• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

AlternC Multiple Input Validation Vulnerabilities

AlternC is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data.

Exploiting these issues could allow an attacker to access or modify sensitive data, create arbitrary files and directories, execute arbitrary JavaScript code in the context of the application, compromise the application, and possibly exploit latent vulnerabilities in the underlying system; other attacks are also possible.

AlternC version 0.9.5 is vulnerable; earlier versions may also be affected.