Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		15.06.2007
Source:
SecurityVulns ID:		7818
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		SMF : Simple Machines Forum 1.1
		SHNEWS : SH-News 3.1
		ELXIS : Elxis CMS 2006.4

Original document		edi.strosar_(at)_varnostne-novice.com, [Full-disclosure] Letterman subscriber module XSS vulnerability (15.06.2007)
		RaeD Hasadya, RFI In Script SH-News 3.1 (15.06.2007)
		RaeD Hasadya, ByPass In PortalApp (15.06.2007)
		hack2prison_(at)_yahoo.com, MIME-tools 5.411 (Entity 5.404) (15.06.2007)
		Nico Leidecker, Elxis CMS <= 2006.4 - banner module - sql injection (15.06.2007)
		ShAnKaR, уязвимости smf 1.1.2 (15.06.2007)

Files:		SMF WAV capcha breaker
Discuss:		Read or add your comments to this news (0 comments)

Apache MyFaces Tomahawk crossite scripting
Published:		15.06.2007
Source:		BUGTRAQ
SecurityVulns ID:		7817
Type:		remote
Level:		5/10
Description:		Crossite scripting on 'autoscroll' parameter.

Affected:		APACHE : MyFaces Tomahawk 1.1
CVE:		CVE-2007-3101 (Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client.)

Original document

IDEFENSE, iDefense Security Advisory 06.14.07: Apache MyFaces Tomahawk JSF Framework Cross-Site Scripting (XSS) Vulnerability (15.06.2007)

Discuss:

Read or add your comments to this news (0 comments)

Kaspersky Internet Security privilege escalation
Published:		15.06.2007
Source:		BUGTRAQ
SecurityVulns ID:		7819
Type:		local
Level:		5/10
Description:		Invalid processing of SSDT hooked functions arguments.

Affected:

KASPERSKY : Kaspersky Internet Security 6.0

Original document

Matousec - Transparent security Research, Kaspersky Multiple insufficient argument validation of hooked SSDT function Vulnerability (15.06.2007)

Discuss:

Read or add your comments to this news (0 comments)

ClamAV antivirus multiple security vulnerabilities
Published:		15.06.2007
Source:		BUGTRAQ
SecurityVulns ID:		7820
Type:		remote
Level:		7/10
Description:		Multiple buffer

Affected:		CLAMAV : ClamAV 0.90
CVE:		CVE-2007-3123 (unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to cause a denial of service (core dump) via a crafted RAR file with a modified vm_codesize value, which triggers a heap-based buffer overflow.)
		CVE-2007-3122 (The parsing engine in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to bypass scanning via a RAR file with a header flag value of 10, which can be processed by WinRAR.)
		CVE-2007-3024 (libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clamdscan, which might allow local users to read sensitive files.)
		CVE-2007-3023 (unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors.)
		CVE-2007-3022 (Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, displays the password hash for a user after a failed login attempt, which makes it easier for remote attackers to conduct brute force attacks.)

Original document

GENTOO, [Full-disclosure] [ GLSA 200706-05 ] ClamAV: Multiple Denials of Service (15.06.2007)

Discuss:

Read or add your comments to this news (0 comments)