Computer Security

Search:Vulnerability:13.04.2006
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Opera browser integer overflow
Published:13.04.2006
Source:BUGTRAQ
SecurityVulns ID:6002
Type:client
Level:6/10
Description:Integer overflow on long stylsheet sttribute. Can potentially be used for hidden malware installation.
Affected:OPERA : Opera 8.52
Original documentdocumentDaniel Fabian, [Full-disclosure] SEC Consult SA-20060314 :: Opera Browser CSS Attribute Integer Wrap / Buffer Overflow (13.04.2006)
Discuss:Read or add your comments to this news (0 comments)

Multiple Adobe Document Server for Reader Extensions security vulnerabilities
Published:13.04.2006
Source:FULL-DISCLOSURE
SecurityVulns ID:6003
Type:remote
Level:5/10
Description:Protection bypass, crossite scripting, session hijacking.
Affected:ADOBE : Adobe Graphics Server 2.1
 ADOBE : Adobe Document Server 6.0
Original documentdocumentSECUNIA, [Full-disclosure] Secunia Research: Adobe Document Server for Reader Extensions Multiple Vulnerabilities (13.04.2006)
Discuss:Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:13.04.2006
Source:
SecurityVulns ID:6004
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:JELSOFT : vBulletin 3.5
 CLANSYS : Clansys 1.1
 PLONE : Plone 2.0
 AWEB : Aweb's Banner Generator 3.0
 SPHIDER : Sphider 1.3
 PHP121 : PHP121 Instant Messenger 1.4
 QLITENEWS : qliteNews 2005.07.01
Original documentdocumentdr.jr7_(at)_hotmail.com, Remote File Inclusion in VBulletin ImpEx (13.04.2006)
 documentAliaksandr Hartsuyeu, [eVuln] qliteNews SQL Injection Vulnerability (13.04.2006)
 documentstormhacker_(at)_hotmail.com, SimpleBBS v1.1(posts.php) remote command execution (13.04.2006)
 documentstormhacker_(at)_hotmail.com, SimpleBBS v1.1(posts.php) remote command execution (13.04.2006)
 documentsoot hackers, PatroNet CMS Xss Vuln (13.04.2006)
 documentsoot hackers, Clansys Multiple Xss Vulnerabilities (13.04.2006)
 documentSECUNIA, [SA19621] Aweb's Banner Generator "banner" Cross-Site Scripting (13.04.2006)
 documentSECUNIA, [SA19633] Plone "member_id" Parameter Portrait Manipulation Vulnerability (13.04.2006)
 documentcodexploder_(at)_linuxmail.org, Tьmer Bilişim File İnclusion (13.04.2006)
Files:Exploits Sphider <= 1.3 arbitrary remote inclusion
 PHP121 Instant Messenger <= 1.4 $_SESSION[sess_username] remote cmmnds xctn
Discuss:Read or add your comments to this news (0 comments)

Multiple NetBSD security vulnerabilities
Published:13.04.2006
Source:SECUNIA
SecurityVulns ID:6007
Type:remote
Level:6/10
Description:RNG generator non-random strem generation, DoS conditions.
Affected:NETBSD : NetBSD 1.6
Original documentdocumentSECUNIA, [SA19585] NetBSD False Intel Hardware RNG Detection Security Issue (13.04.2006)
 documentSECUNIA, [SA19615] NetBSD SIOCGIFALIAS "ioctl()" Denial of Service Vulnerability (13.04.2006)
 documentSECUNIA, [SA19616] NetBSD "sysctl()" Local Denial of Service Vulnerability (13.04.2006)
Discuss:Read or add your comments to this news (0 comments)

Amaya HTML editor buffer overflow
Published:13.04.2006
Source:BUGTRAQ
SecurityVulns ID:6008
Type:client
Level:5/10
Description:Few different stack-based buffer overflows on HTML parsing.
Affected:W3C : Amaya 9.4
Original documentdocumentThomas Waldegger, [BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 #2 (13.04.2006)
 documentThomas Waldegger, [BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 (13.04.2006)
Discuss:Read or add your comments to this news (0 comments)

Novell GroupWise Messenger buffer overflow
Published:13.04.2006
Source:FULL-DISCLOSURE
SecurityVulns ID:6009
Type:remote
Level:7/10
Description:TC{/8300 HTTP request oversized Accept-Language header buffer overflow.
Affected:NOVELL : GroupWise Messenger 2.0
Original documentdocumentZDI, [Full-disclosure] ZDI-06-008: Novell GroupWise Messenger Accept-Language Buffer Overflow (13.04.2006)
Files:Exploits Novell Messenger Server 2.0 Accept-Language Overflow
Discuss:Read or add your comments to this news (0 comments)

Microsoft Frontpage crossite scripting
updated since 11.04.2006
Published:13.04.2006
Source:MICROSOFT
SecurityVulns ID:5998
Type:remote
Level:5/10
Affected:MICROSOFT : FrontPage Server Extensions 2002
 MICROSOFT : SharePoint Team Services
Original documentdocumentEsteban Martinez Fayo, Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting (13.04.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-017 Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting (917627) (11.04.2006)
Files:http://www.microsoft.com/technet/security/Bulletin/MS06-017.mspx
Discuss:Read or add your comments to this news (0 comments)

Adobe LiveCycle security restrictiions bypass
Published:13.04.2006
Source:SECUNIA
SecurityVulns ID:6005
Type:remote
Level:5/10
Description:User marked as OBSOLETE can access server.
Affected:ADOBE : LiveCycle Workflow 7.01
 ADOBE : Adobe LiveCycle Form Manager 7.01
Original documentdocumentSECUNIA, [SA19620] Adobe LiveCycle "OBSOLETE" User Information Disclosure (13.04.2006)
Discuss:Read or add your comments to this news (0 comments)

Sybase EAServer information leak
Published:13.04.2006
Source:SECUNIA
SecurityVulns ID:6006
Type:local
Level:5/10
Description:Security credentials are stored insecurely in connection cache.
Affected:SYBASE : EAServer 5.2
 SYBASE : EAServer 5.3
Original documentdocumentSECUNIA, [SA19605] Sybase EAServer Sybase Central Exposure of User Credentials (13.04.2006)
Files:Exploits Sybase EAServer 5.2 Remote Stack Overflow
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server