This vulnerability allows an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions.
Successful exploits can allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions.
Sending a specially crafted request to the NetProxy proxy server allows users to view restricted web content and bypass the logging feature. By sending a request without 'http://' in the URL, users can access blocked URLs and avoid being logged. The exploit code is provided in the text.
RakNet is prone to a remote integer-underflow vulnerability because it fails to sufficiently validate an integer value. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed attempts may trigger a denial-of-service condition.
The vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.
This exploit targets the X11R6.3 xterm program on Solaris 5.5.1. It takes advantage of a buffer overflow vulnerability to execute arbitrary code. The exploit contains a shellcode that sets up a shell with root privileges.
An attacker with local access could potentially exploit these issues to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Successfully mounting a symlink attack may allow the attacker to overwrite or corrupt sensitive files, which may result in a denial-of-service or privilege escalation. Other attacks may also be possible.
Attackers can exploit this issue to bypass content-loading policies. The impact of this issue will depend on the reasons behind the content check. Consequences may include cross-site request-forgery attacks, denial-of-service conditions, and possibly remote code execution.
The 'com_jresearch' component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
The 'com_cb' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Services By CQR