Thor Larholm

Name of the Vulnerable Software and Affected Versions: Mozilla (affected versions not specified) Description: The issue involves an argument injection vulnerability. When certain URIs are registered, remote attackers can conduct cross-browser scripting attacks and execute arbitrary commands. This is achieved via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handling process. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Outlook and Outlook Express (affected versions not specified) Description: The issue involves an argument injection vulnerability. When certain URIs are registered, remote attackers can conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI. These metacharacters are inserted into the command line when invoking the handling process. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox (affected versions not specified) **Description** A stack-based buffer overflow issue in Mozilla Firefox allows remote attackers to potentially execute arbitrary code via unspecified vectors involving JavaScript. However, the severity of this issue has been disputed by the vendor and original researchers, who claim that the presented code does not result in remote code execution but rather causes a crash and consumes system resources. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 1.5.0.5 Thunderbird versions prior to 1.5.0.5 SeaMonkey versions prior to 1.0.3 **Description** The issue allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-level object. **Recommendations** For Mozilla Firefox versions prior to 1.5.0.5, update to version 1.5.0.5 or later. For Thunderbird versions prior to 1.5.0.5, update to version 1.5.0.5 or later. For SeaMonkey versions prior to 1.0.3, update to version 1.0.3 or later.

**Name of the Vulnerable Software and Affected Versions** CPAINT (affected versions not specified) **Description** The issue is related to an incomplete blacklist vulnerability in the `checkBlacklist` function. This allows remote attackers to execute arbitrary commands via the `ExecuteGlobal` function or `GetRef` statement, which are not included in the blacklist. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CPAINT versions 1.3-SP **Description** The issue allows remote attackers to execute arbitrary ASP code via the `cpaint argument[]` parameter to API endpoints such as "calculator.asp" or "cpaintfile.asp", which is directly fed into an eval statement. **Recommendations** For CPAINT version 1.3-SP, avoid using the `cpaint argument[]` parameter in the affected API endpoints until the issue is resolved. As a temporary workaround, consider restricting access to the "calculator.asp" and "cpaintfile.asp" endpoints to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Opera versions prior to 7.50 **Description** The issue allows remote attackers to obtain potentially sensitive information by reading Referer log data. This occurs because Opera sends Referer headers containing https:// URLs in requests for http:// URLs. **Recommendations** For Opera versions prior to 7.50, update to version 7.50 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Netscape 4 **Description** The issue allows remote attackers to obtain potentially sensitive information by reading Referer log data, as Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs. **Recommendations** For Netscape 4, consider disabling the sending of Referer headers or restricting access to Referer log data to minimize the risk of sensitive information disclosure.

Name of the Vulnerable Software and Affected Versions: Windows Media Player versions 7 and 8 Description: The issue allows remote attackers to bypass zone restrictions and access or execute arbitrary files. This is achieved via an IFRAME tag pointing to an ASF file whose Content-location contains a `File://` URL. Recommendations: For Windows Media Player version 7, update to a version that is not affected by this issue. For Windows Media Player version 8, update to a version that is not affected by this issue.