Microsoft IE Drag and Drop Arbitrary File Installation

Network Security News – Wednesday, February 15, 2006 Events

Microsoft IE Drag and Drop Arbitrary File Installation

Microsoft Internet Explorer contains a flaw in its handling of certain drag-and-drop events. The issue is triggered when a malicious web site is able to predict and exploit the timing of a drag-and-drop operation. It is possible that the flaw may allow a malicious user to install arbitrary files in sensitive locations that may enable further system compromise, resulting in a loss of integrity.. Read more at osvdb.org/2707

AIX unix_mp/unix_64 Kernel EMULATE_VMX Local DoS

AIX contains a flaw that may allow a local denial of service. The issue is triggered when an unspecified condition occurs regarding EMULATE_VMX in the unix_mp and unix_64 kernels, and will result in loss of availability for the platform.. Read more at osvdb.org/23127

O'Reilly WebSite win-c-sample Remote Overflow

O'Reilly WebSite contains a flaw that may allow a remote attacker to execute arbitrary code. The issue is due to the 'win-c-sample' program containing a remote overflow. The program fails to validate unspecified user-supplied input resulting in a buffer overflow. With a specially crafted request, an attacker can execute custom code under the privileges of the web server process.. Read more at osvdb.org/8

Nokia N70 Cell Phone Bluetooth Crafted L2CAP Packet LDAP DoS

Nokia N70 contains a flaw that may allow a remote denial of service. The issue is triggered when specially crafted L2CAP packets are sent via bluetooth to the victim's cell phone, resulting in a "System error" message or a loss of availability for the phone. The issue is caused due to an error in the handling of certain requests in the bluetooth stack.. Read more at osvdb.org/23061

PAM-MySQL Authentication pam_get_item() Function Unspecified Privilege Escalation

PAM-MySQL contains a flaw that may allow a malicious user to cause a double-free in the pam_get_item function. The issue is triggered when a malicious user sends crafted authentication credentials. It is possible that the flaw may cause the PAM-MySQL process to crash or allow arbitrary code execution resulting in a loss of integrity or availability.. Read more at osvdb.org/22995

CPG Dragonfly CMS install.php newlang Variable Local File Inclusion

CPG-Nuke Dragonfly CMS contains a flaw that allows a remote attacker to include outside of the web path. The issue is due to the install.php not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the 'newlang' variable. This flaw permits the inclusion of files controlled by remote user input, which may be leveraged to execute arbitrary code, resulting in a loss of integrity.. Read more at osvdb.org/23058