A denial of service vulnerability has been reported to affect Opera Web Browser. The issue is reported to present itself when Opera attempts to render IFRAME HTML tags that contain an invalid source argument. A remote attacker may exploit this vulnerability to cause Opera to crash.
It has been reported that Panda ActiveScan may be prone to a remote heap overflow vulnerability that may allow an attacker to cause a denial of service condition in Internet Explorer or leverage the issue to execute arbitrary code. The issue is reported to exist in the 'ascontrol.dll' file, specifically the 'Internacional' property of the 'ReportHebrew' object is identified as vulnerable. Panda ActiveScan 5.0 has been reported to be prone to this issue.
A vulnerability has been identified in Microsoft Internet Explorer that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead into following a link to a malicious site. The issue presents itself when an attacker creates an HTML form with the submit 'value' property set to a legitimate site and the 'action' property set to the attacker-specified site. The malicious form could also be embedded in a link using the HTML Anchor tag and specifying the legitimate site as the 'href' property. This could aid in exploitation of other known browser vulnerabilities as the attacker now has a means to surreptitiously lure a victim user to a malicious site. Microsoft Internet Explorer is vulnerable to this issue, however, Microsoft Outlook Express can used to carry out a successful attack as well since it relies on Internet Explorer to interpret HTML. It should also be noted that although HTML content is rendered in the Restricted Zone in Outlook Express, limiting the use of many HTML and DHTML tags, forms are still permitted. This vulnerability would most likely be exploited through HTML e-mail, though other attack vectors exist such as HTML injection attacks in third-party web applications.
A vulnerability has been reported to exist in Cloisterblog that may allow a remote attacker to access information outside the server root directory. The problem exists due to insufficient sanitization of user-supplied data. The issue may allow a remote attacker to traverse outside the server root directory by using '../' character sequences.
Fresh Guest Book is prone to a remote HTML injection vulnerability due to a failure of the application to properly sanitize user supplied form input. An attacker may exploit the vulnerability to execute arbitrary script code in the browser of an unsuspecting user, potentially stealing the unsuspecting user's cookie-based authentication credentials, as well as other sensitive information.
HP Web Jetadmin is prone to a remote arbitrary command execution vulnerability due to a failure of the application to properly validate and sanitize user supplied input. Successful exploitation of this issue will allow a malicious user to execute arbitrary commands on the affected system. This issue has been tested with an authenticated account on HP Web Jetadmin version 7.5.2546 running on a Windows platform.
HP Web Jetadmin is prone to an issue which may permit remote users to upload arbitrary files to the management server. This issue exists in the printer firmware update script. Given the ability to place arbitrary files on the server to an attacker-specified location, it may be possible to execute arbitrary code, though this will require exploitation of other known vulnerabilities.
It has been reported that Picophone is prone to a remote buffer overflow vulnerability. This issue is due to the application failing to verify the size of user input before storing it in a finite buffer. Successful exploitation of this issue will cause a denial of service condition to be triggered. The attacker may also leverage this issue to execute arbitrary code; this code would be executed in the security context of the user running the affected process.
It has been reported that InterScan VirusWall may to a directory traversal vulnerability that may allow an attacker to request files from the '/ishttp/localweb' directory and any sub directories of 'localweb' with directory traversal strings such as '../'.
It has been reported that Sun Solaris may be prone to a local privilege escalation vulnerability that may allow an attacker to gain root access to a vulnerable system. The issue exists due to insufficient sanitization of user-supplied data via the vfs_getvfssw() function in the Solaris kernel. An attacker can load a user-specified kernel module by using directory traversal sequences and employing the mount() or sysfs() system calls.
Services By CQR