31.01.2009 Detailed

6! FFMpeg (VLC, MPlayer, Perian, Xine) integer overflow   Integer overflow on 4X format parsing. 6! Google Chrome code execution   chromehtml: URI parameter injection. 6! dBpowerAMP Audio Player buffer overflow updated since 06.02.2008   Buffer overflow on m3u and pls files parsing.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. E107: обход CAPTCHA, межсайтовый скриптинг.

Linux kernel multiple security vulnerabilities   Multiple DoS conditions.

Ralinktech wireless adapter driver integer overflow updated since 20.01.2009   Integer overflow on oversized SSID.

30.01.2009 Detailed

Motorola CPEi300 WiMAX modem web interface multiple security vulnerabilities   Directory traversal, crossite scripting.

28.01.2009 Detailed

6! CUPS symbolic links vulnerability   Insecure /tmp/pdf.log file creation. 6! Apache Tomcat multiple security vulnerabilities updated since 01.08.2008   Crossite scripting, information leak.   SonyEricsson mobile phones WAP DoS   Crash on SMS or UDP/2948 WAP PUSH message handling.

Linux syscall filtering bypass   32 bit application can use 64 bit syscall and vice versa to bypass syscall filtering, because syscall numbers are different.

ganglia cluster monitoring tool buffer overflow   gmetad buffer overflow.

BEA (Oracle) WebLogic Server crossite scripting   Crossite scripting in administration console.

JetAudio buffer overflow   Buffer overflow on .m3u files parsing.

Total Video Player off-by-one overflow updated since 25.11.2008   Off-by-one heap buffer overflow on .au files parsing.

VUPlayer buffer overflow updated since 22.01.2009   Buffer overflow on .ASX / .VAX files parsing.

Browser3D buffer overflow   Buffer overflow on .sfs file parsing.

CA Antivirus protection bypass   Invalid archives handling.

25.01.2009 Detailed

6! EMC AutoStart code execution   Integer user controlled argument is used to calculate function pointer in ftbackbone.exe (listens TCP/8042).   AXIS Camera Control ActiveX buffer overflow   Buffer overflow in image_pan_tilt property.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

23.01.2009 Detailed

7! Apple QuickTime multiple security vulnerabilities updated since 22.01.2009   Memory corruptions on Cinepak, VR Track, STSD, AVI parsing.

22.01.2009 Detailed

7! Cisco Security Manager unauthorized access   Unauthorized MySQL database access is possible if used with Cisco IPS Event Viewer.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.   Cisco Unified Communications Manager DoS   Certificate Authority Proxy Function service DoS (TCP/3804).

Axis 70U Network Document Server multiple security vulnerabilities   Privilege escalation, unauthorized files acccess, crossite scripting.

scilab symbolic links vulnerability   Symbolic links vulnerability on temporary files creation.

21.01.2009 Detailed

Microsoft Windows fails to disable autorun   None of documented methods to disable autorun does it completely. This way of distribution is actively used by malware. CERT advises to add next record into registry (@ means default value for key). [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf] @="@SYS:DoesNotExist"

20.01.2009 Detailed

Microsoft Windows Mobile bluetooth stack directory traversal   OBEX FTP directory traversal.   Windows NTP Time Server Syslog Monitor DoS   Crash on malformed syslog packet   Trend Micro OfficeScan / Trend Micro Internet Security multiple security vulnerabilities   Firewall settings manipulations, DoS.

Fujitsu SystemcastWizard Lite buffer overflow   Buffer overflow on oversized PXE request.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 20.01.2009   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Power Phlogger: SQL injection, DoS.

18.01.2009 Detailed

6! Cisco ONS TCP DoS   Crash on TCP connection establishing. 6! Cusci IronPort Encryption Appliance / PostX multiple security vulnerabilities   Unauthorized access to encrypted messages, unauthorized access to administration interface.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

TFTPUtil GUI TFTP Server multiple security vulnerabilities   DoS, directory traversal.

VirtualBox symbolic links vulnerability   Insecure temporary files creation.

Avira Antivir multiple security vulnerabilities   Multiple DoS conditions and privilege escalations.

Excel Viewer ActiveX buffer overflow   Buffer overflow in Open method.

Sagem F@ST 2404 router DoS updated since 09.09.2008   Device crash on oversized Web interface URL string. Unauthorized access to router reset Web page.

OTSTurntables buffer overflow   Buffer overflow on .ofl files processing.

16.01.2009 Detailed

Syslserve DoS   Crash on malformed syslog message parsing.   WowWee Rovio webcam unauthorized access   Unauthorized access to RTSP stream and different configuration pages is possible.   Cisco VLAN trunking DoS   Switch reloads on malformed VTP packet.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. e-Vision CMS: crossite scripting.

Cisco SIP VoIP phones DoS   Crash on malformed RTP header parsing.

15.01.2009 Detailed

Netsurf browser multiple security vulnerabilities   Integer overflows and memory exhaustion.   Novell Netware ICEbrowser denial of service   Resources exhaustion with Javascript.

14.01.2009 Detailed

9! Microsoft Windows SMB multiple security vulnerabilities updated since 13.01.2009   Buffer overflows and DoS conditions. 6! RIM BlackBerry Enterprise Server buffer overflow updated since 13.01.2009   Buffer overflow on PDF attachments.   JHead multiple security vulnerabilities   Buffer overflow, symlink vulnerability, unfiltered shell characters vulnerability.

Zaptel privilege escalation   It's possible to overwrite kernel memory.

Solaris integer overflow   Integer overflow in SYS_kaio syscall.

PHP popen() function buffer overflow   Buffer overflow on oversized mode argument.

HP OpenView Network Node Manager DoS

Amarok multiple security vulnerabilities   Integer overflows, memory corruption.

KDE Konqueror DoS   Memory exhaustion on oversized SRC and HREF parameters

13.01.2009 Detailed

DevIL library buffer overflow   Buffer overflow in iGetHdrHeader() function on Radiance RGBE files processing.   PDFBuilderX ActiveX unauthorized filesystem access   Unsafe methods are available.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. FCKeditor: crossite scripting, information leak. WOSendNews: crossite scripting, information leak.

11.01.2009 Detailed

6! CA Service Metric Analysis / CA Service Level Management code execution   It's possible to execute commands with snmp service. 6! Cisco Global Site Selector Appliances DoS   Crash on malformed DNS requests sequence.   NETGEAR WG102 wireless router SNMP information leak   It's possible to retrieve write community with read community

IBM DataPower XS40 Security Gateway DoS   Crash on malformed SSL data.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Xaraya: crossite scripting

TSC2 Help Desk ActiveX buffer overflow   CTab ActiveX buffer overflow

Multiple FTP servers unsafe fgets() vulnerability updated since 30.09.2008   It's possible to embed additional commands into URLs.

09.01.2009 Detailed

6! VMWare ActiveX buffer overflow   VMDBCOMLib.VMList Initialize method buffer overflow.   Asterisk user account enumeration   Different replies for invalid username and password in IAX2 authentication.   Virgilio toolbar ActiveX DoS

Microsoft Internet Explorer DoS   Crash on recursive script creation with createElement().

06.01.2009 Detailed

6! Samba directory traversal   Root filesystem access is possible if "registry shares = yes" option is enabled.   Coolplayer buffer overflow   Buffer overflow on skin file parsing

05.01.2009 Detailed

Walusoft TFTPServer2000 directory traversal   Directory traversal in GET command.   Destiny Media Player buffer overflow   Buffer overflow on .lst files parsing.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PHPSlideshow: crossite scripting

Multiple FTP clients FTP bounce attack updated since 05.03.2007   Passive FTP implementation in multiple client allows to use FTP bounce attack for port scanning.

04.01.2009 Detailed

Linux kernel DoS   Race conditions during socket message input/ouput processing on Unix sockets.