Search:Vulnerability:10.07.2008 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

WeFi information leak
updated since 04.07.2008
Published: 10.07.2008
Source: BUGTRAQ
SecurityVulns ID: 9130
Type: local
Level: 5/10
Description: Log files are stored in world-readable folder.

Affected: WEFI : WeFi 3.2
WEFI : WeFi 3.3

Original document XiaShing_(at)_gmail.com, Local information disclosure in WeFi Client v3.3.3.0 (10.07.2008)

XiaShing_(at)_gmail.com, Local vulnerability in WeFi Client v3.2.1.4.1(Update) (04.07.2008)

Discuss: Read or add your comments to this news (0 comments)

libpoppler library uninitialized pointer
updated since 09.07.2008
Published: 10.07.2008
Source: BUGTRAQ
SecurityVulns ID: 9139
Type: library
Level: 6/10
Description: Uninitialized pointer dereference on PDF parsing.

Affected: POPPLER : Poppler 0.8
CVE: CVE-2008-2950 (The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.)

Original document Felipe Andres Manzano, [Full-disclosure] #2008-007 libpoppler uninitialized pointer - POC (10.07.2008)

Andrea Barisani, [oCERT-2008-007] libpoppler uninitialized pointer (09.07.2008)

Files: libpoppler uninitialized pointer exploit
Discuss: Read or add your comments to this news (0 comments)