CVE-2005-1301 Information

Description

nProtect:Netizen 2005.3.17.1 does not properly verify that the update module is downloaded from an authorized site which allows remote malicious web sites to write arbitrary files.

Reference

http://jvn.jp/jp/JVN23AF02FB4B/index.html http://marc.info/?l=bugtraq&m=111444390329376&w=2 http://secunia.com/advisories/15101 http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/80_e.html http://www.osvdb.org/15788