• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

Microsoft IE UTF-8 Encoded HTML Overflow

Network Security News – Saturday, June 17, 2006 Events

Microsoft IE UTF-8 Encoded HTML Overflow

A remote overflow exists in Microsoft IE. Internet Explorer fails to translate UTF-8 characters to Unicode resulting in an encoded HTML overflow. With a specially crafted request, an attacker can cause remote code execution resulting in a loss of integrity.. Read more at osvdb.org/26443

Microsoft IE Modal Browser Window Address Bar Spoofing

Microsoft Internet Explorer contains a flaw that may allow a malicious user to spoof the information in the address bar in a way that preserves the original address bar and trusted UI of a trusted site even after the browser has been navigated to a malicious site. It is possible that the flaw may allow phishing attacks or loss of integrity.. Read more at osvdb.org/26445

Microsoft Windows TCP/IP Protocol Driver Source Routing Overflow

A remote overflow exists in Windows. The TCP/IP protocol driver fails to validate packets with an unspecified Source Routing flag resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/26433

Microsoft Windows RPC Mutual Authentication Server Spoofing

Windows contains a flaw that may allow a malicious user to spoof a valid server. The issue is triggered when using RPC over SSL, and the client does not validate the RPC server. It is possible that the flaw may allow impersonation of a server resulting in a loss of integrity.. Read more at osvdb.org/26438

Microsoft IE Wmm2fxa.dll COM Object Memory Corruption

Windows contains an unspecified flaw in Internet Explorer related to the handling of ActiveX controls by the Wmm2fxa.ddl component that may allow an attacker to execute arbitrary code. No further details have been provided.. Read more at osvdb.org/26442

Microsoft Windows RASMAN RPC Request Remote Overflow

Windows contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a sequence of specially crafted packets are sent to one of the RPC interfaces provided by the RASMAN service, which leads to memory corruption. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/26436

Lighttpd Unexpected Capitalization File Extension Request Source Disclosure

Lighttpd contains a flaw that may allow a malicious user to display the source code of arbitrary scripts instead of generated response. The issue is triggered when processing specially crafted HTTP requests containing file extensions with unexpected capitalization. It is possible that the flaw may allow to bypass URL checks and obtain sensitive information resulting in a loss of confidentiality.. Read more at osvdb.org/23229

Lighttpd Null Byte Source Code Disclosure

Lighttpd contains a flaw that may allow a malicious user to display the source code of arbitrary scripts instead of generated response. The issue is triggered when processing specially crafted HTTP requests containing %00 (null) character after the file extension. It is possible that the flaw may allow to bypass URL checks and obtain sensitive information resulting in a loss of confidentiality.. Read more at osvdb.org/13844

IRIX ioconfig Relative Pathname Privilege Escalation

IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user tricks ioconfig, which does not use absolute paths in its system calls, into running arbitrary programs. This flaw may lead to a loss of integrity.. Read more at osvdb.org/6788

Five Star Review Script User Profile Multiple Field XSS

Five Star Review contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate form field contents when editing user profile information. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/26499

Vuln: OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability

OpenSSH DynamicForward Inadvertent GatewayPorts Activation Vulnerability. Read more at securityfocus.com/bid/14727

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2024 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software