nProtect:Netizen 2005.3.17.1 does not properly verify that the update module is downloaded from an authorized site, which allows remote malicious web sites to write arbitrary files.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Netizen | Nprotect | 2005.3.17.1 (including) | 2005.3.17.1 (including) |
References
- http://jvn.jp/jp/JVN%23AF02FB4B/index.html
- http://marc.info/?l=bugtraq\u0026m=111444390329376\u0026w=2
- http://secunia.com/advisories/15101
- http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/80_e.html
- http://www.osvdb.org/15788
- http://jvn.jp/jp/JVN%23AF02FB4B/index.html
- http://marc.info/?l=bugtraq\u0026m=111444390329376\u0026w=2
- http://secunia.com/advisories/15101
- http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/80_e.html
- http://www.osvdb.org/15788