sanitizing user-supplied input to the 'Username' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/20266

gCards news.php limit Variable SQL Injection

gCards contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'news.php' script not properly sanitizing user-supplied input to the 'limit' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/20329

e107 resetcore.php user Field SQL Injection

e107 contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'resetcore.php' script not properly sanitizing user-supplied input to the 'user' field. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/20070

e107 resetcore.php File Upload Arbitrary Command Execution

e107 contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue occurs because the upload file functionality does not validate file extensions for user-supplied files. If an authenticated user uploads an executable file, it may be possible to execute arbitrary PHP code resulting in a loss of integrity.. Read more at osvdb.org/20072

e107 resetcore.php forum_title Field XSS

e107 contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user-supplied input to the 'forum_title' field upon submission to the 'resetcore.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/20071

Vuln: ibProArcade User ID SQL Injection Vulnerability

ibProArcade User ID SQL Injection Vulnerability. Read more at securityfocus.com/bid/15333

Vuln: Macromedia Flash Array Index Memory Access Vulnerability

Macromedia Flash Array Index Memory Access Vulnerability. Read more at securityfocus.com/bid/15332

Vuln: Multiple Vendor Web Browser Cookie Hostname Handling Weakness

Multiple Vendor Web Browser Cookie Hostname Handling Weakness. Read more at securityfocus.com/bid/15331

Vuln: cPanel Chat Message Field HTML Injection Vulnerability

cPanel Chat Message Field HTML Injection Vulnerability. Read more at securityfocus.com/bid/15327

Re: readdir_r considered harmful

Re: readdir_r considered harmful. Read more at securityfocus.com/archive/1/415790

Sql injection in ibProArcade

Sql injection in ibProArcade. Read more at securityfocus.com/archive/1/415793

Re: Mambo Open Source, Path disclosure

Re: Mambo Open Source, Path disclosure. Read more at securityfocus.com/archive/1/415794

Zoomblog <IMG> BBCode Tag JavaScript Injection Vulnerability

Zoomblog <IMG> BBCode Tag JavaScript Injection Vulnerability. Read more at securityfocus.com/archive/1/415795