 |
|
|
|
| Mathcad protection bypass | | Published: |  | 18.10.2007 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 8264 | | Type: |  | local | | Level: |  | 4/10 | | Description: |  | It's possible to bypass 'Protect Worksheet' protection. |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 18.10.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8265 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| IrfanView buffer overflow | | Published: | | 18.10.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8268 | | Type: | | client | | Level: | | 5/10 | | Description: | | Buffer overlfow on .pal files parsing. |
| Asterisk cdr_addon_mysql SQL injection | | Published: | | 18.10.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8271 | | Type: | | remote | | Level: | | 5/10 | | Description: | | SQL injection with destination number. |
| Cisco PIX / ASA / Firewall Service Module multiple security vulnerabilities | | Published: | | 18.10.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8273 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Vulnerabilities on MGGP and TLS parsing. |
| Balsa e-mail client buffer overflow | | Published: | | 18.10.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8269 | | Type: | | client | | Level: | | 5/10 | | Description: | | Buffer overflow on oversized IMAP server response. |
| Affected: |  | BALSA : Balsa 2.3 | | CVE: |  | CVE-2007-5007 (Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command.) |
| TIBCO SmartPGM FX multiple security vulnerabilities | | Published: | | 18.10.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8266 | | Type: | | remote | | Level: | | 6/10 |
| Cisco Unified Communications unaurhoized access | | Published: | | 18.10.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8272 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Any active directory user has access to web administration tools. |
Oracle multiple security vulnerabilities
updated since 18.10.2007 | | Published: | | 02.11.2007 | | Source: | | CERT | | SecurityVulns ID: | | 8270 | | Type: | | remote | | Level: | | 7/10 | | Description: | | New quartly critical patch update fixes few dozens of security vulnerabilities. |
| Affected: | | ORACLE : Oracle 9i | | | | ORACLE : Oracle 10g | | CVE: | | CVE-2007-5766 (SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: this is probably the same issue as CVE-2007-5527 or CVE-2007-5528, but there are insufficient details to be sure.) |
GNU tar buffer overflow
updated since 18.10.2007 | | Published: | | 18.10.2008 | | Source: | | CVE | | SecurityVulns ID: | | 8267 | | Type: | | client | | Level: | | 5/10 |
| CVE: | | CVE-2007-4476 (Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack.") |
|
|
|
|
|
|
|
|
