Monthly Archive: May 2005

Cross-site scripting (XSS) vulnerability in index.php for 1Two News 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) nom, (2) email, (3) siteweb, or (4) commentaire variables. Date published...

Cross-site scripting (XSS) vulnerability in Bug Report 1.0 allows remote attackers to inject arbitrary web script or HTML via various fields to bug_report.php, which are not filtered or quoted when processed by bug_list.php or...

users.ini.php in BoastMachine 3.0 does not properly restrict the types of files that can be uploaded, which allows remote attackers to execute arbitrary code. Date published : 2005-05-14 http://www.securityfocus.com/bid/13600 http://www.kernelpanik.org/docs/kernelpanik/bmachines.txt

Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local...

EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection. Date published : 2005-05-14 http://www.securityfocus.com/archive/104/398021 http://secunia.com/advisories/15340

APG Technology ClassMaster does not properly restrict access to sensitive folders, which allows remote attackers to access folders via a network share. Date published : 2005-05-14 http://www.securityfocus.com/bid/13604 http://www.securiteam.com/windowsntfocus/5SP0D0AFPQ.html

The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected,...

The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace,...

Windows Media Player 9 and 10, in certain cases, allows content protected by Windows Media Digital Rights Management (WMDRM) to redirect the user to a web site to obtain a license, even when the...

SQL injection vulnerability in admin_login.asp for ASP Virtual News Manager allows remote attackers to execute arbitrary SQL commands via the password parameter. Date published : 2005-05-14 http://www.under9round.com/avn13.txt http://securitytracker.com/id?1013933

ShowOff! 1.5.4 allows remote attackers to cause a denial of service (server crash) via a malformed request to port 8083. Date published : 2005-05-14 http://www.osvdb.org/16333 http://secunia.com/advisories/15300

Multiple directory traversal vulnerabilities in ShowOff! 1.5.4 allow remote attackers to read arbitrary files via ".." sequences in arguments to the (1) ShowAlbum, (2) ShowVideo, or (3) ShowGraphic scripts. Date published : 2005-05-14 http://www.osvdb.org/16332...

forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full path information via a certain hex-encoded argument to the page parameter, possibly due to a SQL injection vulnerability. Date published : 2005-05-14 http://securitytracker.com/id?1013934

Cross-site scripting (XSS) vulnerability in DirectTopics 2.1 and 2.2 allows remote attackers to inject arbitrary web script via a javascript: URL in (1) a thread or (2) an IMG tag. Date published : 2005-05-14...