Computer Security

Search:Vulnerability:04.06.2008
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



libxslt memory corruption
Published:04.06.2008
Source:BUGTRAQ
SecurityVulns ID:9046
Type:library
Level:6/10
Description:XSL file parsing memory corruption.
Affected:LIBXSLT : libxslt 1.1
CVE:CVE-2008-1767
Original documentdocumentGENTOO, [ GLSA 200806-02 ] libxslt: Execution of arbitrary code (04.06.2008)
Discuss:Read or add your comments to this news (0 comments)

Linux kernel multiple security vulnerabilities
Published:04.06.2008
Source:BUGTRAQ
SecurityVulns ID:9048
Type:local
Level:5/10
Description:fcntl() race conditions, tehuti driver privilege escalation.
Affected:LINUX : kernel 2.6
CVE:CVE-2008-1675 (The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.)
 CVE-2008-1669
 CVE-2008-1375 (Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.)
Original documentdocumentUBUNTU, [USN-614-1] Linux kernel vulnerabilities (04.06.2008)
Discuss:Read or add your comments to this news (0 comments)

C6 Messenger Installation Url Downloader ActiveX code execution
Published:04.06.2008
Source:BUGTRAQ
SecurityVulns ID:9047
Type:client
Level:6/10
Description:It's possible to download and execute file. Vulnerability is used in-the-wild for hidden trojan code installation.
Original documentdocumentipsdix_(at)_gmail.com, [NSG 03-06-2008] C6 Messenger Installation Url DownloaderActiveX Control Remote Download & Execute Exploit (04.06.2008)
Discuss:Read or add your comments to this news (0 comments)

libvorbis multiple security vulnerabilities
updated since 04.06.2008
Published:25.08.2009
Source:BUGTRAQ
SecurityVulns ID:9045
Type:library
Level:6/10
Description:Multiple integer overflows and denial of service.
Affected:LIBVORBIS : libvorbis 1.1
CVE:CVE-2009-2663 (libvorbis before r16182, as used in Mozilla Firefox before 3.0.13 and 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg file.)
 CVE-2008-1423
 CVE-2008-1420
 CVE-2008-1419
Original documentdocumentUBUNTU, [USN-825-1] libvorbis vulnerability (25.08.2009)
 documentDEBIAN, [SECURITY] [DSA 1591-1] New libvorbis packages fix several vulnerabilities (04.06.2008)
Discuss:Read or add your comments to this news (0 comments)

Apache Tomcat crossite scripting
updated since 04.06.2008
Published:25.02.2010
Source:BUGTRAQ
SecurityVulns ID:9044
Type:remote
Level:5/10
Description:host-manager username crossite scripting.
Affected:APACHE : Tomcat 5.5
 APACHE : Tomcat 6.0
 CA : CA Service Desk 12.1
CVE:CVE-2008-1947
Original documentdocumentCA, CA20100222-01: Security Notice for CA Service Desk (25.02.2010)
 documentAPACHE, [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability (04.06.2008)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server