Computer Security
[EN] securityvulns.ru
no-pyccku




28.12.2010
Detailed
7!Microsoft Office multiple security vulnerabilities
updated since 15.12.2010
document Multiple memory corruptions in Publisher, multiple memory corruptions in graphics filters.
6!tor buffer overflow
updated since 28.12.2010
document Buffer overflow on request parsing.
 FlexVision agent information leak
document Information leak via TCP/3810 port service.
 libxml double free vulnerability
document Double free on Xpath processing.
  


27.12.2010
Detailed
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 28.12.2010
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


24.12.2010
Detailed
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


22.12.2010
Detailed
 SAP Sybase Afaria crossite scripting
document Crossite scripting in web administration interface.
 WinAmp integer overflow
updated since 01.12.2010
document Integer overflow in NSV streams parsing, MIDI files parsing.
  


21.12.2010
Detailed
8!Real Player multiple security vulnerabilities
updated since 14.12.2010
document Buffer overflows on RA5, RealMedia, AAC etc.
6!SAP Crystal Reports ActiveX buffer overflow
document Buffer overflow in ServerResourceVersion property of CrystalReports12.CrystalPrintControl.1 control.
 BSD systems CARDP protocol DoS
document It's possible to bring all nodes to backup state by using replay attack.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


20.12.2010
Detailed
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Ecava IntegraXor ActiveX buffer overflow
document Buffer overflow in "save" method.
 HP Insight Management Agents information leak
document It's possible to discover installation path.
  


17.12.2010
Detailed
6!HP StorageWorks MSA2000 backdoor account
updated since 15.12.2010
document Hidden backdoor account 'admin' with password '!admin'
 HP Power Manager code execution
   
 HP Discovery & Dependency Mapping Inventory
   
 Alt-N WebAdmin information disclosure
document It's possible to obtain file source code by adding %20 or %2e to request.
 Eucalyptus unauthorized access
document Old password is not verified during password reset in administration interface.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


16.12.2010
Detailed
9!Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.12.2010
document Crossite data access, multiple memory corruptions.
  


15.12.2010
Detailed
9!Microsoft Windows multiple security vulnerabilities
document OpenType Font parsing memory corruption, task scheduler privilege escalation, usafe DLL loading, multiple kernel vulnerabilities, Consent User Interface privilege escalation, Netlogon DoS.
7!Microsoft Sharepoint code execution
document Document Conversions Launcher Service code execution on SOAP request processing.
 Microsoft Exchange Server DoS
document Endless loop on RPC request processing.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Microsoft Hyper-V DoS
document VMBus messages vulnerability
 IBM Tivoli Storage Manager buffer overflow
document Buffer overflow in suid root dsmtca backup client.
 HP OpenVMS Integrity Servers DoS
   
 Apple Safari / Google Chrome address spoofing
   
 Clear iSpot / Clearspot crossite request forgery
document Crossite request forgery in administration interface.
  


14.12.2010
Detailed
 LiteSpeed Web Server buffer overflow
document Buffer overflow if PHP library is used.
 collectd DoS
document Crash on network packet parsing.
  


12.12.2010
Detailed
6!CA XOsoft buffer overflow
document Buffer overflow on SOAP request parsing.
6!PHP integer overflow
document NumberFormatter::getSymbol integer overflow.
6!ClamAV antivirus multiple security vulnerabilities
document Memory corruption on PDF and PE parsing.
 HP-UX DoS
document DoS against threaded applicatons.
 ManageEngine EventLog Analyzer vulnerabilities
document Crossite scripting, syslog DoS.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


10.12.2010
Detailed
10!Mozilla Firefox / Thinderbird / Seamonkey multiple security vulnerabilities
document Multiple memory corruptions, buffer overflows, vode execution protection bypass, privilege escalation, etc.
6!VMWare application multiple security vulnerabilities
updated since 06.12.2010
document Privilege escalation, code execution.
  


09.12.2010
Detailed
6!OpenSSL protection level downgrade
document Attacker can downgrade cipher level for subsequent connections.
 ImageMagic code execution
document Configuration file from current directory is used.
 Linux kernel multiple security vulnerabilities
updated since 01.12.2010
document Multiple DoS conditions, priviloege esclations, memory leaks from kernel memory, DoS via SCTP protocol, DoS via X.25.
  


08.12.2010
Detailed
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 08.12.2010
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
  


06.12.2010
Detailed
6!bind named DNS server vulnerabilities
document DoS, information leaks.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 Cisco IPSec information leakage
document It's possible to enumerate group names.
 Microsoft Windows hidden administrative group membership
document It's possible to include user's account into administrative group without direct group membership.
  


01.12.2010
Detailed
6!MIT Kerberos 5 multiple checksum vulnerabilities
document Checksum vulnerabilities in GSS-API, JDC, PAC and more.
 Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
document PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
 D-Link DIR-300/320/600/615 unauthorized access
updated since 10.11.2010
document It's possible to change administration password without knowledge of old password.
  

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru