Secunia Research has discovered a security issue in SAP GUI, which can be exploited by malicious people to gain knowledge of sensitive information, corrupt files, or compromise a user's system. The problem is that the bundled KWEdit ActiveX control (KWEDIT.DLL) provides the insecure method "SaveDocumentAs()", which saves an HTML document to a specified location. This can be exploited in combination with e.g. the "OpenDocument()" method to disclose the contents of files or to execute arbitrary code on a user's system. SAP GUI versions 6.40 Patch 29 and 7.10 Patch 5 are affected.
7618d00c720ce23c45412fe3d1fdff7227a5fd75d55de1cf1bf99df89823fb97Secunia Research has discovered some vulnerabilities in Free Download Manager, which can be exploited by malicious people to compromise a user's system. Multiple boundary errors exists in relation to torrent files allowing for arbitrary code execution.Free Download Manager versions 2.5 Build 758 and 3.0 Build 844 are affected.
86565ed22b3c1b8dade154b897b1b8f0f21fa8a840a14b598b19f7b4178d642bSecunia Research has discovered a vulnerability in Free Download Manager, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the Remote Control Server when processing "Authorization" headers in HTTP requests. This can be exploited to cause a stack-based buffer overflow via an HTTP request containing an overly long "Authorization" header. Successful exploitation allows execution of arbitrary code. Free Download Manager versions 2.5 Build 758 and 3.0 Build 844 are affected.
2d6a98a1c54f3e78b5ee64d40212d81016ff64590c30aaee596d5b936675f6e2Secunia Research has discovered a vulnerability in Trend Micro Network Security Component (NSC) modules as bundled with various products. This can be exploited by malicious, local users to manipulate firewall settings regardless of configured security settings. Trend Micro Internet Security includes a management interface for users to configure e.g. the firewall settings. To prevent any user from changing the settings, password restriction can be enabled. However, the password check is implemented in the configuration GUI and not in the Trend Micro Personal Firewall service (TmPfw.exe). This can be exploited to manipulate the firewall settings regardless of whether password restriction is enabled by sending specially crafted packets to the service listening on port 40000/TCP.
14e5723a30a912815698371b3902fd0234aef39e72139380016e2e560c406856Secunia Research has discovered vulnerabilities in Trend Micro Network Security Component (NSC) modules as bundled with various products. These can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges.
5b5de053e6d625822504987e45ced7ca8fde5c1b4c6de316295e4d04a0d56dbdSecunia Research has discovered a vulnerability in SAP GUI, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a boundary error in the included TabOne ActiveX control (sizerone.ocx) when copying tab captions. This can be exploited to cause a heap-based buffer overflow by e.g. adding multiple tabs via the "AddTab()" method. Successful exploitation may allow execution of arbitrary code. SAP GUI 6.40 Patch 29 and SAP GUI 7.10 are both affected.
e136911cfe27d72e5490b136aeb2053781377bf5055fa3476256cbb7bea1a60aSecunia Research has discovered a vulnerability in TSC2 Help Desk, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a boundary error in the included CTab ActiveX control (c1sizer.ocx) when copying tab captions. This can be exploited to cause a heap-based buffer overflow by e.g. adding multiple tabs via the "AddTab()" method. Successful exploitation may allow execution of arbitrary code. TSC2 Help Desk version 4.1.8 is affected.
6431c5ae11ab8eaeab4e6b301d650c2cb842767fe8fabcfc3d3a370c8d34135cSecunia Research has discovered a vulnerability in ComponentOne SizerOne, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by a boundary error in the included Tab ActiveX control (c1sizer.ocx) when copying tab captions. This can be exploited to cause a heap-based buffer overflow by e.g. adding tabs with overly long captions via the "AddTab()" method. Successful exploitation may allow execution of arbitrary code. ComponentOne SizerOne version 8.0.20081.140 is affected.
1864b06eeec1d88cdfd1c2ff046c8f677ee6d390a1c5880b9640a21412721137Secunia Research has discovered some vulnerabilities in Microsoft Hierarchical FlexGrid Control bundled with various products, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to integer overflow errors in the ActiveX control (mshflxgd.ocx) when handling the "Rows" and "Cols" properties and the "ExpandAll()" and "CollapseAll()" methods. These can be exploited to corrupt memory. Successful exploitation allows execution of arbitrary code. Microsoft Hierarchical FlexGrid Control 6.0.88.4 is affected.
6e220530f9f2bbf0cc8d3277a36675fa7b06bf0bdfafeb2b69efb664ba2bbffaSecunia Research has discovered a vulnerability in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "IppCreateServerRef()" function in nipplib.dll. This can be exploited to cause a heap-based buffer overflow by passing an overly long, specially crafted string as argument to either "GetPrinterURLList()", "GetPrinterURLList2()", or "GetFileList2()" as provided by the Novell iPrint ActiveX control (ienipp.ocx). Successful exploitation may allow execution of arbitrary code.
e699e714cb91f13aebcf4f514a87db66114a8b4c8b623bc39df1bb5445e65ef5Secunia Research has discovered a security issue in Novell iPrint Client, which can be exploited by malicious people to gain knowledge of potentially sensitive information. Novell iPrint Client 4.36 and Novell iPrint Client for Windows Vista 5.04 are affected. The insecurity lies in GetFileList().
