The Betsie (BBC Education Text to Speech Internet Enhancer) application is prone to a cross-site scripting vulnerability. This vulnerability exists in the 'parserl.pl' script. Attackers can exploit this vulnerability by providing a malicious link to a website that is running the vulnerable software. If a user visits the malicious link, it can cause arbitrary script code to be executed in their web browser.
A boundary condition error in the efstool program allows a user to supply a long commandline argument, resulting in a buffer overflow. This can be exploited to overwrite stack memory and execute attacker-supplied code.
Microsoft SQL Server is prone to a remotely exploitable unicode-based buffer overflow condition. This condition occurs when the OpenDataSource function is used with MS Jet Engine. This issue may be exploited to execute attacker-supplied instructions with the privileges of the SQL Server process. This issue requires that the attacker can pass malicious data to the OpenDataSource function and may be exploitable remotely via SQL injection vulnerabilities in web-based software. Due to this being an issue in the MS Jet Engine component itself, other products which rely on Jet Engine may also be affected by this vulnerability.
The IRCIT client is vulnerable to a remote buffer overflow vulnerability. When an INVITE message is received, the supplied from user data is copied into a fixed buffer of length MAXHOSTLEN. A maliciously formatted message can overflow this buffer and execute arbitrary code.
This exploit takes advantage of a vulnerability in the sscanf function in PHP. By providing a format argument with argument swap and extra arguments, an attacker can overwrite memory and execute arbitrary code. The exploit involves filling PHP's internally cached memory with the address of a pointer to a writable segment, unsetting a variable to free the memory but not zero it, and passing our own pointers to sscanf. By constructing a binary zval structure with shellcode, we can successfully call sscanf and execute code.
A format string vulnerability in the syslog function of slurp NNTP client allows a remote server to supply a custom format string that can write to an arbitrary address in memory.
The vulnerability exists in the component that parses gopher replies. A malicious server is able to send a reply that will overflow the buffer and run arbitrary code on a user's system.
OpenBB is vulnerable to HTML injection attacks when HTML code is replaced with BBCodes. This allows an attacker to inject arbitrary HTML code into forum messages, leading to cross-site scripting (XSS) attacks and potential theft of cookie-based authentication credentials.
CMailServer is vulnerable to a buffer overflow condition. It does not perform proper bounds checking on the USER argument, allowing a remote attacker to execute arbitrary code on the system. This exploit allows for denial of service or the creation of a bind shell on port 61200. It has been tested on Windows 2000 SP3 English.
CMailServer is vulnerable to a buffer overflow condition. It does not perform proper bounds checking on the USER argument, allowing a remote attacker to execute arbitrary code on the vulnerable system. The issue has been reported in CMailServer 3.30, but other versions may also be affected. The exploit code provided in the text demonstrates the ability to execute arbitrary code on a Windows 2000 system.
Services By CQR