Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:12.05.2006
Source:
SecurityVulns ID:6127
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:UNCLASSIFIED : Unclassified NewsBoard 1.6
 EBD : e-business designer 3.1
Original documentdocumentPedro Andujar, Several flaws in e-business designer (12.05.2006)
 documentsn4k3.23_(at)_gmail.com, phpBB "charts.php" XSS and SQL-Injection (12.05.2006)
Files:Exploits Unclassified NewsBoard <= 1.6.1 patch 1 ABBC[Config][smileset] arbitrary local inclusion

Apple Quick Time Streaming Server buffer overflow
Published:12.05.2006
Source:
SecurityVulns ID:6130
Type:remote
Threat Level:
7/10
Description:Buffer overflow on RTSP protocol headers parsing.
Affected:APPLE : Quick Time Streaming Server 5.5
Original documentdocumentnoreply_(at)_musecurity.com, [Full-disclosure] Apple QuickTimeStreamingServer RTSP Server Vulnerability [MU-200605-02] (12.05.2006)

Symantec Firewall information leak
Published:12.05.2006
Source:
SecurityVulns ID:6131
Type:remote
Threat Level:
4/10
Description:With request like "get/XX HTTP/1.0" it's possible to obtain IP address of internal Web server.
Affected:SYMANTEC : Symantec Enterprise Firewall 8.0
Original documentdocumentSEC Consult Vulnerability Lab, [Full-disclosure] SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure (12.05.2006)

Ipswitch WhatsUp network monitoring tool multiple security vulnerabilities
Published:12.05.2006
Source:
SecurityVulns ID:6128
Type:remote
Threat Level:
5/10
Description:Information disclosure, crossite scripting.
Original documentdocumentDavid Maciejak, Ipswitch WhatsUp Professional multiple flaws (12.05.2006)

Macromedia ColdFusion MX application server crossite scripting
updated since 28.04.2005
Published:12.05.2006
Source:
SecurityVulns ID:4742
Type:remote
Threat Level:
5/10
Description:Crossite scripting with error pages.
Affected:MACROMEDIA : ColdFusion MX 7
Original documentdocumentzuxncwaruio_(at)_mailinator.com, yet more XSS in older versions of ColdFusion (12.05.2006)
 documentMACROMEDIA, New Macromedia Security Zone Bulletin Posted (12.05.2005)
 documentSECUNIA, [SA15050] Macromedia ColdFusion Error Page Cross-Site Scripting (28.04.2005)

Apple QuickTime multiple security vulnerabilities
updated since 12.05.2006
Published:13.05.2006
Source:
SecurityVulns ID:6129
Type:remote
Threat Level:
7/10
Description:Buffer overflow on MOV files udta atom parsing. Buffer overflow on FPX files parsing. H.264 protocol parsing heap overflow.
Affected:APPLE : QuickTime 7.0
 APPLE : QuickTime 10.3
Original documentdocumentCERT, US-CERT Technical Cyber Security Alert TA06-132B -- Apple QuickTime Vulnerabilities (13.05.2006)
 documentMCAFEE, [Full-disclosure] Apple QuickDraw/QuickTime Multiple Vulnerabilities (12.05.2006)
 documentZDI, [Full-disclosure] ZDI-06-015: Apple QuickTime H.264 Parsing Heap Overflow Vulnerability (12.05.2006)
 documentEEYE, [Full-disclosure] [EEYEB-20060307] Apple QuickTime FPX Integer Overflow (12.05.2006)
 documentSowhat ., Apple QuickTime udta ATOM Heap Overflow (12.05.2006)

Multiple Apple MacOS X security vulnerabilities
updated since 12.05.2006
Published:14.05.2006
Source:
SecurityVulns ID:6132
Type:remote
Threat Level:
7/10
Description:Security update for May fixes 25 different vulnerabilities.
Affected:APPLE : MacOS X 10.3
 APPLE : Mac OS X 10.4
Original documentdocumentCERT, US-CERT Technical Cyber Security Alert TA06-132A -- Apple Mac Products Affected by Multiple Vulnerabilities (14.05.2006)
 documentSECUNIA, [SA20077] Mac OS X Security Update Fixes Multiple Vulnerabilities (12.05.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod