Computer Security

Search:Vulnerability:17.04.2009
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Apache Geronimo multiple security vulnerabilities
Published:17.04.2009
Source:BUGTRAQ
SecurityVulns ID:9843
Type:remote
Level:5/10
Description:Crossite scripting, directory traversal.
Affected:APACHE : Geronimo 2.1
Original documentdocumentDSecRG, [DSECRG-09-018] Apache Geronimo - Directory Traversal vulnerabilities (17.04.2009)
 documentDSecRG, [DSECRG-09-019] Apache Geronimo - XSS vulnerabilities.txt (17.04.2009)
 documentDSecRG, [DSECRG-09-020] Apache Geronimo - XSRF vulnerabilities (17.04.2009)
Discuss:Read or add your comments to this news (0 comments)

IBM AIX muxatmd buffer overflow
Published:17.04.2009
Source:BUGTRAQ
SecurityVulns ID:9844
Type:local
Level:5/10
Description:Buffer overflow with overszied calling program name.
Affected:IBM : AIX 5.3
Original documentdocumentIDEFENSE, iDefense Security Advisory 04.15.09: IBM AIX muxatmd Buffer Overflow Vulnerability (17.04.2009)
Discuss:Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:17.04.2009
Source:
SecurityVulns ID:9845
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:APACHE : ActiveMQ 5.2
 WEBSPELL : webSPELL 4.2
 PHORUM : Phorum 5.2
 NOVELL : Novell Teaming 1.0
Original documentdocumentDaniel Fabian, SEC Consult SA-20090415-0 :: Multiple Vulnerabilities in Novell Teaming (17.04.2009)
 documentresearch_(at)_voodoo-labs.org, Phorum < 5.2.10 Cross-Site Scripting/Request Forgery (17.04.2009)
 documentrgod, Geeklog <= 1.5.2 savepreferences()/*blocks[] remote sql injection exploit (17.04.2009)
 documenty3nh4ck3r_(at)_gmail.com, webSPELL 4.2.0c--XSS (BYPASS BBCODE) COOKIES STEALING VULNERABILITY-- (17.04.2009)
 documentddvulnalert_(at)_ddifronline.com, DDIVRT-2009-23 Apache ActiveMQ Numerous Cross Site Scripting Issues (17.04.2009)
Files:Geeklog <= 1.5.2 savepreferences()/*blocks[] remote sql injection exploit
Discuss:Read or add your comments to this news (0 comments)

Danske Bank Danske e-Sec ActiveX buffer overflow
Published:17.04.2009
Source:BUGTRAQ
SecurityVulns ID:9847
Type:remote
Level:5/10
Description:Buffer overflow in logging function.
Original documentdocumentSECUNIA, Secunia Research: Danske Bank e-Sec Control Module Error Logging Buffer Overflow (17.04.2009)
Discuss:Read or add your comments to this news (0 comments)

Nortel Application Gateway information leak
Published:17.04.2009
Source:BUGTRAQ
SecurityVulns ID:9848
Type:remote
Level:5/10
Description:Web page contains login and password for administrative access.
Affected:NORTEL : Application Gateway 2000 6.3
Original documentdocumentDaniel Fabian, SEC Consult SA-20090415-1 :: Nortel Application Gateway 2000 Password Disclosure Vulnerability (17.04.2009)
Discuss:Read or add your comments to this news (0 comments)

DivX WebPlayer buffer overflow
Published:17.04.2009
Source:BUGTRAQ
SecurityVulns ID:9849
Type:client
Level:6/10
Description:Integer overflow on video stream chunk parsing leads to buffer overflow.
Affected:DIVX : DivX Web Player 1.4
CVE:CVE-2008-5259
Original documentdocumentSECUNIA, Secunia Research: DivX Web Player Stream Format Chunk Buffer Overflow (17.04.2009)
Discuss:Read or add your comments to this news (0 comments)

Zervit Webserver buffer overflow
Published:17.04.2009
Source:BUGTRAQ
SecurityVulns ID:9850
Type:remote
Level:5/10
Description:Buffer overflow on oversized resource URI.
Affected:ZERVIT : Zervit Webserver 0.02
Original documentdocumentewizz_(at)_balcansecurity.com, Zervit Webserver Buffer Overflow (17.04.2009)
Discuss:Read or add your comments to this news (0 comments)

SAP GUI unauthorized access
Published:17.04.2009
Source:BUGTRAQ
SecurityVulns ID:9851
Type:client
Level:5/10
Description:KWEdit ActiveX has unsafe SaveDocumentAs() method.
Affected:SAP : SAP GUI 6.40
 SAP : SAP GUI 7.10
Original documentdocumentSECUNIA, Secunia Research: SAP GUI KWEdit ActiveX Control "SaveDocumentAs()" Insecure Method (17.04.2009)
Discuss:Read or add your comments to this news (0 comments)

udev multiple security vulnerabilities
updated since 17.04.2009
Published:19.04.2009
Source:BUGTRAQ
SecurityVulns ID:9846
Type:local
Level:6/10
Description:Privilege escalation with NETLINK messages, buffer overflow on path encoding.
Affected:UDEV : udev 0.125
CVE:CVE-2009-1186 (Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.)
 CVE-2009-1185 (udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.)
Original documentdocumentKingcope Kingcope, [Full-disclosure] udev exploit (19.04.2009)
 documentDEBIAN, [SECURITY] [DSA 1772-1] New udev packages fix privilege escalation (17.04.2009)
Files:udev exploit
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server