Computer Security
[EN] securityvulns.ru
no-pyccku

  

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:08.11.2007
Source:
SecurityVulns ID:8325
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. mt-scode: CAPTCHA protection bypass.
Affected:SIMPLEMACHINES : Simple Machines Forum 1.4
Original documentdocumentAdvisory_(at)_Aria-Security.net, Aria-Security.Net Research: Request For Travel Sql Injection (08.11.2007)
 documenth3llcode_(at)_hotmail.it, Simple Machine Forum - Private section/posts/info disclosure (08.11.2007)
 documentGiuseppe Gottardi, SiteMinder Agent: Cross Site Scripting (08.11.2007)
 documentMustLive, Vulnerability in mt-scode (08.11.2007)

Oracle database server buffer overflow
Published:08.11.2007
Source:BUGTRAQ
SecurityVulns ID:8326
Type:library
Level:5/10
Description:Buffer overflow in XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure.
Affected:ORACLE : Oracle 10g
CVE:CVE-2007-4517 (Buffer overflow in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure in Oracle 10g R2 allows remote authenticated users to execute arbitrary code via a long (1) OWNER or (2) NAME argument.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 11.07.07: Oracle 10g R2 PITRIG_DROPMETADATA Buffer Overflow Vulnerability (08.11.2007)

Link Grammar / AbiWord buffer overflow
Published:08.11.2007
Source:BUGTRAQ
SecurityVulns ID:8327
Type:client
Level:5/10
Description:Buffer overflow on oversized word.
Affected:CMU : Link Grammar 4.1
 ABIWORD : Link Grammar 4.2
CVE:CVE-2007-5395
Original documentdocumentSECUNIA, Secunia Research: AbiWord Link Grammar "separate_sentence()" Buffer Overflow (08.11.2007)
 documentSECUNIA, Secunia Research: Link Grammar "separate_sentence()" Buffer Overflow (08.11.2007)

Xpdf multiple security vulnerabilities
Published:08.11.2007
Source:BUGTRAQ
SecurityVulns ID:8328
Type:client
Level:6/10
Description:Buffer overflows, integer overflows, array index overflows.
Affected:XPDF : xpdf 3.02
CVE:CVE-2007-5393 (Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.)
 CVE-2007-5392
 CVE-2007-4352
Original documentdocumentSECUNIA, Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities (08.11.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru