Network Security News – Saturday, June 17, 2006 Events
Microsoft IE UTF-8 Encoded HTML Overflow
A remote overflow exists in Microsoft IE. Internet Explorer fails to translate UTF-8 characters to Unicode resulting in an encoded HTML overflow. With a specially crafted request, an attacker can cause remote code execution resulting in a loss of integrity.. Read more at osvdb.org/26443
Microsoft IE Modal Browser Window Address Bar Spoofing
Microsoft Internet Explorer contains a flaw that may allow a malicious user to spoof the information in the address bar in a way that preserves the original address bar and trusted UI of a trusted site even after the browser has been navigated to a malicious site. It is possible that the flaw may allow phishing attacks or loss of integrity.. Read more at osvdb.org/26445
Microsoft Windows TCP/IP Protocol Driver Source Routing Overflow
A remote overflow exists in Windows. The TCP/IP protocol driver fails to validate packets with an unspecified Source Routing flag resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/26433
Microsoft Windows RPC Mutual Authentication Server Spoofing
Windows contains a flaw that may allow a malicious user to spoof a valid server. The issue is triggered when using RPC over SSL, and the client does not validate the RPC server. It is possible that the flaw may allow impersonation of a server resulting in a loss of integrity.. Read more at osvdb.org/26438
Microsoft IE Wmm2fxa.dll COM Object Memory Corruption
Windows contains an unspecified flaw in Internet Explorer related to the handling of ActiveX controls by the Wmm2fxa.ddl component that may allow an attacker to execute arbitrary code. No further details have been provided.. Read more at osvdb.org/26442
Microsoft Windows RASMAN RPC Request Remote Overflow
Windows contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a sequence of specially crafted packets are sent to one of the RPC interfaces provided by the RASMAN service, which leads to memory corruption. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/26436
Lighttpd Unexpected Capitalization File Extension Request Source Disclosure
Lighttpd contains a flaw that may allow a malicious user to display the source code of arbitrary scripts instead of generated response. The issue is triggered when processing specially crafted HTTP requests containing file extensions with unexpected capitalization. It is possible that the flaw may allow to bypass URL checks and obtain sensitive information resulting in a loss of confidentiality.. Read more at osvdb.org/23229
Lighttpd Null Byte Source Code Disclosure
Lighttpd contains a flaw that may allow a malicious user to display the source code of arbitrary scripts instead of generated response. The issue is triggered when processing specially crafted HTTP requests containing %00 (null) character after the file extension. It is possible that the flaw may allow to bypass URL checks and obtain sensitive information resulting in a loss of confidentiality.. Read more at osvdb.org/13844
IRIX ioconfig Relative Pathname Privilege Escalation
IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user tricks ioconfig, which does not use absolute paths in its system calls, into running arbitrary programs. This flaw may lead to a loss of integrity.. Read more at osvdb.org/6788
Five Star Review Script User Profile Multiple Field XSS
Five Star Review contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate form field contents when editing user profile information. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/26499
Vuln: OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability
OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability. Read more at securityfocus.com/bid/14727
Leave a Reply