Windows Media Player is vulnerable to code execution through skin files. WMP does not properly validate URLs that are passed to initiate a skin file download and installation. This could allow a malicious file advertised as a skin file to be downloaded to a known location and executed through some other means.
A buffer overflow vulnerability has been reported for Floosietek FTGate PRO mail server. The vulnerability exists when the mail server attempts to process overly long SMTP 'Rcpt To' arguments. Due to the nature of this vulnerability it may be exploited to execute attacker-supplied code with the privileges of the SYSTEM user. This vulnerability was reported for FTGate PRO 1.22 Hotfix(1328). It is likely that previous versions are also affected.
Multiple vulnerabilities have been reported for Leksbot. The precise nature of these vulnerabilities are currently unknown however, exploitation of this issue may result in an attacker obtaining elevated privileges. This is because in some installations, the Leksbot binary may be installed setuid.
FlashFXP uses a trivially reversible algorithm to encrypt FTP user credentials. Local attackers with access to the sites.data may exploit this weakness to gain unauthorized access to FTP user credentials for remote sites.
This tool is used to find existing user accounts via a dictionary attack on the Microsoft IIS Authentication Manager.
HP-UX rwrite utility has been reported prone to a buffer overflow vulnerability. The condition presents itself when excessive data is supplied as part of an argument passed to the vulnerable utility. Due to the lack of bounds checking, the vulnerable utility will crash.
Stockman Shopping Cart has been reported prone to a remote command execution vulnerability. This issue presents itself in the 'shop.plx' script. The problem results from a lack of sufficient sanitization performed on user supplied URI parameters to the 'shop.plx' script. An attacker may exploit this vulnerability to execute arbitrary commands in the context of the web server hosting the vulnerable script.
A problem with Splatt Forum could allow remote users to execute arbitrary code in the context of the web site running the Splatt Forum module. The problem occurs due to the lack of sanitization performed on character representations of HTML tags. As a result, a malicious user may be able to submit a post to the vulnerable site containing embedded script code. This code would be executed by a user's browser in the context of the site. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. The attacker may hijack the session of the legitimate by using cookie-based authentication credentials. Other attacks are also possible.
Splatt Forum is a public message board plugin designed to be used with PHPNuke. It has been reported that Splatt Forum does not sufficiently filter user supplied URI parameters for the Splatt Forum 'Search' function. As a result of this deficiency, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of a legitimate user.
When the web server processes a malformed HTTP request of excessive length, the web server will crash, resulting in a denial of service condition.
Services By CQR