The application Goollery is affected by various cross-site scripting vulnerabilities. These vulnerabilities occur when user-supplied URI input is not properly sanitized. Attackers can exploit these vulnerabilities by sending malicious HTML and script code through the 'page' parameter of certain scripts. If a victim user follows a malicious URI link, the hostile code may be rendered in their web browser.
Helm Control Panel is prone to multiple vulnerabilities including an SQL injection issue and an HTML injection vulnerability. A remote attacker can execute arbitrary HTML and script code in a user's browser. Manipulation of SQL queries to reveal or corrupt sensitive database data is possible as well.
The vulnerability allows an attacker to display false information in the status bar of the Safari Web Browser, making web pages appear to originate from a trusted location. This can be used to deceive unsuspecting users.
Caudium is prone to a remote denial of service vulnerability. Remote attackers can exploit this vulnerability to crash affected web servers, causing a denial of service for legitimate users.
The Global Spy Software Cyber Web Filter is affected by an IP filter bypass vulnerability. This vulnerability occurs due to a failure of the application to properly handle exceptional HTTP requests. An attacker can exploit this vulnerability to bypass filters based on IP addresses, enabling them to visit restricted websites.
The cURL module in PHP fails to properly enforce the 'open_basedir' restriction, allowing malicious users to bypass it and access arbitrary files on the server. This can lead to further attacks and unauthorized access to sensitive information.
The vulnerabilities in Quake II are caused by boundary condition checking failures, access validation failures, and failures to handle exceptional conditions. An attacker can exploit these vulnerabilities to execute arbitrary code, trigger a denial of service condition, gain access to sensitive server files, and rejoin a server that they have been banned from.
The Google Desktop Search application fails to properly sanitize HTML tag content, allowing an attacker to execute arbitrary client-side script code in a user's browser. This can lead to theft of authentication credentials and other malicious activities.
The vulnerability occurs when certain font tags are encountered and rendered in Microsoft Internet Explorer. When a page containing the malicious HTML code is viewed, Internet Explorer and all instances spawned from it will crash.
The 'libxml2' library is reported prone to multiple remote stack-based buffer-overflow vulnerabilities caused by insufficient boundary checks. Remote attackers may exploit these issues to execute arbitrary code on a vulnerable computer. The URI parsing functionality and the DNS name resolving code are affected.