Monthly Archive: May 2001

Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are specified by the web site, which could allow remote attackers to execute arbitrary commands if the IE client is using...

Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object. Date published : 2001-05-07 http://www.securityfocus.com/bid/1718 http://archives.neohapsis.com/archives/bugtraq/2000-09/0305.html

The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability. Date published : 2001-05-07 http://archives.neohapsis.com/archives/bugtraq/2001-01/0000.html...

Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records. Date published : 2001-05-07 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-013

CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow. Date published : 2001-05-07 http://www.securityfocus.com/bid/2347 http://razor.bindview.com/publish/advisories/adv_ssh1crc.html

vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack. Date published : 2001-05-07 http://www.securityfocus.com/bid/2186 http://marc.info/?l=bugtraq&m=97916374410647&w=2

squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations. Date published : 2001-05-07 http://www.securityfocus.com/bid/2184 http://marc.info/?l=bugtraq&m=97916374410647&w=2

mgetty 1.1.22 allows local users to overwrite arbitrary files via a symlink attack in some configurations. Date published : 2001-05-07 http://www.securityfocus.com/bid/2187 http://marc.info/?l=bugtraq&m=97916374410647&w=2

arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations. Date published : 2001-05-07 http://www.securityfocus.com/bid/2183 http://marc.info/?l=bugtraq&m=97916374410647&w=2

inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. Date published : 2001-05-07 http://www.securityfocus.com/bid/2190 http://marc.info/?l=bugtraq&m=97916374410647&w=2

privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. Date published : 2001-05-07 http://www.securityfocus.com/bid/2189 http://marc.info/?l=bugtraq&m=97916374410647&w=2

Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter...

Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a...

Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request. Date published : 2001-05-07 http://www.securityfocus.com/bid/2217 http://marc.info/?l=bugtraq&m=97975486527750&w=2