PCRE and perl regular expression handling multiple security vulnerabilities
Published:		07.11.2007
Source:		BUGTRAQ
SecurityVulns ID:		8321
Type:		library
Level:		7/10
Description:		Buffer overflows and memory corruptions on different regexps.

Affected:		PERL : perl 5.8
		PCRE : pcre 7.3
CVE:		CVE-2007-5116
		CVE-2007-4768
		CVE-2007-4767
		CVE-2007-4766
		CVE-2007-1662
		CVE-2007-1661
		CVE-2007-1660 (Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code.)
		CVE-2007-1659 (Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes.)

Original document		DEBIAN, [SECURITY] [DSA 1399-1] New pcre3 packages fix arbitrary code execution (07.11.2007)
		MANDRIVA, [ MDKSA-2007:207 ] - Updated perl packages fix vulnerability (07.11.2007)

Discuss:

Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) updated since 07.11.2007
Published:		07.11.2007
Source:		BUGTRAQ
SecurityVulns ID:		8322
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress Peter’s Custom Anti-Spam Image: CAPTCHA protection bypass.

Affected:		IDMOS : IDMOS 1.0
		CYPBX : Cyp/bx 1.0
		SFSHOUTBOX : SF-Shoutbox 1.4
		PLONE : Plone 2.5
CVE:		CVE-2007-5741 (Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes.)

Original document		mj_(at)_jarn.com, [CVE-2007-5741] Plone: statusmessages and linkintegrity unsafe network data hotfix (07.11.2007)
		Advisory_(at)_Aria-Security.net, MyWebFTP Password Disclosure (07.11.2007)
		SkyOut, [Full-disclosure] SF-Shoutbox 1.2.1 <= 1.4 HTML/JS Injection Vulnerability (07.11.2007)
		Guns_(at)_0x90.com.ar, PhpNuke (add-on) MS TopSites Edit Exploit And Html Injection (07.11.2007)
		Chris, Cypress BX script backdoored? (07.11.2007)
		Guns_(at)_0x90.com.ar, IDMOS v1.0 Alpha Multiple RFI Vulnerability (07.11.2007)
		h3llcode_(at)_hotmail.it, SMF .htaccess bypass (07.11.2007)

Files:		Exploits PhpNuke (add-on) MS TopSites Edit And Html Injection
Discuss:		Read or add your comments to this news (0 comments)

Microsoft Sysinternals DebugView privilege escalation
Published:		07.11.2007
Source:		BUGTRAQ
SecurityVulns ID:		8324
Type:		local
Level:		4/10
Description:		Dbgv.sys Driver allows any user to copy any data in kernel memory.

Affected:		SYSINTERNALS : DebugView 4.64
CVE:		CVE-2007-4223

Original document

IDEFENSE, iDefense Security Advisory 11.06.07: Microsoft DebugView Privilege Escalation Vulnerability (07.11.2007)

Discuss:

Read or add your comments to this news (0 comments)

Symantec Norton AntiVirus for Mac privilege escalation
Published:		07.11.2007
Source:		FULL-DISCLOSURE
SecurityVulns ID:		8323
Type:		local
Level:		5/10
Description:		External application is executed by relative path.

Original document

William A. Carrel, [Full-disclosure] Local Privilege Escalation in Norton AntiVirus for Mac (07.11.2007)

Discuss:

Read or add your comments to this news (0 comments)