Computer Security
[EN] securityvulns.ru no-pyccku



29.08.2012
Detailed
6!EMC Cloud Tiering Appliance authentication bypass
document Authentication bypass is possible.
6!libgc integer overflows
document Multiple integer overflows in malloc / calloc implementations.
 OpenOffice security vulnerabilities
updated since 06.08.2012
document Multiple buffer overflows.
  


27.08.2012
Detailed
8!HP Operations Agent for NonStop Server code execution
document Code execution on TCP/7771 and TCP/8976 packets parsing.
8!Apple QuickTime multiple security vulnerabilities
updated since 21.05.2012
document Multiple vulnerabilities in TexML, H.264, MP4, MPEG, PNG, QTVR, JPEG2000, PICT and different audio and video formats parsing.
8!Apple WebKit (iTunes, iPhone, Safari, Google Chrome) multiple security vulnerabilities
updated since 09.03.2012
document >70 of different memory corruption vulnerabilities, crossite scripting, information leakage.
7!HP LeftHand Virtual SAN Appliance unauthorized access
document TCP/13841 service authentication bypass
7!HP Intelligent Management code execution
document img.exe code execution on TCP/8800 request parsing.
7!IBM Lotus Notes code execution
document URI handler command injection.
6!Symantec Endpoint Protection code execution
document Multiple security vulnerabilities on TCP/8433 https request parsing.
6!Novell eDirectory buffer overflow
document Buffer overflow in RelativeToFullDN on LDAP request processing.
6!GE Proficy Real-Time Information Portal code execution
document Code execution on TCP/5159 traffic parsing.
 OpenLDAP DoS
document assert() on attrsOnly search request.
 HP Service Manager security vulnerabilities
document DoS, crossite scriptings.
 HP Fortify Software Security Center security vulnerabilities
document Information leakage.
 HP Integrity Server DoS
   
 Lsoft ListServ crossite scripting
document Crossite scripting via Web interface.
 Xend DoS conditions
document Different DoS conditions.
 PostgreSQL privilege escalation
document Privilege escalations via XML2 extension.
 ImageMagic memory corruption
document Memory corruption on PNG processing.
 HP Serviceguard DoS
   
 Nova security vulnerabilities
updated since 09.07.2012
document Privilege escalation, DoS.
 Cisco AnyConnect Secure Mobility Client multiple security vulnerabilities
updated since 25.06.2012
document Code execution, protection bypass.
 GIMP security vulnerabilities
document Memory corruptions on KISS CEL and GIF parsing.
  


26.08.2012
Detailed
9!Microsoft Windows multiple security vulnerabilities
updated since 11.07.2012
document Microsoft XML Services memory corruption, ADO memory corruption, kernel drivers vulnerabilities, Window Shell command injection, TLS vulnerabilities
7!Microsoft Office multiple security vulnerabilities
updated since 09.05.2012
document Memory corruption on RTF parsing, multiple Excel memory corruptions, memory corruption in Visio Viewer.
6!EMC Autostart buffer overflow
updated since 31.05.2012
document Multiple buffer overflows
  


20.08.2012
Detailed
9!Microsoft Windows multiple security vulnerabilities
document RDP user-after-free, Remote Administration Protocol multiple security vulnerabilities, Print Spooler Service format string vulnerability, user-after-free in win32k.sys.
8!Apple Mac OS X multiple security vulnerabilities
document Multiple vulnerabilities in different subsystems.
8!Microsoft Internet Explorer multiple security vulnerabilities
document Memory corruptions, integer overflow, function pointer corruption.
8!Oracle Java multiple security vulnerabilities
updated since 15.02.2012
document 14 different vulnerabilities.
7!SAP Crystal Reports buffer overflow
document Buffer overflow on network data parsing.
7!Microsoft Exchange Server WebReady Document Viewing multiple security vulnerabilities
document Multiple vulnerabilities in embedded Oracle Outside In technology.
7!Microsoft Windows multiple security vulnerabilities
updated since 13.06.2012
document Code execution via .Net, kernel and different kernel drivers privilege escalation.
7!Apple QuickTime multiple security vulnerabilities
updated since 31.10.2011
document Multiple memory corruption on different multimedia formats parsing, crossite scripting.
6!libotr multiple buffer overflows
document multiple heap overflows.
6!McAfee SmartFilter Administration Server code execution
document Code excution via RMI services.
 rssh restrictions bypass
document It's possible to execute shell commands.
 Cisco IOS XR DoS
document Crash on received packet processing.
 SAP Business Objects Financial Consolidation ActiveX buffer overflow
document CtAppReg.dll buffer overflow.
 Wireshark security vulnerabilities
updated since 13.08.2012
document Few different DoS conditions in NFS and PPP dissectors.
 GIMP script-fu buffer overflow
updated since 03.06.2012
document Buffer overflow on message parsing, shell execution.
 emacs protection bypass
document "enable-local-variables" doesn't work.
 Microsoft Visio buffer overflow
document Buffer overflow on DXF files prasing.
  


13.08.2012
Detailed
9!Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
updated since 20.07.2012
document Multiple memory corruptions, code execution, data spoofing, crossite scripting, information leakage.
9!Microsoft Windows multiple security vulnerabilities
updated since 09.05.2012
document TCP/IP privilege escalation, partition manager privilege escalation, multiple security vulnerabililities in .Net, Silverlight, font management, GDI+, window components, etc.
7!Linux kernel multiple security vulnerabilities
document Multiple DoS conditions, privilege escalation.
6!Oracle Business Transaction Management Server directory traversal
document FlashTunnelService allows arbitrary files deletion via SOAP interface.
6!Iomega StorCenter/EMC Lifeline unauthorized access
document Remote unauthenticated access is possible under some conditions.
6!libxml integer overflows
document Multiple integer overflows.
6!GE Intelligent Platforms Proficy Historian code execution
document Multiple Data Archiver (TCP/14000) service memory corruptions.
 OpenTTD DoS
document Few DoS conditions against game server.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Globus GridFTP privilege escalation
document Insufficient validation on name lookup.
 libtiff tiff2pdf code execution
document Code exeucution on tiff parsing.
 IBM Lotus iNotes / Quickr ActiveX code execution
document dwa85W.cab / QP2.cab ActiveX buffer overflow
 KOffice / Calligra code execution
document Code execution on MS Word document parsing.
 Oracle Sun Solaris Update Manager symbolic links vulnerability
updated since 30.07.2012
document Insecure temporary files creation.
 HP Network Node Manager i crossite scripting
updated since 09.07.2012
   
 AOL Deskbar ActiveX code exeuction
updated since 24.06.2012
document AOL dnUpdater ActiveX uninitialized potiner.
  


06.08.2012
Detailed
6!MIT Kerberos 5 security vulnerabilities
document Uninitialized pointer free, DoS.
 libjpeg-turbo
document Buffer overflow on JPEG decoding.
 QEMU sumbolic links vulnerability
document Symbolic links vulnerability on snapshot creation.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod