Microsoft Security Advisory MS03-045 - An attacker who had the ability to log on to a system interactively could run a program that could send a specially-crafted Windows message to any applications that have implemented the ListBox control or the ComboBox control, causing the application to take any action an attacker specified. This could give an attacker complete control over the system by using Utility Manager in Windows 2000.
3e04277031dbf6e921a7be196d8aa8db1e8dd4091520cec139a0bc50d571abbd
Microsoft Security Advisory MS03-047 - Microsoft Exchange Server 5.5, Service Pack 4, suffers from a cross site scripting attack due to the way Outlook Web Access (OWA) performs HTML encoding in the Compose New Message form.
643e2eb1f2bd8cf2e8d911578d71880652aaaa6792f3f3d48d274526d86d308b
Microsoft Security Advisory MS03-046 - A denial of service condition exists in Exchange Server 5.5 that can be exploited by a remote attacker and Exchange 2000 Server suffers the same denial of service and a buffer overrun that can result in an attacker running malicious programs.
a4bd78fe81913c5ffb36cde25380d71fa9f5143f19724c585b5983d3ddab8b04
ColdFusion servers suffer from a SQL injection vulnerability due to cross site scripting.
cd0a66f33d0eaf7647128be1451bcfa6c41612b461d14ff1bc9da61edf1e61a3
Microsoft Windows Security Bulletin Summary for October 2003 that covers MS03-041, the vulnerability in Authenticode Verification that could allow remote code execution, MS03-042, the buffer overflow in ActiveX that could allow code execution, MS03-043, the buffer overrun in its Messenger Service, and MS03-044, the buffer overrun in the Windows Help and Support Center.
6ee2879ff2ee6b1aa64c128110f8d70f6d04ceea10bbe444626b4a36bd99172e
myPHPCalendar version 10192000 Build 1 Beta has information disclosure and file inclusion vulnerabilities that lie in the admin.php, contacts.php, and convert-date.php files.
f56d14d24dbb672d0ed0dc9af5d9067138454aecf329388b20d3cfd8edb2dbec
Gallery 1.4 has a file include vulnerability where a remote PHP file can be included that will get executed on the local server.
4f9c9fe4f1ef60c470e266db6f990770fb35aabe3cc63b9ef808ac0a89304030
The TRACKtheCLICK script is vulnerable to an injection attack due to the User-Agent and Referer variables not being filtered in click.cgi, allowing a malicious attacker to spoof incorrect information and when admin.cgi is opened, the injected code will be executed by the victim's browser.
1aaaed1d3addfb60459fea9d4ac3a4bcb3f996fedc2ddabc1ff833147a5a8a84
Information regarding the fact that the Microsoft Windows patch that supposedly fixed the RPC DCOM vulnerability has failed miserably and patched machines are still vulnerable to attack.
e0b7dc71442f34a04b0f99c6e9d07e5c50a1353b46abd96c56ada4b763e14fd8
mIRC version 6.1 and below on Windows 2000 is susceptible to a buffer overflow attack. If a user is tricked into loading a malicious URL that launches the mirc.exe binary, a remote attacker can overwrite the saved instruction pointer and control the program's execution.
a9e13f3872f59f087d58dfa968fdb1427a8f3b76ebe7323d121f741d301735d1
Ph4nt0m Security Advisory #2003-9-9 - mah-jong versions 1.6 and below are susceptible to a remote denial of service attack.
9f7ebf87e359ccad366264bb0a277e015fb72bb0f3f9f57fae88ca20d2a63c19
Clarification by GreyMagic software on the recent misconception that MS03-040 patched a problem that actually lies in Jelmer's ADODB.Stream vulnerability that gets utilized via Liu's file:javascript vulnerability, in conjunction with another vulnerability to allow a res:// URL to open that is also by Jelmer.
95f406a6bcd15a4e7e06fc3b035cc7eb79fb7d96a2fb040195fdcc9e8d1835b1
PHP-Nuke 6.6 is susceptible to a SQL injection attack and leakage of password hashes (if MySQL 4.x is used) due to a lack of filtering in modules.php.
8e248486260fdb6ff3e17c1fe17edbf7d696f730b4799b527c732a1a621fe5a4
Zone-H Security Team Advisory - A file inclusion vulnerability in the PayPal Store Front allows for remote malicious code to be loaded and executed server-side. Patch available here.
479d36dc9bb94d6b4a59e3a3243ec5f2a16692bd2af697520b1a7bc7c611a4c2
PeopleSoft People Tools version 8.42 allows for a remote user to save Excel formatted files on the webserver which inadvertently allows them to be accessed by a remote unauthenticated attacker.
ad7cb2fb7e14daa25721c74a672125bdb71c19fd228012b0c80520a1bceeae2d
Medieval Total War clients versions 1.1 and below are susceptible to disconnecting from the main server when another user with a malformed nickname joins the game.
d8bf93e753ae1055f4d4c9e479e08771769a4421c23871b68a655ef298396ccd
Medieval Total War servers versions 1.1 and below are susceptible to a remote denial of service attack when an excess of 76 unicode characters are sent as the nickname for the user joining the game.
d7c30c143c6a38dce4a0062d2ca5bdc32f22efc285d8ee0c77aef54164260142
The current patch fix for the Internet Explorer 6 XML bypass is faulty and still allows a remote web site to maliciously force IE to replace files on the underlying client system.
6d210eb5a6b46fd9b6b6c1f97c07ceb3e3762953328aa745c0211b913e84cf1c
GreyMagic Security Advisory GM#002-MC - The Adobe SVG, or Scalable Vector Graphics Viewer, versions 3.0 and below allows for Active Scripting settings in a browser to be completely bypassed.
f1c5872495d2d9cda920b8d2e945a2bc04be47fe355c38ff09a2ffd979cc239b
GreyMagic Security Advisory GM#004-MC - The Adobe SVG, or Scalable Vector Graphics Viewer, versions 3.0 and below is vulnerable to a target URL swap in the alert window.
4c71079b6efa74a27493cfe43230a6b6ecfcc5bcb7352965a3fe82bda37b40ca
GreyMagic Security Advisory GM#003-MC - The Adobe SVG, or Scalable Vector Graphics Viewer, versions 3.0 and below will show the contents of a restricted local or remote file when a valid URL is accessed that then redirects to the restricted file.
59af330d8671a2a5061411995f430a0a4a801660aef77fa8c1c5c165b5a99936
Zone-H Security Team has written a patch for the unresolved vulnerabilities found in the debug mode of mod_gzip.
fa266e7dba719a31c885b48f23b86412b23f448f407cb9d14b570bc14f9699e0
File-Sharing for NET v1.5 and Forums Web Server v1.5 both suffer from various Javascript and HTML code injection vulnerabilities.
695984bacdaf8ea460a1c426fdfcb292c9cdd6c0fcf023c7e4d6190f6fd322d2
A vulnerability has been reported in Divine Content Server 5.x, which can be exploited by malicious people to conduct Cross-Site Scripting attacks against visitors.
ab2bfd56158284ff18d428f04473a145bd1d06cbda895c15a1b08c567f50cbcc
A vulnerability exists in the susewm package in SuSE Linux 8.2Pro where a symbolic link attack can escalate a user to root privileges. Workaround included.
0aa80f207e5b08ebc11c3b7e43d9ddc9e7d6a91abd06fb2afd67f194ee6f79f1