21 April, 2011
Gesytec ElonFmt ActiveX 1.1.14 (ElonFmt.ocx) pid Item Buffer Overflow (SEH)
The ElonFmt ActiveX Control Module suffers from a buffer overflow vulnerability. When a large buffer is sent to the pid item of the GetItem1 function in elonfmt.ocx module, we get a few memory registers overwritten including the SEH. We’re dealing with a character translation. An attacker can gain access to the system on the affected node and execute arbitrary code.
Read on: http://zeroscience.mk/blog/04/2011/gesytec-elonfmt-activex-1-1-14-elonfmt-ocx-pid-item-buffer-overflow-seh/
Read on: http://zeroscience.mk/blog/04/2011/gesytec-elonfmt-activex-1-1-14-elonfmt-ocx-pid-item-buffer-overflow-seh/
06 April, 2011
Anfibia Reactor 2.1.1 (login.do) Remote XSS POST Injection Vulnerability
Vendor: Anfibia Software
Product web page: http://www.anfibia-soft.com
Affected version: 2.1.1.12
Summary: Fast web-based server monitoring. Keep an eye on servers,
connections, databases, cpu, hard drives and more!
Desc: The Anfibia Reactor JS service suffers from a XSS vulnerability
when parsing user input to the 'email' parameter via POST method in
'reactor/login.do' script at the manager login interface. Attackers
can exploit this weakness to execute arbitrary HTML and script code
in a user's browser session.
Tested on: Microsoft Windows XP Professional SP3 (EN)
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
liquidworm gmail com
Zero Science Lab - http://www.zeroscience.mk
[14.03.2011] Vulnerability discovered.
[16.03.2011] Contact with the vendor.
[16.03.2011] Vendor replies asking more details.
[16.03.2011] Sent vulnerability details to vendor.
[16.03.2011] Vendor confirms XSS issue.
[06.04.2011] Vendor releases version 3 to address this issue.
[06.04.2011] Coordinated public advisory released.
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5008.php
http://www.zeroscience.mk/codes/anfibiareactor_xss.txt
Product web page: http://www.anfibia-soft.com
Affected version: 2.1.1.12
Summary: Fast web-based server monitoring. Keep an eye on servers,
connections, databases, cpu, hard drives and more!
Desc: The Anfibia Reactor JS service suffers from a XSS vulnerability
when parsing user input to the 'email' parameter via POST method in
'reactor/login.do' script at the manager login interface. Attackers
can exploit this weakness to execute arbitrary HTML and script code
in a user's browser session.
Tested on: Microsoft Windows XP Professional SP3 (EN)
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
liquidworm gmail com
Zero Science Lab - http://www.zeroscience.mk
[14.03.2011] Vulnerability discovered.
[16.03.2011] Contact with the vendor.
[16.03.2011] Vendor replies asking more details.
[16.03.2011] Sent vulnerability details to vendor.
[16.03.2011] Vendor confirms XSS issue.
[06.04.2011] Vendor releases version 3 to address this issue.
[06.04.2011] Coordinated public advisory released.
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5008.php
http://www.zeroscience.mk/codes/anfibiareactor_xss.txt
03 April, 2011
Subscribe to:
Posts (Atom)