Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:16.06.2006
Source:
SecurityVulns ID:6269
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:ZEROBOARD : Zeroboard 4.1
 ANDYSCHAT : Andys Chat 4.5
 HOTPLUGCMS : HotPlugCMS 1.0
 APBOARD : APBoard 2.2
 MP3SEARCHARCHIVE : MP3 Search/Archive 1.2
Original documentdocumentSpC-x, Andys Chat 4.5 (action) Remote File Inclusion (16.06.2006)
 documentluny_(at)_youfucktard.com, MP3 Search/Archive v1.2 - XSS (16.06.2006)
 document666_(at)_hell.de.tk, APBoard 2.2-r3 <= SQL Injections (16.06.2006)
 documentluny_(at)_youfucktard.com, ePrayver v.Alpha - XSS (16.06.2006)
 documentguest01_(at)_gmail.com, HotPlugCMS_1.0 - SQL Injection Vulnerability (16.06.2006)

Microsoft Office code execution
updated since 16.06.2006
Published:10.08.2006
Source:
SecurityVulns ID:6270
Type:client
Threat Level:
8/10
Description:hlink.dll and Excel styles vulnerability, vulnerabilities in different record types processing are used to install malicious software in-the-wild.
Affected:MICROSOFT : Office 2000
 MICROSOFT : Office XP
 MICROSOFT : Office 2003
Original documentdocumentTSRT_(at)_3com.com, TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability (10.08.2006)
 documentTSRT_(at)_3com.com, [Full-disclosure] TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability (09.08.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-050 Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670) (09.08.2006)
 documentNSFOCUS, [VulnWatch] NSFOCUS SA2006-06 : Microsoft Excel COLINFO Record Buffer Overflow Vulnerability (12.07.2006)
 documentNSFOCUS, [VulnWatch] NSFOCUS SA2006-05 : Microsoft Excel SELECTION Record Memory Corruption Vulnerability (12.07.2006)
 documentxin ouyang, [Full-disclosure] Microsoft Excel Could Allow Remote Code Execution by Malformed FNGROUPCOUNT value Vulnerability (12.07.2006)
 documentSowhat ., [Full-disclosure] Microsoft Excel Array Index Error Remote Code Execution (12.07.2006)
 documentZDI, ZDI-06-022: Microsoft Office Excel File Rebuilding Code Execution Vulnerability (12.07.2006)
 documentMICROSOFT, Microsoft Security Bulletin MS06-037 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285) (11.07.2006)
 documentnanika, Excel 0day : Excel 2000/XP/2003 Style 0day POC (03.07.2006)
 documentCERT, US-CERT Technical Cyber Security Alert TA06-167A -- Microsoft Excel Vulnerability (17.06.2006)
 documentMIKEREAVEY, Reports of a new vulnerability in Microsoft Excel (16.06.2006)
Files:excel unicode overflow poc
 Microsoft Excel Remote Code Execution Proof Of Concept
 "Microsoft Office Excel 2003" Hlink Stack/SEH Overflow Exploit
 Excel 2000/XP/2003 Style 0day POC
 0-day Microsoft WORD Hlink Local Buffer Overflow Exploit
 Microsoft Security Bulletin MS06-037 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285)
 Microsoft Security Bulletin MS06-050 Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod