Computer Security
[EN] securityvulns.ru no-pyccku


PalTalk messenger ActiveX insecure methods
Published:14.07.2011
Source:
SecurityVulns ID:11786
Type:client
Threat Level:
6/10
Description:It's possible to save files into arbitrary locations.
Original documentdocumentHigh-Tech Bridge Security Research, Paltalk Messenger ActiveX Control Multiple Insecure Methods (14.07.2011)

apt GPG signature check vulnerability
Published:14.07.2011
Source:
SecurityVulns ID:11787
Type:m-i-t-m
Threat Level:
6/10
Description:GPG sugnatures are incorrectly validated.
Affected:APT : apt 0.8
CVE:CVE-2011-1829 (APT before 0.8.15.2 does not properly validate inline GPG signatures, which allows man-in-the-middle attackers to install modified packages via vectors involving lack of an initial clearsigned message.)
Original documentdocumentUBUNTU, [USN-1169-1] APT vulnerability (14.07.2011)

OpenOffice memory corruption
Published:14.07.2011
Source:
SecurityVulns ID:11788
Type:local
Threat Level:
5/10
Description:Memory corruption on .lwp files import.
Affected:OPENOFFICE : Open Office 3.2
Original documentdocumentDEBIAN, [SECURITY] [DSA 2275-1] openoffice.org security update (14.07.2011)

Sybase Advantage Server buffer overflow
updated since 04.07.2011
Published:14.07.2011
Source:
SecurityVulns ID:11758
Type:remote
Threat Level:
5/10
Description:Off-by-one overflow on TCP/6262, UDP/6262 traffic parsing. Format string vulnerability on TCP/5001 traffic processing.
Affected:SYBASE : Sybase Advantage Server 10.0
 SYBASE : Sybase Adaptive Server 15.5
Original documentdocumentLuigi Auriemma, bcksrvr format string in Sybase Adaptive Server 15.5 (14.07.2011)
 documentLuigi Auriemma, bcksrvr format string in Sybase Adaptive Server 15.5 (06.07.2011)
 documentLuigi Auriemma, Off-by-one in Sybase Advantage Server 10.0.0.3 (04.07.2011)

Wireshark sniffer DoS
updated since 14.07.2011
Published:01.08.2011
Source:
SecurityVulns ID:11789
Type:remote
Threat Level:
5/10
Description:Crash on IKE packet parsing.
Affected:WIRESHARK : Wireshark 1.5
 WIRESHARK : Wireshark 1.6
Original documentdocumentvuln_(at)_nipc.org.cn, Wireshark 1.6.1 Malformed IKE Packet Denial of Service (01.08.2011)
 documentvuln_(at)_nipc.org.cn, Wireshark 1.4.0 Malformed IKE Packet Denial of Service (14.07.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod