Search:Vulnerability:14.08.2007 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 14.08.2007
Source:
SecurityVulns ID: 8035
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: NEURONBLOG : Neuron Blog 1.1
WORDPRESS : Pool 1.0 for Wordpress
PHPCENTRAL : PHPCentral Login Script 1.0
PHPCENTRAL : PHPCentral Poll Script 1.0
JOBLISTER : JobLister 3
EXV2DE : eXV2.de CMS 2.0
PHPBLUEDRAGON : PHP Blue Dragon CMS 3.0
DESKPRO : DeskPRO 3.0
CVE: CVE-2007-4482 (Cross-site scripting (XSS) vulnerability in index.php in the Pool 1.0.7 theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF).)

Original document Hackers Center Security Group, DeskPRO Admin Panel Multiple HTML Injections (14.08.2007)

Emanuele Gentili, PHP Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability (0dd exploit) (14.08.2007)

webmaster_(at)_i-s-o.org, eXV2.de Browser Cookie is not properly sanitised (14.08.2007)

document joseph.giron13_(at)_gmail.com, JobLister3 SQL injection vulnerabilities (14.08.2007)

rizgar_(at)_linuxmail.org, Neuron Blog Admin Permission Bypass and Remote File Upload Vulnerability (14.08.2007)

rizgar_(at)_linuxmail.org, PHPCentral Poll Script Remote Command Execution Vulnerability (14.08.2007)

document rizgar_(at)_linuxmail.org, PHPCentral Login Script Remote Command Execution Vulnerability (14.08.2007)

MustLive, Vulnerability in theme Pool 1.0.7 for WordPress (14.08.2007)

Files: Exploits PHP Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability
Discuss: Read or add your comments to this news (0 comments)

Xfce terminal client unescaped shell characters vulnerability
Published: 14.08.2007
Source: BUGTRAQ
SecurityVulns ID: 8038
Type: client
Level: 5/10
Description: Shell characters are not filtered on URL processing.

Affected: XFCE : terminal 2.0
CVE: CVE-2007-3770 (The terminal_helper_execute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality.)

Original document GENTOO, [ GLSA 200708-07 ] Xfce Terminal: Remote arbitrary code execution (14.08.2007)

Discuss: Read or add your comments to this news (0 comments)

Microsoft Excel memory corruption
Published: 14.08.2007
Source: MICROSOFT
SecurityVulns ID: 8041
Type: client
Level: 7/10
Description: Index value is not checked on Workspace parsing.

Affected: MICROSOFT : Office 2000
MICROSOFT : Office XP
MICROSOFT : Office 2003
CVE: CVE-2007-3890 (Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a Workspace with a certain index value that triggers memory corruption.)

Original document MICROSOFT, Microsoft Security Bulletin MS07-044 - Critical Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965) (14.08.2007)

Files: Microsoft Security Bulletin MS07-044 - Critical Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965)
Discuss: Read or add your comments to this news (0 comments)

Apache Tomcat multiple security vulnerabilities
Published: 14.08.2007
Source: BUGTRAQ
SecurityVulns ID: 8036
Type: remote
Level: 6/10
Description: Information leak on session cookies with ' or ". Crossite scripting in Host Manager servlet.

Affected: APACHE : Tomcat 4.1
APACHE : Tomcat 3.3
APACHE : Tomcat 5.0
APACHE : Tomcat 5.5
APACHE : Tomcat 6.0
CVE: CVE-2007-3386 (Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.)
CVE-2007-3386 (Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.)
CVE-2007-3385 (Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks.)

Original document APACHE, CVE-2007-3386: XSS in Host Manager (14.08.2007)

APACHE, CVE-2007-3385: Handling of \" in cookies (14.08.2007)

APACHE, CVE-2007-3382: Handling of cookies containing a ' character (14.08.2007)

Discuss: Read or add your comments to this news (0 comments)

CounterPath X-Lite / WengoPhone SIP softphone DoS
Published: 14.08.2007
Source: BUGTRAQ
SecurityVulns ID: 8037
Type: remote
Level: 5/10
Description: Crash on missed Content-Type field in INVITE or MESSAGE request.

Affected: COUNTERPATH : X-Lite 3.0
WENGOPHONE : WengoPhone 2.1

Original document zwell_(at)_sohu.com, CounterPath X-Lite SIP phone Remote Denial of Service vulnerability (14.08.2007)

Files: X-Lite Missing Content-Type DOS PoC
WengoPhone 2.1 Missing Content-Type DOS PoC
Discuss: Read or add your comments to this news (0 comments)

Microsoft Windows GDI code execution
updated since 14.08.2007
Published: 14.08.2007
Source: MICROSOFT
SecurityVulns ID: 8043
Type: library
Level: 10/10
Description: Heap buffer overflow on Windows metafiles parsing.

Affected: MICROSOFT : Windows 2000 Server
MICROSOFT : Windows 2000 Professional
MICROSOFT : Windows XP
MICROSOFT : Windows 2003 Server
CVE: CVE-2007-3034 (Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a heap-based buffer overflow.)

Original document EEYE, EEYE: Windows Metafile AttemptWrite Heap Overflow (15.08.2007)

MICROSOFT, Microsoft Security Bulletin MS07-046 - Critical Vulnerability in GDI Could Allow Remote Code Execution (938829) (14.08.2007)

Files: icrosoft Security Bulletin MS07-046 - Critical Vulnerability in GDI Could Allow Remote Code Execution (938829)
Discuss: Read or add your comments to this news (0 comments)

Microsoft Windows OLE Automation memory corruption
updated since 14.08.2007
Published: 15.08.2007
Source: MICROSOFT
SecurityVulns ID: 8040
Type: client
Level: 6/10
Description: Memory corruption on embedded objects processing.

Affected: MICROSOFT : Windows 2000 Server
MICROSOFT : Windows 2000 Professional
MICROSOFT : Windows XP
MICROSOFT : Windows 2003 Server
CVE: CVE-2007-2224

Original document ZDI, [Full-disclosure] ZDI-07-048: Microsoft Internet Explorer substringData() Heap Overflow Vulnerability (15.08.2007)

MICROSOF, Microsoft Security Bulletin MS07-043 - Critical Vulnerability in OLE Automation Could Allow Remote Code Execution (921503) (14.08.2007)

Files: Microsoft Security Bulletin MS07-043 - Critical Vulnerability in OLE Automation Could Allow Remote Code Execution (921503)
Discuss: Read or add your comments to this news (0 comments)

Microsoft Internet Explorer multiple security vulnerabilities
updated since 14.08.2007
Published: 17.08.2007
Source: MICROSOFT
SecurityVulns ID: 8042
Type: client
Level: 10/10
Description: Memory corruption on ActiveX parsing, unsafe Visual Basic ActiveX execution, Visual Basic ActiveX memory corruption.

Affected: MICROSOFT : Windows 2000 Server
MICROSOFT : Windows 2000 Professional
MICROSOFT : Windows XP
MICROSOFT : Windows 2003 Server
MICROSOFT : Windows Vista
CVE: CVE-2007-3041 (Unspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka "ActiveX Object Memory Corruption Vulnerability.")
CVE-2007-2216
CVE-2007-0943

Original document Brett Moore, TlbInf32 ActiveX Command Execution (17.08.2007)

NSFOCUS, NSFOCUS SA2007-01 : Microsoft IE5 CSS Parsing Memory Corruption Vulnerability (16.08.2007)

MICROSOFT, Microsoft Security Bulletin MS07-045 - Critical Cumulative Security Update for Internet Explorer (937143) (14.08.2007)

Files: Microsoft Security Bulletin MS07-045 - Critical Cumulative Security Update for Internet Explorer (937143)
Discuss: Read or add your comments to this news (0 comments)

Microsoft Windows XML core services memory corruption
updated since 14.08.2007
Published: 17.08.2007
Source: MICROSOFT
SecurityVulns ID: 8039
Type: library
Level: 9/10
Description: Memory corruption on XML parsing.

Affected: MICROSOFT : Windows 2000 Server
MICROSOFT : Windows 2000 Professional
MICROSOFT : Windows XP
MICROSOFT : Windows 2003 Server
MICROSOFT : Office 2003
MICROSOFT : Windows Vista
MICROSOFT : Office 2007
CVE: CVE-2007-2223

Original document Alla Bezroutchko, [Full-disclosure] MS07-042 XMLDOM substringData() PoC (17.08.2007)

IDEFENSE, [Full-disclosure] iDefense Security Advisory 08.14.07: Microsoft XML Core Services XMLDOM Memory Corruption Vulnerability (15.08.2007)

ZDI, [Full-disclosure] ZDI-07-048: Microsoft Internet Explorer substringData() Heap Overflow Vulnerability (15.08.2007)

document MICROSOFT, Microsoft Security Bulletin MS07-042 - Critical Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227) (14.08.2007)

Files: Microsoft Security Bulletin MS07-042 - Critical Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)
Discuss: Read or add your comments to this news (0 comments)