NTA Monitor

Latest News

IT Managers get to grips with Internet security issues

4th May 2010 According to NTA Monitor's 2010 Annual Security Report, the average number of Internet security vulnerabilities afflicting organisations has fallen.. Read More

Will IE6 be the next NT4?

1st October 2009 All penetration testers will remember the long tail of Windows NT 4.0, and how this operating system continued to be used long past the point when security updates stopped at the end of 2004. For many years the presence of an unpatchable NT4 server was a common issue in a penetration test report, and it is only now, almost five years after security support ended, that finding an NT4 system on a network is becoming a rare event. Read More

One in four web applications susceptible to high risk security flaws

7th September 2009 NTA Monitor has reported a 10% increase in the total number of web applications found to have at least one high-risk security issue... Read More

Organisations facing a changing threat landscape

20th July 2009 According to NTA Monitor's 2009 Annual Security Report, the average number of Internet security vulnerabilities is on the rise... Read More
Date: 30th November 2005
Risk: High

Hewlett-Packard has released updated packages to address multiple security vulnerabilities identified in Mozilla for HP-UX. These flaws could be exploited by malicious websites to execute arbitrary commands or cause a denial of service.

A buffer overflow error in the "NormalizeIDN" function when handling malformed URLs containing "soft hyphen" characters (0xAD) embedded in an HTML tag (e.g. "A HREF"), which could be exploited by remote attackers to take complete control of an affected system via specially crafted Web pages.

Vulnerabilities include:

An improper cloning of base objects could allow web content scripts to walk up the prototype chain to get to a privileged object, which could be exploited by attackers to execute arbitrary code.

An input validation error in the processing of XHTML documents containing fake elements could be exploited by malicious web sites to execute scripting code with elevated "chrome" privileges.

JavaScript dialog boxes do not display or include their origin, which allows a new window to open e.g. a prompt dialog box, which appears to be from a trusted site. See : FrSIRT/ADV-2005-0820

An input validation error in the processing of javascript URLs opened by media players could be exploited by attackers to execute arbitrary code.

An error in the processing of "top.focus()" calls could be exploited by attackers to conduct spoofing and/or cross site scripting attacks.

A regression error could be exploited by attackers to inject arbitrary JavaScript code from one page into the frameset of another site.

An input validation error in the "InstallVersion.compareTo()" function when handling specially crafted objects could be exploited by attackers to run arbitrary code or conduct denial of service attacks.

An input validation error in the processing of "data:" URLs could be exploited by attackers to conduct cross site scripting attacks.

An error in the "InstallTrigger.install()" method could be exploited to conduct cross site scripting attacks.

An error when handling Wallpapers could be exploited by attackers to run arbitary code on a vulnerable system by convincing a user to use the "Set As Wallpaper" context menu item on a specially crafted image.

Scripts in XBL controls from web content are run even when Javascript was disabled.

An error in the browser UI when handling user/synthetic events could be exploited by attackers to execute arbitrary code.

References

http://www.frsirt.com/english/advisories/2005/1952 http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01230 http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01231