Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:04.04.2011
Source:
SecurityVulns ID:11550
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MYBB : Mybb 1.6
 AWCMCMS : AR Web Content Manager 2.2
Original documentdocumentSecPod Research, AR Web Content Manager (AWCM) Cross-Site scripting Vulnerability (04.04.2011)
 documentMustLive, AoF, IAA, XML Injection и XSS уязвимости в MyBB (04.04.2011)
 documentMustLive, Уязвимости в MyBB (04.04.2011)

Microsoft Windows shmedia.dll DoS
Published:04.04.2011
Source:
SecurityVulns ID:11551
Type:library
Threat Level:
4/10
Description:Division by zero on AVI preview creation.
Original documentdocumentfb1h2s Hack 2 Secure, Microsoft Windows shmedia.dll Division By Zero, Explore.exe DOS exploit . (04.04.2011)

FreeBSD sendfile() information leak
updated since 07.04.2005
Published:04.04.2011
Source:
SecurityVulns ID:4640
Type:library
Threat Level:
5/10
Description:If file size it changed content of kernel memory can be disclosured.
Affected:FREEBSD : FreeBSD 4.8
 FREEBSD : FreeBSD 4.10
 FREEBSD : FreeBSD 5.3
 FREEBSD : FreeBSD 5.4
 FREEBSD : FreeBSD 4.11
Original documentdocumentSolar Designer, 6-year FreeBSD-SA-05:02.sendfile exploit (04.04.2011)
 documentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-05:02.sendfile (06.04.2005)
Files:FreeBSD master.passwd disclosure exploit
 sendump - FreeBSD-SA-05:02.sendfile exploit

Movie Player buffer overflow
Published:04.04.2011
Source:
SecurityVulns ID:11552
Type:local
Threat Level:
4/10
Description:Buffer overflow on AVI parsing.
Affected:MOVIEPLAYER : Movie Player 4.82
Original documentdocument^Xecuti0N3r, Movie Player v4.82 0Day Buffer overflow/DOS Exploit (04.04.2011)
Files:Movie Player v4.82 0Day Buffer overflow/DOS Exploit

Hp-UX DoS
Published:04.04.2011
Source:
SecurityVulns ID:11553
Type:local
Threat Level:
5/10
Affected:HP : HP-UX 11.23
 HP : HP-UX 11.31
CVE:CVE-2011-0891 (Unspecified vulnerability in the OS-Core.CORE2-KRN fileset in HP HP-UX B.11.23 and B.11.31 allows local users to cause a denial of service via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBUX02646 SSRT100396 rev.1 - HP-UX, Local Denial of Service (DoS) (04.04.2011)

RealNetworks Helix DNA Server buffer overflow
Published:04.04.2011
Source:
SecurityVulns ID:11554
Type:remote
Threat Level:
7/10
Description:Buffer overflow on RTSP processing.
Affected:REAL : Helix DNA Server 14.0
CVE:CVE-2010-4596 (Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 03.31.10: RealNetworks Helix DNA Server RTSP Stack Buffer Overflow (04.04.2011)

HP Operations for UNIX crossite scripting
Published:04.04.2011
Source:
SecurityVulns ID:11555
Type:remote
Threat Level:
5/10
CVE:CVE-2011-0894 (Unspecified vulnerability in HP Operations 9.10 on UNIX platforms allows remote authenticated users to bypass intended access restrictions via unknown vectors.)
 CVE-2011-0893 (Cross-site scripting (XSS) vulnerability in HP Operations 9.10 on UNIX platforms allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Original documentdocumentHP, [security bulletin] HPSBMA02650 SSRT100429 rev.1 - HP Operations for UNIX, Remote Cross Site Scripting (XSS), Unauthorized Access (04.04.2011)

Multiple BSD systems IPSec IP Compression stack overflow
Published:04.04.2011
Source:
SecurityVulns ID:11556
Type:remote
Threat Level:
8/10
Description:kernel stack overflow on packet parsing.
Original documentdocumentTavis Ormandy, BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload (04.04.2011)
Files:BSD IPComp Kernel Stack Overflow Testcase

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod