Computer Security
[EN] securityvulns.ru no-pyccku


Meridian Prolog Manager weak encryption
Published:13.12.2007
Source:
SecurityVulns ID:8448
Type:m-i-t-m
Threat Level:
5/10
Description:Weak username/password encryption.
Original documentdocumentProlog Error, Meridian Prolog Manager Username and Plain Text Password Disclosure (13.12.2007)

QK SMTP Server DoS
Published:13.12.2007
Source:
SecurityVulns ID:8450
Type:remote
Threat Level:
5/10
Affected:QK : QK SMTP Server 3
Original documentdocumentjplopezy_(at)_gmail.com, QK SMTP Server 3 - Denial of service (13.12.2007)

OpenOffice certificate information spoofing
Published:13.12.2007
Source:
SecurityVulns ID:8451
Type:local
Threat Level:
5/10
Description:It's possible to spoof information about certificate used for signing.
Affected:OPENOFFICE : OpenOffice 2.2
 OPENOFFICE : OpenOffice 2.3
Original documentdocumentpoehls_(at)_informatik.uni-hamburg.de, OpenOffice: Duplicated, Unprotected Certificate Information shown in Signed ODF Documents (13.12.2007)

Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.12.2007
Published:13.12.2007
Source:
SecurityVulns ID:8438
Type:client
Threat Level:
8/10
Description:Multiple memory corruptions.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
CVE:CVE-2007-5347
 CVE-2007-5344
 CVE-2007-3903 (Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript function, a different issue than CVE-2007-3902 and CVE-2007-5344, a variant of "Uninitialized Memory Corruption Vulnerability.")
 CVE-2007-3902 (Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of "Uninitialized Memory Corruption Vulnerability.")
Original documentdocumentIDEFENSE, iDefense Security Advisory 12.11.07: Microsoft Internet Explorer JavaScript setExpression Heap Corruption Vulnerability (13.12.2007)
 documentZDI, ZDI-07-073: Microsoft Internet Explorer setExpression Vulnerability (12.12.2007)
 documentZDI, ZDI-07-074: Microsoft Internet Explorer Node Manipulation Memory Corruption (12.12.2007)
 documentZDI, ZDI-07-075: Microsoft Internet Explorer Element Tags Vulnerability (12.12.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-069 - Critical Cumulative Security Update for Internet Explorer (942615) (12.12.2007)
Files:Microsoft Security Bulletin MS07-069 - Critical Cumulative Security Update for Internet Explorer (942615)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:13.12.2007
Source:
SecurityVulns ID:8441
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Rotabanner: crossite scripting
Affected:MKPORTAL : MKPortal 1.1
 WORDPRESS : WordPress 2.3
 BRAINHEAD : Brainhead 4.01
 SQUIRELMAIL : SquirrelMail GPG plugin 2.0
 SQUIRELMAIL : SquirrelMail GPG plugin 2.1
 ROUNDCUBE : RoundCube 0.1
 BITWEAVER : Bitweaver 2.0
 FALT4 : Falt4Extreme CMS RC4
 KAYAKO : Kayako SupportSuite
 HTDIG : htdig 3.2
CVE:CVE-2007-6110 (Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6 allows remote attackers to inject arbitrary web script or HTML via the sort parameter.)
Original documentdocumentSw33t.h4cK3r_(at)_hotmail.com, SQL MKPortal M1.1 Rc1 (13.12.2007)
 documentimei, SupportSuite 3.11.01~ Multiple file ~ PHP SELF XSS (13.12.2007)
 documentAbel Cheung, WordPress Charset SQL injection vulnerability (re-resend) (13.12.2007)
 documentLiquidmatrix Security Digest, Advisory: Websense XSS Vulnerability (13.12.2007)
 documentbebe_(at)_gmail.com, SQL injection - GestDownV1.00Beta (13.12.2007)
 documentmesut_(at)_h-labs.org, Falt4 CMS Security Report/Advisory (13.12.2007)
 documentnoreply_(at)_aria-security.net, bttlxeForum Multiple SQL Injection And Cross Site Scripting (13.12.2007)
 documentHackers Center Security Group, Bitweaver XSS & SQL Injection Vulnerability (13.12.2007)
 documentkingoftheworld92_(at)_fastwebnet.it, Flat PHP Board <= 1.2 Multiple Vulnerabilities (13.12.2007)
 documentTomas Kuliavas, Unsanitized scripting in RoundCube webmail (13.12.2007)
 documentTomas Kuliavas, Two vulnerabilities in SquirrelMail GPG plugin (13.12.2007)
 documentbrainheadbrainhead_(at)_gmx.de, webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability (13.12.2007)
 documentMustLive, Vulnerabilities in RotaBanner (13.12.2007)

BarracudaDrive Web Server multiple security vulnerabilities
Published:13.12.2007
Source:
SecurityVulns ID:8442
Type:remote
Threat Level:
6/10
Description:Directory traversal, script source access, dile deletion, HTML injection, DoS.
Affected:BARRACUDASERVER : BarracudaDrive 3.7
Original documentdocumentLuigi Auriemma, Multiple vulnerabilities in BarracudaDrive 3.7.2 (13.12.2007)

DosBox sandbox protection bypass
Published:13.12.2007
Source:
SecurityVulns ID:8444
Type:remote
Threat Level:
5/10
Description:Any application inside emulator can use mount command to mount any folder.
Affected:DOSBOX : DOSBox 0.72
Original documentdocumentLuigi Auriemma, Filesystem access in DOSBox 0.72 (13.12.2007)

PEAR::MDB2 information leak
Published:13.12.2007
Source:
SecurityVulns ID:8445
Type:library
Threat Level:
5/10
Description:Under some conditions it's possible to proxy requests to different objects, including local files.
CVE:CVE-2007-5934 (The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a request to store a URL string as a request to retrieve and store the contents of the URL, which might allow remote attackers to use MDB2 as an indirect proxy or obtain sensitive information via a URL into a form field in an MDB2 application, as demonstrated by a file:// URL or a URL for an intranet web site.)
Original documentdocumentGENTOO, [ GLSA 200712-05 ] PEAR::MDB2: Information disclosure (13.12.2007)

Переполнения буфера в Novell NetMail AntiVirus Agent
Published:13.12.2007
Source:
SecurityVulns ID:8446
Type:remote
Threat Level:
6/10
Description:Buffer overflow in avirus.exe via random TCP port.
Affected:NOVELL : NetMail 3.5
CVE:CVE-2007-6302 (Multiple heap-based buffer overflows in avirus.exe in Novell NetMail 3.5.2 before Messaging Architects M+NetMail 3.52f (aka 3.5.2F) allows remote attackers to execute arbitrary code via unspecified ASCII integers used as memory allocation arguments, aka "ZDI-CVE-162.")
Original documentdocumentZDI, ZDI-07-072: Novell Netmail AntiVirus Agent Multiple Overflow Vulnerabilities (13.12.2007)

Microsoft Office unsigned data
updated since 13.12.2007
Published:16.12.2007
Source:
SecurityVulns ID:8449
Type:remote
Threat Level:
4/10
Description:Metadata file and hyperlink desination is not signed on document signing.
Affected:MICROSOFT : Office 2007
Original documentdocumentpoehls_(at)_informatik.uni-hamburg.de, MS Office 2007: Target of Hyperlinks not covered by Digital Signatures (16.12.2007)
 documentpoehls_(at)_informatik.uni-hamburg.de, MS Office 2007: Digital Signature does not protect Meta-Data (13.12.2007)

HP Info Center ActiveX code execution
updated since 13.12.2007
Published:16.12.2007
Source:
SecurityVulns ID:8447
Type:client
Threat Level:
6/10
Description:Few unsafe methods are explosed.
Affected:HP : HP Quick Launch Button 6.3
CVE:CVE-2007-6333 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier, allows remote attackers to read arbitrary registry values via the arguments to the GetRegValue method.)
 CVE-2007-6332 (The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier, on Microsoft Windows before Vista allows remote attackers to create or modify arbitrary registry values via the arguments to the SetRegValue method.)
 CVE-2007-6331 (Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier allows remote attackers to execute arbitrary programs via the first argument to the LaunchApp method. NOTE: only a user-assisted attack is possible on Windows Vista.)
Original documentdocumentHP, [security bulletin] HPSBGN02298 SSRT071502 rev.1 - HP Quick Launch Button (QLB) Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access (16.12.2007)
 documentporkythepig_(at)_anspi.pl, HP notebooks remote code execution vulnerability (multiple series) (13.12.2007)

BadBlue Web server multiple security vulnerabilities
updated since 13.12.2007
Published:25.04.2008
Source:
SecurityVulns ID:8443
Type:remote
Threat Level:
6/10
Description:Buffer overflow, directory traversal, information leak, DoS.
Affected:BADBLUE : BadBlue 2.72
CVE:CVE-2007-6378 (Directory traversal vulnerability in upload.dll in BadBlue 2.72b and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the filename parameter.)
Original documentdocumentVulnerabilityResearch_(at)_digitaldefense.net, DDIVRT-2008-11 BadBlue uninst.exe DoS (25.04.2008)
 documentLuigi Auriemma, Multiple vulnerabilities in BadBlue 2.72b (13.12.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod