Computer Security
[EN] securityvulns.ru
no-pyccku

  


30.11.2010
Detailed
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 HP LaserJet Multi Functional Devices unauthorized access
updated since 18.11.2010
document Unauthorized files access is possible.
  


28.11.2010
Detailed
6!Ghostscript buffer overflow
document Off-by-one buffer overflow in Ins_MINDEX()
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Mono code execution
document Untrusted search library.
  


24.11.2010
Detailed
7!Juniper VPN client unauthorized access
document It's possible to execute Internet Explorer with System rights before authentication via remote session.
 Apache Tomcat crossite scripting
document Crossite srcripting in Manager application.
 ZyXEL P-660R-T1 crossite scripting
document Crossite scripting via Web interface.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 PHP multiple security vulnerabilities
updated since 02.11.2010
document DoS, base_dir protection bypass, crossite scripting.
  


23.11.2010
Detailed
8!Apple Webkit / Safari / Google Chrome multiple security vulnerabilities
updated since 20.11.2010
document Integer overflows, memory corruptions, weak PRNG, use-after-free, crossite scripting, address spoofing, uninitialized pointer dereference.
  


19.11.2010
Detailed
8!OpenSSL buffer overflow
document Race conditions with buffer overflow.
  


18.11.2010
Detailed
8!Cisco Unified Videoconferencing multiple security vulnerabilities
document Hardcoded user accounts, command execution, unauthorized access, password storing in reversible encryption, weak permissions, session hijacking, information leaks.
 Camtron CMNC-200 camera multiple security vulnerabilities
document Buffer overflow in installable ActiveX component, directory traversal, backdoor accounts (m/merlin), unauthorized access, DoS.
 Babylon cross application scrypting
document Insufficient translated document content filtering before displaying content in the browser.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


15.11.2010
Detailed
8!ProFTPD security vulnerabilities
document Buffer overflow on TELNET_IAC ESC-sequence parsing. Directory traversal by creating symlinks with mod_site_misc module.
8!Microsoft Office multiple security vulnerabilities
updated since 10.11.2010
document Multiple memory corruptions, buffer overflows, integer overflows.
6!libxml2 memory corruption
document Memory corruption on XPath attributes parsing.
6!MySQL multiple security vulnerabilities
updated since 09.11.2010
document Unauthrozied ALTER DATABASE / UPGRADE DATA DIRECTORY files access, multiple DoS conditions.
 FreeBSD NULL pointer dereference
document pfs_getextattr tries to unlock the mutex which was not previously locked.
  


10.11.2010
Detailed
 libvpx library / Google Chrome buffer overflow
document Buffer overflow on WebM file parsing.
 ISC DHCP server DoS
document Crash on Relay-Forward packet with empty link-address field.
 libmbfl / {H{ information leak
document under some conditions portion of uninitialized memory is returned.
 Linux kernel information leak
document It's possible to access kernel uninitialied memory by using BPF filters.
 Microsoft Forefront Unified Access Gateway multiple security vulnerabilities
document Crossite scripting, form redirection.
  


09.11.2010
Detailed
6!Cisco ICM Setup Manager multiple security vulnerabilities
document Multiple vulnerabilities in Agent.exe (TCP/40078)
 Juniper Secure Access crossite scripting
document Multiple crossite scripting vulnerabilities.
 Cisco Unified Communications Manager shell characters vulnerability
document Shell characters vulnerability in /usr/local/cm/bin/pktCap_protectData suid binary.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


08.11.2010
Detailed
9!Adobe Flash Player multiple security vulnerabilities
document Multiple memory corruptions, code executions, crossite access, information leak, DoS.
6!Adobe Reader memory corruption
document Memory corruption in undocumented PrintSeps() javascript function.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 PAM authentuication modules multiple security vulnerabilities
document Different vulnerabilities in pam_xauth, pam_mail, pam_namespace modules.
  


04.11.2010
Detailed
 HP AssetCenter / AssetManager crossite scripting
   
 HP Software Update HPeDiag ActiveX security vulnerabilities
document Information leak, code execution.
 HP Version Control Repository Manager crossite scripting
   
 HP Virtual Server Environment / HP Virtual Connect Enterprise Manager unauthorized files access
   
 HP Storage Essentials unauthorized access
document Unauthorized access if LDAP is used.
 HP LoadRunner Web Tours DoS
   
 HP Palm WebOS multiple security vulnerabilities
document Code execution, files access.
 Broadsoft BroadWorks information leak
document Incoming and outgoing calls inrofmation is available without authentication.
 Apache Shiro protection bypass
document Protection bypass via directory traversal.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


02.11.2010
Detailed
8!Adobe Shockwave multiple security vulnerabilities
updated since 01.11.2010
document Multiple memory corruptions.
7!HP Insight multiple security vulnerabilities
document Directory traversal, code execution in different applications.
6!Dovecot multiple security vulnerabilities
document Symbolic links vulnerability, DoS, ACL restrictions bypass.
 SonicWALL SSL-VPN ActiveX buffer overflow
document Buffer overflow in SonicWALL SSL-VPN End-Point ActiveX Install3rdPartyComponent() method.
 Python DoS
document DoS via connection accept functions (asyncore and smtpd modules)
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


01.11.2010
Detailed
9!Mozilla Firefox / Thunderbird / Seamonkey buffer overflow
document Buffer overflow on document.write and DOM insertion is used in-the-wile for hidden malware installation.
6!WinAmp buffer overflow
document Buffer overflow on VP6 video parsing.
6!Teamspeak memory corruption
document Memory corruption on voice packet parsing.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 CiscoWorks buffer overflow
document TCP/443, TCP/1741 Web server buffer overflow.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru