 |
|
|
|
OpenOffice NULL pointer dereference
updated since 17.01.2010 | | Published: |  | 19.01.2010 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 10525 | | Type: |  | local | | Level: |  | 4/10 | | Description: |  | NULL pointer dereference on CSV and SLK files parsing. |
| MySQL multiple security vulnerabilities | | Published: | | 19.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10531 | | Type: | | m-i-t-m | | Level: | | 5/10 | | Description: | | Certificate spoofing, privilege escalation, DoS. |
| Affected: |  | ORACLE : MySQL 5.0 | | | | ORACLE : MySQL 5.1 | | CVE: |  | CVE-2009-4030 (MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.) | | | | CVE-2009-4028 (The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.) | | | | CVE-2009-4019 (mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.) |
| Sogou privilege escalation | | Published: | | 19.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10533 | | Type: | | local | | Level: | | 5/10 | | Description: | | It's possible to launch explorer with Local System rights. |
| AOL ActiveX buffer overflow | | Published: | | 19.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10532 | | Type: | | client | | Level: | | 6/10 | | Description: | | Buffer overflow in BindToFile method. |
| Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 19.01.2010 | | Source: | | | | SecurityVulns ID: | | 10534 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: | | EZCONTENTS : ezContents 2.0 | | | | ROUNDCUBE : Roundcube Webmail 0.2 | | | | ZENOSS : Zenoss 2.3 | | | | XOOPS : Xoops 2.4 | | CVE: | | CVE-2009-4077 (Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail 0.2.2 and earlier allows remote attackers to hijack the authentication of unspecified users for requests that send arbitrary emails via unspecified vectors, a different vulnerability than CVE-2009-4076.) | | | | CVE-2009-4076 (Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail 0.2.2 and earlier allows remote attackers to hijack the authentication of unspecified users for requests that modify user information via unspecified vectors, a different vulnerability than CVE-2009-4077.) |
Microsoft Internet Explorer Multiple security vulnerabilities
updated since 19.01.2010 | | Published: | | 23.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10530 | | Type: | | client | | Level: | | 8/10 | | Description: | | 0-day use-after-free vulnerability on createEventObject processing: <body onload="for(var i=0; i!=10000; i++) ev.srcElement">
<img src=. onerror="ev=createEventObject(event); outerHTML++">,
Multiple memory corruptions.
|
| Affected: | | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server | | | | MICROSOFT : Windows Vista | | | | MICROSOFT : Windows 2008 Server | | | | MICROSOFT : Windows 7 | | CVE: | | CVE-2010-0249 (Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object, related to incorrectly initialized memory and improper handling of objects in memory, as exploited in the wild in December 2009 and January 2010 during Operation Aurora, aka "HTML Object Memory Corruption Vulnerability.") | | | | CVE-2010-0248 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability.") | | | | CVE-2010-0247 (Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability.") | | | | CVE-2010-0246 (Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, and CVE-2010-0245.) | | | | CVE-2010-0245 (Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, and CVE-2010-0246.) | | | | CVE-2010-0244 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530 and CVE-2009-2531.) | | | | CVE-2010-0027 (The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a crafted URL, aka "URL Validation Vulnerability.") | | | | CVE-2009-4074 (The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to leverage the "response-changing mechanism" to conduct cross-site scripting (XSS) attacks against web sites that have no inherent XSS vulnerabilities, related to the details of output encoding and improper modification of an HTML attribute, aka "XSS Filter Script Handling Vulnerability.") |
|
|
|
|
|
|
|
|
