Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
Published:		14.12.2005
Source:
SecurityVulns ID:		5527
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		PHPCOIN : phpCOIN 1.2
		ADPFORUM : ADP Forum 2.0
		VCDDB : VCD-db 0.98
		LINKUPGOLD : Link Up Gold 2.5
		JAMIT : Jamit Job Board 2.4
		MYSQLAUCTION : MySQL Auction 3.0
		ADMANAGERPRO : Ad Manager Pro 2.0
		QUICKPAYPRO : QuickPayPro 3.1
		CARTKEEPER : CKGOLD
		WHMC : WHMCompleteSolution 2.1
		DREAMLEVEL : DreamPoll 3.0
		PROJECTFORUM : ProjectForum 4.7
		WIKKAWIKI : Wikkawiki 1.1

Original document		r0t, VCD-db vuln. (14.12.2005)
		r0t, Link Up Gold vuln. (14.12.2005)
		r0t, Ad Manager Pro SQL vuln. (14.12.2005)
		r0t, Jamit Job Board 2.4.x SQL inj. (14.12.2005)
		r0t, MySQL Auction XSS vuln. (14.12.2005)
		r0t, QuickPayPro™ 3.1 Multiple vuln. (14.12.2005)
		r0t, CKGOLD XSS vuln. (14.12.2005)
		r0t, WHMCompleteSolution XSS vuln. (14.12.2005)
		r0t, DreamPoll SQL inj. (14.12.2005)
		r0t, ProjectForum 4.7.0 vuln. (14.12.2005)
		r0t, WikkaWiki XSS vuln. (14.12.2005)
		retrogod_(at)_aliceposta.it, phpCOIN 1.2.2 multiple vulnerabilities (14.12.2005)
		:) :), ADP Forum 2.0,ADP Forum 2.0.1,ADP Forum 2.0.2,ADP Forum 2.0.3 versiyon user md5 hash bug (14.12.2005)

Discuss:

Read or add your comments to this news (0 comments)

Microsoft Windows 2000 kernel Asynchronous Procedure Call privilege escalation
Published:		14.12.2005
Source:		MICROSOFT
SecurityVulns ID:		5529
Type:		local
Level:		7/10
Description:		Double removal of structure from linked list allows memory manipulation.

Affected:		MICROSOFT : Windows 2000 Server
		MICROSOFT : Windows 2000 Professional

Original document		MICROSOFT, Microsoft Security Bulletin MS05-055 Vulnerability in Windows Kernel Could Allow Elevation of Privilege (908523) (14.12.2005)
		EEYE, [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability (14.12.2005)

Files:		MS05-055 Windows Kernel APC Data-Free Local Privilege Escalation exploits
		Microsoft Security Bulletin MS05-055 Vulnerability in Windows Kernel Could Allow Elevation of Privilege
Discuss:		Read or add your comments to this news (0 comments)

Multiple Microsoft Internet Explorer vulnerabilities updated since 14.12.2005
Published:		16.12.2005
Source:		CERT
SecurityVulns ID:		5528
Type:		client
Level:		7/10
Description:		Code execution, memory corruption, download dialog manipulation, unencrypted HTTPS proxy data leak.

Affected:		MICROSOFT : Internet Explorer 5.5
		MICROSOFT : Internet Explorer 6.0

Original document		SECUNIA, Secunia Research: Microsoft Internet Explorer Keyboard Shortcut Processing Vulnerability (16.12.2005)
		MICROSOFT, Microsoft Security Bulletin MS05-054 Cumulative Security Update for Internet Explorer (905915) (14.12.2005)
		SECUNIA, Secunia Research: Internet Explorer Suppressed "Download Dialog" Vulnerability (14.12.2005)
		CERT, US-CERT Technical Cyber Security Alert TA05-347A -- Microsoft Internet Explorer Vulnerabilities (14.12.2005)

Files:		Microsoft Security Bulletin MS05-054 Cumulative Security Update for Internet Explorer (905915)
Discuss:		Read or add your comments to this news (1 comments)