Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows GDI+ library DoS
updated since 11.06.2007
Published:12.06.2007
Source:
SecurityVulns ID:7788
Type:library
Threat Level:
5/10
Description:Division by zero on .ICO files parsing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
Original documentdocumentH D Moore, Re: GDI+ and Internet Explorer question (12.06.2007)
 documentDennis Rand, CSIS Advisory: Microsoft GDI+ Integer division by zero flaw handling .ICO files (11.06.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 12.06.2007
Published:12.06.2007
Source:
SecurityVulns ID:7797
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPLIVESUPPORT : PHP Live! Support 3.2
 SPORUM : Sporum Forum 3.0
Original documentdocumentspymaster_(at)_spykod.net, Webwiz vulnerable (12.06.2007)
 documentls_(at)_calima.serapis.net, Maran Blog XSS vulnerability (12.06.2007)
 documentThor Larholm, PHPMailer command execution (12.06.2007)
 documentr0t, Sporum Forum XSS vuln. (12.06.2007)
 documentr0t, PHP Live! Support XSS vuln. (12.06.2007)

Ace-FTP FTP client buffer overflow
Published:12.06.2007
Source:
SecurityVulns ID:7798
Type:client
Threat Level:
5/10
Description:Buffer overflow on parsing server banner.
Affected:ACEFTP : Ace-Ftp 1.24
Original documentdocumentKaCo678_(at)_aol.com, Seh over write (12.06.2007)
Files:Ace-Ftp client buffer over flow p0c

Windows Privacy Tray identiy spoofing
Published:12.06.2007
Source:
SecurityVulns ID:7799
Type:client
Threat Level:
5/10
Description:It's possible to spoof sender identity during message displaying.
Affected:WINPT : Windows Privacy Tray 1.2
Original documentdocumentnnposter_(at)_disclosed.not, WinPT User ID Spoofing Vulnerability (12.06.2007)

Cisco Trust Agent for Mac OS X privilege escalation
Published:12.06.2007
Source:
SecurityVulns ID:7800
Type:local
Threat Level:
5/10
Description:It's possible to manipulate system settings with root permissions while message is displayed during user logon.
Affected:CISCO : Cisco Trust Agent 2.1
Original documentdocumentadblake_(at)_deloitte.co.uk, Cisco Trust Agent Vulnerability (12.06.2007)

PHP parse_str variables overwrite
Published:12.06.2007
Source:
SecurityVulns ID:7802
Type:library
Threat Level:
5/10
Description:Insufficient arguments validation allows to overwrite internal variables.
Affected:PHP : PHP 4.0
Original documentdocumentgmdarkfig_(at)_gmail.com, PHP parse_str() arbitrary variable overwrite (12.06.2007)

Arris Cadant C3 CMTS DoS
Published:12.06.2007
Source:
SecurityVulns ID:7803
Type:remote
Threat Level:
5/10
Description:DoS on IP options processing.
Affected:ARRIS : Cadant C3
CVE:CVE-2007-2796 (Arris Cadant C3 CMTS allows remote attackers to cause a denial of service (service termination) via a malformed IP packet with an invalid IP option.)
Original documentdocumentZDI, ZDI-07-036: Arris Cadant C3 CMTS Remote DoS Vulnerability (12.06.2007)

Microsoft Visio multiple security vulnerabilities
updated since 12.06.2007
Published:12.06.2007
Source:
SecurityVulns ID:7804
Type:client
Threat Level:
6/10
Description:Multiple memory corruptions.
Affected:MICROSOFT : Visio 2002
 MICROSOFT : Visio 2003
CVE:CVE-2007-0936 (Multiple unspecified vulnerabilities in Microsoft Visio 2002 allow remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted packed object that triggers memory corruption, aka "Visio Document Packaging Vulnerability.")
 CVE-2007-0934 (Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption.)
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS07-030 - Important Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (927051) (12.06.2007)
Files:Microsoft Security Bulletin MS07-030 - Important Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (927051)

Microsoft Windows Vista weak security permissions
Published:12.06.2007
Source:
SecurityVulns ID:7806
Type:local
Threat Level:
6/10
Description:Weak permissions for files and registry entries.
Affected:MICROSOFT : Windows Vista
CVE:CVE-2007-2229 (Microsoft Windows Vista uses insecure default permissions for unspecified "local user information data stores" in the registry and the file system, which allows local users to obtain sensitive information such as administrative passwords, aka "Permissive User Information Store ACLs Information Disclosure Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS07-032 - Moderate Vulnerability in Windows Vista Could Allow Information Disclosure (931213) (12.06.2007)
Files:Microsoft Security Bulletin MS07-032 - Moderate Vulnerability in Windows Vista Could Allow Information Disclosure (931213)

Microsoft Windows APi code execution
Published:12.06.2007
Source:
SecurityVulns ID:7809
Type:client
Threat Level:
9/10
Description:Insufficient validation of function arguments.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2007-2219 (Unspecified vulnerability in the Win32 API on Microsoft Windows 2000, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via certain parameters to an unspecified function.)
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS07-035 — Critical Vulnerability in Win 32 API Could Allow Remote Code Execution (935839) (12.06.2007)
Files:Microsoft Security Bulletin MS07-035 — Critical Vulnerability in Win 32 API Could Allow Remote Code Execution (935839)

Apple Safari for Windows commands execution
updated since 12.06.2007
Published:13.06.2007
Source:
SecurityVulns ID:7801
Type:client
Threat Level:
6/10
Description:Shell characters problem on protocol handlers invocation. Format string vulnerability.
Affected:APPLE : Safari 3.0
Original documentdocumentTrancer, [Full-disclosure] Apple Safari for Windows feed:// URL Denial of Service Vulnerability (13.06.2007)
 documentThor Larholm, Safari for Windows, 0day URL protocol handler command injection (12.06.2007)

Microsoft Windows Secure Channle DoS
updated since 12.06.2007
Published:13.06.2007
Source:
SecurityVulns ID:7805
Type:library
Threat Level:
6/10
Description:Service hangs on SSL/TLS handshake parsing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows 2003 Server
CVE:CVE-2007-2218 (Unspecified vulnerability in the Windows Schannel Security Package for Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, allows remote servers to execute arbitrary code or cause a denial of service via crafted digital signatures that are processed during an SSL handshake.)
Original documentdocumentThomas Lim, [Full-disclosure] Windows Oday release (13.06.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-031 - Critical Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution (935840) (12.06.2007)
Files:Microsoft Security Bulletin MS07-031 - Critical Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution (935840)

Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.06.2007
Published:13.06.2007
Source:
SecurityVulns ID:7807
Type:client
Threat Level:
9/10
Description:Multiple memory corruptions, content spoofing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows 2003
 MICROSOFT : Windows Vista
CVE:CVE-2007-3027 (Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to install multiple language packs in a way that triggers memory corruption, aka "Language Pack Installation Vulnerability.")
 CVE-2007-2222 (Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and (2) ActiveVoice (Xvoice.dll) speech controls, as used by Microsoft Internet Explorer 5.01, 6, and 7, allow remote attackers to execute arbitrary code via a crafted ActiveX object that triggers memory corruption, as demonstrated via the ModeName parameter to the FindEngine function in ACTIVEVOICEPROJECTLib.DirectSS.)
 CVE-2007-1752 (** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1499. Reason: This candidate is a duplicate of CVE-2007-1499. Notes: All CVE users should reference CVE-2007-1499 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.)
 CVE-2007-1751 (Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to access an uninitialized or deleted object, related to prototype variables and table cells, aka "Uninitialized Memory Corruption Vulnerability.")
 CVE-2007-1750 (Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via a crafted Cascading Style Sheets (CSS) tag that triggers memory corruption.)
 CVE-2007-0218 (Microsoft Internet Explorer 5.01 and 6 allows remote attackers to execute arbitrary code by instantiating certain COM objects from Urlmon.dll, which triggers memory corruption during a call to the IObjectSafety function.)
Original documentdocumentSECURITEAM, [EXPL] Microsoft Windows XVoice.dll and Xlisten.dll Buffer Overflow (Exploit) (13.06.2007)
 documentIDEFENSE, iDefense Security Advisory 06.12.07: Microsoft License Manager and urlmon.dll COM Object Interaction Invalid Memory Access Vulnerability (13.06.2007)
 documentZDI, ZDI-07-038: Microsoft Internet Explorer Prototype Dereference Code Execution Vulnerability (13.06.2007)
 documentZDI, ZDI-07-037: Microsoft Internet Explorer Language Pack Installation Remote Code Execution Vulnerability (13.06.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-033 - Critical Cumulative Security Update for Internet Explorer (933566) (12.06.2007)
Files:Microsoft Windows DirectSpeechSynthesis Module (XVoice.dll) / DirectSpeechRecognition Module (Xlisten.dll) remote buffer overflow exploit / 2k sp4 seh version
 Microsoft Windows DirectSpeechSynthesis Module (XVoice.dll 4.0.4.2512) / DirectSpeechRecognition Module (Xlisten.dll 4.0.4.2512) remote buffer overflow exploit/ xp sp2 version
 Microsoft Security Bulletin MS07-033 - Critical Cumulative Security Update for Internet Explorer (933566)

Microsoft Outlook Express / Windows Mail multiple security vulnerabilities
updated since 12.06.2007
Published:22.06.2007
Source:
SecurityVulns ID:7808
Type:client
Threat Level:
8/10
Description:Multiple vulnerabilities on MHTML parsing. Code execution with UNC URLs.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
CVE:CVE-2007-2227 (The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notifications," which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "Content Disposition Parsing Cross Domain Information Disclosure Vulnerability.")
 CVE-2007-2225 (A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "URL Parsing Cross Domain Information Disclosure Vulnerability.")
 CVE-2007-1658 (Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a (1) local file or (2) UNC share pathname in which there is a directory with the same base name as an executable program at the same level, as demonstrated using C:/windows/system32/winrm (winrm.cmd) and migwiz (migwiz.exe).)
 CVE-2006-2111 (A component in Microsoft Outlook Express 6 allows remote attackers to bypass domain restrictions and obtain sensitive information via redirections with the mhtml: URI handler, as originally reported for Internet Explorer 6 and 7, aka "URL Redirect Cross Domain Information Disclosure Vulnerability.")
Original documentdocumentHASEGAWA Yosuke, [Full-disclosure] MS07-034: Executing arbitrary script with mhtml: protocol handler (22.06.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-034 - Critical Cumulative Security Update for Outlook Express and Windows Mail (929123) (12.06.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod