Computer Security
[EN] securityvulns.ru no-pyccku


Apache Geronimo multiple security vulnerabilities
Published:17.04.2009
Source:
SecurityVulns ID:9843
Type:remote
Threat Level:
5/10
Description:Crossite scripting, directory traversal.
Affected:APACHE : Geronimo 2.1
Original documentdocumentDSecRG, [DSECRG-09-018] Apache Geronimo - Directory Traversal vulnerabilities (17.04.2009)
 documentDSecRG, [DSECRG-09-019] Apache Geronimo - XSS vulnerabilities.txt (17.04.2009)
 documentDSecRG, [DSECRG-09-020] Apache Geronimo - XSRF vulnerabilities (17.04.2009)

IBM AIX muxatmd buffer overflow
Published:17.04.2009
Source:
SecurityVulns ID:9844
Type:local
Threat Level:
5/10
Description:Buffer overflow with overszied calling program name.
Affected:IBM : AIX 5.3
Original documentdocumentIDEFENSE, iDefense Security Advisory 04.15.09: IBM AIX muxatmd Buffer Overflow Vulnerability (17.04.2009)

Danske Bank Danske e-Sec ActiveX buffer overflow
Published:17.04.2009
Source:
SecurityVulns ID:9847
Type:remote
Threat Level:
5/10
Description:Buffer overflow in logging function.
Original documentdocumentSECUNIA, Secunia Research: Danske Bank e-Sec Control Module Error Logging Buffer Overflow (17.04.2009)

Nortel Application Gateway information leak
Published:17.04.2009
Source:
SecurityVulns ID:9848
Type:remote
Threat Level:
5/10
Description:Web page contains login and password for administrative access.
Affected:NORTEL : Application Gateway 2000 6.3
Original documentdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20090415-1 :: Nortel Application Gateway 2000 Password Disclosure Vulnerability (17.04.2009)

DivX WebPlayer buffer overflow
Published:17.04.2009
Source:
SecurityVulns ID:9849
Type:client
Threat Level:
6/10
Description:Integer overflow on video stream chunk parsing leads to buffer overflow.
Affected:DIVX : DivX Web Player 1.4
CVE:CVE-2008-5259
Original documentdocumentSECUNIA, Secunia Research: DivX Web Player Stream Format Chunk Buffer Overflow (17.04.2009)

Zervit Webserver buffer overflow
Published:17.04.2009
Source:
SecurityVulns ID:9850
Type:remote
Threat Level:
5/10
Description:Buffer overflow on oversized resource URI.
Affected:ZERVIT : Zervit Webserver 0.02
Original documentdocumentewizz_(at)_balcansecurity.com, Zervit Webserver Buffer Overflow (17.04.2009)

SAP GUI unauthorized access
Published:17.04.2009
Source:
SecurityVulns ID:9851
Type:client
Threat Level:
5/10
Description:KWEdit ActiveX has unsafe SaveDocumentAs() method.
Affected:SAP : SAP GUI 6.40
 SAP : SAP GUI 7.10
Original documentdocumentSECUNIA, Secunia Research: SAP GUI KWEdit ActiveX Control "SaveDocumentAs()" Insecure Method (17.04.2009)

udev multiple security vulnerabilities
updated since 17.04.2009
Published:19.04.2009
Source:
SecurityVulns ID:9846
Type:local
Threat Level:
6/10
Description:Privilege escalation with NETLINK messages, buffer overflow on path encoding.
Affected:UDEV : udev 0.125
CVE:CVE-2009-1186 (Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.)
 CVE-2009-1185 (udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.)
Original documentdocumentKingcope Kingcope, [Full-disclosure] udev exploit (19.04.2009)
 documentDEBIAN, [SECURITY] [DSA 1772-1] New udev packages fix privilege escalation (17.04.2009)
Files:udev exploit

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod