Monthly Archive: May 2005

The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run,...

AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an...

Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287. Date published : 2005-05-04 http://www.securityfocus.com/bid/13506 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11256

Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code. Date published : 2005-05-04 http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://www.us-cert.gov/cas/techalerts/TA05-136A.html

Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks. Date...

A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a...

Serendipity before 0.8 allows Chief users to "hide plugins installed by other users." Date published : 2005-05-03 http://www.s9y.org/63.html#A9 http://secunia.com/advisories/15145

The media manager in Serendipity before 0.8 allows remote attackers to upload and execute arbitrary (1) .php or (2) .shtml files. Date published : 2005-05-03 http://www.s9y.org/63.html#A9 http://www.osvdb.org/15878

Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact. Date published : 2005-05-03 http://www.s9y.org/63.html#A9 http://www.osvdb.org/15877

Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown impact. Date published : 2005-05-03 http://www.s9y.org/63.html#A9 http://secunia.com/advisories/15145

Cross-site scripting (XSS) vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Date published : 2005-05-03 http://www.securityfocus.com/bid/13411 http://www.s9y.org/63.html#A9

PHP remote file inclusion vulnerability in main.php in SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to execute arbitrary PHP code via the p parameter. Date published : 2005-05-03 http://forum.sitepanel2.com/index.php?showtopic=271 http://www.gulftech.org/?node=research&article_id=00072-05032005

SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to upload and execute arbitrary files such as PHP scripts via an attachment to a trouble ticket. Date published : 2005-05-03 http://forum.sitepanel2.com/index.php?showtopic=271 http://www.gulftech.org/?node=research&article_id=00072-05032005

Multiple directory traversal vulnerabilities in SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to (1) delete arbitrary files via the id parameter in a rmattach action to 5.php, or (2) read arbitrary files via...