Computer Security
[EN] securityvulns.ru no-pyccku


Metropolis Technologies OfficeWatch directory traversal
Published:04.10.2011
Source:
SecurityVulns ID:11946
Type:remote
Threat Level:
5/10
Description:Embedded web server directory traversal.
Affected:metropolis : OfficeWatch 2011.06
Original documentdocumentddivulnalert_(at)_ddifrontline.com, DDIVRT-2011-34 Metropolis Technologies OfficeWatch Directory Traversal (04.10.2011)

GenStat memory corruption
Published:04.10.2011
Source:
SecurityVulns ID:11948
Type:local
Threat Level:
3/10
Description:Memory corruptions on GWB and GSH files processing.
Affected:VSNI : GenStat 14.1
Original documentdocumentLuigi Auriemma, Vulnerabilities in GenStat 14.1.0.5943 (04.10.2011)

Cytel Studio memory corruptions
Published:04.10.2011
Source:
SecurityVulns ID:11949
Type:local
Threat Level:
3/10
Description:Memory corruptions on CY3, CYL, CYB files parsing.
Affected:CYTEL : Cytel Studio 9.0
Original documentdocumentLuigi Auriemma, Vulnerabilities in Cytel Studio 9 (04.10.2011)

ThinVNC / ThinRDP directory traversal
Published:04.10.2011
Source:
SecurityVulns ID:11947
Type:remote
Threat Level:
5/10
Description:Directory traversal in embedded web server.
Affected:THINVNC : ThinVNC 2.0
 THINVNC : ThinRDP 1.0
 THINVNC : ThinVNC Access Point 2.0
Original documentdocumentddivulnalert_(at)_ddifrontline.com, DDIVRT-2011-36 Cybele Software, Inc. ThinVNC Product Suite Arbitrary File Retrieval (04.10.2011)

SonicWall NSA 4500 protection bypass
Published:04.10.2011
Source:
SecurityVulns ID:11950
Type:remote
Threat Level:
4/10
Description:ARP spoofing protection doesn't work if used in conjunction
Affected:SONICWALL : SonicWall NSA 4500
Original documentdocumenthvazquez_(at)_pentest.es, Multiple vulnerabilities in SonicWall (04.10.2011)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 04.10.2011
Published:04.10.2011
Source:
SecurityVulns ID:11945
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHORUM : Phorum 5.2
 VTIGER : vTiger CRM 5.2
 ELASTIX : Elastix PBX 2.0
 NETVOLUTION : Netvolution 2.5
 SONICWALL : SonicWall Viewpoint 6.0
CVE:CVE-2011-3340 (SQL injection vulnerability in ATCOM Netvolution 2.5.8 ASP allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.)
Original documentdocumentYGN Ethical Hacker Group, vTiger CRM 5.2.x <= Remote Code Execution Vulnerability (05.10.2011)
 documentYGN Ethical Hacker Group, vTiger CRM 5.2.x <= Multiple Cross Site Scripting Vulnerabilities (04.10.2011)
 documentVulnerability Lab, SonicWall Viewpoint v6.0 SP2 - SQL Injection Vulnerability (04.10.2011)
 documentMustLive, Vulnerability in multiple themes for Drupal (04.10.2011)
 documentsschurtz_(at)_t-online.de, Phorum 5.2.18 Cross-site scripting vulnerability (04.10.2011)
 documentDimitris Glynos, Netvolution referer header SQL injection vulnerability (04.10.2011)
 documentBassem Ammar, Elastix PBX Extensions Enumeration (04.10.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod