Computer Security
[EN] securityvulns.ru no-pyccku


Convert-UUlib / Barracuda Spam Firewall buffer overflow
updated since 28.04.2005
Published:06.12.2006
Source:
SecurityVulns ID:4737
Type:library
Threat Level:
6/10
Description:Buffer overflow on BinHex encoding parsing.
Affected:CONVERTUULIB : Convert-UUlib 1.051
 BARRACUDA : Barracuda Spam Firewall 3.3
Original documentdocumentJean-Sébastien Guay-Leroux, Barracuda Convert-UUlib library buffer overflow leads to remote compromise (06.12.2006)
 documentGENTOO, [ GLSA 200504-26 ] Convert-UUlib: Buffer overflow (28.04.2005)

FireWire IOCTL integer overflow in different BSD-based Unix system
updated since 16.11.2006
Published:06.12.2006
Source:
SecurityVulns ID:6831
Type:local
Threat Level:
6/10
Description:Negative IOCTL paramter value allows read access to kernel memory.
Affected:NETBSD : NetBSD 2.1
 FREEBSD : FreeBSD 5.5
 MIDNIGHTBSD : MidnightBSD 0.1
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-06:25.kmem (06.12.2006)
 documentRodrigo Rubira Branco (BSDaemon), NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure (16.11.2006)

Adobe Download Manager buffer overflow
Published:06.12.2006
Source:
SecurityVulns ID:6891
Type:remote
Threat Level:
5/10
Description:Stack buffer overflow on parsing AOM files.
Affected:ADOBE : Adobe Download Manager 2.1
Original documentdocumentEEYE, EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability (06.12.2006)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:06.12.2006
Source:
SecurityVulns ID:6892
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:CUTENEWS : cutenews aj-fork 167
 PHORUM : Phorum 3.2
 BTSAVEMYSQL : BTSaveMySql 1.2
Original documentdocumentsn0oPy.team_(at)_gmail.com, BTSaveMySql 1.2 (acces to config files) (06.12.2006)
 documentMr-m07, Phorum <= 3.2.11 (common.php) Remote File Include Vulnerability (06.12.2006)
 documentMILW0RM, cutenews aj-fork <= 167f (cutepath) Remote File Include Vulnerability (06.12.2006)
 documentmatrix_(at)_hackerz.ir, EasyPage Portal ( all ver )SQL Injection (06.12.2006)

F-Prot antivirus buffer overflow
Published:06.12.2006
Source:
SecurityVulns ID:6893
Type:remote
Threat Level:
6/10
Description:Buffer overflow on parsing CHM and ACE files.
Affected:FPROT : F-Prot 4.6
Files:trivial proof of concept code for F-Prot 4.6.6 .ACE DoS
 trivial proof of concept code for F-Prot 4.6.6 .CHM heap overflow

Microsoft Word / Open Office 0-day security vulnerability
updated since 06.12.2006
Published:16.12.2006
Source:
SecurityVulns ID:6894
Type:client
Threat Level:
7/10
Description:2 different unknown vulnerabilities are used for hidden malware installation.
Affected:MICROSOFT : Office 2000
 MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2004 for Mac
 MICROSOFT : Works 2004
 MICROSOFT : Works 2005
 MICROSOFT : Works 2006
 MICROSOFT : Office 2004 v. X for Mac
 OPENOFFICE : OpenOffice 2.1
Original documentdocumentMICROSOFT, Microsoft Security Advisory (929433) Vulnerability in Microsoft Word Could Allow Remote Code Execution (06.12.2006)
Files:Microsoft Office / OpenOffice PoC
  Microsoft Security Advisory (929433) Vulnerability in Microsoft Word Could Allow Remote Code Execution
 New Report of A Word Zero Day

Multiple SAP Internet Graphics Service security vulnerabilities
updated since 06.12.2006
Published:05.07.2007
Source:
SecurityVulns ID:6890
Type:remote
Threat Level:
6/10
Description:File removal, insecure undocumented features, buffer overflow, crossite scripting.
Affected:SAP : Internet Graphics Service 7.00
 SAP : Internet Graphics Service 6.40
Original documentdocumentMark Litchfield, SAP Internet Graphics Server XSS and Heap Overflow (05.07.2007)
 documentCYBSEC Advisories, CYBSEC - Security Advisory: SAP Internet Graphics Service (IGS) Remote Buffer Overflow (20.01.2007)
 documentMariano Nuсez Di Croce, CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Arbitrary File Removal (06.12.2006)
 documentMariano Nuсez Di Croce, CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Undocumented Features (06.12.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod