Simplog preview.php tid Variable SQL Injection

Network Security News – Tuesday, April 25, 2006 Events

Simplog preview.php tid Variable SQL Injection

Simplog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the preview.php script not properly sanitizing user-supplied input to the 'tid' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24877

Simplog imagelist.php imagedir Variable XSS

Simplog contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'imagedir' variable upon submission to the imagelist.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/24880

Simplog comments.php pid Variable SQL Injection

Simplog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the comments.php script not properly sanitizing user-supplied input to the 'pid' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24879

Simplog archive.php Multiple Variable SQL Injection

Simplog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the archive.php script not properly sanitizing user-supplied input to the 'cid', 'pid' and 'eid' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24878

PAJAX pajax_call_dispatcher.php className Variable Traversal Arbitrary File Access

PAJAX contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the pajax_call_dispatcher.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'className' variable.. Read more at osvdb.org/24862

Fenice HTTP RTSP_msg_len Negative Value DoS

Fenice contains a flaw that may allow a remote denial of service. The issue is triggered when a Content-Length HTTP header with a big value such as 2147483647 is sent, and will result in loss of availability for the service.. Read more at osvdb.org/24882

FlexBB function/showprofile.php id Variable SQL Injection

FlexBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the function/showprofile.php script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24867

Mac OS X .bmp Processing ReadBMP() Function Overflow

A remote overflow exists in the Mac OS X default handler for files with a '.bmp' extension. The 'ReadBMP' function fails to properly validate input, resulting in a heap overflow. With a specially crafted file, an attacker can cause the applicaton to crash and potentially execute arbitrary code on the victim's system, resulting in a loss of integrity.. Read more at osvdb.org/24820

Mac OS X .gif Processing CFAllocatorAllocate() Function Overflow

A remote overflow exists in the Mac OS X default handler for files with a '.gif' extension. The 'CFAllocatorAllocate' function fails to properly validate input, resulting in a heap overflow. With a specially crafted file, an attacker can cause the applicaton to crash and potentially execute arbitrary code on the victim's system, resulting in a loss of integrity.. Read more at osvdb.org/24821

Mac OS X .tiff Processing Multiple Function DoS

A remote overflow exists in the Mac OS X default handler for files with a '.tiff' extension. The '_cg_TIFFSetField' and 'PredictorVSetField' functions fail to properly validate input, resulting in a heap overflow. With a specially crafted file, an attacker can cause the applicaton to crash and potentially execute arbitrary code on the victim's system, resulting in a loss of integrity.. Read more at osvdb.org/24822

Vuln: XPDF StreamPredictor Remote Heap Buffer Overflow Vulnerability

XPDF StreamPredictor Remote Heap Buffer Overflow Vulnerability. Read more at securityfocus.com/bid/15725

Vuln: Apple Safari Web Browser Rowspan Denial Of Service Vulnerability

Apple Safari Web Browser Rowspan Denial Of Service Vulnerability. Read more at securityfocus.com/bid/17674

Vuln: vBulletin Calendar Script SQL Injection Vulnerability

vBulletin Calendar Script SQL Injection Vulnerability

. Read more at securityfocus.com/bid/9360

Vuln: XPDF JPX Stream Reader Remote Heap Buffer Overflow Vulnerability

XPDF JPX Stream Reader Remote Heap Buffer Overflow Vulnerability. Read more at securityfocus.com/bid/15721

Re: vbulletin<–3.0.x SQL Injection

Re: vbulletin<–3.0.x SQL Injection. Read more at securityfocus.com/archive/1/431951

Re: Apple Mac OS X Safari 2.0.3 Vulnerability

Re: Apple Mac OS X Safari 2.0.3 Vulnerability

. Read more at securityfocus.com/archive/1/431944

Quick ‘n Easy FTP Server pro/lite Logging unicode stack overflow

Quick ‘n Easy FTP Server pro/lite Logging unicode stack overflow. Read more at securityfocus.com/archive/1/431920

Apple Mac OS X Safari 2.0.3 Vulnerability

Apple Mac OS X Safari 2.0.3 Vulnerability. Read more at securityfocus.com/archive/1/431874