Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:14.08.2007
Source:
SecurityVulns ID:8035
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:NEURONBLOG : Neuron Blog 1.1
 WORDPRESS : Pool 1.0 for Wordpress
 PHPCENTRAL : PHPCentral Login Script 1.0
 PHPCENTRAL : PHPCentral Poll Script 1.0
 JOBLISTER : JobLister 3
 EXV2DE : eXV2.de CMS 2.0
 PHPBLUEDRAGON : PHP Blue Dragon CMS 3.0
 DESKPRO : DeskPRO 3.0
CVE:CVE-2007-4482 (Cross-site scripting (XSS) vulnerability in index.php in the Pool 1.0.7 theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF).)
Original documentdocumentHackers Center Security Group, DeskPRO Admin Panel Multiple HTML Injections (14.08.2007)
 documentEmanuele Gentili, PHP Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability (0dd exploit) (14.08.2007)
 documentwebmaster_(at)_i-s-o.org, eXV2.de Browser Cookie is not properly sanitised (14.08.2007)
 documentjoseph.giron13_(at)_gmail.com, JobLister3 SQL injection vulnerabilities (14.08.2007)
 documentrizgar_(at)_linuxmail.org, Neuron Blog Admin Permission Bypass and Remote File Upload Vulnerability (14.08.2007)
 documentrizgar_(at)_linuxmail.org, PHPCentral Poll Script Remote Command Execution Vulnerability (14.08.2007)
 documentrizgar_(at)_linuxmail.org, PHPCentral Login Script Remote Command Execution Vulnerability (14.08.2007)
 documentMustLive, Vulnerability in theme Pool 1.0.7 for WordPress (14.08.2007)
Files:Exploits PHP Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability

Apache Tomcat multiple security vulnerabilities
Published:14.08.2007
Source:
SecurityVulns ID:8036
Type:remote
Threat Level:
6/10
Description:Information leak on session cookies with ' or ". Crossite scripting in Host Manager servlet.
Affected:APACHE : Tomcat 4.1
 APACHE : Tomcat 3.3
 APACHE : Tomcat 5.0
 APACHE : Tomcat 5.5
 APACHE : Tomcat 6.0
CVE:CVE-2007-3386 (Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.)
 CVE-2007-3386 (Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.)
 CVE-2007-3385 (Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.)
Original documentdocumentAPACHE, CVE-2007-3386: XSS in Host Manager (14.08.2007)
 documentAPACHE, CVE-2007-3385: Handling of \" in cookies (14.08.2007)
 documentAPACHE, CVE-2007-3382: Handling of cookies containing a ' character (14.08.2007)

CounterPath X-Lite / WengoPhone SIP softphone DoS
Published:14.08.2007
Source:
SecurityVulns ID:8037
Type:remote
Threat Level:
5/10
Description:Crash on missed Content-Type field in INVITE or MESSAGE request.
Affected:COUNTERPATH : X-Lite 3.0
 WENGOPHONE : WengoPhone 2.1
Original documentdocumentzwell_(at)_sohu.com, CounterPath X-Lite SIP phone Remote Denial of Service vulnerability (14.08.2007)
Files:X-Lite Missing Content-Type DOS PoC
 WengoPhone 2.1 Missing Content-Type DOS PoC

Xfce terminal client unescaped shell characters vulnerability
Published:14.08.2007
Source:
SecurityVulns ID:8038
Type:client
Threat Level:
5/10
Description:Shell characters are not filtered on URL processing.
Affected:XFCE : terminal 2.0
CVE:CVE-2007-3770 (The terminal_helper_execute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality.)
Original documentdocumentGENTOO, [ GLSA 200708-07 ] Xfce Terminal: Remote arbitrary code execution (14.08.2007)

Microsoft Excel memory corruption
Published:14.08.2007
Source:
SecurityVulns ID:8041
Type:client
Threat Level:
7/10
Description:Index value is not checked on Workspace parsing.
Affected:MICROSOFT : Office 2000
 MICROSOFT : Office XP
 MICROSOFT : Office 2003
CVE:CVE-2007-3890 (Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a Workspace with a certain index value that triggers memory corruption.)
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS07-044 - Critical Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965) (14.08.2007)
Files:Microsoft Security Bulletin MS07-044 - Critical Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965)

Microsoft Windows GDI code execution
updated since 14.08.2007
Published:14.08.2007
Source:
SecurityVulns ID:8043
Type:library
Threat Level:
10/10
Description:Heap buffer overflow on Windows metafiles parsing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2007-3034 (Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a heap-based buffer overflow.)
Original documentdocumentEEYE, EEYE: Windows Metafile AttemptWrite Heap Overflow (15.08.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-046 - Critical Vulnerability in GDI Could Allow Remote Code Execution (938829) (14.08.2007)
Files:icrosoft Security Bulletin MS07-046 - Critical Vulnerability in GDI Could Allow Remote Code Execution (938829)

Microsoft Windows XML core services memory corruption
updated since 14.08.2007
Published:17.08.2007
Source:
SecurityVulns ID:8039
Type:library
Threat Level:
9/10
Description:Memory corruption on XML parsing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Office 2003
 MICROSOFT : Windows Vista
 MICROSOFT : Office 2007
CVE:CVE-2007-2223 (Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow.)
Original documentdocumentAlla Bezroutchko, [Full-disclosure] MS07-042 XMLDOM substringData() PoC (17.08.2007)
 documentIDEFENSE, [Full-disclosure] iDefense Security Advisory 08.14.07: Microsoft XML Core Services XMLDOM Memory Corruption Vulnerability (15.08.2007)
 documentZDI, [Full-disclosure] ZDI-07-048: Microsoft Internet Explorer substringData() Heap Overflow Vulnerability (15.08.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-042 - Critical Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227) (14.08.2007)
Files:Microsoft Security Bulletin MS07-042 - Critical Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)

Microsoft Internet Explorer multiple security vulnerabilities
updated since 14.08.2007
Published:17.08.2007
Source:
SecurityVulns ID:8042
Type:client
Threat Level:
10/10
Description:Memory corruption on ActiveX parsing, unsafe Visual Basic ActiveX execution, Visual Basic ActiveX memory corruption.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
CVE:CVE-2007-3041 (Unspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka "ActiveX Object Memory Corruption Vulnerability.")
 CVE-2007-2216
 CVE-2007-0943 (Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing, related to use of out-of-bounds pointers.)
Original documentdocumentBrett Moore, TlbInf32 ActiveX Command Execution (17.08.2007)
 documentNSFOCUS, NSFOCUS SA2007-01 : Microsoft IE5 CSS Parsing Memory Corruption Vulnerability (16.08.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-045 - Critical Cumulative Security Update for Internet Explorer (937143) (14.08.2007)
Files:Microsoft Security Bulletin MS07-045 - Critical Cumulative Security Update for Internet Explorer (937143)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod