30.09.2009 Detailed

6! HP Remote Graphics Software unauthorized access         Adobe Photoshop Elements weak service permissions   Weak permissions for AdobeActiveFileMonitor8.0 service allow executable file spoofing.   TrustPort Antivirus / TrustPort PC Security weak security permissions   Weak permissions for program files.

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

RarLab WinRAR filenames spoof   Visible filename inside ZIP archive can differ from extracted file name.

28.09.2009 Detailed

xmltooling / opensaml / Shibboleth multiple security vulnerabilities   Certificates spoofing, memory corruption.

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.   Cisco ACE XML Gateway information leakage   Internal address of server is leaked on some HTTP requests.

VLC Media Player buffer overflow   Buffer overflow on .xspf playlists parsing.

25.09.2009 Detailed

6! Tivoli Storage Manager backup client buffer overflow updated since 25.09.2007   Buffer overflow on oversized TCP/1581 HTTP request Host: header.

24.09.2009 Detailed

8! Cisco IOS multiple security vulnerabilities updated since 23.09.2009   Multiple DoS conditions, restriction bypass. 6! Cisco Unified Communications Manager DoS   Crash on SIP request handling. 6! Adobe Robohelp unauthorized access   File upload and execution is possible for TCP/8080 Web server.

glib library privilege escalation   g_file_copy function sets symbolic link's permission if source file is copied by symbolic link.

Sun Solarsi dmispd DoS   Resource exhaustion in RPC-based service.

newt library memory corruption   Memory corruption on text field parsing.

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 24.09.2009   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

23.09.2009 Detailed

6! Apache mod_proxy_ftp multiple security vulnerabilities   Denial of service, restrictions bypass. 6! squid proxy DoS updated since 10.08.2009   Crash on request or response headers parsing.   HP-UX Role-Based Access Control privilege escalation

HP Procurve IDM privilege escalation

Avast Antivirus privilege esclalation   Memory corruption on IOCTL processing.

Xfig symbolic links vulnerability   Different files are created in insecure manner.

nginx directory traversal   Directory traversal with webdav enabled.

Check Point Connectra crossite scripting   /Login/Login crossite scripting.

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 23.09.2009   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

changetrack shell characters vulnerability   Shell characters vulnerability via filenames.

22.09.2009 Detailed

6! PostgreSQL multiple security vulnerabilities   Denial of Service, privilege escalation, LDAP authentication bypass.   Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 21.09.2009   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

21.09.2009 Detailed

6! Backdoor in Qnap storage devices   During encryption additional encryptiuon key is created and stored in device flash memory. 6! Avaya Intuity Audix LX multiple security vulnerabilities   Multiple web interface vulnerabilities including remote code exectuion.

18.09.2009 Detailed

7! Multiple BSD and Linux systems strfmon() libc / glibc function integer overflow updated since 27.03.2008   Integer overflow on format specificator in strfmon(). NULL pointer dereference in printf().   libicu multibyte character sequences invalid parsing.

17.09.2009 Detailed

QuickSoft EasyMail ActiveX buffer overflow   Buffer overflows in connect() and AddAttachment() methods.   nginx DNS cache poisoning   Invalid implementation of caching algorithm.   Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

HP-UX bootpd DoS

Apple Safari / WebKit DoS   NULL pointer dereference on submitting form with empty select list <form> <select name="kill"><optgroup></optgroup></select> <input type="submit"> </form>

16.09.2009 Detailed

3Com Wireless 8760 access point unauthorized access   During authorized user's session it's possible for another user to access configuration pages without authentication.

15.09.2009 Detailed

6! nginx proxy server memory corruption   Memory corruption on HTTP request URI. 6! Apple iPhone buffer overflow   Buffer overflow in Audio Codecs on AAC and MP3 streams parsing. 6! BSD systems kevent race conditions updated since 24.08.2009   Race conditions on SMP systems.

Proland Software Protector Plus antivirus weak permissions   Executable files have Everyone:Full Control permissions.

WarFTPd FTP Server DoS

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

14.09.2009 Detailed

7! libpurple / Pidgin multiple security vulnerabilities   Multiple vulnerabilities on MSN, Yahoo IM, IRC, jabber protocol parsing.   htmldoc buffer overflow   Buffer overflow on oversized MEDIA SIZE comment.   Siemens Gigaset SE361 router DoS   Crash on TCP/1723 data.

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

11.09.2009 Detailed

8! Apple QuickTime multiple security vulnerabilities   Buffer overflow on MPEG-4, H.264 and FlashPix data parsing. 7! Mozilla Firefox multiple security vulnerabilities updated since 10.09.2009   Code execution, memory corruptions, address spoofing, hidden certificate installation.

10.09.2009 Detailed

FreeRADIUS RADIUS server DoS   Crash on zero-length Tunnel-Password attribute.   TkMan symbolic links vulnerability   Different symbolic links vulnerabilities on temporary files handling.   cmus symbolic links vulnerability   Insecure creation of /tmp/cmus-status file.

screenie symbolic links vulnerabilities   Temporary file /tmp/.screenie.##### is created in insecure way.

LMBench symbolic links vulnerability   Insecure temporary files creation.

gcc-xml symlink vulnerability   Symbolic links vulnerability on insecure temporary files creation.

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

aria2 download manager buffer overflow   Buffer overflow on DHT parsing.

dnsmasq TFTP server multiple security vulnerabilities   Heap buffer overrun, NULL pointer dereference.

09.09.2009 Detailed

8! Microsoft Windows Wireless LAN AutoConfig service buffer overflow   Buffer overflow on access point frame parsing. 8! Microsoft Windows Media formats security vulnerabilities   Uninitialized pointer free() on ASF files parsing, memory corruption on MP3 files parsing. 8! Microsoft Windows JavaScript engine memory corruption   Memory corruption on "arguments" keyword parsing.

7! Microsoft DHTML ActiveX code execution

6! yTNEF è Evolution TNEF attachment decoder   Buffer overflow, directory traversal.

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. ALFcontact for

IBM Lotus Notes 8.5 RSS Widget crossite scripting   Scripting in local host zone is possible.

Novell eDirectory DoS   CPU exhaustion on TCP/8028 requests processing.

Nokia Trolltech Qt4 SSL certificate spoofing   certificate spoofing with \0 symbol in domain name.

08.09.2009 Detailed

6! GemStone/S buffer overflow   Buffer overflow in /opt/gemstone/sys/stoned on -e and -l command line switches. 6! IPSwitch WS_FTP format string vulnerability   Format string vulnerability on HTTP server response parsing.   Apple Safari / WebKit DoS   Stack overflow (stack memory exhaustion) on eval() expression parsing.

07.09.2009 Detailed

6! OpenOffice multiple security vulnerabilities updated since 02.09.2009   Buffer overflow and integer overflow on Microsoft Word and EMF documents parsing, vulnerable version in included VCRedist_x86.   VMWare VMnc code multiple security vulnerabilities   Buffer overlfow on video files parsing.   cyrus-imapd / Dovecot integer overflow   Integer overflow on SIEVE mail flow management scripts processing.

04.09.2009 Detailed

8! Adobe Acrobat / Reader code execution updated since 21.02.2009   Vulnerability is used in-the-wild for hidden malware installations. Recomendations are to disable PDF displaying inside browser and Javascript in PDF documents. Buffer overflow in JBIG2 decoding, buffer overflow in getIcon() javascript function.   silc format string vulnerability   Multiple format string vulnerabilities on different messages parsing.   Asterisk IAX2 DoS   15-bit call number resource exhaustion.

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. ALFcontact for Joomla: crossite scripting.

03.09.2009 Detailed

devscripts code execution   perl sctipt downloaded from untrusted source is executed.

02.09.2009 Detailed

6! dnsmasq multiple security vulnerabilities   Multiple vulnerabilities on TFTP processing.   Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 02.09.2009   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.   Opera Unite multiple security vulnerabilities   Request spoofing, crossite scripting, information leak, etc.

BKAV eOffice code execution

VMWare Studio directory traversal   Directory traversal in Web interface.

Network Appliance NetCache DoS   Error on Cache-Control: prefetch processing.