Monthly Archive: February 2007

Stack-based buffer overflow in iTinySoft Studio Total Video Player 1.03, and possibly earlier, allows remote attackers to execute arbitrary code via a M3U playlist file that contains a long file name. NOTE: it was...

The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers...

Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service...

Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP’s extract function. Date published : 2007-02-14 http://www.securityfocus.com/bid/22388 http://sourceforge.net/forum/forum.php?forum_id=660919

Directory traversal vulnerability in php rrd browser before 0.2.1 allows remote attackers to read arbitrary files via ".." sequences in the p parameter. Date published : 2007-02-14 http://www.securityfocus.com/archive/1/459804/100/0/threaded http://sourceforge.net/project/shownotes.php?group_id=176562&release_id=485414

Virtual Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download an encoded password via a direct request for pwd.txt. Date published : 2007-02-14 http://www.securityfocus.com/archive/1/459844/100/0/threaded http://osvdb.org/33183

Heap-based buffer overflow in uTorrent 1.6 allows remote attackers to execute arbitrary code via a torrent file with a crafted announce header. Date published : 2007-02-14 http://www.securityfocus.com/bid/22530 http://www.securityfocus.com/archive/1/460346/100/0/threaded

The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql[‘pass’] and $gbpass variables. Date published : 2007-02-14 http://www.securityfocus.com/archive/1/459799/100/0/threaded http://osvdb.org/33710

Cross-site scripting (XSS) vulnerability in search/SearchResults.aspx in Community Server allows remote attackers to inject arbitrary web script or HTML via the q parameter. Date published : 2007-02-14 http://www.securityfocus.com/bid/22529 http://www.securityfocus.com/archive/1/459848/100/0/threaded

Till Gerken phpPolls 1.0.3 allows remote attackers to bypass authentication and perform certain administrative actions via a direct request to phpPollAdmin.php3. NOTE: this issue might subsume CVE-2006-3764. Date published : 2007-02-14 http://www.securityfocus.com/bid/22522 http://www.securityfocus.com/archive/1/459789/100/0/threaded

buscador/buscador.htm in Portal Search allows remote attackers to obtain sensitive information (business logic) via a query string composed of a search for certain characters. Date published : 2007-02-14 http://www.securityfocus.com/bid/22533 http://www.securityfocus.com/archive/1/459794/100/0/threaded

Cross-site scripting (XSS) vulnerability in buscador/buscador.htm in Portal Search allows remote attackers to inject arbitrary web script or HTML via the query string. Date published : 2007-02-14 http://www.securityfocus.com/bid/22533 http://www.securityfocus.com/archive/1/459794/100/0/threaded

Portal Search allows remote attackers to redirect a URL to an arbitrary web site by placing the URL in the query string to the top-level URI. Date published : 2007-02-14 http://www.securityfocus.com/bid/22533 http://www.securityfocus.com/archive/1/459794/100/0/threaded

SQL injection vulnerability in philboard_forum.asp in Philboard 1.14 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter. Date published : 2007-02-14 http://www.securityfocus.com/bid/22532 https://www.exploit-db.com/exploits/3295