Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

Oracle webcacheadmin Multiple Variable XSS

Network Security News – Thursday, May 05, 2005 Events

Oracle webcacheadmin Multiple Variable XSS

The webcacheadmin module in Oracle Application Server Web Cache contains multiple flaws that allows remote cross site scripting attacks. The flaws exists because the application does not validate 'cache_dump_file' and 'PartialPageErrorPage' variables upon submission to various scripts. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/15910

Oracle webcacheadmin Arbitrary File Corruption

The webcacheadmin module in Oracle Application Server Web Cache contains a flaw which allows appending arbitrary data to the end of files that may allow a remote attacker to corrupt files. No further details have been provided.. Read more at osvdb.org/15909

Pound add_port() Function Remote Overflow

A remote overflow exists in Pound. The add_port() function fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a remote attacker can crash the application resulting in a loss of availability.. Read more at osvdb.org/15963

libXpm ParseAndPutPixels Function Stack Overflow

A local overflow exists in libXpm. The ParseAndPutPixels function fails to validate user-supplied input resulting in a stack overflow. With a specially crafted request, a malicious user can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/10034

libXpm xpmParseColors Function XPMv2/3 Parsing Stack Overflow

A local overflow exists in libXpm. The xpmParseColors function fails to validate user-supplied XPMv2/3 image files resulting in a stack overflow. With a specially crafted request, a malicious user can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/10029

libXpm xpmParseColors Function XPMv1 Parsing Stack Overflow

A local overflow exists in libXpm. The xpmParseColors function fails to validate user-supplied XPMv1 image files resulting in a stack overflow. With a specially crafted request, a malicious user can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/10028

libXpm xpmParseColors Function Integer Overflow

A local overflow exists in libXpm. The xpmParseColors function fails to validate user-supplied input resulting in an integer overflow. With a specially crafted request, a malicious user can cause a denial of service resulting in a loss of availability.. Read more at osvdb.org/10030

libXpm ParseAndPutPixels Function Integer Overflow

A local overflow exists in libXpm. The ParseAndPutPixels function fails to validate user-supplied input resulting in an integer overflow. With a specially crafted request, a malicious user can cause a denial of service resulting in a loss of availability.. Read more at osvdb.org/10026

libXpm XpmCreateImageFromXpmImage Function Integer Overflow

A local overflow exists in libXpm. The XpmCreateImageFromXpmImage function fails to validate user-supplied input resulting in an integer overflow. With a specially crafted request, a malicious user can cause a denial of service resulting in a loss of availability.. Read more at osvdb.org/10031

libXpm CreateXImage Function Integer Overflow

A local overflow exists in libXpm. The CreateXImage function fails to validate user-supplied input resulting in an integer overflow. With a specially crafted request, a malicious user can cause a denial of service resulting in a loss of availability.. Read more at osvdb.org/10032

Apple Mac OS X Terminal Window Title Escape Sequence Command Execution Vulnerability

Apple Mac OS X Terminal is reported prone to an input validation vulnerability.Apple Terminal window title feature may be abused to execute arbitrary commands on a syst…. Read more at securityfocus.com/bid/13503?ref=rss

Apple Mac OS X Terminal X-Man-Path Input Validation Vulnerability

Apple Mac OS X Terminal is reported prone to an input validation vulnerability.Apple Terminal allows escape characters embedded in x-man-path URI's to insert commands i…. Read more at securityfocus.com/bid/13502?ref=rss

YusASP Web Asset Manager Unauthorized Access Vulnerability

YusASP is a file manager for Web content.YusASP Web Asset Manager is prone to an unauthorized access vulnerability. The application does not perform any authentication…. Read more at securityfocus.com/bid/13501?ref=rss

LibXpm Image Decoding Multiple Remote Buffer Overflow Vulnerabilities

libXpm is a graphics library available for the Linux and Unix operating systems. It decodes X Pixmap (XPM) image formats.Multiple vulnerabilities are reported to exist…

. Read more at securityfocus.com/bid/11196?ref=rss

Apple Mac OS X AppleScript Editor Code Obfuscation Vulnerability

Mac OS X AppleScript editor is prone to a code obfuscation vulnerability. This issue involves the use of the applescript: URI mechanism.Normally, the applescript: URI …. Read more at securityfocus.com/bid/13500?ref=rss

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *