• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

X.Org / X11 -modulepath Parameter Privileged Code Execution

Network Security News – Thursday, March 23, 2006 Events

X.Org / X11 -modulepath Parameter Privileged Code Execution

Freedesktop.org Xorg server contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the xorg server does not properly verify the user id of the user allowing non root users access to the -modulepath parameter allowing them to execute arbitrary code on the system. This flaw may lead to a loss of Integrity.. Read more at osvdb.org/24000

MailEnable WebMail Malformed Encoded Quoted-printable Mail DoS

MailEnable WebMail contains a flaw that may allow a remote denial of service. The issue is triggered when incorrectly encoded quoted-printable emails are viewed, and will result in loss of availability for the platform.. Read more at osvdb.org/24014

MailEnable POP3 Unspecified Pre-authentication Remote Overflow

A remote overflow exists in MailEnable. The MailEnable POP3 server fails to properly sanitize unspecified POP3 pre-authentication commands resulting in a buffer overflow. With a specially crafted request, an attacker can cause execution of arbitrary code resulting in a loss of integrity.. Read more at osvdb.org/24012

Jupiter Content Manager image BBcode XSS

Jupiter Content Manager contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'image' BBcode tag variables when submitting a message. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/23839

ASP Portal download_click.asp downloadid Variable SQL Injection

ASP Portal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the download_click.asp script not properly sanitizing user-supplied input to the 'downloadid' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24020

Apple Safari Safe File Type Bypass Variation

Safari contains a flaw that may allow a malicious application to appear as a safe file type. It is possible that the flaw may allow a malicious file to be executed automatically when a user visits a malicious web site resulting in a loss of integrity.. Read more at osvdb.org/23869

1WebCalendar /news/newsView.cfm NewsID Variable SQL Injection

1WebCalendar contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the newsView.cfm script not properly sanitizing user-supplied input to the 'NewsID' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24022

1WebCalendar viewEvent.cfm EventID Variable SQL Injection

1WebCalendar contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the viewEvent.cfm script not properly sanitizing user-supplied input to the 'EventID' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24021

1WebCalendar mainCal.cfm SQL Injection

1WebCalendar contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the mainCal.cfm script not properly sanitizing user-supplied input to an unspecified variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/24023

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software