 |
|
|
|
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: |  | 17.08.2009 | | Source: |  | | | SecurityVulns ID: |  | 10153 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: |  | ZOPE : zope 2.9 | | | | ZOPE : zope 2.10 | | | | DUGALLERY : DUGallery 3.0 | | | | PIWIGO : Piwigo 2.0 | | CVE: |  | CVE-2009-0669 (Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO network protocol.) | | | | CVE-2009-0668 (Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.) |
| cURL / libcurl SSL certificate spoofing | | Published: | | 17.08.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10154 | | Type: | | library | | Level: | | 6/10 | | Description: | | Certificate name spoofing via NULL byte. |
| Affected: | | CURL : cURL 7.19 | | | | CURL : libcurl 7.19 | | CVE: | | CVE-2009-2417 (lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.) | | | | CVE-2009-2408 (Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5.) |
| Adobe JRun multiple security vulnerabilities | | Published: | | 17.08.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10157 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Directory traversal and crossite scripting in management console. |
| Affected: | | ADOBE : JRun 4 | | CVE: | | CVE-2009-1873 (Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter.) |
Asterisk SIP DoS
updated since 11.08.2009 | | Published: | | 17.08.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10139 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Stack overlow (exhaustion) on SIP request processing. |
| Affected: | | ASTERISK : Asterisk 1.4 | | | | ASTERISK : Asterisk 1.6 | | CVE: | | CVE-2009-2726 (The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, 1.4.x before 1.4.26.1, 1.6.0.x before 1.6.0.12, and 1.6.1.x before 1.6.1.4; Asterisk Business Edition A.x.x, B.x.x before B.2.5.9, C.2.x before C.2.4.1, and C.3.x before C.3.1; and Asterisk Appliance s800i 1.2.x before 1.3.0.3 does not use a maximum width when invoking sscanf style functions, which allows remote attackers to cause a denial of service (stack memory consumption) via SIP packets containing large sequences of ASCII decimal characters, as demonstrated via vectors related to (1) the CSeq value in a SIP header, (2) large Content-Length value, and (3) SDP.) |
| Adobe Coldfusion crossite scripting | | Published: | | 17.08.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10156 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Multiple crossite scripting conditions. |
| Affected: | | ADOBE : Coldfusion 8 | | CVE: | | CVE-2009-1872 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm.) |
| Easy Music Player buffer overflow | | Published: | | 17.08.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10155 | | Type: | | local | | Level: | | 5/10 | | Description: | | Buffer overflow on WAV parsing. |
| wxWidgets buffer overflow | | Published: | | 17.08.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10158 | | Type: | | client | | Level: | | 5/10 | | Description: | | Buffer overflow on JPEG parsing. |
| Affected: | | WXWIDGETS : wxWidgets 2.8 | | CVE: | | CVE-2009-2369 (Integer overflow in the wxImage::Create function in src/common/image.cpp in wxWidgets 2.8.10 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JPEG file, which triggers a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.) |
|
|
|
|
|
|
|
|
