Computer Associates BrightStor ARCserve Backup is affected by a remote buffer-overflow vulnerability because the application fails to perform proper bounds-checking on data supplied to the application. A remote attacker may exploit this issue to execute arbitrary code on a vulnerable computer with SYSTEM privileges. Failed exploit attempts may cause denial-of-service conditions. Successful exploits can lead to a complete compromise of affected computers. This issue affects multiple BrightStor ARCserve Backup application agents and the base product.
phpBB is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would execute in the context of the affected website, potentially allowing an attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.
The UFS filesystem handler in Apple Mac OS X fails to handle specially crafted DMG images, leading to a remote integer-overflow vulnerability. A successful exploit can allow a remote attacker to execute arbitrary code with kernel-level privileges, resulting in the complete compromise of affected computers. Failed exploit attempts will cause a denial-of-service condition.
The iPlanet Web Server is vulnerable to a cross-site scripting (XSS) attack due to inadequate input sanitization. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of a victim user, within the context of the affected site. This could lead to the theft of cookie-based authentication credentials and enable further attacks.
Edit-x is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
Easy Banner Pro is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
The Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
The Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities. These vulnerabilities occur due to a failure in sufficiently sanitizing user-supplied data. Exploiting these vulnerabilities may allow an attacker to compromise the application and the underlying system, and may also lead to other possible attacks.
The Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.