Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Office multiple security vulnerabilities
updated since 11.10.2006
Published:13.10.2006
Source:
SecurityVulns ID:6697
Type:client
Threat Level:
8/10
Description:Multiple Excel vulnerabilities on different records type parsing and formats conversion. Multiple Microsoft Word code execution vulnerabilities. Memory corruptions in different Office products.
Affected:MICROSOFT : Office 2000
 MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2004 for Mac
 MICROSOFT : Office v. X for Mac
 MICROSOFT : Works 2004
 MICROSOFT : Works 2005
 MICROSOFT : Works 2006
Original documentdocumentMCAFEE, MS06-060 Microsoft Word Memmove Code Execution (13.10.2006)
 documentMCAFEE, [Full-disclosure] MS06-060 Microsoft Word Memmove Code Execution (12.10.2006)
 documentSowhat ., Microsoft Office Malformed Record Memory Corruption Vulnerability (11.10.2006)
 documentZDI, ZDI-06-034: Microsoft Office Word Malformed Chart Code Execution Vulnerability (11.10.2006)
 documentZDI, ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability (11.10.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-062 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581) (11.10.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-060 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (924554) (11.10.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-059 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164) (11.10.2006)
Files:Microsoft Security Bulletin MS06-059 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
 Microsoft Security Bulletin MS06-060 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (924554)
 Microsoft Security Bulletin MS06-062 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)

Mcafee Network Agent buffer overflow
Published:13.10.2006
Source:
SecurityVulns ID:6709
Type:remote
Threat Level:
6/10
Description:Buffer overflow on oversized string to TCP/6646.
Files:Exploits Mcafee Network Agent (mcnasvc.exe) Remote DoS

Google Earth buffer overflow
Published:13.10.2006
Source:
SecurityVulns ID:6710
Type:client
Threat Level:
5/10
Description:Buffer overflow on .kml and .kmz files.
Affected:GOOGLE : Google Earth 4.0
Files:Google Earth (kml & kmz files) Heap Overflow

PHP safe_mode glob() protection bypass
Published:13.10.2006
Source:
SecurityVulns ID:6711
Type:local
Threat Level:
5/10
Description:glob() function allows to check existance of file/directory and build directory listing.
Affected:PHP : PHP 5.2
Files:PHP Safe mode breaker

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:13.10.2006
Source:
SecurityVulns ID:6712
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPBB : phpBB 2.0
 XEOPORT : Xeobook 0.93
 XEOPORT : XeoPort 0.81
 MAMBO : ExtCalThai_Component 0.9
 MALUINFO : maluinfo 206.2
 PHPBB : phpBB PlusXL 2.0
 GENEPI : Genepi 1.6
 CDSAGENDA : Cdsagenda 4.2
 PHPMYCONFERENCES : phpMyConferences 8.0
 OCS : Open Conference Systems 1.1
 PHPBB : PHPBB insert user 0.1
 REDACTIONSYSTEM : Redaction System 1.0
 PHPBB : phpBB SpamBlocker Mod 1.0
 PHPBB : phpBB Import Tools Mod 0.1
 PHPBB : phpBB Ajax Shoutbox 0.0
 AFGB : afgb GUESTBOOK 2.2
 MINIBB : miniBB keyword_replacer 1.0
Original documentdocumentCvIr.System_(at)_gmail.com, CMS contenido Remote File Inclusion (13.10.2006)
 documentKw3rLn, miniBB keyword_replacer <= 1.0 [pathToFiles] Remote File Include Vulnerability (13.10.2006)
 documentMILW0RM, AFGB GUESTBOOK 2.2 (Htmls) Remote File Include Vulnerabilities (13.10.2006)
 documentMILW0RM, phpBB Ajax Shoutbox <= 0.0.5 Remote File Include Vulnerability (13.10.2006)
 documentMILW0RM, phpBB Import Tools Mod <= 0.1.4 Remote File Include Vulnerability (13.10.2006)
 documentMILW0RM, phpht Topsites (common.php) Remote File Include Vulnerability (13.10.2006)
 documentk1tk4t_(at)_newhack.org, Open Conference Systems <= 1.1.3 Remote File Inclusion (13.10.2006)
 documentk1tk4t_(at)_newhack.org, phpMyConferences <= 8.0.2 Remote File Inclusion (13.10.2006)
 documentMILW0RM, Cdsagenda <= 4.2.9 (SendAlertEmail.php) File Include Vulnerability (13.10.2006)
 documentKw3rLn, Genepi <= 1.6 [topdir] Remote File Include Vulnerability (13.10.2006)
 documentk1tk4t_(at)_newhack.org, ExtCalThai_Component <= 0.9.1 Remote File Inclusion (13.10.2006)
 documentReeM_HaCk_(at)_HoTmAiL.cOm, Security Suite IP Logger Remote File Inclusion (13.10.2006)
 documentReeM_HaCk_(at)_HoTmAiL.cOm, Security Suite IP Logger Remote File Inclusion (13.10.2006)
 documenthack2prison_(at)_yahoo.com, Iono all version fullpath disclosure (13.10.2006)
 documenttamriel_(at)_gmx.net, Xeobook <= 0.93 Multiple SQL Injection Vulnerabilities (13.10.2006)
 documenttamriel_(at)_gmx.net, XeoPort <= 0.81 SQL Injection Vulnerability (13.10.2006)
Files:maluinfo version 206.2.38l Remote File Include Vulnerability
 Exploits phpBB PlusXL 2.x <= biuld 272 Remote File Include Vulnerability
 PHPBB insert user 0.1
 Redaction System 1.0000 - Remote Include Exploit
 pamBlockerMODv <= 1.0.2 Remote File Include Vulnerability

Wireless Location Appliance default account
Published:13.10.2006
Source:
SecurityVulns ID:6713
Type:remote
Threat Level:
6/10
Description:'root' account has dafult password.
Affected:CISCO : Wireless Location Appliances 2.1
Original documentdocumentCISCO, Cisco Security Advisory: Default Password in Wireless Location Appliance (13.10.2006)

Toshiba bluetooth stack memory corruption
Published:13.10.2006
Source:
SecurityVulns ID:6714
Type:remote
Threat Level:
5/10
Description:Malformed bluetooth packet causes memory corruption.
Affected:TOSHIBA : Toshiba Bluetooth Stack 4.0
Original documentdocumentResearch, SecureWorks Research Client Advisory: Multiple Vendor Bluetooth Memory Stack Corruption Vulnerability (13.10.2006)

HP Version Control Agen unauthorized access
Published:13.10.2006
Source:
SecurityVulns ID:6715
Type:remote
Threat Level:
5/10
Original documentdocumentHP, [security bulletin] HPSBMA02158 SSRT061251 rev.1 - HP Version Control Agent, Remote Unauthorized Access and Possible Elevation of Privilege (13.10.2006)

Multiple FreeBSD vulnerabilities
Published:13.10.2006
Source:
SecurityVulns ID:6716
Type:local
Threat Level:
5/10
Description:Multiple DoS conditions. Crash on ftruncate on non-file device. sched_setscheduler() DoS.
Files:FreeBSD ftruncate DoS
 Exploits FreeBSD sched_setscheduler() DoS

BulletProof FTP client buffer overflow
Published:13.10.2006
Source:
SecurityVulns ID:6717
Type:remote
Threat Level:
5/10
Description:Buffer overflow on server reply parsing.
Affected:BPFTPSERVER : BulletProof FTP 2.45
Files:BulletProof FTP (Client) V2.45 0day Buffer Overflow PoC Exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod