Computer Security vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

21.01.2012
Detailed

8! Adobe Acrobat / Reader multiple security vulnerabilities
document Code execution, multiple memory corruptions.

7! Microsoft Windows multiple security vulnerabilities
updated since 11.01.2012
SafeSEH protection bypass, Windows Object Packager code execution, CSRSS privilege escalation, DirectShow / Windows Media memory corruption, Windows Packager code execution, SSL/TLS information leakage.

6! Linux kernel multiple security vulnerabilities
document DoS conditions, information leaks, privilege escalation.

PHP DoS
NULL pointer dereference because on unchecked zend_strndup return value.

Suhoshin buffer overflow
Buffer overflow in the transparent cookis encryption code.

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Business Availability Center / Business Service Management information leakage

NTR ActiveX security vulnerabilities
Buffer overflow, unsafe method.

GreenBrowser double free
document Double free on iframe tag

HP StorageWorks P2000 security vulnerabilities
updated since 16.01.2012
Default account, directory traversal.

EMC SourceOne information leakage
Information leakage via log files.

20.01.2012
Detailed

7! OpenSSL library multiple security vulnerabilities
document Double free(), protection bypass, information leakages, DoS conditions.

6! Apache Tomcat security vulnerabilities
DoS, information disclosure.

6! Cisco TelePresence System Integrator / Cisco IP Video Phone E20 default account vulnereability
updated since 21.11.2011
Default root account is enabled.

perl security vulnerabilities
document It's possible to inject eval expression into digest module constructor. Off-by-one overflow in decode_xs.

Microsoft AntiXSS library crossite scripting
updated since 11.01.2012
Crossite scripting during HTML parsing.

Site news

* 3proxy tiny freeware proxy 0.6 released for Windows, Unix, Linux, MacOS X / iPhone New!
* Article: Reverse Engineering with LD_PRELOAD

Archive by months:

* 2012/1	* 2011/12
* 2011/11	* 2011/10
* 2011/9	* 2011/8
* 2011/7	* 2011/6
* 2011/5	* 2011/4
* 2011/3	* 2011/2
* 2011/1	* 2010/12
* 2010/11	* 2010/10
* 2010/9	* 2010/8
* 2010/7	* 2010/6
* 2010/5	* 2010/4
* 2010/3	* 2010/2
* 2010/1	* 2009/12
* 2009/11	* 2009/10
* 2009/9	* 2009/8
* 2009/7	* 2009/6
* 2009/5	* 2009/4
* 2009/3	* 2009/2
* 2009/1	* 2008/12
* 2008/11	* 2008/10
* 2008/9	* 2008/8
* 2008/7	* 2008/6
* 2008/5	* 2008/4
* 2008/3	* 2008/2
* 2008/1	* 2007/12
* 2007/11	* 2007/10
* 2007/9	* 2007/8
* 2007/7	* 2007/6
* 2007/5	* 2007/4
* 2007/3	* 2007/2
* 2007/1	* 2006/12
* 2006/11	* 2006/10
* 2006/9	* 2006/8
* 2006/7	* 2006/6
* 2006/5	* 2006/4
* 2006/3	* 2006/2
* 2006/1	* 2005/12
* 2005/11	* 2005/10
* 2005/9	* 2005/8
* 2005/7	* 2005/6
* 2005/5	* 2005/4
* 2005/3	* 2005/2
* 2005/1	* 2004/12
* 2004/11	* 2004/10
* 2004/9	* 2004/8
* 2004/7	* 2004/6
* 2004/5	* 2004/4
* 2004/3	* 2004/2
* 2004/1

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

Share your news!

You may send information about any vulnerabilities to vuln@security.nnov.ru

Subscribe
Security news RSS/XML feed
Subscribtion options and news export - have SecurityVulns information on your site (no site script support required)!

Main forum:
Indexing every IP on the Internet
helping people
help to decoding string
Vulnerabilities on Linux Games
Risk assessment methodologies

3proxy forum:
3proxy 'external' IP address to load balance or backup on connections
3proxy-0.7 problem on Win NT 4.0
UDP on localhost
plugin
User Account

Links
Remove spyware with Exterminate It!

Inj3ct0r exploit database
Inj3ct0r.com / 1337db.com

test server

Computer Security Vulnerabilities