Computer Security
[EN] securityvulns.ru no-pyccku


Epson Status Monitor weak permissions
Published:03.08.2009
Source:
SecurityVulns ID:10114
Type:local
Threat Level:
5/10
Description:Weak permissions for EPSON_EB_RPCV4_01 and EPSON_PM_RPCV4_01 servicse executables.
Affected:EPSON : EPSON Status Monitor 3
Original documentdocumentrgod, EPSON Status Monitor 3 local privilege escalation vulnerability (03.08.2009)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:03.08.2009
Source:
SecurityVulns ID:10115
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:XOOPS : XOOPS 2.3
 XAMPP : XAMPP 1.6
Original documentdocumentSalvatore "drosophila" Fresta, Blink Blog System Authentication Bypass (03.08.2009)
 documentMustLive, Cross-Site Scripting, CSRF, SQL Injection and Full path disclosure vulnerabilities in XAMPP (03.08.2009)
 documentSense of Security, XOOPS Multiple Cross-Site Scripting Vulnerabilities - Security Advisory - SOS-09-005 (03.08.2009)

znc IRC proxy directory traversal
Published:03.08.2009
Source:
SecurityVulns ID:10117
Type:remote
Threat Level:
6/10
Description:Directory traversal on DCC request.
Affected:ZNC : ZNC 0.066
 ZNC : ZNC 0.045
Original documentdocumentDEBIAN, [SECURITY] [DSA 1848-1] New znc packages fix remote code execution (03.08.2009)

Asterisk DoS
Published:03.08.2009
Source:
SecurityVulns ID:10118
Type:remote
Threat Level:
5/10
Description:Crash on RTP text frames processing.
Affected:DIGIUM : Asterisk 1.4
 ASTERISK : Asterisk 1.6
Original documentdocumentASTERISK, AST-2009-004: Remote Crash Vulnerability in RTP stack (03.08.2009)

Adobe Flash Player / AIR integer overflow
updated since 03.08.2009
Published:08.08.2009
Source:
SecurityVulns ID:10116
Type:client
Threat Level:
8/10
Description:Integer overflow in intrf_count field of instance_info structure
CVE:CVE-2009-1869 (Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.)
 CVE-2009-1868 (Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 08.07.09: Adobe Flash Player Invalid Loader Object Reference Vulnerability (08.08.2009)
 documentIDEFENSE, iDefense Security Advisory 08.06.09: Adobe Flash Player URL Parsing Heap Overflow Vulnerability (07.08.2009)
 documentRoee Hay, Advisory: Adobe Flash Player and AIR AVM2 intf_count Integer Overflow Remote Code Execution (CVE-2009-1869) (03.08.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod