Computer Security
[EN] securityvulns.ru
no-pyccku

  


26.07.2011
Detailed
7!libpng library multiple security vulnerabilities
document Multiple vulnerabilities on PNG parsing.
6!Apple iWork multiple security vulnerabilities
document Memory corruptions on Word and Excel files processing.
6!Shibboleth / opensaml signature wrapping attacks
document It's possible to spoof signed content.
6!Cisco ASR 9000 DoS
document Crash on IP packet processing.
 D-link DPH 150SE/E/F1 IP Phones multiple security vulnerabilities
document Multiple web interface unauthorized access possibilities.
 libsndfile buffer overflow
document Buffer overflow on Ensoniq PARIS Audio Format (PAF) parsing.
 opie security vulnerabilities
document Privilege escalation, off-by-one buffer overflow.
 Securstar DriveCrypt multiple security vulnerabilities
document DoS, information leakage, privilege escalation.
 HTC Android devices directory traversal
document OBEX FTP bluetooth request directory traversal.
 Likewise Open SQL injection
document Privilege escalation is possible.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Apple iOS (iOS) security vulnerabilities
updated since 18.07.2011
document Privilege escalation, code execution via PDF documents.
 kvm code execution
updated since 06.07.2011
document virtio commands processing code execution.
 logrotate multiple security vulnerabilities
updated since 06.04.2011
document Race conditions, unfiltered shell characters vulnerability, DoS.
 FreeRADIUS OCSP vulnerability
document Revoked certificate may be used due to validation error.
  Elitecore Cyberoam UTM crossite scripting
document Crossite scripting in Web interface.
 Wireshark sniffer DoS
document Infinite loop on Lucent/Ascend files parsing.
  


22.07.2011
Detailed
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.06.2011
document mhtml handler cross application scripting, VML processor memory corruption, multiple internet explorer memory corruptions, information leakage.
 Apache mod_authnz_external module SQL injection
document SQL injection via username.
 libvirt integer overflow
   
 CA Gateway Security / Total Defense memory corruption
document Memory corruption on TCP/8080 HTTP request parsing.
  


18.07.2011
Detailed
9!Oracle / Sun / Peoplesoft applications multiple security vulnerabilities
updated since 13.10.2010
document CPU closes nearly 90 of different vulnerabilities in different applications.
7!EMC Documentum eRoom
document HummingBird Client Connector buffer overflow and code execution
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 18.07.2011
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Citrix Access Gateway ActiveX buffer overflow
document Buffer overflow on server data parsing.
 Alice 1111 ADSL modem security vulnerabilities
document DoS, crossite scripting.
 Apache Tomcat information leakage
document Some security limitations are not checked for sendfile().
 Torque Server buffer overflow
document Buffer overflow on oversized job name.
 Dell IT Assistant ActiveX information leakage
document readRegVal allows registry values access.
  


14.07.2011
Detailed
6!apt GPG signature check vulnerability
document GPG sugnatures are incorrectly validated.
6!PalTalk messenger ActiveX insecure methods
document It's possible to save files into arbitrary locations.
 OpenOffice memory corruption
document Memory corruption on .lwp files import.
 Sybase Advantage Server buffer overflow
updated since 04.07.2011
document Off-by-one overflow on TCP/6262, UDP/6262 traffic parsing. Format string vulnerability on TCP/5001 traffic processing.
  


13.07.2011
Detailed
7!Microsoft Windows multiple security vulnerabilities
document Uninitialized memory reference in Bluetooth stack, multiple memory handling vulnerabilities in Windows kernel, multiple privilege escalations in CSRSS.
6!TrendMicro Control Manager security vulnerabilities
document Integer overflow on TCP/20801 request handling. SQL injection.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Microsoft Visio insecure DLL loading
document Unsafe DLL loading on associated files opening.
  


11.07.2011
Detailed
7!Apache Santuario library buffer overflow
document Buffer overflow on oversized key.
6!Blue Coat Authentication and Authorization Agent buffer overflow
document Buffer overflow during TCP/16102 authentication process.
 HP OpenView Communication Broker arbitrary files deletion
document Arbitrary files deletion via TCP/383 service.
 HP-UX Dynamic Loader Privilege Escalation
   
 IDrive Online Backup ActiveX unsafe method
document Unsafe SaveToFile() method
 Aruba Airwave / ArubaOS crossite scripting
document Crossite scripting with SSID.
 Cisco Content Services Gateway DoS
document Device may be crashed via ICMP packets.
 aTube Catcher ActiveX insecure method
document Isnecure ChilkatCrypt2.ChilkatOmaDrm.1 method allows to corrupt files.
  


09.07.2011
Detailed
7!ISC bind named DNS server DoS
updated since 06.07.2011
document Crash on request processing.
 foobar2000 integer overflow
document Integer overflow on WAV parsing.
  


06.07.2011
Detailed
8!OpenSSH buffer overflow
document Buffer overflow on oversized username if pam_opie is enabled.
8!Apple Mac OS X multiple security vulnerabilities
updated since 04.07.2011
document DoS conditions, buffer overflows, information leaks, code execution in different subsystems.
7!PHP directory traversal
document Directory traversal in RFC 1867 files upload.
6!Novell ZenWorks Handheld Management directory traversal
document Directory traversal on TCP/2398 request processing.
6!NetBSD network functions buffer overflow
document Buffer overflow on oversized argument in getservbyname() and getservbyport().
  HP Intelligent Management Center User Access Manager code execution
document  Buffer overflow on TCP/9090 data processing.
 HP OpenView Storage Data Protector multiple security vulnerabilities
document Multiple vulnerabilities in TCP/5555 service.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Cisco VPN client weak permissons
document Weak installation permissions allow unprivileged user to overwrite executable.
 WinAmp multiple security vulnerabilities
updated since 04.07.2011
document Multiple vulnerabilities on FLV and MIDI files parsing.
  


04.07.2011
Detailed
8!Apple QuickTime multiple security vulnerabilities
updated since 12.12.2010
document Memory corruptions on MPEG, Sorenson, AVI, JP2, FlashPix, GIF, PICT, QTVR and another video formats parsing.
7!Citrix EdgeSight buffer overflow
document Buffer overflow on TCP/18747 request parsing.
6!Novell File Reporter Engine buffer overflow
document Buffer overflow on TCP/3035 HTTPs response parsing.
 Asterisk user account enumeration
document Different replies on mismatched usernames and passwords.
 pidgin instant messenger DoS
document Memory exhaustion on GIF icons parsing.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 smallftp DoS
document Connection flood causes server to hang or crash.
 Ashampoo 3D CAD ActiveX unsafe method
document Unsafe SaveData method allows to create files.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru