Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:10.02.2006
Source:
SecurityVulns ID:5757
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:INDEXU : INDEXU 5.0
 CPAINT : CPAINT 2.0
 2200NET : 2200net Calendar system 1.2
 DATAPARKSEARCH : DataparkSearch 4.37
 CLEVERCOPY : Clever Copy 3.0
 HINTONDESIGN : phpstatus 1.0
 SMEGBHOST : SmE GB Host 1.21
 EPOP : e/pop Web Conferencing 4.0
 FCKEDITOR : FCKeditor 2.0
 SOFTCOMPLEX : PHP Event Calendar 1.5
Original documentdocumentSECUNIA, [SA18792] PHP Event Calendar User Information Manipulation (10.02.2006)
 documentSECUNIA, [SA18767] FCKeditor File Upload Vulnerability (10.02.2006)
 documentSECUNIA, [SA18753] e/pop Web Conferencing Topic Name Script Insertion (10.02.2006)
 documentSECUNIA, [SA18786] SmE GB Host / Blog Host "url" BBcode Script Insertion (10.02.2006)
 documentSECUNIA, [SA18791] PHPStatus Multiple Vulnerabilities (10.02.2006)
 documentSECUNIA, [SA18790] Clever Copy HTTP Headers Script Insertion Vulnerabilities (10.02.2006)
 documentSECUNIA, [SA18749] Clever Copy "ID" Parameter SQL Injection Vulnerability (10.02.2006)
 documentSECUNIA, [SA18751] DataparkSearch Unspecified Cross-Site Scripting Vulnerability (10.02.2006)
 documentSECUNIA, [SA18781] 2200net Calendar System SQL Injection Vulnerabilities (10.02.2006)
 documentSECUNIA, [SA18765] CPAINT "cpaint_response_type" Cross-Site Scripting (10.02.2006)
 documenteufrato_(at)_gmail.com, [ECHO_ADV_27$2006] Indexu <= 5.0.1 Remote File Inclusion (10.02.2006)

Lotus Domino iNotes client crossite scripting
Published:10.02.2006
Source:
SecurityVulns ID:5759
Type:client
Threat Level:
5/10
Description:Crossite scripting on attached HTML files opening.
Affected:IBM : Lotus Domino 6.5
 IBM : Lotus Domino 7.0
Original documentdocumentSECUNIA, Secunia Research: IBM Lotus Domino iNotes Client Script Insertion Vulnerabilities (10.02.2006)

Lotus Notes multiple vulnerabilities
updated since 10.02.2006
Published:11.02.2006
Source:
SecurityVulns ID:5758
Type:library
Threat Level:
6/10
Description:Multiple buffer overflows and directory traversal on handling differnt archives: zip, uue, tar and HTML attachments.
Affected:IBM : Lotus Notes 6.5
 IBM : Lotus Notes 7.0
Original documentdocumentSECUNIA, Secunia Research: Lotus Notes UUE File Handling Buffer Overflow (11.02.2006)
 documentSECUNIA, Secunia Research: Lotus Notes Multiple Archive Handling Directory Traversal (11.02.2006)
 documentSECUNIA, Secunia Research: Lotus Notes HTML Speed Reader Link Buffer Overflows (11.02.2006)
 documentSECUNIA, Secunia Research: Lotus Notes TAR Reader File Extraction Buffer Overflow (11.02.2006)
 documentSECUNIA, [SA16100] Verity KeyView Viewer SDK Multiple Vulnerabilities (10.02.2006)
 documentSECUNIA, Secunia Research: Lotus Notes ZIP File Handling Buffer Overflow (10.02.2006)
 documentSECUNIA, [SA16280] IBM Lotus Notes Multiple Vulnerabilities (10.02.2006)

libtasn1 tiny ASN.1 library / GnuTLS TLS implementation multiple security issues
updated since 10.02.2006
Published:06.03.2006
Source:
SecurityVulns ID:5756
Type:library
Threat Level:
6/10
Description:Out-of-bounds access and buffer overflows in DER decoding.
Affected:LIBTASN1 : libtasn1 0.2
 GNUTLS : GnuTLS 1.3
 LIBTASN1-2 : libtasn1-2 0.2
Original documentdocumentDEBIAN, [Full-disclosure] [SECURITY] [DSA 986-1] New gnutls11 packages fix arbitrary code execution (06.03.2006)
 documentDEBIAN, [Full-disclosure] [SECURITY] [DSA 985-1] New libtasn1-2 packages fix arbitrary code execution (06.03.2006)
 documentSimon Josefsson, [gnutls-dev] Libtasn1 0.2.18 - Tiny ASN.1 Library - Security release (10.02.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod