 |
|
|
|
| ASP.NET crossite scripting | | Published: |  | 11.10.2006 | | Source: |  | MICROSOFT | | SecurityVulns ID: |  | 6696 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | Crossite scripting with AutoPostBack forms. |
| Affected: |  | MICROSOFT : ASP.NET 2.0 |
| Original document |  | MICROSOFT, Microsoft Security Bulletin MS06-056 Vulnerability in ASP.NET 2.0 Could Allow Information Disclosure (922770) (11.10.2006) |
| Multiple Microsoft XML service security vulnerabilities | | Published: | | 11.10.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 6698 | | Type: | | client | | Level: | | 7/10 | | Description: | | Crossdomain data access, buffer overflow. |
| Affected: | | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server |
| Original document | | MICROSOFT, Microsoft Security Bulletin MS06-061 Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (924191) (11.10.2006) |
| Microsoft Windows drmstor.dll buffer overflow | | Published: | | 11.10.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 6702 | | Type: | | remote | | Level: | | 7/10 | | Description: | | Buffer overflow in ActiveX element. |
| Affected: | | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server |
| Original document | | Jose Antonio, MS Windows DRM software Memory Corruption (11.10.2006) |
Microsoft Windows WebViewFolderIcon ActiveX (integer overflow)
updated since 28.09.2006 | | Published: | | 11.10.2006 | | Source: | | CERT | | SecurityVulns ID: | | 6656 | | Type: | | client | | Level: | | 10/10 | | Description: | | Integer overflow can be used for hidden malware installation. |
| Affected: | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 |
| Original document | | MICROSOFT, Microsoft Security Bulletin MS06-057 Vulnerability in Windows Explorer Could Allow Remote Execution (923191) (11.10.2006) |
| | | Alexander Sotirov, [Full-disclosure] Determina zero-day fix for CVE-2006-3730 (WebViewFolderIcon setSlice Integer Overflow) (30.09.2006) |
| | | CERT, US-CERT Technical Cyber Security Alert TA06-270A -- Microsoft Internet Explorer WebViewFolderIcon ActiveX Vulnerability (28.09.2006) |
| Multiple Microsoft Windows IPv6 security vulnerabilities | | Published: | | 11.10.2006 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 6700 | | Type: | | remote | | Level: | | 5/10 | | Description: | | TCP connection reset with ICMP or TCP packet, CPU exhaustion. |
| Affected: | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server |
| Original document | | MICROSOFT, Microsoft Security Bulletin MS06-064 Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service (922819) (11.10.2006) |
Microsoft PowerPoinr memory corruption
updated since 28.09.2006 | | Published: | | 11.10.2006 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 6661 | | Type: | | client | | Level: | | 6/10 | | Description: | | 0-day vulberability in SlideShowWindows.View.GotoNamedShow() function is used for malware installation. |
| Affected: | | MICROSOFT : Office 2000 | | | | MICROSOFT : Office XP | | | | MICROSOFT : Office 2003 |
| Original document | | ZDI, ZDI-06-032: Microsoft Office PowerPoint Malformed Slide Notes Rebuilding Vulnerability (11.10.2006) |
| | | MICROSOFT, Microsoft Security Bulletin MS06-058 Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (924163) (11.10.2006) |
| | | Juha-Matti Laurio, Vulnerable function in newest PowerPoint case (MS Advisory #925984) (07.10.2006) |
| | | MICROSOFT, Microsoft Security Advisory (925984) Vulnerability in PowerPoint Could Allow Remote Code Execution (28.09.2006) |
| FreeBSD ptrace() DoS | | Published: | | 11.10.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 6703 | | Type: | | local | | Level: | | 5/10 | | Description: | | Integer overflow in PT_LWPINFO. |
| Affected: | | FREEBSD : FreeBSD 6.0 |
| Original document | | IDEFENSE, iDefense Security Advisory 10.10.06: FreeBSD ptrace PT_LWPINFO Denial of Service Vulnerability (11.10.2006) |
| Microsoft Windows Server service multiple security vulnerabilities | | Published: | | 11.10.2006 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 6699 | | Type: | | remote | | Level: | | 7/10 | | Description: | | Denial of service and code execution vulnerabilities. |
| Affected: | | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server |
| Original document | | MICROSOFT, Microsoft Security Bulletin MS06-063 Vulnerability in Server Service Could Allow Denial of Service (923414) (11.10.2006) |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 11.10.2006 | | Source: | | | | SecurityVulns ID: | | 6704 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: | | VTIGER : Vtiger CRM 4.2 | | | | GOOP : Goop Gallery 2.0 | | | | MYSQLDUMPER : MysqlDumper 1.21 | | | | PHPLIBRE : TribunaLibre 3.12 | | | | PHPLIBRE : registroTL | | | | ZEBIGBOZER : compteur 2 | | | | FOAFGEN : Foafgen 0.3 | | | | APSN : Album Photo Sans Nom 1.6 | | | | EXPBLOG : eXpBlog 0.3 | | | | PHPLIBRARY : PHPLibrary 1.5 | | | | CLAROLINE : Claroline 1.8 | | | | BLUESHOES : blueshoes 4.6 |
| Original document | | security_(at)_armorize.com, Directory Traversal Vulnerability in Goop Gallery 2.0.2 (11.10.2006) |
| | | tamriel_(at)_gmx.net, [Full-disclosure] eXpBlog <= 0.3.5 Cross Site Scripting Vulnerabilities (11.10.2006) |
| | | Mayhemic Labs Security, [Full-disclosure] MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues (11.10.2006) |
| | | Dragos Ruiu, [Full-disclosure] PacSec Hype Security Team: CGI.pm param injection (11.10.2006) |
| | | k1tk4t_(at)_newhack.org, blueshoes <= 4.6_public Remote File Inclusion (11.10.2006) |
| | | k1tk4t_(at)_newhack.org, claroline <= 180rc1 Remote File Inclusion (11.10.2006) |
| | | k1tk4t_(at)_newhack.org, tagit2b -- Remote File Inclusion (11.10.2006) |
| | | k1tk4t_(at)_newhack.org, PHPLibrary <= 1.5.3 Remote File Inclusion (11.10.2006) |
| | | Mayhemic Labs Security, MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues (11.10.2006) |
| | | tamriel_(at)_gmx.net, eXpBlog <= 0.3.5 Cross Site Scripting Vulnerabilities (11.10.2006) |
| | | erdc_(at)_echo.or.id, [ECHO_ADV_54$2006]vtiger CRM <=4.2 (calpath) Multiple Remote File Inclusion Vulnerability (11.10.2006) |
| | | gmdarkfig_(at)_gmail.com, 7 php scripts File Inclusion / Source disclosure Vuln (11.10.2006) |
| | | crackers child, MysqlDumper Version 1.21 b6 Xss Vulnerability (11.10.2006) |
| |
|
| |
