Computer Security

Search:Vulnerability:19.03.2009
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Autonomy KeyView library buffer overflow
Published:19.03.2009
Source:BUGTRAQ
SecurityVulns ID:9755
Type:library
Level:6/10
Description:Buffer overflow on Word Perfect (.wpd) files parsing.
Affected:AUTONOMY : KeyView 10.4
CVE:CVE-2008-4564 (Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 03.17.09: Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability (19.03.2009)
Discuss:Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:19.03.2009
Source:
SecurityVulns ID:9753
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:FIREANT : FireAnt 1.3
 FUBARFORUM : FubarForum 1.6
 CHAOZZDB : chaozzDB 1.2
 SITECORE : Sitecore .NET 5.3
Original documentdocumentsecurity.assurance_(at)_nab.com.au, Sitecore .NET 5.3.x - web service information disclosure (19.03.2009)
 documentvuln_(at)_e-rdc.org, [ECHO_ADV_105$2009] chaozzDB <= 1.2 Critical File Disclosure Vulnerability (19.03.2009)
 documentvuln_(at)_e-rdc.org, [ECHO_ADV_107$2009] FubarForum <= 1.6 Critical File Disclosure Vulnerability (19.03.2009)
 documentvuln_(at)_e-rdc.org, [ECHO_ADV_106$2009] FireAnt <= 1.3 Critical File Disclosure Vulnerability (19.03.2009)
Discuss:Read or add your comments to this news (0 comments)

Symantec PcAnywhere format string vulnerability
Published:19.03.2009
Source:BUGTRAQ
SecurityVulns ID:9756
Type:local
Level:5/10
Description:Format string vulnerability with .chm filename.
Affected:SYMANTEC : pcAnywhere 12.5
CVE:CVE-2009-0538 (Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 allows local users to read and modify arbitrary memory locations, and cause a denial of service (application crash) or possibly have unspecified other impact, via format string specifiers in the pathname of a remote control file (aka .CHF file).)
Original documentdocumentDeral Heiland, Layered Defense Research Advisory: Format String Vulnerablity in Symantec PcAnywhere v10-12.5 (19.03.2009)
Discuss:Read or add your comments to this news (0 comments)

CDex buffer overflow
Published:19.03.2009
Source:BUGTRAQ
SecurityVulns ID:9757
Type:local
Level:5/10
Description:Buffer overflow on .ogg format parsing.
Original documentdocumentrgod, CDex v1.70b2 (.ogg) local buffer overflow exploit poc (19.03.2009)
Files:CDex v1.70b2 (.ogg) local buffer overflow exploit poc (win xp sp3)
Discuss:Read or add your comments to this news (0 comments)

Weechat IRC client DoS
Published:19.03.2009
Source:BUGTRAQ
SecurityVulns ID:9754
Type:remote
Level:5/10
Description:Crash on PRIVMSG parsing.
Affected:WEECHAT : weechat 0.2
CVE:CVE-2009-0661 (Wee Enhanced Environment for Chat (WeeChat) 0.2.6 allows remote attackers to cause a denial of service (crash) via an IRC PRIVMSG command containing crafted color codes that trigger an out-of-bounds read.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1744-1] New weechat packages fix denial of service (19.03.2009)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server