A remote buffer overflow vulnerability affects Microsoft Office XP. The problem presents itself when an unsuspecting user follows a malicious HTML link that points to a Office document. A boundary condition error is exposed during this operation that may allow attacker-specified data to corrupt process memory. An attacker may leverage this issue to execute arbitrary code with the privileges of an unsuspecting user that follows a malicious embedded link.
A remote URI-redirection vulnerability affects Microsoft Outlook Web Access. This issue occurs because the application fails to properly sanitize URI-supplied data. An attacker may leverage this issue to carry out convincing phishing attacks against unsuspecting users by causing an arbitrary page to be loaded when the Microsoft Outlook Web Access login form is submitted.
RaidenHTTPD is reported prone to a remote file disclosure vulnerability. It is reported that the service does not correctly handle requests for restricted files that reside outside of the web document root folder. A remote attacker may exploit this issue to disclose the contents of web server readable files.
Linksys PSUS4 PrintServer is reported prone to a remote denial of service vulnerability while handling certain HTTP POST requests received on TCP port 80. An attacker may exploit this condition to deny service to the affected PrintServer.
LANChat Pro Revival is reported prone to a remote denial of service vulnerability. It is reported that the issue presents itself when the vulnerable client processes a malformed UDP datagram. A remote attacker may exploit this vulnerability to crash the affected application effectively denying service to legitimate users.
Newsgrab is reported prone to a directory traversal vulnerability. This vulnerability exists because the software does not sufficiently sanitize directory traversal sequences from filenames before the filename is employed to store the file onto disk. A remote attacker may exploit this vulnerability by supplying a malicious file to a target victim. Newsgrab is also reported prone to an unspecified insecure permissions vulnerability. A local attacker may exploit this vulnerability to disclose potentially sensitive information that is contained in files that were downloaded using newsgrab. A file containing the name '../../../../etc/rc.local' and the mode 777 could cause newsgrab to drop the file at /etc/rc.local with 777 permissions.
Painkiller is reported prone to a remote buffer overflow vulnerability. This issue presents itself due to insufficient boundary checks performed by the application during server-side authorization of a Gamespy cd-key hash.
Eurofull E-Commerce is affected by a cross-site scripting vulnerability in the 'mensresp.asp' script. This issue is due to a failure of the application to properly sanitize user-supplied input. As a result of this vulnerability, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of an unsuspecting user when followed.
Newspost is prone to a remote buffer overflow vulnerability due to an unbounded memory copy operation. The problem occurs in the 'socket_getline()' function of 'socket.c' when the vulnerable client handles NNTP server responses. Successful exploitation of this issue could potentially lead to arbitrary code execution.
A buffer overflow is triggered when cursor declaration occurs in PostgreSQL versions 8.01 and below.