XMB IMG Element SRC Attribute XSS

Network Security News – Saturday, August 19, 2006 Events

XMB IMG Element SRC Attribute XSS

XMB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate data posted in the forum. Especially the <IMG SRC> tag. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/27920

Edonkey2000 Malformed Message Hash Saturation DoS

Edonkey2000 and overnet contain a flaw that may allow an attacker to consume all resources (CPU and memory). By sending a specially crafted request, the attacker can make the software open a new chat dialog window. By repeating this operation, the attacker can exhaust the resources of the targeted machine resulting in a loss of availability.. Read more at osvdb.org/14324