 |
|
|
|
| Wireshark multiple security vulnerabilities | | Published: |  | 02.03.2009 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 9702 | | Type: |  | local | | Level: |  | 4/10 | | Description: |  | Vulnerabilities on different capture files format parsing. |
| Affected: |  | WIRESHARK : Wireshark 1.0 | | CVE: |  | CVE-2009-0601 (Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.) | | | | CVE-2009-0600 (Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame.) | | | | CVE-2009-0599 (Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file.) | | | | CVE-2009-0561 (Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Microsoft Office SharePoint Server 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via an Excel file with a Shared String Table (SST) record with a numeric field that specifies an invalid number of unique strings, which triggers a heap-based buffer overflow, aka "Record Integer Overflow Vulnerability.") | | | | CVE-2009-0560 (Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Field Sanitization Memory Corruption Vulnerability.") |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 02.03.2009 | | Source: | | | | SecurityVulns ID: | | 9703 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Cetera CMS: crossite scripting
|
| HTC Touch DoS | | Published: | | 02.03.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9705 | | Type: | | remote | | Level: | | 5/10 | | Description: | | vCard files are accepted and imported without user intervation . |
| Hex Workshop buffer overflows | | Published: | | 02.03.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9704 | | Type: | | local | | Level: | | 5/10 | | Description: | | Buffer overflow on .cmap and .hex files parsing. |
| dkim-milter Domain Keys authentication filter DoS | | Published: | | 02.03.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9706 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Crash on invalid DNS kay. |
|
|
|
|
|
|
|
|
