Search:Vulnerability:08.07.2006 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 08.07.2006
Source:
SecurityVulns ID: 6344
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: ATUTOR : ATutor 1.5
AURACMS : Aura-CMS 1.62
PIXELATEDBYLEV : PBL Guestbook 1.32
HOSTINGCONTROLLE : HostingController 6.1
ADVANCEDGUESTBOO : Advanced Guestbook 1.0
EXTCALENDAR : ExtCalendar 2.0
PHPBLOGGER : PHP-Blogger 2.2
PIVOT : Pivot 1.30
PAPOO : PAPOO 3

Original document OS2A BTO, PHP-Blogger Multiple Cross Site Scripting Vulnerabilities (08.07.2006)

bug_(at)_securitynews.ir, ATutor : Cross-Site Scripting Vulnerabilities (08.07.2006)

matdhule_(at)_gmail.com, [ECHO_ADV_36$2006] ExtCalendar <== v2.0 Remote File Include Vulnerabilities (08.07.2006)

document luny_(at)_youfucktard.com, Sport-slo.net Guestbook v1.0 (08.07.2006)

Soroush Dalili, HostingController: An attacker can gain reseller privileges and after that can gain admin privileges (08.07.2006)

paisterist.nst_(at)_gmail.com, PBL Guestbook <= 1.32 XSS & SQL Querys Vulnerabilities (08.07.2006)

document k07iX, lintah_|adv|_01@2006>=========<[Aura-CMS v1.62]<===>[XSS vulnerable]&[bug] (08.07.2006)

admin_(at)_jaascois.com, BosClassifieds Classified Ads System Remote File Include (08.07.2006)

Files: Pivot <= 1.30 RC2 privileges escalation / remote commands execution exploit
Exploits PAPOO <= 3_RC3 SQL injection / admin credentials disclosure
Discuss: Read or add your comments to this news (0 comments)

Multiple AdPlug Adlib library buffer overflows
Published: 08.07.2006
Source: BUGTRAQ
SecurityVulns ID: 6346
Type: library
Level: 5/10
Description: Stack and heap based buffer overflows on CFF, MTK, DMO, DTM, S3M formats parsing.

Affected: ADPLUG : AdPlug 2.0
AUDACIOUS : Audacious 1.1

Original document Luigi Auriemma, Various heap and stack overflow bugs in AdPlug library 2.0 (CVS 04 Jul 2006) (08.07.2006)

Files: Exploits AdPlug library <= 2.0 and CVS <= 04 Jul 2006 multiple overflow
Discuss: Read or add your comments to this news (0 comments)

Multiple WebEx downloader plugin vulnerabilities
Published: 08.07.2006
Source: BUGTRAQ
SecurityVulns ID: 6350
Type: remote
Level: 5/10
Description: Buffer overflow, code execution.

Affected: WEBEX : WebEx Downloader Plug-in 2.0

Original document SECUNIA, [SA20956] WebEx Downloader Plug-in Multiple Vulnerabilities (08.07.2006)

ZDI, ZDI-06-021: WebEx Downloader Plug-in Code Execution Vulnerability (08.07.2006)

Mark Litchfield, WebEx Downloader Plug-in Multiple Vulnerabilities + rant (08.07.2006)

Discuss: Read or add your comments to this news (0 comments)

GIMP GNU image manipulation program buffer overflow
Published: 08.07.2006
Source: SECUNIA
SecurityVulns ID: 6351
Type: client
Level: 5/10
Description: Buffer overflow on XCF format parsing.

Affected: GNU : GIMP 2.2
GIMP : GIMP 2.3

Original document SECUNIA, [SA20976] Gimp XCF Parsing Buffer Overflow Vulnerability (08.07.2006)

Discuss: Read or add your comments to this news (0 comments)

Sparklet game format string vulnerabilitity
Published: 08.07.2006
Source: BUGTRAQ
SecurityVulns ID: 6348
Type: remote
Level: 5/10
Description: Format string vulnerability on player name displaying.

Affected: SPARKLET : Sparklet 0.9

Original document Luigi Auriemma, Format string bug in Sparklet 0.9.4try3 (08.07.2006)

Discuss: Read or add your comments to this news (0 comments)

Kaillera buffer overflow
Published: 08.07.2006
Source: BUGTRAQ
SecurityVulns ID: 6349
Type: remote
Level: 5/10
Description: Static buffer overflow on oversized nickname.

Affected: KAILLERA : Kaillera 0.86

Original document Luigi Auriemma, Possible code execution in Kaillera 0.86 (08.07.2006)

Files: Kaillera <= 0.86 possible code execution PoC
Discuss: Read or add your comments to this news (0 comments)

MICO CORBA implementation DoS
Published: 08.07.2006
Source: BUGTRAQ
SecurityVulns ID: 6347
Type: remote
Level: 5/10
Description: Crash on invalid object key.

Affected: MICO : MICO 2.3

Original document tuergeist, Mico crashes when contected with wrong IOR / DoS (08.07.2006)

Files: MICO crash PoC
Discuss: Read or add your comments to this news (0 comments)

Microsoft Office buffer overflow
updated since 08.07.2006
Published: 12.07.2006
Source: BUGTRAQ
SecurityVulns ID: 6345
Type: remote
Level: 8/10
Description: Buffer overflow in mso.dll LsCreateLine function. Buffer overflow on image formats parsing.

Affected: MICROSOFT : Office 2000
MICROSOFT : Office XP
MICROSOFT : Office 2003

Original document NSFOCUS, [VulnWatch] NSFOCUS SA2006-04 : Microsoft Office GIF Filter Buffer Overflow Vulnerability (12.07.2006)

SYMANTEC, SYMSA-2006-007: Microsoft Office Malformed String Parsing Vulnerability (11.07.2006)

MICROSOFT, SYMSA-2006-007: Microsoft Office Malformed String Parsing Vulnerability (11.07.2006)

document MICROSOFT, Microsoft Security Bulletin MS06-039 Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (915384) (11.07.2006)

MICROSOFT, Microsoft Security Bulletin MS06-038 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (917284) (11.07.2006)

Files: Exploits Microsoft Word unchecked boundary condition vulnerability
Microsoft Security Bulletin MS06-039 Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (915384)
Microsoft Security Bulletin MS06-038 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (917284)
Discuss: Read or add your comments to this news (0 comments)