Top 10 vulnerabilities in Web Applications in Q4 2007

  • Open SSL Off-By-One Overflow – An off-by-one overflow is triggered by the SL_Get_Shared_Ciphers() function and can execute arbitrary code on the target system.

  • Java Web Start Bugs – A remote user can create a specially crafted applet that, when loaded by the target user, can read local files, write to local files or determine the location of the Java Web Start cache.

  • Adobe Acrobat URI Handling Bug – A remote user can create a PDF file with a specially crafted Web link that, when loaded by the target user, will trigger the URI handling flow and execute arbitrary commands on the target system.

  • IBM Lotus Notes Buffer Overflow – A remote user can send a specially crafted HTML-based e-mail message that, when replied to, forwarded or copied to the clipboard by the target user, will trigger a buffer overflow in the TagAttributeListCopy() function in ‘nnotes.dll and execute arbitrary code on the target system.

  • RealPlayer Input Validation Flaw – A remote user can create a specially crafted HTML that, when loaded by the target user, will load and ActiveX control and trigger a flow in ‘ierpplug.dll’ to execute arbitrary code on the target system.

  • IBM WebShere Application Server Input Validation Hole – A validation hole allows arbitrary code to access the target user’s cookies, including authentication cookies, access data recently submitted by the target user via Web form to the site or take actions on the site acting as the target user.

  • IBM WebShpere Input Validation Hole – A validation hole allows arbitrary code to access the user’s cookies, including authentication cookies, access data recently submitted by the target user via Web form to the site, or take actions on the site acting as the target user.

  • PHP Buffer Overflows, Filtering Bypass and Configuration Bypass Bugs – A user may be able to trigger a buffer overflow in certain functions, supply partial multibyte sequences to certain functions to potentially bypass the filtering functions and can invoke a function to overwrite values.

  • Apache Input Validation Hole – A validation hole allows arbitrary code originating from Apache software to access the user’s cookies, including authentication cookies, access data recently submitted by the target user via Web form to the site, or take actions on the site acting as the target user.

  • Adobe Flash Player Bugs – A remote user can cause arbitrary code on a target user’s system, conduct cross-site scripting and request splitting attacks and conduct port scans via Adobe Flash Player.

Don't miss