 |
|
|
|
| UltraVNC / TightVnc multiple integer overflows | | Published: |  | 05.02.2009 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 9647 | | Type: |  | remote | | Level: |  | 7/10 |
| Affected: |  | ULTRAVNC : UltraVNC 1.0 | | | | TIGHTVNC : TightVnc 1.3 | | CVE: |  | CVE-2009-0388 (Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code via a large length value in a message, related to the (a) ClientConnection::CheckBufferSize and (b) ClientConnection::CheckFileZipBufferSize functions in ClientConnection.cpp.) |
| Nokia Multimedia Player buffer overflow | | Published: | | 05.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9650 | | Type: | | local | | Level: | | 5/10 | | Description: |  | Heap buffer overflow on .pls parsing. |
| Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities | | Published: | | 05.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9653 | | Type: | | client | | Level: | | 8/10 | | Description: | | Memory corruption, crossite scripting, local files access, HTTP-only cookie leakage, caching for no-cache files. |
| CVE: | | CVE-2009-0358 (Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of the victim's browser, as demonstrated by reading the response page of an https POST request.) | | | | CVE-2009-0357 (Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls, related to the HTTPOnly protection mechanism.) | | | | CVE-2009-0356 (Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and execute arbitrary code with chrome privileges via vectors involving the URL field in a Desktop Entry section of a .desktop file, related to representation of about: URIs as jar:file:// URIs. NOTE: this issue exists because of an incomplete fix for CVE-2008-4582.) | | | | CVE-2009-0355 (components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.) | | | | CVE-2009-0354 (Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS) attacks, via vectors involving a chrome XBL method and the window.eval function.) | | | | CVE-2009-0353 (Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine.) | | | | CVE-2009-0352 (Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and destruction of arbitrary layout objects by the nsViewManager::Composite function.) |
| FeedDemon buffer overflow | | Published: | | 05.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9655 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Buffer overflow on OPML files parsing. |
| AREVA T&D e-terrahabitat multiple security vulnerabilities | | Published: | | 05.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9656 | | Type: | | remote | | Level: | | 6/10 |
| Affected: | | AREVATD : e-terrahabitat 5.5 | | | | AREVATD : e-terrahabitat 5.6 | | | | AREVATD : e-terrahabitat 5.7 | | CVE: | | CVE-2009-0214 (Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier allows remote authenticated users to gain privileges via unknown vectors, aka PD32022.) | | | | CVE-2009-0213 (Unspecified vulnerability in the NETIO application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32021.) | | | | CVE-2009-0212 (Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32020.) | | | | CVE-2009-0211 (Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to cause a denial of service (system crash) via unknown vectors, aka PD32018.) |
Mozilla / Firefox / Firebird / Netscape array overflow
updated since 31.05.2006 | | Published: | | 05.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 6204 | | Type: | | client | | Level: | | 7/10 | | Description: | | Array ovrflow on high marquee tag recursion level. |
NaviCopa HTTP Server buffer overflow
updated since 28.03.2007 | | Published: | | 05.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7481 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Stack buffer overflow (stack overrun) on oversized request to cgi-bin directory. Script content leak with "." added to path. |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 05.02.2009 | | Source: | | | | SecurityVulns ID: | | 9649 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| QiP DoS | | Published: | | 05.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9654 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Crash on RTF message parsing. |
| HP-UX IPv6 multiple security vulnerabilities | | Published: | | 05.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9646 | | Type: | | remote | | Level: | | 7/10 | | Description: | | Unauthorized access, Denial of Service. |
| Affected: | | HP : HP-UX 11.11 | | | | HP : HP-UX 11.23 | | | | HP : HP-UX 11.31 | | CVE: | | CVE-2008-4404 (The IPv6 Neighbor Discovery Protocol (NDP) implementation on IBM zSeries servers does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB), a related issue to CVE-2008-2476.) | | | | CVE-2008-2476 (The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB).) |
Cisco IOS crossite scripting
updated since 16.01.2009 | | Published: | | 05.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9592 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Crossite scripting in different scripts. |
| Novell Netware GWIA buffer overflow | | Published: | | 05.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9645 | | Type: | | remote | | Level: | | 7/10 | | Description: | | Off-by-one on oversized SMTP RCPT TO: command. |
| LCPlayer buffer overflow | | Published: | | 05.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9652 | | Type: | | local | | Level: | | 4/10 | | Description: | | Buffer overflow on .qt files parsing. |
| Cisco Wireless LAN Controller multiple security vulnerabilities | | Published: | | 05.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9648 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Multiple DoS conditions, privilege escalation. |
| Affected: | | CISCO : Catalyst 6500 | | | | CISCO : Cisco 4400 | | | | CISCO : Cisco 4100 | | | | CISCO : Catalyst 7600 | | | | CISCO : Catalyst 3750 | | CVE: | | CVE-2009-0062 (Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels.) | | | | CVE-2009-0061 (Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.1 allows remote attackers to cause a denial of service (device crash or hang) via unknown IP packets.) | | | | CVE-2009-0059 (The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authentication (aka WebAuth) session that includes a malformed POST request to login.html.) | | | | CVE-2009-0058 (The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial of service (web authentication outage or device reload) via unspecified network traffic, as demonstrated by a vulnerability scanner.) |
| Euphonics Audio Player buffer overflow | | Published: | | 05.02.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9651 | | Type: | | local | | Level: | | 4/10 | | Description: | | Buffer overflow on .pls files parsing. |
|
|
|
|
|
|
|
|
