CVE-2005-1193 Information

Description

The bbencode_second_pass and make_clickable functions in bbcode.php for phpBB before 2.0.15 as used in viewtopic.php privmsg.php and other scripts allow remote attackers to execute arbitrary script via a BBcode tag with a (1) javascript: (2) applet: (3) about: (4) activex: (5) chrome: or (6) script: URI scheme as demonstrated using the URL tag.

Reference

http://castlecops.com/t123194-.html http://marc.info/?l=full-disclosure&m=111552510000088&w=2 http://seclists.org/lists/bugtraq/2005/May/0098.html http://secunia.com/advisories/15298 http://securitytracker.com/id?1013918 http://securitytracker.com/id?1014117 http://www.kb.cert.org/vuls/id/113196 http://www.osvdb.org/16439 http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=288194 http://www.securityfocus.com/bid/13545 https://exchange.xforce.ibmcloud.com/vulnerabilities/20574 phpbb-url-bbcode-file-include(20574)