 |
|
|
|
| Internet Explorer cookie spoofing | | Published: |  | 15.11.2004 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 4189 | | Type: |  | remote | | Level: |  | 4/10 | | Description: |  | Under certain conditions it's possible to change cookie path. |
| Webroot Spy Sweeper weak encryption | | Published: | | 15.11.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4190 | | Type: | | local | | Level: | | 5/10 | | Description: | | Password is stored in registry uencrypted. |
| Affected: |  | WEBROOT : Spy Sweeper 3.2 | | CVE: |  | CVE-2006-6959 (WebRoot Spy Sweeper 4.5.9 and earlier allows local users to bypass the "Startup-Shield" security restrictions by modifying certain registry keys.) |
| NetNote DoS | | Published: | | 15.11.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4191 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Malcrafted string to TCP/6123 causes program to crash. |
Attachment spoofing code execution in Eudora
updated since 28.05.2003 | | Published: | | 15.11.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 2847 | | Type: | | client | | Level: | | 5/10 | | Description: | | If "attach" and "attach.exe" co-exist in message and "attach" is clicked, "attach.exe" will be silently executed instead. |
SAMBA buffer overflow
updated since 15.11.2004 | | Published: | | 16.11.2004 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 4192 | | Type: | | remote | | Level: | | 5/10 | | Description: | | By setting small buffer in TRANSACT2_QFILEPATHINFO it's possible to cause dynamic memory buffer overflow on oversized path. |
CGI bugs
updated since 15.11.2004 | | Published: | | 19.11.2004 | | Source: | | | | SecurityVulns ID: | | 4188 | | Type: | | remote | | Level: | | 5/10 |
| Original document |  | SECUNIA, [SA13236] ClickandBuild Constructed Store "listPos" Cross-Site Scripting Vulnerability (19.11.2004) |
| | | SECUNIA, [SA13241] phpMyAdmin Cross-Site Scripting Vulnerabilities (19.11.2004) |
| | | SECURITEAM, [NT] DUGallery Database disclosure (19.11.2004) |
| | | saudi linux, AppServ 2.5.x and Prior Exploit (19.11.2004) |
| | | Alexander Anisimov, [MaxPatrol] SQL-injection in Invision Power Board 2.x (19.11.2004) |
| | | Andrew Smith, [Full-Disclosure] Click and Build eCommerce Platform Cross Site Scripting (18.11.2004) |
| | | SECUNIA, [SA13206] phpScheduleIt Reservation Manipulation Vulnerability (17.11.2004) |
| | | Janek Vind, [waraxe-2004-SA#038 - Multiple vulnerabilities in Event Calendar module for PhpNuke] (17.11.2004) |
| | | SECUNIA, [SA13201] PunBB Private Message System Module Two Vulnerabilities (16.11.2004) |
| | | SECUNIA, [SA13202] Aztek Forum Cross-Site Scripting Vulnerabilities (16.11.2004) |
| | | Alex Lanstein, XSS in TheFaceBook round 2 (16.11.2004) |
| | | Alex Lanstein, Multiple XSS holes in TheFaceBook (15.11.2004) |
| | | Jérôme ATHIAS, SQL Injection in phpBT (bug.php - Add) (15.11.2004) |
IPSwitch IMAIL Mail server IMAP buffer overflow
updated since 15.11.2004 | | Published: | | 11.03.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4193 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Buffer overflow in IMAP DELETE and EXAMINE commands. |
|
|
|
|
|
|
|
|
