TinTin++ and WinTin++ are prone to multiple security vulnerabilities affecting the application's '#chat' functionality. These issues include a buffer-overflow vulnerability, a denial-of-service vulnerability, and a file-overwrite vulnerability. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or overwrite files with arbitrary content.
WS_FTP Server Manager is prone to an authentication-bypass vulnerability and an information-disclosure vulnerability. An attacker can exploit these issues to gain unauthorized access to the affected application and gain access to potentially sensitive information.
Pagetool is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
MyNews is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Adobe Acrobat and Reader are prone to multiple arbitrary remote code-execution and security vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application. Other attacks are also possible. Versions prior to Adobe Acrobat and Adobe Reader 8.1.2 are vulnerable to these issues. The exploit code uses a heapspray technique to spray the heap with a shellcode and then uses the Collab.collectEmailInfo function to overwrite the return address of the function with the address of the shellcode.
DevTracker module for bcoos and E-xoops is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Download Management for PHP-Fusion is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these issues may allow an attacker to access potentially sensitive information and execute arbitrary local scripts in the context of the affected application.
Portail Web Php is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
WinComLPD Total is prone to multiple vulnerabilities, including buffer-overflow vulnerabilities and an authentication-bypass vulnerability. Successfully exploiting these issues will allow an attacker to perform unauthorized actions or execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application.
Titan FTP Server is prone to a remote buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker may exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial of service.
Services By CQR