 |
|
|
|
| xzgv integer overflow | | Published: |  | 15.12.2004 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 4255 | | Type: |  | client | | Level: |  | 5/10 | | Description: |  | read_prf_file() integer overflow |
| Affected: |  | ZGV : xzgv 0.8 |
| Original document |  | IDEFENSE, iDEFENSE Security Advisory 12.13.04 - Multiple Vendor xzgv PRF Parsing Integer Overflow Vulnerability (15.12.2004) |
| Multiple WinAmp memory corruptions | | Published: | | 15.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4256 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Multiple memory corruptions. |
| Affected: | | NULLSOFT : WinAMP 5.07 |
| Original document | | b0f www . b0f . net, Winamp 5.07 (latest version) Remote Crash + other stupid shizle (15.12.2004) |
| Symantec LiveUpdate privilege escalation | | Published: | | 15.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4257 | | Type: | | local | | Level: | | 6/10 |
| Affected: | | SYMANTEC : Norton Internet Security 2003 | | | | SYMANTEC : Norton AntiVirus 2002 | | | | SYMANTEC : Norton Internet Security 2004 | | | | SYMANTEC : Norton AntiVirus 2003 | | | | SYMANTEC : Norton Internet Security 2002 | | | | SYMANTEC : Norton Antivirus 2004 | | | | SYMANTEC : Norton SytemWorks 2001 | | | | SYMANTEC : Norton SytemWorks 2002 | | | | SYMANTEC : Norton SytemWorks 2003 | | | | SYMANTEC : Norton SytemWorks 2004 | | | | SYMANTEC : Norton AntiVirus 2001 | | | | SYMANTEC : Norton Internet Security 2001 |
| Original document | | Secure Network Operations, Inc., Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory (15.12.2004) |
| Multiple linux kernel IGMP processing bugs | | Published: | | 15.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4258 | | Type: | | remote | | Level: | | 6/10 | | Description: | | DoS, kernel memory access. |
| Affected: | | LINUX : kernel 2.4 | | | | LINUX : kernel 2.6 |
| Original document | | Paul Starzetz, Linux kernel IGMP vulnerabilities (15.12.2004) |
| Linux kernel __scm_send DoS | | Published: | | 15.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4259 | | Type: | | local | | Level: | | 5/10 | | Description: | | Race conditions leading to deadlock. |
| Affected: | | LINUX : kernel 2.4 | | | | LINUX : kernel 2.6 |
| Original document | | Paul Starzetz, Linux kernel scm_send local DoS (15.12.2004) |
| Adobe Acrobat Readed buffer overflow | | Published: | | 15.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4260 | | Type: | | client | | Level: | | 6/10 | | Description: | | Buffer overflow in mailListIsPdf() function. |
| Affected: | | ADOBE : Acrobat Reader 5.0 |
| Original document | | IDEFENSE, iDEFENSE Security Advisory 12.14.04 - Adobe Acrobat Reader 5.0.9 mailListIsPdf() Buffer Overflow Vulnerability (15.12.2004) |
Opera 7 multiple bugs
updated since 04.02.2003 | | Published: | | 15.12.2004 | | Source: | | NTBUGTRAQ | | SecurityVulns ID: | | 2571 | | Type: | | client | | Level: | | 7/10 | | Description: | | Crossite scripting (including local zone), local files access, mail access, user activity tracking, etc. Buffer overflow. Directory traversal. Files overwriting. Local files access with Location overwriting. Multiple Java bugs. |
| Affected: | | OPERA : Opera 7 | | | | OPERA : Opera 6.05 | | | | OPERA : Opera 7.01 | | | | OPERA : Opera 7.02 | | | | OPERA : Opera 6.06 | | | | OPERA : Opera 7.10 | | | | OPERA : Opera 7.11 | | | | OPERA : Opera 7.20 | | | | OPERA : Opera 7.21 | | | | OPERA : Opera 7.22 | | | | OPERA : Opera 7.23 | | | | OPERA : Opera 7.53 | | | | OPERA : Opera 7.54 |
| Original document | | Giovanni Delvecchio, [ZH2004-19SA] Possible execution of remote shell commands in Opera with kfmclien (15.12.2004) |
| | | Marc Schönefeld, Java Vulnerabilities in Opera 7.54 (22.11.2004) |
| | | GreyMagic Software, Opera Local File/Directory Detection (GM#009-OP) (19.08.2004) |
| | | GreyMagic Software, Opera: Location, Location, Location (06.08.2004) |
| | | GreyMagic Software, Opera: Location, Location, Location (06.08.2004) |
| | | Jakob Balle, Re: [Full-Disclosure] iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability (13.05.2004) |
| | | IDEFENSE, [Full-Disclosure] iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability (13.05.2004) |
| | | nesumin, [Opera 7] Arbitrary File Delete Vulnerability (24.12.2003) |
| | | nesumin, [Opera 7] Arbitrary File Delete Vulnerability (15.12.2003) |
| | | nesumin, [Opera 7] Arbitrary File Auto-Saved Vulnerability. (24.11.2003) |
| | | Jouko Pynnonen, [Full-Disclosure] Opera directory traversal and buffer overflow (22.11.2003) |
| | | S G Masood, Opera Directory Traversal in Internal URI Protocol (Advisory) (13.11.2003) |
| | | S G Masood, Opera Skinned & Opera Directory Traversal (Additional Details & a Simple Exploit) (13.11.2003) |
| | | S G Masood, Opera Skinned : Arbitrary File Dropping And Execution (Advisory) (13.11.2003) |
| | | L0PHT, Opera HREF escaped server name overflow (23.10.2003) |
| | | nesumin, [Opera 7] Five DoS codes on general web sites (01.07.2003) |
| | | Breakp0int, Buffer overflow (15.05.2003) |
| | | Jakob Balle, Secunia Research: Opera browser filename extension buffer overflows (13.05.2003) |
| | | nesumin, [Opera 7] Yet Another Story of "Phantom of the Opera" (29.04.2003) |
| | | nesumin, [Opera 7/6] Long File Extension Heap Buffer Overrun Vulnerability in Download. (29.04.2003) |
| | | David F.Madrid, Unchecked Buffer in Opera 7.02 (08.04.2003) |
| | | idoru_(at)_VIDEOSOFT.NET.UY, Using Java from Javascript (05.04.2003) |
| | | nesumin, [Opera 7/6] Long Filename Buffer Overflow Vulnerability in Download (12.03.2003) |
| | | Jakob Balle, Secunia Research: Opera browser Cross Site Scripting (26.02.2003) |
| | | nesumin, Opera Username Buffer Overflow Vulnerability (11.02.2003) |
| | | Marc Schönefeld, Java-Applet crashes Opera 6.05 and 7.01 (11.02.2003) |
| | | GreyMagic Software, Sniffing Opera's Tracks (GM#006-OP) (04.02.2003) |
| | | GreyMagic Software, Opera: What's Next (GM#005-OP) (04.02.2003) |
| | | GreyMagic Software, Opera Images (GM#004-OP) (04.02.2003) |
| | | GreyMagic Software, Phantom of the Opera (GM#003-OP) (04.02.2003) |
| | | GreyMagic Software, Opera's Security Model is Highly Vulnerable (GM#002-OP) (04.02.2003) |
| Microsoft WordPad buffer overflow | | Published: | | 15.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4262 | | Type: | | local | | Level: | | 6/10 | | Description: | | Buffer overflow during Word 95/6.0 documents conversion. |
| Affected: | | MICROSOFT : Windows NT 4.0 Workstation | | | | MICROSOFT : Windows NT 4.0 Server | | | | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | | | MICROSOFT : Windows 98 | | | | MICROSOFT : Windows ME | | | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server |
| Original document | | MICROSOFT, Microsoft Security Bulletin MS04-041 Vulnerability in WordPad Could Allow Code Execution (885836) (15.12.2004) |
| | | IDEFENSE, iDEFENSE Security Advisory 12.14.04 - Microsoft Word 6.0/95 Document Converter Buffer Overflow Vulnerability (15.12.2004) |
| HyperTerminal buffer overflow | | Published: | | 15.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4263 | | Type: | | client | | Level: | | 5/10 | | Description: | | Buffer overflow on .ht files parsing. |
| Affected: | | MICROSOFT : Windows NT 4.0 Workstation | | | | MICROSOFT : Windows NT 4.0 Server | | | | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server |
| Original document | | Brett Moore, HyperTerminal - Buffer Overflow In .ht File (15.12.2004) |
| Multiple Microsoft Windows NT 4.0 DHCP bugs | | Published: | | 15.12.2004 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 4265 | | Type: | | remote | | Level: | | 6/10 | | Description: | | DoS, buffer overflow. |
| Affected: | | MICROSOFT : Windows NT 4.0 Server |
| Original document | | MICROSOFT, Microsoft Security Bulletin MS04-042 Vulnerability in DHCP Could Allow Remote Code Execution and Denial of Service (885249) (15.12.2004) |
Microsoft WINS server memory corruption
updated since 29.11.2004 | | Published: | | 15.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4224 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Bug in replication protocol handling allows code execution. |
| Affected: | | MICROSOFT : Windows NT 4.0 Server | | | | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2003 Server |
| Original document | | MICROSOFT, Microsoft Security Bulletin MS04-045 Vulnerability in WINS Could Allow Remote Code Execution (870763) (15.12.2004) |
| | | SECURITEAM, [NT] WINS Replication Remote Vulnerability (29.11.2004) |
CGI bugs
updated since 15.12.2004 | | Published: | | 18.12.2004 | | Source: | | | | SecurityVulns ID: | | 4254 | | Type: | | remote | | Level: | | 5/10 |
| Affected: | | PHPGROUPWARE : phpGroupWare 0.9 | | | | PHPBB : phpBB 1.4 | | | | IKONBOARD : Ikonboard 3.1 | | | | SINGAPORE : singapore 0.9 | | | | GADUGADU : Gadu-Gadu 6.0 | | | | WORDPRESS : WordPress 1.2 | | | | PHPMYADMIN : phpMyAdmin 2.6 | | | | MONIWIKI : MoniWiki 1.0 | | | | SUGARCRM : SugarSales 2.0 | | | | PHPBB : phpBB Attachment Mod 2.3 | | | | ASPCALENDAR : ASP Calendar | | | | USEMODEWIKI : UseModWiki 1.0 | | | | ASP-RIDER : ASP-rider | | | | GNUBOARD : GNUBoard 3.39 | | | | JSBOARD : JSBoard 1.3 | | | | JSBOARD : jsboard 2.0 | | | | INFOPOP : UBB.Thread 6.2 | | | | INFOPOP : UBB.Thread 6.5 | | | | PHPDIG : PhpDig 1.8 | | | | WINMAIL : WinMail 4.0 | | | | PHPLIVE : PHP Live! 2.8 | | | | IWEBNEGAR : iWebNegar 1.0 | | | | 68DESIGNS : Froogle 1.0 |
| Original document | | SECUNIA, [SA13504] 68 Designs Froogle Installation Security Issue (18.12.2004) |
| | | Jaroslaw Sajko, Gadu-Gadu, another two bugs (18.12.2004) |
| | | SECUNIA, [SA13485] iWebNegar "string" SQL Injection Vulnerability (17.12.2004) |
| | | SECUNIA, [SA13420] PHP Live! Unspecified Vulnerability (17.12.2004) |
| | | SECUNIA, [SA13438] Winmail Server Installation Path Disclosure Weakness (17.12.2004) |
| | | SECUNIA, [SA13422] PhpDig Unspecified Vulnerability (17.12.2004) |
| | | chewkeong_(at)_security.org.sg, [SIG^2 G-TEC] singapore Image Gallery Web Application v0.9.10 Multiple Vulnerabilities (17.12.2004) |
| | | gp, [Full-Disclosure] Multiple XSS Vulnerabilities in several UBB.Thread Versions (17.12.2004) |
| | | Thomas Waldegger, Multiple XSS Vulnerabilities in Wordpress 1.2.1 (16.12.2004) |
| | | Alexander Anisimov, [MaxPatrol] SQL-injection in Ikonboard 3.1.x (16.12.2004) |
| | | SSR Team, STG Security Advisory: [SSA-20041215-17] Vulnerability of uploading files with multiple extensions in JSBoard (16.12.2004) |
| | | SSR Team, STG Security Advisory: [SSA-20041215-15] Vulnerability of uploading files with multiple extensions in MoniWiki (16.12.2004) |
| | | shervin khaleghjou, iwebnegar is vulnerable to all kind of sql injections (16.12.2004) |
| | | SSR Team, STG Security Advisory: [SSA-20041214-14] GNUBoard PHP injection vulnerability (16.12.2004) |
| | | JeiAr, Multiple phpGroupWare Vulnerabilities [ phpGroupWare 0.9.16.003 && Earlier ] (15.12.2004) |
| | | shervin khaleghjou, ASP-rider is vulnerable to sql injection attack (15.12.2004) |
| | | SSR Team, STG Security Advisory: [SSA-20041209-13] UseModWiki XSS vulnerability (15.12.2004) |
| | | ali reza AcTiOnSpIdEr, ASP Calendar Vulnerability <www.ashiyane.com> (15.12.2004) |
| | | Paul Laudanski, phpBB Attachment Mod Directory Traversal HTTP POST Injection (15.12.2004) |
| | | Nicolas Gregoire, Multiple vulnerabilities in phpMyAdmin (15.12.2004) |
| | | Jaroslaw Sajko, Gadu-Gadu several vulnerabilities (15.12.2004) |
| | | Daniel Fabian, SugarSales Multiple Vulnerabilities (15.12.2004) |
Multiple Linux kernel bugs
updated since 15.12.2004 | | Published: | | 25.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4261 | | Type: | | local | | Level: | | 7/10 | | Description: | | DoS, privilege escalation, buffer overflow on 32bit calls emulation under 64bit platforms. |
| |
|
| |
