VMWare GSX Server ships with an authentication server which is vulnerable to a buffer overflow related to handling of the argument to the 'GLOBAL' command. While attackers must be authenticated before the command can be issued, default accounts may exist. This condition may be exploited to execute arbitrary code on the GSX server host, which likely executes on the underlying, native system and may compromise the host entirely (including all virtual systems).
It has been reported possible to create a javascript: URL which appears to start with a valid domain. Malicious script code may specify an arbitrary domain, and will be able to access cookie data associated with that domain.
ZyXEL 642R and Prestige 310 routers have difficulties handling IP packets that are malformed. Reportedly, when ZyXEL routers receive a single specially malformed packet, they stop responding for exactly 30 seconds. It is possible that other ZyNOS-based routers are also affected by this vulnerability.
An issue has been reported with the JavaScript implementation of multiple web browsers, including Microsoft Internet Explorer and Opera. Malicious JavaScript may subvert some keypress events, with consequences including the disclosure of arbitrary local files to a remote server. Through JavaScript, it is possible to define an event handler for the 'onkeydown' event, which fires when a key is pressed by the end user. Malicious script code may subvert this event to an arbitrary Ctrl-key combination, including events such as Paste. By further modifying the environment, it is possible to paste arbitrary content into a file upload form field. This form may also be submitted by the malicious script, disclosing arbitrary local file contents to a remote server. Other attacks based on script interaction with the cut and paste functionality of Windows may also be possible.
SecureCRT client is prone to a buffer-overflow condition when attempting to handle an overly long SSH1 protocol identifier string. Reportedly, an attacker can exploit this issue via a malicious server. Exploiting this issue may allow an attacker to execute arbitrary code or may cause the client to crash.
It is possible, under some circumstances, for remote attackers to invoke the PHP interpreter from the web. If the interpreter is invoked with no command line options, it will hang. Attackers may exploit this condition to cause a denial of service. This is reported to be a problem with PHP and Apache on Microsoft Windows platforms. It may be possible to create this condition in other environments as well.
It is possible for a malicious user, sending email via a mail agent capable of manipulating the MIME headers, to spoof file extensions for users of Outlook Express. For example, an .exe file can be made to look like a .txt (or other seemingly harmless file type) file in the attachment list. When including a certain string of characters between the filename and the actual file extension, Outlook Express will display the specified misleading file extension type. The end result is that an attacker is able to entice a user to open or save files of arbitrary types to their local system.
BadBlue is a P2P file sharing application distributed by Working Resources. It is available for Microsoft Windows operating systems. BadBlue does not sufficiently control access to the administrative interface. It is possible to remotely add the entire drive of a system running a vulnerable BadBlue implementation via a maliciously crafted web page containing a form POST method. This would allow remote users to via the contents of the drive with the privileges of the BadBlue server.
Adobe eBook Reader is a client side application which is able to view Adobe eBooks, available for Microsoft Windows and Macintosh OS 9. It is possible to bypass some quota restrictions. Non-zero quotas on copying and printing content may be bypassed by repeatedly restoring certain files used to maintain state from backups.
Geeklog does not properly sanitize user supplied input before being included when posting comments or writing stories. It is possible for an attacker to include malicious HTML code using the HTML attributes, which can be used to steal cookies, hijack sessions, or redirect users to malicious sites.
Services By CQR