Computer Security
[EN] securityvulns.ru no-pyccku


Adobe Pagemaker buffer overflow
updated since 30.10.2008
Published:03.11.2008
Source:
SecurityVulns ID:9396
Type:local
Description:Buffer overflow on .PMD files parsing.
Affected:ADOBE : PageMaker 7.0
CVE:CVE-2007-6432
 CVE-2007-6021 (Heap-based buffer overflow in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a .PMD file with a crafted font structure.)
 CVE-2007-5394 (Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a .PMD file with a crafted font structure, a different vulnerability than CVE-2007-5169 and CVE-2007-6432.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 10.30.08: Adobe PageMaker Key Strings Stack Buffer Overflow (03.11.2008)
 documentSECUNIA, Secunia Research: Adobe PageMaker PMD File Processing Buffer Overflows (30.10.2008)

IBM Tivoli Storage Manager Express buffer overflow
Published:03.11.2008
Source:
SecurityVulns ID:9402
Type:remote
Threat Level:
6/10
Description:Buffer overflow in dsmcat.exe service in Storage Manager for Microsoft SQL.
Original documentdocumentZDI, ZDI-08-071: IBM Tivoli Storage Manager Express for Microsoft SQL Heap Overflow Vulnerability (03.11.2008)

Novell eDirectory memory corruption
Published:03.11.2008
Source:
SecurityVulns ID:9403
Type:remote
Threat Level:
6/10
Description:Memory corruption on 'Get NCP Extension Information By Name Request' of NCP protocol.
Affected:NOVELL : eDirectory 8.8
Original documentdocumentIDEFENSE, iDefense Security Advisory 10.30.08: Novell eDirectory NCP Get Extension Information Request Memory Corruption Vulnerability (03.11.2008)

Protection bypass and crossite scripting in Sonicwall SOHO
updated since 17.05.2002
Published:03.11.2008
Source:
SecurityVulns ID:2020
Type:remote
Threat Level:
5/10
Description:It's possible to access banned site and to insert javascript into log file by using URL javascript injection.
Affected:SONICWALL : Sonicwall SOHO 5.0
 SONICWALL : SonicWALL Pro 2040
Original documentdocumentZDI, ZDI-08-070: SonicWALL Content-Filtering Universal Script Injection Vulnerability (03.11.2008)
 documentE M, Sonicwall SOHO Content Blocking Script Injection, LogFile Denial of Service (17.05.2002)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod