A heap overflow vulnerability has been discovered in Internet Explorer. It is reported that the issue presents itself when a comment character sequence that is not terminated is encountered after a STYLE tag. This issue could be exploited by a remote attacker to execute arbitrary code in the context of the client user. The attacker would likely create a malicious HTML page and host it on a site. The attacker would then attempt to entice a user to visit the malicious page to carry out a successful attack.
It has been reported that Serena TeamTrack is affected by remote authentication bypass vulnerability. This issue is due to a design error that allows unauthenticated users to access sensitive scripts. Successful exploitation of this issue will allow an attacker to gain access to sensitive information such as user names, software versions, user contact information, issues information and resolution information. This issue can also be exploited to carry out cross-site scripting attacks.
evoBB v0.3 is vulnerable to a remote file inclusion vulnerability due to a lack of sanitization of user-supplied input in the 'path' parameter of the 'track.php' and 'connect.php' scripts. An attacker can exploit this vulnerability to execute arbitrary PHP code on the vulnerable server.
It is reported that Symantec Norton AntiVirus is prone to a Script Blocker denial of service vulnerability. This may result in a Symantec Norton AntiVirus Script Blocker bypass. The privileges and zone required so that the script is successful in exploiting this issue are not known. The exploit code provided uninstalls the Script Blocker part of Norton and creates a text file in the root directory.
Mozilla Browser is reported prone to multiple vulnerabilities that could eventually allow for code execution on the local computer. By combining these issues, an attacker can eventually execute arbitrary HTML or script code in the local zone. The attacker would likely exploit these issues by crafting a malicious Web site containing HTML and script code and entice a user to visit the site. If a user visits the site, the malicious page will be cached in a known directory with a known file name. The attacker may then craft a link to this cached local file and entice a user to follow this link. Due to a flaw in Mozilla that allows cached files to be opened in the local zone as HTML documents the attack may lead to arbitrary code execution in the local zone.
Opera Web Browser is prone to a security weakness that may permit malicious web pages to spoof address bar information. This issue may be used to spoof information in the address bar, facilitating phishing attacks against unsuspecting users.
Microsoft Internet Explorer is reported prone to a security weakness that may permit malicious HTML documents the ability to execute script code. This script code has the ability to alter registry settings that may allow for further attacks. In conjunction with other vulnerabilities, execution of attacker-supplied binaries may also be possible. In particular, it is reported possible to alter the registry to allow for previously patched vulnerabilities to be exploitable again. Exploitation of this weakness typically requires other vulnerabilities to redirect the browser into the Local Zone (or other appropriate Security Zone). Other attack vectors also exist, such as enticing a user to download an HTML document to their system then opening it with the Web browser. HTML email may also provide an attack vector for this weakness (in combination with other vulnerabilities). Cross-site scripting and HTML injection vulnerabilities in Web applications may also provide a surreptitious attack vector in unsuspecting clients.
Newsletter ZWS is prone to an administrative interface authentication bypass vulnerability due to a design error in the implementation of the authentication system for the interface. This flaw allows a user to set their privileges through a URI parameter passed to the 'admin.php' script.
It is reported that the IBM eGatherer ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods may be accessed by a malicious website and may result in the silent installation of a malicious executable. A remote attacker may exploit this vulnerability in order to silently install a malicious executable on an affected system. An example of the exploit code is provided in the text.
Dnsd is prone to a cache poisoning vulnerability. Dnsd does not ensure that the data returned from a remote DNS server contains related information about the requested records. An attacker could exploit this vulnerability to deny service to legitimate users by redirecting traffic to inappropriate hosts. Man-in-the-middle attacks, impersonation of sites, and other attacks may be possible.
Services By CQR