 |
|
|
|
Microsoft Windows XML core services memory corruption
updated since 14.08.2007 | | Published: |  | 17.08.2007 | | Source: |  | MICROSOFT | | SecurityVulns ID: |  | 8039 | | Type: |  | library | | Level: |  | 9/10 | | Description: |  | Memory corruption on XML parsing. |
| Affected: |  | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server | | | | MICROSOFT : Office 2003 | | | | MICROSOFT : Windows Vista | | | | MICROSOFT : Office 2007 | | CVE: |  | CVE-2007-2223 |
| Original document |  | Alla Bezroutchko, [Full-disclosure] MS07-042 XMLDOM substringData() PoC (17.08.2007) |
| | | IDEFENSE, [Full-disclosure] iDefense Security Advisory 08.14.07: Microsoft XML Core Services XMLDOM Memory Corruption Vulnerability (15.08.2007) |
| | | ZDI, [Full-disclosure] ZDI-07-048: Microsoft Internet Explorer substringData() Heap Overflow Vulnerability (15.08.2007) |
| | | MICROSOFT, Microsoft Security Bulletin MS07-042 - Critical Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227) (14.08.2007) |
Microsoft Internet Explorer multiple security vulnerabilities
updated since 14.08.2007 | | Published: | | 17.08.2007 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 8042 | | Type: | | client | | Level: | | 10/10 | | Description: | | Memory corruption on ActiveX parsing, unsafe Visual Basic ActiveX execution, Visual Basic ActiveX memory corruption. |
| Affected: | | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server | | | | MICROSOFT : Windows Vista | | CVE: | | CVE-2007-3041 (Unspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka "ActiveX Object Memory Corruption Vulnerability.") | | | | CVE-2007-2216 | | | | CVE-2007-0943 |
| Original document | | Brett Moore, TlbInf32 ActiveX Command Execution (17.08.2007) |
| | | NSFOCUS, NSFOCUS SA2007-01 : Microsoft IE5 CSS Parsing Memory Corruption Vulnerability (16.08.2007) |
| | | MICROSOFT, Microsoft Security Bulletin MS07-045 - Critical Cumulative Security Update for Internet Explorer (937143) (14.08.2007) |
Cisco VPN client privilege escalation
updated since 16.08.2007 | | Published: | | 17.08.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8059 | | Type: | | local | | Level: | | 6/10 | | Description: | | Weak files permissions, code execution before logon with "Allow launching of third party applications before logon" and dialup networking. |
| Affected: | | CISCO : Cisco VPN Client 4.8 | | | | CISCO : Cisco VPN Client 5.0 |
| Original document | | NGSSoftware Insight Security Research Advisory (NISR), Local privilege escalation vulnerability in Cisco VPN client (17.08.2007) |
| | | CISCO, Cisco Security Advisory: Local Privilege Escalation Vulnerabilities in Cisco VPN Client (16.08.2007) |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 17.08.2007 | | Source: | | | | SecurityVulns ID: | | 8063 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: | | WORDPRESS : Blix 0.9 | | | | OLATE : Olate Download 3.4 | | | | IBM : Rational ClearQuest 7.0 | | CVE: | | CVE-2007-4481 (Cross-site scripting (XSS) vulnerability in index.php in the (1) Blix 0.9.1 and (2) Blix 0.9.1 Rus themes for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF).) |
| Original document | | swhite_(at)_securestate.com, IBM Rational ClearQuest Web SQL Injection Login Bypass (17.08.2007) |
| | | imei, Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing (17.08.2007) |
| | | MustLive, Vulnerability in theme Blix 0.9.1 for WordPress (17.08.2007) |
| Adonis privilege escalation | | Published: | | 17.08.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8067 | | Type: | | local | | Level: | | 2/10 | | Description: | | By using shell characters problem administrator can access device with root privileges. |
| Affected: | | BLUECATNETWORKS : Adonis 5.0 |
| Original document | | anonymous.c7ffa4057a_(at)_anonymousspeech.com, TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation (17.08.2007) |
| Lighttpd multiple security vulnerabilities | | Published: | | 17.08.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8066 | | Type: | | remote | | Level: | | 7/10 | | Description: | | Multiple memory corruption on request headers parsing. |
| Affected: | | LIGHTHTTPD : lighttpd 1.4 | | CVE: | | CVE-2007-3950 (lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the (1) mod_scgi, (2) mod_fastcgi, and (3) mod_webdav modules.) | | | | CVE-2007-3949 (mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remote attackers to bypass url.access-deny settings.) | | | | CVE-2007-3948 (connections.c in lighttpd before 1.4.16 might accept more connections than the configured maximum, which allows remote attackers to cause a denial of service (failed assertion) via a large number of connection attempts.) | | | | CVE-2007-3947 (request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault.) | | | | CVE-2007-3946 (mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving (1) a memory leak, (2) use of md5-sess without a cnonce, (3) base64 encoded strings, and (4) trailing whitespace in the Auth-Digest header.) |
| Original document | | GENTOO, [ GLSA 200708-11 ] Lighttpd: Multiple vulnerabilities (17.08.2007) |
| Multiple Linux kernel vulnerabilities | | Published: | | 17.08.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8065 | | Type: | | remote | | Level: | | 6/10 | | Description: | | nf_conntrack_h323 NULL pointer dereference, invalid suid applications parent process termination signal handling, privilege escalation on Intel 965 chipset. |
| Affected: | | LINUX : kernel 2.4 | | | | LINUX : kernel 2.6 | | CVE: | | CVE-2007-3851 (The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager (DRM) to write to arbitrary memory locations and gain privileges via a crafted batchbuffer.) | | | | CVE-2007-3848 (Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal (PR_SET_PDEATHSIG).) | | | | CVE-2007-3642 (The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c in the Linux kernel before 2.6.20.15, 2.6.21.x before 2.6.21.6, and before 2.6.22 allows remote attackers to cause a denial of service (crash) via an encoded, out-of-range index value for a choice field, which triggers a NULL pointer dereference.) |
| |
|
| |