2c3c2243ebc9b5ac67f52da83e31f5e81556363c6029b2679375d9ac3b7e40a5Secunia Research has discovered multiple vulnerabilities in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system. These include boundary errors and buffer overflow issues. Novell iPrint Client 4.36 is affected.
e1d4ec43ab4fff51d3a1817235f89f3457a927d567c596a2f6258abe63091fb0Secunia Research has discovered two vulnerabilities in K9 Web Protection, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused by boundary errors in the filter service (k9filter.exe) when handling HTTP version information in responses from a centralized server (sp.cwfservice.net). These can be exploited to cause stack-based buffer overflows via a specially crafted response containing overly long HTTP version information. Successful exploitation allows execution of arbitrary code, but requires that requests to the centralized server can be redirected to a malicious service or otherwise intercepted. Affected is Blue Coat K9 Web Protection 3.2.44 with Filter version 3.2.32.
7d24d804fee0df27fd0ed5b35e4f7879de54c951e7cbd66c17b20b056f824647Secunia Research has discovered a vulnerability in K9 Web Protection, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the filter service (k9filter.exe) during processing of "Referer" headers when the web-based K9 Web Protection Administration interface is accessed. This can be exploited to cause a stack-based buffer overflow via an overly long "Referer:" header. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious web site. Affected is Blue Coat K9 Web Protection 3.2.44 with Filter version 3.2.32.
c90c6cc25b178188ff3013ce11a96c87071324237810cfeb36249e43cc1d4126Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when processing data streams and can be exploited to trigger a use-after-free condition by returning a specially crafted data stream of e.g. an unexpected MIME-type for which no handler is registered. Successful exploitation allows execution of arbitrary code when a user visits a malicious website. Versions 5.01, 6, and 7 are affected.
e90f1dfc29e7cad026f2886325cd70f2b2962832b7e9ddfae7655bd4282b5014Secunia Research has discovered multiple vulnerabilities in Autonomy Keyview, which can be exploited by malicious people to compromise a user's system. Various boundary errors exist in the EML reader (emlsr.dll). Autonomy Keyview version 10.3.0.0 is affected.
3605041336d2a5de2c5c5ffb6943678b87735251af55a13e83b5b7745aca60fcSecunia Research has discovered multiple vulnerabilities in Lotus Notes, which can be exploited by malicious people to compromise a user's system. Various boundary errors exist in the EML reader (emlsr.dll). Lotus Notes version 8.0 is affected.
a6c1eab0c8545b52bd003d5072b97b31916402b1d1855e88f5e254bc877d35d2Secunia Research has discovered some vulnerabilities in IBM Tivoli Storage Manager Client, which can be exploited by malicious people to conduct script insertion attacks. Certain input passed in HTTP requests to the CAD service is not properly sanitized before being logged. This can be exploited to insert arbitrary HTML and script code into dsmerror.log, which is executed in a user's browser session in context of the affected site when e.g. viewing the log file via the web-based interface using the "FILE" functionality of the CAD service.
277de8c11d9582d8e9b98a606bb24ac192a34dc0c97ab2267b159f9843c34e82Secunia Research has discovered a vulnerability in various eScan products, which may be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the MicroWorld Agent service (MWAGENT.EXE) when decrypting received commands. This can be exploited to cause a stack-based buffer overflow via an overly long command sent to the service (default port 2222/tcp). Successful exploitation may allow execution of arbitrary code with SYSTEM privileges. eScan version 9.0.715.1 is affected.
84fcea0897dbcc7747ab1ab311052fadef29a9ac5675225bdb6fefbc7edd8d6eSecunia Research has discovered a vulnerability in BearShare, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the NCTAudioFile2.AudioFile ActiveX control when handling the "SetFormatLikeSample()" method. This can be exploited to cause a stack-based buffer overflow by passing an overly long string (about 4124 bytes) as argument to the affected method. BearShare version 6.0.2.26789 is affected.
dbc7db2e6f1936fe435111cb1d2036c76efcb80ed20555b401a15cf6773cc0deSecunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in Microsoft Agent (agentsvr.exe) when processing specially crafted URLs passed as arguments to certain methods. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website with Internet Explorer.
bdde87351842554b64a7f572e06a8bf191f711e8287cec7413c92c3510614663Secunia Research has discovered a vulnerability in InterActual Player and CinePlayer, which can be exploited by malicious people to compromise a user's system. Affected software include InterActual Player 2.60.12.0717 and CinePlayer 3.2.Other versions may also be affected.
e346206da7379b2291388a0df88b23d551379e19f514fafbaf0df549ef09a13cSecunia Research has discovered a vulnerability in Sienzo Digital Music Mentor, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the NCTAudioFile2.AudioFile ActiveX control when handling the "SetFormatLikeSample()" method. This can be exploited to cause a stack-based buffer overflow by passing an overly long string (about 4124 bytes) as argument to the affected method. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website.
4a145b830ea50bf86d15f10c5b8c02dcd4cd063d843372d236584a2c2c9882ccSecunia Research has discovered a vulnerability in MailEnable, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the POP service when handling arguments passed to the "PASS" command. This can be exploited to cause a stack-based buffer overflow by passing an overly long, specially crafted string as argument to the affected command. Affected are MailEnable Enterprise Edition 2.35 and MailEnable Professional Edition 2.35.
e8625d784bfeef332c2b470a923daaf64ce418b2839b641827f4db08690d4e60Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error within the exception handling of script errors. This can be exploited to corrupt memory via an HTML document containing specially crafted JavaScript that triggers certain errors simultaneously. Microsoft Internet Explorer 6.0 is affected.
dd22c9ed6d25b103da6b72c0e33253fcf2f55360ddb41df5df49a8f3b264a4d9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed