Microsoft Windows WMF / EMF buffer overflow
Published:		09.11.2005
Source:		CERT
SecurityVulns ID:		5433
Type:		client
Level:		8/10
Description:		Multiple buffer overflows in GDI on WMF and WMF windows metafile formats.

Affected:		MICROSOFT : Windows 2000 Server
		MICROSOFT : Windows 2000 Professional
		MICROSOFT : Windows XP
		MICROSOFT : Windows 2003 Server

Original document		MICROSOFT, Microsoft Security Bulletin MS05-053 Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424) (09.11.2005)
		EEYE, [Full-disclosure] [EEYEB-20050329] Windows Metafile Multiple Heap Overflows (09.11.2005)
		EEYE, [Full-disclosure] [EEYEB-20050901] Windows Metafile SetPalette Entries Heap OVerflow Vulnerability (Graphics Rendering Engine Vulnerability) (09.11.2005)
		CERT, US-CERT Technical Cyber Security Alert TA05-312A -- Microsoft Windows Image Processing Vulnerabilities (09.11.2005)

Files:		Microsoft Windows Metafile DoS (gdi32.dll, MS05-053, Exploit)
		Microsoft Security Bulletin MS05-053 Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (896424)
Discuss:		Read or add your comments to this news (0 comments)

Multiple SAP Web Application Server vulnerabilities
Published:		09.11.2005
Source:		BUGTRAQ
SecurityVulns ID:		5434
Type:		remote
Level:		5/10
Description:		Crossite scripting, request redirection, HTTP response splitting.

Affected:		SAP : SAP WAS 7.00
		SAP : SAP WAS 6.40
		SAP : SAP WAS 6.20
		SAP : SAP WAS 6.10

Original document		Leandro Meiners, [Full-disclosure] CYBSEC - Security Advisory: Multiple XSS in SAP WAS (09.11.2005)
		Leandro Meiners, [Full-disclosure] CYBSEC - Security Advisory: Phishing Vector in SAP WAS (09.11.2005)
		Leandro Meiners, [Full-disclosure] CYBSEC - Security Advisory: HTTP Response Splitting in SAP WAS (09.11.2005)

Discuss:

Read or add your comments to this news (0 comments)