Microsoft Windows operating systems have been reported to be prone to a remotely exploitable buffer overrun condition. This issue is exposed when a client attempts to connect to an SMB share with an overly long name. This may cause explorer.exe or Internet Explorer to crash but could also potentially be leveraged to execute arbitrary code as the client user.
Yahoo! Messenger COM objects YInstHelper.YInstStarter.1 and YInstHelper.YSearchSetting2 have been reported prone to remotely exploitable buffer overflow vulnerabilities. The conditions are triggered when properties are assigned values (strings) of excessive length. By crafting a HTML page that invokes this COM object, and passing data to one of the affected properties, an attacker may overwrite values that are crucial to controlling program execution flow.
The BitDefender AvxScanOnlineCtrl COM object is affected by an information disclosure vulnerability. This issue is due to a design error that allows a remote user to execute a method in the offending object that provides access to unauthorized information. This issue would allow an attacker to gain access system information that may be used to aid in further attacks.
It has been reported that Eudora is prone to a denial of service vulnerability when handling e-mail containing excessive MIME nesting. The problem is known to occur when the application attempts to decode the deeply nested message. Successful exploitation of this issue may allow an attacker to cause the application to crash due to corruption of stack memory. It is not known if this issue is further exploitable to execute arbitrary code.
TUTOS is vulnerable to path disclosure, cross-site scripting, and possibly SQL injection attacks. An attacker can exploit these vulnerabilities by crafting a malicious URL and sending it to a user of the application. For example, the following URL can be used to exploit the path disclosure vulnerability: http://www.example.com/php/note/note_overview.php?id=1&sort=1&order=1. This URL will reveal the full path of the application, which can be used to further exploit the application.
A local attacker may be able to create a malicious entry in the Local Descriptor Table. This entry may point into protected memory. Since this memory space is reserved for kernel operations, the attacker will likely exploit this condition to execute arbitrary code with elevated privileges.
Multiple vulnerabilities have been identified in various modules of the application, which may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting, HTML injection, SQL injection, directory traversal, and arbitrary file upload. An example of a vulnerable URL is tiki-user_tasks.php?task_useDates=&taskId=[VID]&offset=[SQL].
TikiWiki is vulnerable to a cross-site scripting attack when a malicious user supplies a specially crafted URL to the tiki-view_faq.php script. This vulnerability is due to insufficient sanitization of user-supplied input to the 'faqId' parameter. An attacker can exploit this vulnerability to execute arbitrary HTML and script code in a user's browser in the context of the affected site.
Pie Cart Pro is vulnerable to a Remote File Inclusion vulnerability. This vulnerability allows an attacker to include a remote file, usually through a malicious URL, and execute it on the vulnerable server. The vulnerable parameter is Inc_Dir, which can be found in multiple files such as affiliates.php, orders.php, events.php, index.php, articles.php, faqs.php, guestbook.php, catalog.php, wholesale.php, weblinks.php, certificates.php, sitesearch.php, contact.php, sitemap.php, search.php, registry.php, and error.php. An attacker can exploit this vulnerability by crafting a malicious URL and sending it to an unsuspecting user.
The Mcafee FreeScan 'McFreeScan.CoMcFreeScan.1' COM object is prone to a remote information disclosure vulnerability. This issue is due to a failure of the object to properly validate information access credentials. Successful exploitation of this issue may provide an attacker with sensitive system information. The provided system information may be used to carry out further attacks against the affected system.
Services By CQR