Computer Security
[EN] securityvulns.ru no-pyccku


ASP.NET crossite scripting
Published:11.10.2006
Source:
SecurityVulns ID:6696
Type:remote
Threat Level:
5/10
Description:Crossite scripting with AutoPostBack forms.
Affected:MICROSOFT : ASP.NET 2.0
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS06-056 Vulnerability in ASP.NET 2.0 Could Allow Information Disclosure (922770) (11.10.2006)
Files:Microsoft Security Bulletin MS06-056 Vulnerability in ASP.NET 2.0 Could Allow Information Disclosure (922770)

Microsoft Windows Server service multiple security vulnerabilities
Published:11.10.2006
Source:
SecurityVulns ID:6699
Type:remote
Threat Level:
7/10
Description:Denial of service and code execution vulnerabilities.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS06-063 Vulnerability in Server Service Could Allow Denial of Service (923414) (11.10.2006)
Files:Microsoft Security Bulletin MS06-063 Vulnerability in Server Service Could Allow Denial of Service (923414)

Multiple Microsoft Windows IPv6 security vulnerabilities
Published:11.10.2006
Source:
SecurityVulns ID:6700
Type:remote
Threat Level:
5/10
Description:TCP connection reset with ICMP or TCP packet, CPU exhaustion.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS06-064 Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service (922819) (11.10.2006)
Files:Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service (922819)

Microsoft Windows drmstor.dll buffer overflow
Published:11.10.2006
Source:
SecurityVulns ID:6702
Type:remote
Threat Level:
7/10
Description:Buffer overflow in ActiveX element.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
Original documentdocumentJose Antonio, MS Windows DRM software Memory Corruption (11.10.2006)

FreeBSD ptrace() DoS
Published:11.10.2006
Source:
SecurityVulns ID:6703
Type:local
Threat Level:
5/10
Description:Integer overflow in PT_LWPINFO.
Affected:FREEBSD : FreeBSD 6.0
Original documentdocumentIDEFENSE, iDefense Security Advisory 10.10.06: FreeBSD ptrace PT_LWPINFO Denial of Service Vulnerability (11.10.2006)
Files:FreeBSD ptrace DoS

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:11.10.2006
Source:
SecurityVulns ID:6704
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:VTIGER : Vtiger CRM 4.2
 GOOP : Goop Gallery 2.0
 MYSQLDUMPER : MysqlDumper 1.21
 PHPLIBRE : TribunaLibre 3.12
 PHPLIBRE : registroTL
 ZEBIGBOZER : compteur 2
 FOAFGEN : Foafgen 0.3
 APSN : Album Photo Sans Nom 1.6
 EXPBLOG : eXpBlog 0.3
 PHPLIBRARY : PHPLibrary 1.5
 CLAROLINE : Claroline 1.8
 BLUESHOES : blueshoes 4.6
Original documentdocumentsecurity_(at)_armorize.com, Directory Traversal Vulnerability in Goop Gallery 2.0.2 (11.10.2006)
 documenttamriel_(at)_gmx.net, [Full-disclosure] eXpBlog <= 0.3.5 Cross Site Scripting Vulnerabilities (11.10.2006)
 documentMayhemic Labs Security, [Full-disclosure] MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues (11.10.2006)
 documentDragos Ruiu, [Full-disclosure] PacSec Hype Security Team: CGI.pm param injection (11.10.2006)
 documentk1tk4t_(at)_newhack.org, blueshoes <= 4.6_public Remote File Inclusion (11.10.2006)
 documentk1tk4t_(at)_newhack.org, claroline <= 180rc1 Remote File Inclusion (11.10.2006)
 documentk1tk4t_(at)_newhack.org, tagit2b -- Remote File Inclusion (11.10.2006)
 documentk1tk4t_(at)_newhack.org, PHPLibrary <= 1.5.3 Remote File Inclusion (11.10.2006)
 documentMayhemic Labs Security, MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues (11.10.2006)
 documenttamriel_(at)_gmx.net, eXpBlog <= 0.3.5 Cross Site Scripting Vulnerabilities (11.10.2006)
 documenterdc_(at)_echo.or.id, [ECHO_ADV_54$2006]vtiger CRM <=4.2 (calpath) Multiple Remote File Inclusion Vulnerability (11.10.2006)
 documentgmdarkfig_(at)_gmail.com, 7 php scripts File Inclusion / Source disclosure Vuln (11.10.2006)
 documentcrackers child, MysqlDumper Version 1.21 b6 Xss Vulnerability (11.10.2006)

Microsoft Office multiple security vulnerabilities
updated since 11.10.2006
Published:13.10.2006
Source:
SecurityVulns ID:6697
Type:client
Threat Level:
8/10
Description:Multiple Excel vulnerabilities on different records type parsing and formats conversion. Multiple Microsoft Word code execution vulnerabilities. Memory corruptions in different Office products.
Affected:MICROSOFT : Office 2000
 MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2004 for Mac
 MICROSOFT : Office v. X for Mac
 MICROSOFT : Works 2004
 MICROSOFT : Works 2005
 MICROSOFT : Works 2006
Original documentdocumentMCAFEE, MS06-060 Microsoft Word Memmove Code Execution (13.10.2006)
 documentMCAFEE, [Full-disclosure] MS06-060 Microsoft Word Memmove Code Execution (12.10.2006)
 documentSowhat ., Microsoft Office Malformed Record Memory Corruption Vulnerability (11.10.2006)
 documentZDI, ZDI-06-034: Microsoft Office Word Malformed Chart Code Execution Vulnerability (11.10.2006)
 documentZDI, ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability (11.10.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-062 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581) (11.10.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-060 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (924554) (11.10.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-059 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164) (11.10.2006)
Files:Microsoft Security Bulletin MS06-059 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
 Microsoft Security Bulletin MS06-060 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (924554)
 Microsoft Security Bulletin MS06-062 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod