Computer Security

Search:Vulnerability:03.01.2004
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



SwitchOff Multiple bugs
Published:03.01.2004
Source:WINTER-SMITH
SecurityVulns ID:3341
Type:remote
Level:5/10
Description:Infinite loop on oversized string to TCP/8000, stack overflow.
Affected:YASOFT : Switch Off 2.3
Original documentdocumentPeter Winter-Smith, Switch Off Multiple Vulnerabilities (03.01.2004)
Discuss:Read or add your comments to this news (0 comments)

GoodTech Telnet Server buffer overflow
Published:03.01.2004
Source:BUGTRAQ
SecurityVulns ID:3343
Type:client
Level:5/10
Description:Buffer overflow on oversized line.
Affected:GODTECH : GoodTech Telnet Server 4.0
Original documentdocumentDonato Ferrante, DoS in GoodTech Telnet Server 4.0.103 (03.01.2004)
Discuss:Read or add your comments to this news (0 comments)

CHM files execution in Internet Explorer
updated since 19.05.2000
Published:03.01.2004
Source:BUGTRAQ
SecurityVulns ID:169
Type:client
Level:6/10
Description:CHM file (HTML-help) may contain unsafe ActiveX elements and could lead to code execution. CHM execution may be triggered by calling CHM file as a HTML or via ActiveX elements.
Affected:MICROSOFT : Internet Explorer 5.01
 MICROSOFT : Internet Explorer 5.0
 MICROSOFT : Internet Explorer 4.0
 MICROSOFT : Internet Explorer 4.01
 MICROSOFT : Internet Explorer 5.5
 MICROSOFT : Internet Explorer 6.0
Original documentdocumentArman Nayyeri, IE 5.x-6.0 allows executing arbitrary programs using showHelp() (03.01.2004)
 documentThor Larholm, Thor Larholm security advisory TL#004 (10.10.2002)
 documentThor Larholm, Thor Larholm security advisory TL#004 (07.10.2002)
 documentNGSSoftware Insight Security Research, Buffer Overflow in IE/Outlook HTML Help (03.10.2002)
 documentMICROSOFT, Security Bulletin MS02-055: Unchecked Buffer in Windows Help Facility Could Enable Code Execution (Q323255) (03.10.2002)
 documenthttp-equiv@excite.com, Self-Executing HTML: Internet Explorer 5.5 and 6.0 (03.06.2002)
 documentGeorgi Guninski, OBJECT TYPE="text/html" may allow executing arbitrary programs in IE 5.5 (24.11.2000)
 documentGeorgi Guninski, IE 5.x/Outlook allows executing arbitrary programs using .chm files and temporary internet files folder (21.11.2000)
 documentCERT, Advisory CA-2000-12 (20.06.2000)
 documentMICROSOFT, Security Bulletin (MS00-037) (03.06.2000)
 documenthttp-equiv_(at)_excite.com, MICROSOFT SECURITY FLAW? (19.05.2000)
Files:Self-Executing HTML: Internet Explorer 5.5 and 6.0
 BugTraq ID: 1221
 BugTraq ID: 1223
Discuss:Read or add your comments to this news (0 comments)

New local NT attack - TOCTOU (Time-Of-Check-to-Time-Of-Use race conditions)
updated since 03.01.2004
Published:12.05.2010
Source:BUGTRAQ
SecurityVulns ID:3342
Type:local
Level:6/10
Description:If service hooks are used for argument filtering, race conditions are possible between argument check and actual sytem call.
Original documentdocumentMatousec - Transparent security Research, KHOBE - 8.0 earthquake for Windows desktop security software (12.05.2010)
 documentAndrey Kolishak, TOCTOU with NT System Service Hooking (03.01.2004)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server