• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

Microsoft IE Drag and Drop Arbitrary File Installation

Network Security News – Wednesday, February 15, 2006 Events

Microsoft IE Drag and Drop Arbitrary File Installation

Microsoft Internet Explorer contains a flaw in its handling of certain drag-and-drop events. The issue is triggered when a malicious web site is able to predict and exploit the timing of a drag-and-drop operation. It is possible that the flaw may allow a malicious user to install arbitrary files in sensitive locations that may enable further system compromise, resulting in a loss of integrity.. Read more at osvdb.org/2707

AIX unix_mp/unix_64 Kernel EMULATE_VMX Local DoS

AIX contains a flaw that may allow a local denial of service. The issue is triggered when an unspecified condition occurs regarding EMULATE_VMX in the unix_mp and unix_64 kernels, and will result in loss of availability for the platform.. Read more at osvdb.org/23127

O'Reilly WebSite win-c-sample Remote Overflow

O'Reilly WebSite contains a flaw that may allow a remote attacker to execute arbitrary code. The issue is due to the 'win-c-sample' program containing a remote overflow. The program fails to validate unspecified user-supplied input resulting in a buffer overflow. With a specially crafted request, an attacker can execute custom code under the privileges of the web server process.. Read more at osvdb.org/8

Nokia N70 Cell Phone Bluetooth Crafted L2CAP Packet LDAP DoS

Nokia N70 contains a flaw that may allow a remote denial of service. The issue is triggered when specially crafted L2CAP packets are sent via bluetooth to the victim's cell phone, resulting in a "System error" message or a loss of availability for the phone. The issue is caused due to an error in the handling of certain requests in the bluetooth stack.. Read more at osvdb.org/23061

PAM-MySQL Authentication pam_get_item() Function Unspecified Privilege Escalation

PAM-MySQL contains a flaw that may allow a malicious user to cause a double-free in the pam_get_item function. The issue is triggered when a malicious user sends crafted authentication credentials. It is possible that the flaw may cause the PAM-MySQL process to crash or allow arbitrary code execution resulting in a loss of integrity or availability.. Read more at osvdb.org/22995

CPG Dragonfly CMS install.php newlang Variable Local File Inclusion

CPG-Nuke Dragonfly CMS contains a flaw that allows a remote attacker to include outside of the web path. The issue is due to the install.php not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the 'newlang' variable. This flaw permits the inclusion of files controlled by remote user input, which may be leveraged to execute arbitrary code, resulting in a loss of integrity.. Read more at osvdb.org/23058

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software