Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:12.11.2007
Source:
SecurityVulns ID:8329
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PHP-Nuke: CAPTCHA protection bypass.
Affected:EGGBLOG : EggBlog 3.1
 PHPMYADMIN : phpMyAdmin 2.11
 PHPNUK : PHP-Nuke 8.1
 LISCRIPTS : LI-Guestbook 1.2
 PEOPLEAGGREGATOR : PeopleAggregator 1.2
CVE:CVE-2007-5631 (Multiple PHP remote file inclusion vulnerabilities in PeopleAggregator 1.2pre6 allow remote attackers to execute arbitrary PHP code via a URL in the current_blockmodule_path parameter to (1) AudiosMediaGalleryModule/AudiosMediaGalleryModule.php, (2) ImagesMediaGalleryModule/ImagesMediaGalleryModule.php, (3) MembersFacewallModule/MembersFacewallModule.php, (4) NewestGroupsModule/NewestGroupsModule.php, (5) UploadMediaModule/UploadMediaModule.php, and (6) VideosMediaGalleryModule/VideosMediaGalleryModule.php in BetaBlockModules/; and (7) the path_prefix parameter to several components.)
 CVE-2007-5589 (Muliple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in (1) PHP_SELF in (a) server_status.php, and (b) grab_globals.lib.php, (c) display_change_password.lib.php, and (d) common.lib.php in libraries/; and certain input available in PHP_SELF and (2) PATH_INFO in libraries/common.inc.php. NOTE: there might also be other vectors related to (3) REQUEST_URI.)
 CVE-2007-5386 (Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string.)
 CVE-2007-3694
Original documentdocumentphil_(at)_broadbandmechanics.com, PeopleAggregatory security advisory - re CVE-2007-5631 (12.11.2007)
 documentGuns_(at)_0x90.com.ar, PHP-Nuke Module Advertising Blind SQL Injection (12.11.2007)
 documentmesut_(at)_h-labs.org, Eggblog v3.1.0 XSS Vulnerability (12.11.2007)
 documentAdvisory_(at)_Aria-Security.net, Aria-Security.Net Research: Rapid Classified HotList Image (12.11.2007)
 documentHanno Bock, [Full-disclosure] CVE-2007-3694: Cross site scripting (XSS) in broadcast machine (12.11.2007)
 documentdrakomo_(at)_gmail.com, SQL injection bug found in TBSource. (12.11.2007)
 documentroot_(at)_hanicker.it, xoops mylinks module - sql injection (12.11.2007)
 documentabc.seo_(at)_gmail.com, li-guestbook sql inj (12.11.2007)
 documentDEBIAN, [SECURITY] [DSA 1403-1] New phpmyadmin packages fix cross-site scripting (12.11.2007)
 documentAdvisory_(at)_Aria-Security.net, Aria-Security.Net Research: Lotfian BROCHURE Management System (12.11.2007)
 documentMustLive, Vulnerability in PHP-Nuke captcha (12.11.2007)
Files:Exploits PHP-Nuke Module Advertising Blind SQL Injection

HP-UX Aries PA Emulator privilege escalation
Published:12.11.2007
Source:
SecurityVulns ID:8330
Type:local
Threat Level:
5/10
Affected:HP : HP-UX 11.23
 HP : HP-UX 11.31
Original documentdocumentHP, [security bulletin] HPSBUX02285 SSRT071484 rev.1 - HP-UX Running Aries PA Emulator, Local Unauthorized Access (12.11.2007)

IBM Informix Dynamic Server privilege escalation
Published:12.11.2007
Source:
SecurityVulns ID:8331
Type:local
Threat Level:
6/10
Description:Directory traversal on DBLANG environment variable parsing allows to specify attacker-controlled NLS files, leading to possibility of format string attacks for suid applications.
Affected:IBM : Informix Dynamic Server 10.00
CVE:CVE-2007-5670
Original documentdocumentIDEFENSE, iDefense Security Advisory 11.09.07: IBM Informix Dynamic Server DBLANG Directory Traversal Vulnerability (12.11.2007)

AOL Radio AmpX Active X buffer overflow
Published:12.11.2007
Source:
SecurityVulns ID:8332
Type:client
Threat Level:
5/10
Description:Multiple buffer overflows in different methods.
CVE:CVE-2007-5755
Original documentdocumentIDEFENSE, iDefense Security Advisory 11.09.07: AOL AmpX ActiveX Control Multiple Buffer Overflow Vulnerabilities (12.11.2007)

Adobe Shockwave ActiveX buffer overflow
Published:12.11.2007
Source:
SecurityVulns ID:8334
Type:remote
Threat Level:
6/10
Description:Buffer overflow in ShockwaveVersion method.
Original documentdocumentElazar Broad, [Full-disclosure] Adobe Shockwave ShockwaveVersion() Stack Overflow (12.11.2007)

Mozilla Forefox jar: URL crossite scripting
updated since 12.11.2007
Published:27.11.2007
Source:
SecurityVulns ID:8333
Type:remote
Threat Level:
6/10
Description:It's possible to fire crossite scripting attack via jar: protocol by uploading JAR, DOC, ZIP, etc files.
Affected:MOZILLA : Firefox 2.0
 MOZILLA : SeaMonkey 1.1
 XULRUNNER : xulrunner 1.8
CVE:CVE-2007-5947 (The jar protocol handler in Mozilla Firefox retrieves the inner URL regardless of its MIME type, and considers HTML documents within a jar archive to have the same origin as the inner URL, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a jar: URI.)
Original documentdocumentMOZILLA, Mozilla Foundation Security Advisory 2007-37 (27.11.2007)
 documentPDP, Web Mayhem: Firefox’s JAR: Protocol issues (12.11.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod