Search:Vulnerability:17.12.2005 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
Published: 17.12.2005
Source:
SecurityVulns ID: 5541
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: ADVANCEDGUESTBOO : Advanced Guestbook 2.2
PHPCOIN : phpCOIN 1.2
CONTENTSERV : ContentServ 3.1
WEBGLIMPSE : Webglimpse 2.14
IHTMLMERCHANT : iHTML Merchant 2
IHTMLMERCHANT : iHTML Merchant Mall
RANDOMMOUSE : RED QUEEN 1.2
ACUITYCMS : Acuity CMS 2.6
ALLINTA : Allinta 2.3
BOXUK : Amaxus 3
AWFCMS : AWF 2.10
NMA : Baseline CMS 1.95
BITWEAVER : bitweaver 1.1
CARAVELCMS : Caravel CMS 3.0
COFAX : Cofax 2.0
THINKCOLONY : Colony CMS 2.75
CITYSOFT : Community Enterprise 4.0
CONTENITE : contenite 0.11
CONTENS : CONTENS 3.0
DIRECTNEWS : Direct News 4.9
EPUBLISH : e-publish CMS 2.0
GOEPIX : EPiX 3.1
WEBCAL : WebCal 3.04

Original document irc0d3r_(at)_yahoo.com, exploit (html) for Advanced Guestbook 2.2 (17.12.2005)

stranger-killer_(at)_hotmail.com, phpCOIN-1.2.2-Full-2005 SQL Injection (17.12.2005)

r0t, Webglimpse XSS vuln. (17.12.2005)

r0t, iHTML Merchant Version 2 Pro sql inj. (17.12.2005)

r0t, iHTML Merchant Mall SQL inj. (17.12.2005)

document r0t, RED QUEEN Path Disclosure (17.12.2005)

r0t, Acuity CMS 2.6.x (ASP) XSS vuln. (17.12.2005)

r0t, Allinta 2.3.x XSS vuln. (17.12.2005)

r0t, Amaxus vuln. (17.12.2005)

r0t, AWF (Adaptive Website Framework) vuln. (17.12.2005)

r0t, Baseline CMS vuln. (17.12.2005)

document r0t, bitweaver multiple vuln. (17.12.2005)

r0t, Caravel CMS XSS (17.12.2005)

r0t, Cofax XSS vuln. (17.12.2005)

r0t, Community Enterprise 4.x Multiple vuln. (17.12.2005)

r0t, Colony CMS XSS vuln. (17.12.2005)

r0t, contenite XSS vuln. (17.12.2005)

r0t, CONTENS "search.cfm" Multiple Input Validation Vulnerabilities (17.12.2005)

document r0t, ContentServ 3.1 SQL inj. (17.12.2005)

r0t, Direct News SQL inj. (17.12.2005)

r0t, e-publish CMS vuln. (17.12.2005)

r0t, EPiX� Search query XSS vuln. (17.12.2005)

Discuss: Read or add your comments to this news (0 comments)

Widcomm BTW Bluetooth for Windows remote audio device access
Published: 17.12.2005
Source: BUGTRAQ
SecurityVulns ID: 5542
Type: remote
Level: 6/10
Description: It's possible to access audio data from microphone attached to PC or to play sound on PC speakers.

Affected: WIDCOMM : BTW 4.0

Original document Kevin Finisterre, DMA[2005-1214a] - 'Widcomm BTW - Bluetooth for Windows Remote Audio Eavesdropping' (17.12.2005)

Discuss: Read or add your comments to this news (0 comments)

Citrix Program Neighborhood terminal client buffer overflow
Published: 17.12.2005
Source: BUGTRAQ
SecurityVulns ID: 5544
Type: client
Level: 5/10
Description: Heap buffer overflow on oversized Application Set reply.

Affected: CITRIX : Metaframe Presentation Server Client 9.0

Original document IDEFENSE, iDefense Security Advisory 12.16.05: Citrix Program Neighborhood Name Heap Corruption Vulnerability (17.12.2005)

Discuss: Read or add your comments to this news (0 comments)

Multiple Cisco Clean Access network admission control appliance vulnerabilities
updated since 17.12.2005
Published: 22.12.2005
Source: BUGTRAQ
SecurityVulns ID: 5543
Type: remote
Level: 5/10
Description: It's possible to upload files to server without authentication.

Affected: CISCO : Clean Access 3.5

Original document SECUNIA, [SA18103] Cisco Clean Access Manager Obsolete JSP Files Vulnerability (22.12.2005)

CISCO, Cisco Security Response: DoS in Cisco Clean Access (22.12.2005)

alex_(at)_box.sk, DoS in Cisco Clean Access (17.12.2005)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin