GroupWise is a messaging and collaborative software platform from Novell that supports email, calendaring, personal information management, instant messaging, and document management. The platform consists of the client software, which is available for Windows, Mac OS X, and Linux, and the server software, which is supported on Windows Server, Netware, and Linux. The latest generation of the platform is GroupWise 8, which was launched in 2008. A proof of concept DoS code was released which exploited a vulnerability in the gxmim1.dll file of version 7.0.3.1294 of the GroupWise Client on Windows XP Professional French SP2 and SP3.
A stack overflow vulnerability exists in Adobe ShockWave Player (11.5.1.601) when processing a specially crafted Shockwave file. This can be exploited to cause a denial of service via a specially crafted Shockwave file.
A vulnerability in efront <= 3.5.4 allows an attacker to include a remote file via the 'path' parameter in the 'database.php' script. This can be exploited to execute arbitrary PHP code by including a malicious file from a remote location.
Protector Plus installs the own program files with insecure permissions (Everyone - Full Control). Local attacker (unprivileged user) can replace some files (for example, executable files of Protector services) by malicious file and execute arbitary code with SYSTEM privileges.
A buffer overflow vulnerability exists in HERO SUPER PLAYER 3000 .M3U File, which could allow an attacker to execute arbitrary code on the vulnerable system. The vulnerability is caused due to a boundary error when handling .M3U files. By exploiting this vulnerability malicious users can execute arbitrary code on the vulnerable system.
In ISAPI/CGI path is [%installdirectory%/scripts] and through HTTP the alias is [http://[host]/scripts], The access security check is that if the attacker tries to access /scripts a 404 Error response occurs ! Now to bypass and check the directory listing [That is if Directory Browsing is allowed in the server Configuration !] just copy and paste the exploit url !.
A BL!ND SQL Injection vulnerability was discovered in HotWeb Rentals, a software developed by www.hotwebscripts.co.uk. The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'PropId' parameter to 'details.asp' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. This can allow the attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database and compromise the server.
Help Desk Version 3 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This can allow the attacker to bypass authentication and gain access to the application.
A buffer overflow vulnerability exists in BigAnt Server version 2.50, which could allow an attacker to execute arbitrary code on the vulnerable system. The vulnerability is due to a lack of proper bounds checking of user-supplied data, which can result in a stack-based buffer overflow. An attacker can exploit this vulnerability by sending a specially crafted packet to the vulnerable server. Successful exploitation could result in arbitrary code execution in the context of the application.
Poweriso 4.0 is vulnerable to a local buffer overflow vulnerability. This vulnerability can be exploited by creating a new ISO, adding a new folder, pasting to rename the folder, and clicking save. This must have been fixed somewhere between 4.0 and 4.7.
Services By CQR