Real Networks has reported a vulnerability in RealOne Player. Script embedded in SMIL presentations may be executed in the context of a domain that is specified by an attacker. This could allow for theft of cookie-based authentication credentials or other attacks. This vulnerability could also be exploited to execute script code in the context of the My Computer Zone, which could lead to installation and execution of malicious code on the client systems.
It has been reported that some versions of Cerberus FTP Server may be prone to remote denial of service attacks. The problem is said to occur when the order of a carriage return and line feed are prefixed to a specific command, rather then appended. When this data is interpreted by the FTP server, the application supposedly crashes.
It has been reported that a password disclosure issue exists in CheckMail allowing a local user to access sensitive authentication information through the Windows Registry. The software stores user authentication credentials in a Windows Registry that can be viewed by a local user in order to steal e-mail passwords. This issue could lead to further attacks as a malicious user may gather sensitive data through user e-mails.
When the eMule client receives a specific sequence of packets from a malicious server, a memory object is freed from reserved memory. Under some circumstances the same object may be freed again at a later event, which may ultimately allow an attacker to execute arbitrary supplied instructions in the context of the vulnerable eMule application. Failed exploitation attempts will result in a denial of service of the affected client.
Fusion News is prone to an access validation error allowing a user to add arbitrary user/administrator accounts through manipulating URI parameters. Successful exploitation of this error may allow a user to compromise a vulnerable system by gaining administrative privileges.
eMule client has been reported prone to a heap overflow vulnerability. The issue presents itself when the client parses malicious data received from the server. This issue may allow an attacker to provide excessive data to an affected client using a malicious server. Ultimately an attacker may exploit this condition to execute arbitrary supplied instructions in the context of the vulnerable emule application.
A vulnerability has been reported to exist in the DWebPro web server software. This problem allows an attacker to view database authentication credentials by accessing a plain text file named 'http.ini'. An attacker will require read access to this file in order to steal sensitive authentication information that may be used in further attacks.
MatrikzGB Guestbook is prone to a vulnerability that may permit guestbook users to gain administrative rights. It is possible to exploit this issue by manipulating URI parameters. An attacker can send a crafted request to the vulnerable application, such as http://www.example.com/php/gaestebuch/admin/index.php?do=options&action=optionsok&new_username=regularuser&new_password=regularpass&new_rights=admin&user=regularuser&pass=regularpass, where regularuser and regularpass equal the user credentials of the attacker.
A weakness has been discovered in Microsoft URLScan and RSA Security SecurID when used in conjunction on a web server. The problem is said to occur due to the order in which the products are placed within the global ISAPI filter list. When the vulnerable configuration is in place, an attacker may be capable of enumerating the Microsoft URLScan extension filtering list by making repeated requests to files with differing extensions. The enumeration of this type of information could potentially aid an attacker when launching further attacks against the target web server.
The vulnerability occurs due to the application failing to lock the 'setup' variable after initialization. As a result, an attacker may access this variable to add additional adminstrator users to the forum. This may effectively allow for the theft or modification of sensitive information.
Services By CQR