Computer Security
[EN] securityvulns.ru no-pyccku


Cisco security Agent buffer overflow
updated since 06.12.2007
Published:07.12.2007
Source:
SecurityVulns ID:8413
Type:remote
Threat Level:
9/10
Description:Buffer overflow on SMB/CIFS parsing (TCP/139, TCP/445).
Affected:CISCO : Cisco Security Agent 4.5
 CISCO : Cisco Security Agent 5.0
CVE:CVE-2007-5580
Original documentdocumentNsfocus Security Team, NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability (07.12.2007)
 documentCISCO, Cisco Security Advisory: Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability (06.12.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:07.12.2007
Source:
SecurityVulns ID:8420
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:OPENNEWSLETTER : OpenNewsletter 2.5
 JFREE : JFreeChart 1.0
Original documentdocumentISecAuditors Security Advisories, [ISecAuditors Security Advisories] wwwstats is vulnerable to Persistent XSS (07.12.2007)
 documentRapid 7 Security Advisories, R7-0031: JFreeChart Image Map Cross-Site Scripting Vulnerabilities (07.12.2007)
 documentbugtraq_(at)_darkprotocols.net, [XSS] OpenNewsletter v2.5 Multipe XSS Attacks (07.12.2007)

liblcms / lcms buffer overflow
Published:07.12.2007
Source:
SecurityVulns ID:8421
Type:library
Threat Level:
5/10
Description:Buffer overflow on JPEG ICC profile processing.
CVE:CVE-2007-2741 (Stack-based buffer overflow in Little CMS (lmcs) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file.)
Original documentdocumentMANDRIVA, [ MDKSA-2007:238 ] - Updated liblcms package fixes buffer overflow (07.12.2007)

Skype URL handler buffer overflow
Published:07.12.2007
Source:
SecurityVulns ID:8423
Type:client
Threat Level:
7/10
Description:Heap buffer overflow on skype4com URL handler.
Affected:SKYPE : Skype 3.5
Original documentdocumentZDI, ZDI-07-070: Skype skype4com URI Handler Remote Heap Corruption Vulnerability (07.12.2007)

HP OpenView Network Node Manager multiple CGI buffer overflow
updated since 07.12.2007
Published:15.04.2008
Source:
SecurityVulns ID:8422
Type:remote
Threat Level:
5/10
Description:Buffer overflows in ovlogin.exe, OpenView5.exe, snmpviewer.exe, webappmon.exe. OpenView5.exe directory traversal.
Affected:HP : OpenView Network Node Manager 7.51
CVE:CVE-2008-0068 (Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter.)
 CVE-2007-6204 (Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) webappmon.exe, as demonstrated via a long Action parameter to OpenView5.exe.)
Original documentdocumentSECUNIA, Secunia Research: HP OpenView Network Node Manager OpenView5.exe Directory Traversal (15.04.2008)
 documentHP, [security bulletin] HPSBMA02281 SSRT061261 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Execution of Arbitrary Code (07.12.2007)
 documentZDI, ZDI-07-071: HP OpenView Network Node Manager Multiple CGI Buffer Overflows (07.12.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod