Computer Security
[EN] securityvulns.ru no-pyccku


ClamAV antivirus multiple security vulnerabilities
updated since 15.04.2008
Published:16.04.2008
Source:
SecurityVulns ID:8909
Type:remote
Threat Level:
7/10
Description:Endless loop on ARJ files handling. Heap buffer overflow on WWPack'ed and PeSpin'ed PE files.
Affected:CLAMAV : ClamAV 0.92
CVE:CVE-2008-1387
Original documentdocumentIDEFENSE, [Full-disclosure] iDefense Security Advisory 04.14.08: ClamAV libclamav PeSpin Heap Overflow Vulnerability (16.04.2008)
 documentIDEFENSE, iDefense Security Advisory 04.14.08: ClamAV libclamav PE WWPack Heap Overflow Vulnerability (16.04.2008)
 documentHanno Bock, [Full-disclosure] clamav: Endless loop / hang with crafter arj, CVE-2008-1387 (15.04.2008)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:16.04.2008
Source:
SecurityVulns ID:8911
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Trashbin plugin for Wordpress: crossite scripting.
Affected:DREAM4 : Koobi CMS 4.2
 DREAM4 : Koobi CMS 4.3
 TRASHBIN : Trashbin 0.1 plugin for Wordpress
 DREAM4 : Koobi Pro 6.25
 CARBONCOMMUNITIE : Carbon Communities forum 2.4
Original documentdocumentadmin_(at)_bugreport.ir, Carbon Communities forum Multiple Vulnerabilities. (16.04.2008)
 documentwin32.exe_(at)_w.cn, remote file include (16.04.2008)
 documentSabun_(at)_hotmail.com, Koobi Pro 6.25 poll Remote SQL Injection Vulnerability (16.04.2008)
 documentJose Luis Góngora Fernández, Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities (16.04.2008)
 documentMustLive, Vulnerability in Trashbin (16.04.2008)

DivX Player buffer overflow
Published:16.04.2008
Source:
SecurityVulns ID:8912
Type:client
Threat Level:
6/10
Description:Buffer overflow on .SRT subtitile files parsing.
Affected:DIVX : DivX Player 4.7
Original documentdocumentsecurfrog_(at)_gmail.com, DIVX Player <= 6.7.0 Buffer Overflow PoC ( .SRT ) (16.04.2008)
Files:DIVX Player <= 6.7.0 Buffer Overflow PoC ( .SRT )

ICQ buffer overflow
Published:16.04.2008
Source:
SecurityVulns ID:8913
Type:client
Threat Level:
7/10
Description:Buffer overflow on status message parsing.
Affected:ICQ : ICQ 6
Original documentdocumentinfocus, [Full-disclosure] [INFIGO-2008-04-08]: ICQ 6 remote buffer overflow vulnerability (16.04.2008)

IBM DB2 database server multiple security vulnerabilities
updated since 16.04.2008
Published:20.04.2008
Source:
SecurityVulns ID:8915
Type:local
Threat Level:
6/10
Description:Privilege escalation with administration utility, db2dasStartStopFMDaemon buffer overflow. JAR files DoS. Code execution with ADMIN_SP_C/ADMIN_SP_C2. Arbitrary files overwrite with SYSPROC.NNSTAT.
Affected:IBM : DB2 9.1
CVE:CVE-2007-5758
 CVE-2007-5664
Original documentdocumentSHATTER, Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary code execution in ADMIN_SP_C/ADMIN_SP_C2 procedures (20.04.2008)
 documentSHATTER, Team SHATTER Security Advisory: IBM DB2 UDB Arbitrary file overwrite in SYSPROC.NNSTAT procedure (20.04.2008)
 documentSHATTER, Team SHATTER Security Advisory: Multiple DoS in JAR files manipulation procedures (20.04.2008)
 documentIDEFENSE, [Full-disclosure] iDefense Security Advisory 04.09.08: IBM DB2 Universal Database Administration Server File Creation Vulnerability (16.04.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod