Computer Security
[EN] securityvulns.ru no-pyccku


Asterisk VoIP server buffer overflow
Published:05.07.2007
Source:
SecurityVulns ID:7890
Type:remote
Threat Level:
7/10
Description:Multiple buffer overflows if T38 fax over SIP is enabled.
Affected:DIGIUM : Asterisk 1.4
Original documentdocumentNGSSoftware Insight Security Research Advisory (NISR), Multiple Remote unauthenticated stack overflows in Asterisk chan_sip.c (05.07.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:05.07.2007
Source:
SecurityVulns ID:7891
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SAPHPLESSON : SaphpLesson 2.0
 ZENCART : Zen Cart 1.3
 WORDPRESS : WordPress 2.2
 MAIAMAILGUARD : Maia Mailguard 1.0
Original documentdocumentNetragard Security Advisories, [NETRAGARD SECURITY ADVISORY][Maia Mailguard 1.0.2 Arbitrary Code Execution][NETRAGARD-20070628] (05.07.2007)
 documentNick S. Coblentz, Redirection Vulnerability in wp-pass.php, WordPress 2.2.1 (05.07.2007)
 documenttomaz.bratusa_(at)_teamintell.com, Session fixation in Zen Cart CMS (05.07.2007)
 documentSw33t.h4cK3r_(at)_hotmail.com, SQL Injection in SaphpLesson2.0 "show.php" (05.07.2007)

GIMP GNU image manipulation program buffer overflow
Published:05.07.2007
Source:
SecurityVulns ID:7892
Type:client
Threat Level:
5/10
Description:Heap buffer overflow on PSD image parsing.
Affected:GNU : GIMP 2.2
CVE:CVE-2007-2949 (Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.)

SAP DB Web server buffer overflow
Published:05.07.2007
Source:
SecurityVulns ID:7894
Type:remote
Threat Level:
6/10
Description:Buffer overflow in enclosured Web server (TCP/9999).
Affected:SAP : SAP DB 7.4
Original documentdocumentMark Litchfield, SAP DB Web Server Stack Overflow (05.07.2007)

SAP Message Server multiple buffer overflows
Published:05.07.2007
Source:
SecurityVulns ID:7895
Type:remote
Threat Level:
6/10
Description:Buffer overflows in services on ports TCP/3600, TCP/8100 and others.
Original documentdocumentMark Litchfield, SAP Message Server Heap Overflow (05.07.2007)

SAP Internet Communication Manager DoS
Published:05.07.2007
Source:
SecurityVulns ID:7897
Type:remote
Threat Level:
6/10
Description:DoS on 264 bytes long URI if Web caching is used.
Original documentdocumentMark Litchfield, Internet Communication Manager Denial Of Service Attack (05.07.2007)

HP Instant Support Driver Check ActiveX buffer overflow
updated since 04.07.2007
Published:05.07.2007
Source:
SecurityVulns ID:7886
Type:client
Threat Level:
6/10
Description:Buffer overflow in queryHub() method.
Affected:HP : HP Instant Support - Driver Check 1.5
Original documentdocumentHP, [security bulletin] HPSBPI02228 SSRT071404 rev.1 - HP Instant Support - Driver Check Running on Windows XP, Remote Unauthorized Access (05.07.2007)
 documentNGSSoftware Insight Security Research Advisory (NISR), Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control (04.07.2007)

MySQL RENAME privilege escalation
Published:05.07.2007
Source:
SecurityVulns ID:7893
Type:local
Threat Level:
5/10
Description:DROP permission is not checked during RENAME operation.
Affected:MYSQL : MySQL 4.0
 MYSQL : MySQL 4.1
 ORACLE : MySQL 5.0
 ORACLE : MySQL 5.1
CVE:CVE-2007-2691 (MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.)

EnjoySAP SAP GUI multiple ActiveX security vulnerabilities
Published:05.07.2007
Source:
SecurityVulns ID:7896
Type:client
Threat Level:
5/10
Description:Multiple DoS conditions, buffer overflows, file creation.
Affected:SAP : EnjoySAP 7.10
Original documentdocumentMark Litchfield, EnjoySAP, SAP GUI for Windows - Stack Overflow (05.07.2007)

Multiple SAP Internet Graphics Service security vulnerabilities
updated since 06.12.2006
Published:05.07.2007
Source:
SecurityVulns ID:6890
Type:remote
Threat Level:
6/10
Description:File removal, insecure undocumented features, buffer overflow, crossite scripting.
Affected:SAP : Internet Graphics Service 7.00
 SAP : Internet Graphics Service 6.40
Original documentdocumentMark Litchfield, SAP Internet Graphics Server XSS and Heap Overflow (05.07.2007)
 documentCYBSEC Advisories, CYBSEC - Security Advisory: SAP Internet Graphics Service (IGS) Remote Buffer Overflow (20.01.2007)
 documentMariano Nuсez Di Croce, CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Arbitrary File Removal (06.12.2006)
 documentMariano Nuсez Di Croce, CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Undocumented Features (06.12.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod