Computer Security
[EN] securityvulns.ru no-pyccku


HP OpenVMS privilege escalation
Published:15.09.2008
Source:
SecurityVulns ID:9292
Type:local
Threat Level:
5/10
Description:Privilege escalation with SMGRTL library.
Affected:HP : OpenVMS 7.3
 HP : OpenVMS 8.2
 HP : OpenVMS 8.3
CVE:CVE-2008-3540
Original documentdocumentHP, [security bulletin] HPSBOV02364 SSRT080078 rev.1 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access (15.09.2008)

Avant Browser DoS
Published:15.09.2008
Source:
SecurityVulns ID:9291
Type:remote
Threat Level:
5/10
Description:Integer overflow on Javascript handling.
Affected:AVANT : Avant Browser 11.7
Original documentdocumentGuns_(at)_0x90.com.ar, Avant Browser <= 11.7 Build 9 Integer Denial Of Service Exploit (15.09.2008)
Files:Avant Browser <= 11.7 Build 9 Integer Denial Of Service Exploit

Unreal game engine multiple security vulnerabilities
updated since 15.09.2008
Published:16.09.2008
Source:
SecurityVulns ID:9289
Type:remote
Threat Level:
5/10
Description:Server integer overflow, client format string vulnerability.
Affected:UNREAL : Unreal Tournament 2003
 UNREAL : Unreal Tournament 3 1.3
 FUELOFWAR : Fuel of War 1.1
Original documentdocumentaluigi_(at)_autistici.or, Failed assertion in the Unreal engine (16.09.2008)
 documentLuigi Auriemma, Clients format strings in the Unreal engine (15.09.2008)
 documentLuigi Auriemma, Server termination in the Unreal engine 3 (15.09.2008)
Files:Exploits server termination in Unreal engine 3
 Exploits Client format string in Unreal engine
 Unreal engine test server

Trend Micro OfficeScan buffer overflow
updated since 15.09.2008
Published:29.10.2008
Source:
SecurityVulns ID:9290
Type:remote
Threat Level:
5/10
Description:Buffer overflow in cgiRecvFile.exe Web component.
Affected:TM : OfficeScan 7.3
CVE:CVE-2008-3862 (Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data, related to "parsing CGI requests.")
 CVE-2008-2437 (Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeScan 7.3 patch 4 build 1362 and other builds, OfficeScan 8.0 and 8.0 SP1, and Client Server Messaging Security 3.6 allows remote attackers to execute arbitrary code via an HTTP request containing a long ComputerName parameter.)
Original documentdocumentSECUNIA, Secunia Research: Trend Micro OfficeScan CGI Parsing Buffer Overflows (29.10.2008)
 documentSECUNIA, Secunia Research: Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow (15.09.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod