• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

Microsoft IE HTML Rendering Memory Corruption

Network Security News – Saturday, September 09, 2006 Events

Microsoft IE HTML Rendering Memory Corruption

Microsoft Internet Explorer contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a user visits a specially crafted web site that contains plain HTML. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/27853

Microsoft IE Redirect Handling Cross-Domain Privilege Escalation

Microsoft Internet Explorer contains a flaw that may allow a malicious user to read cross-domain web pages and possibly execute code via unspecified vectors involving a specially crafted web page. It is possible that the flaw may allow execution of code resulting in a loss of integrity.. Read more at osvdb.org/27851

Microsoft IE Uninitialized COM Object Memory Corruption

Microsoft Internet Explorer contains a flaw that may allow a malicious user to execute code on a user's machine. The issue is triggered when user accesses a malicious web page that contains instructions to instantiate an activeX control. It is possible that the flaw may allow execute code resulting in a loss of integrity.. Read more at osvdb.org/27852

Plesk filemanager.php file Variable XSS

Plesk contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'file' variable upon submission to the filemanager/filemanager.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more at osvdb.org/28596

SoftBB reg.php mail Variable SQL Injection

SoftBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'reg.php' script not properly sanitizing user-supplied input to the 'mail' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/23999

SoftBB admin/save_opt.php Arbitrary PHP Code Execution

SoftBB contains a flaw that may allow a malicious user to execute arbitrary PHP code. Input passed to multiple unspecified parameters in 'admin/save_opt.php' script is not properly sanitised before being stored in a PHP script. It is possible that the flaw may allow execution of arbitrary PHP code resulting in a loss of integrity.. Read more at osvdb.org/28579

SoftBB moveto.php select Variable SQL Injection

SoftBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'moveto.php' script not properly sanitizing user-supplied input to the 'select' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/28578

SoftBB addmembre.php groupe Variable SQL Injection

SoftBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'addmembre.php' script not properly sanitizing user-supplied input to the 'groupe' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more at osvdb.org/28577

SubberZ[Lite] user-func.php myadmindir Variable Remote File Inclusion (Myth/Fake)

SubberZ Lite has been reported to contain a flaw that may allow a remote attacker to execute arbitrary commands. The issue is supposedly due to the user-func.php script not properly sanitizing user input supplied to the 'myadmindir' variable. However, subsequent examination indicates the variable is set to a static value and can not be manipulated by an attacker.. Read more at osvdb.org/28592

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2024 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software