It has been reported that Gordano Messaging Suite may be prone to a denial of service issue allowing a remote attacker to send malformed HTTP GET requests to cause the WWW.exe process to crash. The problme may lead to the termination of services such as Administration, WebMail Professional, WebMail Express, WebMail Mobile, Instant Messaging, and Web Server services, which are provided by the WWW.exe process. It should be noted that only the WWW.exe process on a Windows system will crash under this condition, on Linux the connection will simply hang without timing out.
Escapade is prone to a path disclosure vulnerability. It is possible to gain access to sensitive path information by issuing a request for an invalid resource, passed as a value for the PAGE parameter to the Escapade Scripting Engine.
A cross-site scripting vulnerability has been reported for Escapade. The vulnerability exists due to insufficient sanitization of some user-supplied values. An attacker could exploit this issue to execute arbitrary HTML code in the browser of a remote user who follows a malicious link. Code execution would occur in the context of the vulnerable site. It has also been reported that this issue may be exploited to disclose the installation path of the affected software.
It has been reported that an attacker may inject malicious script into areas of phpBB where BBCode is rendered, for example, bulletin board posts or private messages. This issue is due to a lack of sufficient sanitization performed on user supplied URL BBCode tags. An attacker may exploit this issue to steal cookie-based authentication credentials; other attacks may also be possible.
Winamp MIDI plugin, IN_MIDI.DLL has been reported prone to a buffer overflow issue when handling malicious MIDI files. The issue presents itself when a malicious value is passed as the Track Data Size of a malicious MIDI file header. An attacker may exploit this condition to execute arbitrary code in the context of the user who is running the affected Winamp player.
Internet Explorer does not properly handle object types when rendering XML based web sites, which may result in the possibility of the execution of malicious software. The problem occurs when Internet Explorer receives a response from the server when a malicious XML web page containing an embedded object tag is parsed. Successful exploitation of this vulnerability could allow a malicious object to be trusted and as such be installed and executed on the local system. The Mindwarper exploit is actually reported to exploit one of the issues in BID 8577, which has not been addressed by the patches provided in MS03-040.
Kukol E.V. HTTP & FTP Server Suite is vulnerable to a directory traversal attack, which allows a remote attacker to access files outside of the web root directory. This is achieved by using directory traversal sequences in requests, such as '../windows/system.ini'.
Apache::Gallery, when using Inline C, stores shared libraries in an insecure fashion. As a result, an attacker may be capable of having malicious code linked into the Apache process. This could lead to a malicious local user gaining the privileges of the user invoking the Apache process, typically user nobody. It should be noted that for a successful exploitation, the libraries must be replaced prior to the Apache process being invoked.
A buffer overflow vulnerability has been reported in FTP Desktop. The vulnerability occurs when FTP Desktop is parsing 331 server responses from remote FTP servers. When FTP Desktop receives an FTP 331 response exceeding a certain length, it will trigger the overflow condition. This could allow for execution of malicious code in the context of the affected FTP client.
A remote denial of service vulnerability has been reported to affect the mah-jong game server. The issue has been reported to be exploitable so that a remote attacker may trigger a tight loop in the affected mah-jong server. This will cause the game server to be unresponsive to further commands, effectively denying service to legitimate users.
Services By CQR