• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

Adobe Reader LoadFile() Method Local File Enumeration

Network Security News – Friday, July 14, 2006 Events

Adobe Reader LoadFile() Method Local File Enumeration

Adobe Reader contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker calls the .LoadFile() method exposed by ActiveX in Internet Explorer via a malicious web page to trigger a flaw in Adobe Reader and disclose information on existence of local files in the target system resulting in a loss of confidentiality.. Read more at osvdb.org/15242

Sparklet agl_text.cpp Multiple Function Format String

A vulnerability has been identified in Sparklet. This flaw is due to a format string error in the 'WriteText()' and 'allegro_gl_printf_ex()' functions when handling user-supplied input (e.g. nickname), which could be exploited by remote attackers to crash or compromise a vulnerable client via a malicious nickname.. Read more at osvdb.org/27038

Microsoft IE Object.Microsoft.DXTFilter Enabled Property NULL Dereference

Internet Explorer 6 contains a flaw that may allow a local denial of service. The issue is triggered when the 'Object.Microsoft.DXTFilter' property 'Enabled' is set to true(1). This leads to a NULL pointer dereference and will result in loss of availability for the browser.. Read more at osvdb.org/27014

Microsoft IE RDS.DataControl SysAllocStringLen Invalid Length Issue

A local overflow exists in Internet Explorer 6. The browser fails to control length boundaries of the 'URL' attribute of the 'RDS.DataControl' object resulting in a page violation/heap overflow. This may allow an attacker to crash the browser or execute arbitrary code.. Read more at osvdb.org/26955

Microsoft IE TriEditDocument URL Property NULL Dereference

Internet Explorer 6 contains a flaw that may allow a remote denial of service. The issue is triggered when the "TriEditDocument.TriEditDocument" ActiveX object's 'URL' property of this object is set, triggering a NULL dereference. This may result in loss of availability for the browser.. Read more at osvdb.org/27056

Sport Slo Advanced Guestbook guestbook.php Multiple Field XSS

Advanced Guestbook contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'name' and 'form' variables upon submission to the guestbook.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/27066

ATutor users/browse.php cat Variable XSS

ATRC ATutor contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'cat' variable upon submission to the 'users/browse.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/27022

Mac OS X CF_syslog Function Format String

Mac OS X contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when the CF_syslog() function passes unchecked data to syslog(), allowing for a possible format string exploit. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/26933

Mac OS X ImageIO TIFF Processing Overflow

A local overflow exists in Mac OS X. The ImageIO library fails to validate TIFF image files resulting in a stack overflow. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/26931

Mac OS X OpenLDAP Server Malformed Request Remote DoS

Mac OS X contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted request to the OpenLDAP server, and will result in loss of availability for the service.. Read more at osvdb.org/26932

Vuln: RW::Download Stats.PHP Remote File Include Vulnerability

RW::Download Stats.PHP Remote File Include Vulnerability. Read more at securityfocus.com/bid/18901

Vuln: Linux Kernel SMBFS CHRoot Security Restriction Bypass Vulnerability

Linux Kernel SMBFS CHRoot Security Restriction Bypass Vulnerability. Read more at securityfocus.com/bid/17735

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software