Monthly Archive: February 2005

Format string vulnerability in Judge Dredd: Dredd vs. Death 1.01 and earlier allows remote attackers to cause a denial of service (application crash) via format string specifiers in a chat message. Date published :...

The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service (CPU consumption) via XML attributes in a crafted XML document. Date published : 2005-02-20 http://www.securityfocus.com/bid/11312 http://marc.info/?l=bugtraq&m=109674050017645&w=2

Buffer overflow in Vypress Messenger 3.5.1 and earlier allows remote attackers to execute arbitrary code via a message with a long first field. Date published : 2005-02-20 http://www.securityfocus.com/bid/11310 http://marc.info/?l=bugtraq&m=109665993315769&w=2

The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777, which allows local users to execute arbitrary PHP code and gain privileges as the administrator. Date published : 2005-02-20...

AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, which allows remote attackers to list files in those directories via a direct...

AJ-Fork 167 allows remote attackers to gain sensitive information via a direct request to (1) auto-acronyms.php, (2) auto-archive.php, (3) ount-article-views.php, (4) kses.php, (5) custom-quick-tags.php, (6) disable-all-comments.php, (7) easy-date-format.php, (8) enable-disable-comments.php, (9) filter-by-author.php, (10) format-switcher.php,...

SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote attackers to execute arbitrary SQL commands via the p parameter. Date published : 2005-02-20 http://www.securityfocus.com/bid/11303 http://marc.info/?l=bugtraq&m=109665351632048&w=2

Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerAmp Music Converter 10.0 allows remote attackers to cause a denial of service or execute arbitrary code via...

Directory traversal vulnerability in ParaChat Server 5.5 allows remote attackers to read arbitrary files via a ..%5C (hex-encoded dot dot) in the URL. Date published : 2005-02-20 http://www.securityfocus.com/bid/11272 http://marc.info/?l=bugtraq&m=109647769526696&w=2

profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting the mail parameter to 1, which is the value for an administrator. Date published : 2005-02-20 http://www.securityfocus.com/bid/11284 http://marc.info/?l=bugtraq&m=109655763808924&w=2

Cross-site scripting (XSS) vulnerability in index.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to execute arbitrary web script or HTML via the module parameter. Date published : 2005-02-20 http://www.securityfocus.com/bid/11284 http://marc.info/?l=bugtraq&m=109655763808924&w=2

list.php in w-Agora 4.1.6a allows remote attackers to reveal the full path via a crafted HTTP request, possibly involving a malformed id parameter. Date published : 2005-02-20 http://www.securityfocus.com/bid/11283 http://marc.info/?l=bugtraq&m=109655691512298&w=2

CRLF injection vulnerability in subscribe_thread.php in w-Agora 4.1.6a allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the thread parameter. Date published : 2005-02-20 http://www.securityfocus.com/bid/11283...

Multiple cross-site scripting (XSS) vulnerabilities in w-Agora 4.1.6a allow remote attackers to execute arbitrary web script or HTML via the (1) thread parameter to download_thread.php, (2) loginuser parameter to login.php, or (3) userid parameter...