Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows Secure Channle DoS
updated since 12.06.2007
Published:13.06.2007
Source:
SecurityVulns ID:7805
Type:library
Threat Level:
6/10
Description:Service hangs on SSL/TLS handshake parsing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows 2003 Server
CVE:CVE-2007-2218 (Unspecified vulnerability in the Windows Schannel Security Package for Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, allows remote servers to execute arbitrary code or cause a denial of service via crafted digital signatures that are processed during an SSL handshake.)
Original documentdocumentThomas Lim, [Full-disclosure] Windows Oday release (13.06.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-031 - Critical Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution (935840) (12.06.2007)
Files:Microsoft Security Bulletin MS07-031 - Critical Vulnerability in the Windows Schannel Security Package Could Allow Remote Code Execution (935840)

Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.06.2007
Published:13.06.2007
Source:
SecurityVulns ID:7807
Type:client
Threat Level:
9/10
Description:Multiple memory corruptions, content spoofing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows 2003
 MICROSOFT : Windows Vista
CVE:CVE-2007-3027 (Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to install multiple language packs in a way that triggers memory corruption, aka "Language Pack Installation Vulnerability.")
 CVE-2007-2222 (Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and (2) ActiveVoice (Xvoice.dll) speech controls, as used by Microsoft Internet Explorer 5.01, 6, and 7, allow remote attackers to execute arbitrary code via a crafted ActiveX object that triggers memory corruption, as demonstrated via the ModeName parameter to the FindEngine function in ACTIVEVOICEPROJECTLib.DirectSS.)
 CVE-2007-1752 (** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1499. Reason: This candidate is a duplicate of CVE-2007-1499. Notes: All CVE users should reference CVE-2007-1499 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.)
 CVE-2007-1751 (Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to access an uninitialized or deleted object, related to prototype variables and table cells, aka "Uninitialized Memory Corruption Vulnerability.")
 CVE-2007-1750 (Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via a crafted Cascading Style Sheets (CSS) tag that triggers memory corruption.)
 CVE-2007-0218 (Microsoft Internet Explorer 5.01 and 6 allows remote attackers to execute arbitrary code by instantiating certain COM objects from Urlmon.dll, which triggers memory corruption during a call to the IObjectSafety function.)
Original documentdocumentSECURITEAM, [EXPL] Microsoft Windows XVoice.dll and Xlisten.dll Buffer Overflow (Exploit) (13.06.2007)
 documentIDEFENSE, iDefense Security Advisory 06.12.07: Microsoft License Manager and urlmon.dll COM Object Interaction Invalid Memory Access Vulnerability (13.06.2007)
 documentZDI, ZDI-07-038: Microsoft Internet Explorer Prototype Dereference Code Execution Vulnerability (13.06.2007)
 documentZDI, ZDI-07-037: Microsoft Internet Explorer Language Pack Installation Remote Code Execution Vulnerability (13.06.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-033 - Critical Cumulative Security Update for Internet Explorer (933566) (12.06.2007)
Files:Microsoft Windows DirectSpeechSynthesis Module (XVoice.dll) / DirectSpeechRecognition Module (Xlisten.dll) remote buffer overflow exploit / 2k sp4 seh version
 Microsoft Windows DirectSpeechSynthesis Module (XVoice.dll 4.0.4.2512) / DirectSpeechRecognition Module (Xlisten.dll 4.0.4.2512) remote buffer overflow exploit/ xp sp2 version
 Microsoft Security Bulletin MS07-033 - Critical Cumulative Security Update for Internet Explorer (933566)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:13.06.2007
Source:
SecurityVulns ID:7810
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WEBAPP : WebAPP 0.9
 YABB : YaBB 2.1
Original documentdocumentIDEFENSE, [Full-disclosure] iDefense Security Advisory 06.12.07: YaBB Forum member.vars CRLF Injection Privilege Escalation Vulnerability (13.06.2007)
 documentweb-app_(at)_hotmail.com, Menu Manager Mod for WebAPP - No Input Filtering (13.06.2007)

Apple Safari crossite scripting
Published:13.06.2007
Source:
SecurityVulns ID:7811
Type:client
Threat Level:
5/10
Description:window.setTimeout() works in context of changed window.location.
Affected:APPLE : Safari 3.0
Original documentdocumentRobert Święcki, [Full-disclosure] Apple Safari: cookie stealing (13.06.2007)

Apple Safari for Windows commands execution
updated since 12.06.2007
Published:13.06.2007
Source:
SecurityVulns ID:7801
Type:client
Threat Level:
6/10
Description:Shell characters problem on protocol handlers invocation. Format string vulnerability.
Affected:APPLE : Safari 3.0
Original documentdocumentTrancer, [Full-disclosure] Apple Safari for Windows feed:// URL Denial of Service Vulnerability (13.06.2007)
 documentThor Larholm, Safari for Windows, 0day URL protocol handler command injection (12.06.2007)

libexif library integer overflow
updated since 05.06.2007
Published:13.06.2007
Source:
SecurityVulns ID:7779
Type:library
Threat Level:
5/10
Description:Integer overflow on EXIF data parsing.
Affected:LIBEXIF : libexif 0.6
CVE:CVE-2007-2645 (Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 06.13.07: Multiple Vendor libexif Integer Overflow Heap Corruption Vulnerability (13.06.2007)
 documentRPATH, rPSA-2007-0115-1 libexif (05.06.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod