 |
|
|
|
| Amarok multiple security vulnerabilities | | Published: |  | 14.01.2009 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 9579 | | Type: |  | client | | Level: |  | 5/10 | | Description: |  | Integer overflows, memory corruption. |
| Solaris integer overflow | | Published: | | 14.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9582 | | Type: | | local | | Level: | | 5/10 | | Description: | | Integer overflow in SYS_kaio syscall. |
| JHead multiple security vulnerabilities | | Published: | | 14.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9584 | | Type: | | local | | Level: | | 5/10 | | Description: | | Buffer overflow, symlink vulnerability, unfiltered shell characters vulnerability. |
| Affected: |  | JHEAD : JHead 2.84 | | CVE: |  | CVE-2008-4641 (The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input.) | | | | CVE-2008-4640 (The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final "z" character is replaced by a "t" character or (2) a final "t" character is replaced by a "z" character.) | | | | CVE-2008-4639 (jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.) | | | | CVE-2008-4575 (Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to "a bunch of potential string overflows.") |
| KDE Konqueror DoS | | Published: | | 14.01.2009 | | Source: | | JEREMYBROWN | | SecurityVulns ID: | | 9585 | | Type: | | client | | Level: | | 4/10 | | Description: | | Memory exhaustion on oversized SRC and HREF parameters |
| PHP popen() function buffer overflow | | Published: | | 14.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9581 | | Type: | | library | | Level: | | 5/10 | | Description: | | Buffer overflow on oversized mode argument. |
Microsoft Windows SMB multiple security vulnerabilities
updated since 13.01.2009 | | Published: | | 14.01.2009 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 9575 | | Type: | | remote | | Level: | | 9/10 | | Description: | | Buffer overflows and DoS conditions. |
| Affected: | | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server | | | | MICROSOFT : Windows Vista | | | | MICROSOFT : Windows 2008 Server | | CVE: | | CVE-2008-4835 (SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans2 request, related to "insufficiently validating the buffer size," aka "SMB Validation Remote Code Execution Vulnerability.") | | | | CVE-2008-4834 (Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans request, aka "SMB Buffer Overflow Remote Code Execution Vulnerability.") | | | | CVE-2008-4114 (srv.sys in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via an SMB WRITE_ANDX packet with an offset that is inconsistent with the packet size, related to "insufficiently validating the buffer size," as demonstrated by a request to the \PIPE\lsarpc named pipe, aka "SMB Validation Denial of Service Vulnerability.") |
| HP OpenView Network Node Manager DoS | | Published: | | 14.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9580 | | Type: | | remote | | Level: | | 5/10 |
| Zaptel privilege escalation | | Published: | | 14.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9583 | | Type: | | local | | Level: | | 5/10 | | Description: | | It's possible to overwrite kernel memory. |
| Affected: | | ZAPTEL : Zaptel 1.4 | | | | ZAPTEL : Zaptel 1.2 | | CVE: | | CVE-2008-5744 (Array index error in the dahdi/tor2.c driver in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to an incorrect tor2 patch for CVE-2008-5396 that uses the wrong variable in a range check against the value of lc->sync.) | | | | CVE-2008-5396
|
RIM BlackBerry Enterprise Server buffer overflow
updated since 13.01.2009 | | Published: | | 14.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9577 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow on PDF attachments. |
|
|
|
|
|
|
|
|
