Computer Security
[EN] securityvulns.ru no-pyccku


gb and libgd library multiple security vulnerabilities
Published:05.08.2007
Source:
SecurityVulns ID:8004
Type:library
Threat Level:
6/10
Description:Multiple vulnerabilities on GIF parsing.
Affected:GD : libgd 2.0
CVE:CVE-2007-3476 (Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.)
 CVE-2007-3475 (The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.)
 CVE-2007-3474 (Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0.35 have unspecified impact and user-assisted remote attack vectors.)
 CVE-2007-3473 (The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.)
Original documentdocumentMANDRIVA, [ MDKSA-2007:153 ] - Updated gd packages fix several vulnerabilities (05.08.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 05.08.2007
Published:05.08.2007
Source:
SecurityVulns ID:8005
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:COWIKI : coWiki 0.3
 EZPHOTOSALES : EZPhotoSales 1.9
Original documentdocumentSeth Fogie, [Full-disclosure] EZPhotoSales 1.9.3 Multiple Vulnerabilities (07.08.2007)
 documentAdvisory_(at)_Aria-Security.net, Ariadne CMS Remote File Inclusion (07.08.2007)
 documentMonkeyboy9997_(at)_hotmail.com, Aceboard forum, SQL injection (05.08.2007)
 documentMonkeyboy9997_(at)_hotmail.com, ContentDM Search.php XSS Vulnerability (05.08.2007)
 documentyollubunlar_(at)_hotmail.com, Joomla J! Reactions Component Remote File include Bug (05.08.2007)
 documentMustLive, Vulnerability in coWiki (05.08.2007)

Mozilla status bar text spoofing
Published:05.08.2007
Source:
SecurityVulns ID:8006
Type:client
Threat Level:
2/10
Affected:MOZILLA : Firefox 2.0
Original documentdocumentMichal Bucko, [ELEYTT] 3SIERPIEN2007 (05.08.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod