 |
|
|
|
Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.02.2008 | | Published: |  | 13.02.2008 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 8673 | | Type: |  | remote | | Level: |  | 8/10 | | Description: |  | Multiple memory corruptions. |
| Affected: |  | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server | | | | MICROSOFT : Windows Vista | | CVE: |  | CVE-2008-0078 | | | | CVE-2008-0077 | | | | CVE-2008-0076 | | | | CVE-2007-4790 (Stack-based buffer overflow in a certain ActiveX control in FPOLE.OCX 6.0.8450.0 in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library allows remote attackers to execute arbitrary code via a long first argument to the FoxDoCmd function.) |
| Original document |  | IDEFENSE, ZDI-08-006: Microsoft Internet Explorer SVG animateMotion.by Code Execution Vulnerability (13.02.2008) |
| | | IDEFENSE, iDefense Security Advisory 02.12.08: Microsoft Internet Explorer Property Memory Corruption Vulnerability (13.02.2008) |
| | | MICROSOFT, Microsoft Security Bulletin MS08-010 - Critical Cumulative Security Update for Internet Explorer (944533) (12.02.2008) |
| ClamAV antivirus integer overflow | | Published: | | 13.02.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8678 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Integer overflow on PE files parsing. |
| Affected: | | CLAMAV : ClamAV 0.92 | | CVE: | | CVE-2008-0318 |
| Original document | | IDEFENSE, iDefense Security Advisory 02.12.08: ClamAV libclamav PE File Integer Overflow Vulnerability (13.02.2008) |
| Intermate WinIPDS multiple security vulnerabilities | | Published: | | 13.02.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8682 | | Type: | | remote | | Level: | | 5/10 | | Description: | | DoS, directory traversal. |
| Affected: | | INTERMATE : WinIPDS 3.3 |
| Original document | | Luigi Auriemma, Directory traversal and DoS in WinIPDS G52-33-021 (13.02.2008) |
| Apple QuickTime ActiveX buffer overflow | | Published: | | 13.02.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8685 | | Type: | | client | | Level: | | 7/10 | | Description: | | Multiple buffer overflows in different methods and properties. |
| Affected: | | APPLE : QuickTime Player 7.4 |
| Original document | | laurent.gaffie_(at)_gmail.com, QuickTime <= 7.4.1 QTPlugin.ocx Multiple Remote Stack Overflow (13.02.2008) |
| Adobe Flash Media Server multiple security vulnerabilities | | Published: | | 13.02.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8686 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Integer overflows and memory corruptions on parsing TCP/1935 and TCP/19350 RTMP messages. |
| Affected: | | ADOBE : Flash Media Server 2.0 | | CVE: | | CVE-2007-6149 |
| Original document | | IDEFENSE, iDefense Security Advisory 02.12.08: Adobe Flash Media Server 2 Memory Corruption Vulnerability (13.02.2008) |
| | | IDEFENSE, iDefense Security Advisory 02.12.08: Adobe Flash Media Server 2 Multiple Integer Overflow Vulnerabilities (13.02.2008) |
| Microsoft Publisher multiple security vulnerabilities | | Published: | | 13.02.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 8675 | | Type: | | client | | Level: | | 6/10 | | Description: | | Uninitialized memory reference and DoS conditions on .pub files processing. |
| Affected: | | MICROSOFT : Publisher 2000 | | | | MICROSOFT : Publisher 2003 | | | | MICROSOFT : Publisher XP | | CVE: | | CVE-2008-0104 | | | | CVE-2008-0102 |
| Original document | | MICROSOFT, Microsoft Security Bulletin MS08-012 - Critical Vulnerabilities in Microsoft Office Publisher Could Allow Remote Code Execution (947085) (13.02.2008) |
| Novell Netware Client buffer overflow | | Published: | | 13.02.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8680 | | Type: | | remote | | Level: | | 5/10 | | Description: | | NWSPOOL.DLL EnumPrinters buffer overflow. |
| CVE: | | CVE-2008-0639 (Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701.) |
| Original document | | ZDI, ZDI-08-005: Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability (13.02.2008) |
| Gnumeric buffer overflow | | Published: | | 13.02.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8683 | | Type: | | client | | Level: | | 5/10 | | Description: | | Buffer overflow on .XLS files parsing. |
| Affected: | | GNOME : gnumeric 1.8 | | CVE: | | CVE-2008-0668 (The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. NOTE: some of these details are obtained from third party information.) |
| Original document | | GENTOO, [Full-disclosure] [ GLSA 200802-05 ] Gnumeric: User-assisted execution of arbitrary code (13.02.2008) |
| Microsoft Office memory corruption | | Published: | | 13.02.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 8676 | | Type: | | client | | Level: | | 6/10 | | Description: | | Memory corruption on malformed embedded objects. |
| Affected: | | MICROSOFT : Office 2000 | | | | MICROSOFT : Office XP | | | | MICROSOFT : Office 2003 | | | | MICROSOFT : Office 2004 for Mac | | CVE: | | CVE-2008-0103 |
| Original document | | MICROSOFT, Microsoft Security Bulletin MS08-013 – Critical Vulnerability in Microsoft Office Could Allow Remote Code Execution (947108) (13.02.2008) |
| HP Mercury SiteScope multiple security vulnerabilities | | Published: | | 13.02.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8679 | | Type: | | remote | | Level: | | 5/10 |
| Original document | | IOActive Advisories, IOActive Security Advisory: Multiple Remote SiteScope Vulnerabilities (13.02.2008) |
| Apple Mac OS X multiple security vulnerabilities | | Published: | | 13.02.2008 | | Source: | | APPLE | | SecurityVulns ID: | | 8684 | | Type: | | remote | | Level: | | 7/10 | | Description: | | Service Location Protocol buffer overflow, Safari code execution, Time Machine code execution, Mail file:// URI code execution, Parental Control information leakage, Terminal URI code execution,Open Directory weak authentication, NFS client and server DoS. |
| CVE: | | CVE-2008-0042 | | | | CVE-2008-0041 | | | | CVE-2008-0040 | | | | CVE-2008-0039 | | | | CVE-2008-0038 | | | | CVE-2008-0035 | | | | CVE-2007-0355 (Buffer overflow in the Apple Minimal SLP v2 Service Agent (slpd) in Mac OS X 10.4.8 and earlier allows local users, and possibly remote attackers, to gain privileges and possibly execute arbitrary code via a registration request with an invalid attr-list field.) |
| Original document | | , (unnamed)(13.02.2008) |
| Microsoft Works / Microsoft Office multiple security vulnerabilities | | Published: | | 13.02.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 8674 | | Type: | | client | | Level: | | 6/10 | | Description: | | Multiple buffer overflows and integer overflows on .wps files parsing. |
| Affected: | | MICROSOFT : Office 2000 | | | | MICROSOFT : Office XP | | | | MICROSOFT : Office 2003 | | | | MICROSOFT : Works 8.0 | | | | MICROSOFT : Works Suite 2005 | | CVE: | | CVE-2008-0108 | | | | CVE-2008-0105 | | | | CVE-2007-0216 |
| Original document | | IDEFENSE, iDefense Security Advisory 02.12.08: Microsoft Office Works Converter Stack-based Buffer Overflow Vulnerability (13.02.2008) |
| | | IDEFENSE, iDefense Security Advisory 02.12.08: Microsoft Office Works Converter Heap Overflow Vulnerability (13.02.2008) |
| | | MICROSOFT, Microsoft Security Bulletin MS08-011 – Important Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution (947081) (13.02.2008) |
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 13.02.2008 | | Published: | | 13.02.2008 | | Source: | | | | SecurityVulns ID: | | 8677 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| |
|
| |
