Advisories
Please read our Vulnerability Disclosure Policy.
Full TextITN News Sidebar Gadget
Feb 07, 2008
An advisory has been released today by MWR InfoSecurity relating to the ITN News Windows Vista sidebar gadget which is vulnerable to a script injection attack that could allow remote attackers to execute commands on the target system. The vendor has addressed this vulnerability and implemented a fix in version 1.23. The full advisory, including a link to the upgrade can be viewed from the download link above.
Meridio Cross Site Scripting Vulnerability
Jan 15, 2008
Meridio Document and Records Management has been identified as being vulnerable to an embedded Cross Site Scripting attack that could potentially allow remote attackers to inject JavaScript into the application. This would then be executed within the context of the browser of the application user. The impact of this attack is only limited by the creativity of the attacker exploiting this vulnerability. The most dangerous form of XSS involves hostile code being permanently stored within the application. This means the embedded code would be executed by every user accessing the affected page and this is the case in this instance. Meridio have addressed this vulnerability and implemented a fix in version 4.3 SR1 and higher.
Plogger SQL Injection
Dec 17, 2007
An SQL injection vulnerability was identified in Plogger, a popular open source PHP photo gallery. CPNI (The Centre for the Protection of National Infrastructure) have been informed of this vulnerability. The vendor has also been informed and has released a code fix which is available from change set 489. The vulnerability would enable an attacker to inject arbitrary SQL statements. SQL injection inference techniques were used to develop a proof of concept exploit that could be used to access any field from the Plogger database (and potentially any field of any database accessible by the database user Plogger is configured to use).
IBM Lotus Domino "If-Modified-Since" Stack Overflow
Oct 15, 2007
The IBM Lotus Domino Web Server service is vulnerable to a stack based buffer overflow which can be exploited remotely. Upon reporting this issue to IBM it was discovered that this was a known issue which had been resolved in a number of previous releases and Fix Packs. However, the previously reported issue did not correctly assess the impact of the vulnerability or provide a description that allowed the vulnerability of a given system to be accurately assessed.
Merak Webmail XSS
Sep 17, 2007
The Merak Mail Server provides a web based interface called IceWarp which allows users to send and retrieve emails using a web browser. However, email content is not sufficiently sanitised which can result in the execution of arbitrary scripts. On accessing the web interface of the application the user is assigned two session IDs. An attacker could harvest these sessions IDs by sending specially crafted emails to users. The session IDs would be transmitted to the attacker when the users opened the malicious emails. With this information the attacker would be able to gain access to the users accounts.