Computer Security
[EN] securityvulns.ru no-pyccku


OpenOffice buffer overflow
Published:14.06.2007
Source:
SecurityVulns ID:7813
Type:client
Threat Level:
6/10
Description:Ivalid dynamic memory allocation on RTF document prtdata tag parsing.
Affected:OPENOFFICE : OpenOffice 2.2
CVE:CVE-2007-2754 (Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.)
 CVE-2007-0245 (Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten.)
Original documentdocumentNGSSoftware Insight Security Research Advisory (NISR), High risk vulnerability in OpenOffice RTF parser (14.06.2007)

libgd PNG DoS
Published:14.06.2007
Source:
SecurityVulns ID:7814
Type:library
Threat Level:
5/10
Description:Resource exhaustion on PNG parsing.
Affected:GD : libgd 2.0
 PHP : PHP 4.4
 FREETYPE : freetype 2.2
 TETEX : tetex 3.0
 LIBWMF : libwmf 0.2
 PHP : PHP 5.2
CVE:CVE-2007-2756 (The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.)
Original documentdocumentMANDRIVA, [Full-disclosure] [ MDKSA-2007:122 ] - Updated gd packages fix vulnerability (14.06.2007)

Spamassasin local DoS
Published:14.06.2007
Source:
SecurityVulns ID:7816
Type:local
Threat Level:
4/10
Description:It's possible to overwrite arbitrary file.
CVE:CVE-2007-2873 (SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd.)
Original documentdocumentRPATH, [Full-disclosure] rPSA-2007-0119-1 spamassassin (14.06.2007)

Apache Tomcat crossite scripting
Published:14.06.2007
Source:
SecurityVulns ID:7815
Type:remote
Threat Level:
5/10
Description:Crossite scripting with Manager / Host Manager or JSP pages examples.
Affected:APACHE : Tomcat 4.0
 APACHE : Tomcat 4.1
 APACHE : Tomcat 5.0
 APACHE : Tomcat 5.5
 APACHE : Tomcat 6.0
CVE:CVE-2007-2450 (Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote authenticated users to inject arbitrary web script or HTML via a parameter name to manager/html/upload, and other unspecified vectors.)
 CVE-2007-2449 (Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence.)
Original documentdocumentAPACHE, [Full-disclosure] [CVE-2007-2450]: Apache Tomcat XSS vulnerability in Manager (14.06.2007)
 documentAPACHE, [Full-disclosure] [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples (14.06.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod