Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:13.01.2009
Source:
SecurityVulns ID:9574
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. FCKeditor: crossite scripting, information leak. WOSendNews: crossite scripting, information leak.
Affected:FCKEDITOR : FCKeditor 2.4
 FCKEDITOR : FCKeditor 2.3
 WOSENDNEWS : WOSendNews 1.5
 COMERSUS : Comersus Shopping Cart 6
Original documentdocumentajannhwt_(at)_hotmail.com, Comersus Shopping Cart <= v6 Remote User Pass Exploit (13.01.2009)
 documentjoseph.giron13_(at)_gmail.com, Visuplay CMS SQL injection vulnerability (13.01.2009)
 documentbilgi asd Kral, AktifKobi Kurumsal Web Sql Injection Vulnerability (Tr) (13.01.2009)
 documentMustLive, Vulnerabilities in WOSendNews (13.01.2009)
 documentMustLive, New vulnerabilities in FCKeditor (13.01.2009)
Files:Comersus Shopping Cart <= v6 Remote User Pass Exploit

PDFBuilderX ActiveX unauthorized filesystem access
Published:13.01.2009
Source:
SecurityVulns ID:9576
Type:client
Threat Level:
5/10
Description:Unsafe methods are available.
Affected:CIANSOFT : PDFBuilderX 2.2
Original documentdocumentfakeperson7, PDFBuilderX 2.2 Arbitrary File Overwrite (13.01.2009)

DevIL library buffer overflow
Published:13.01.2009
Source:
SecurityVulns ID:9578
Type:library
Threat Level:
5/10
Description:Buffer overflow in iGetHdrHeader() function on Radiance RGBE files processing.
Affected:DEVIL : DevIL 1.7
CVE:CVE-2008-5262 (Multiple stack-based buffer overflows in the iGetHdrHeader function in src-IL/src/il_hdr.c in DevIL 1.7.4 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE file.)
Original documentdocumentSECUNIA, Secunia Research: DevIL "iGetHdrHeader()" Buffer Overflow Vulnerabilities (13.01.2009)

Microsoft Windows SMB multiple security vulnerabilities
updated since 13.01.2009
Published:14.01.2009
Source:
SecurityVulns ID:9575
Type:remote
Threat Level:
9/10
Description:Buffer overflows and DoS conditions.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2008-4835 (SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans2 request, related to "insufficiently validating the buffer size," aka "SMB Validation Remote Code Execution Vulnerability.")
 CVE-2008-4834 (Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans request, aka "SMB Buffer Overflow Remote Code Execution Vulnerability.")
 CVE-2008-4114 (srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via an SMB WRITE_ANDX packet with an offset that is inconsistent with the packet size, related to "insufficiently validating the buffer size," as demonstrated by a request to the \PIPE\lsarpc named pipe, aka "SMB Validation Denial of Service Vulnerability.")
Original documentdocumentZDI, ZDI-09-002: Microsoft SMB NT Trans2 Request Parsing Remote Code Execution Vulnerability (14.01.2009)
 documentZDI, ZDI-09-001: Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability (13.01.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-001 - Critical Vulnerabilities in SMB Could Allow Remote Code Execution (958687) (13.01.2009)
Files:Microsoft Security Bulletin MS09-001 - Critical Vulnerabilities in SMB Could Allow Remote Code Execution (958687)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod