 |
|
|
|
Trillian instant messenger multiple security vulnerabilities
updated since 02.05.2007 | | Published: |  | 19.05.2007 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 7656 | | Type: |  | remote | | Level: |  | 6/10 | | Description: |  | Multiple security vulnerabilities on IRC handling lead to information leaks and buffer overflow. Buffer overflows on Rendezvous and XMPP protocols parsing. |
| CVE: |  | CVE-2007-2479 (Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed response that is not truncated by a newline, which can cause portions of a server message to be sent to the attacker.) | | | | CVE-2007-2478 (Multiple heap-based buffer overflows in the IRC component in Cerulean Studios Trillian Pro before 3.1.5.1 allow remote attackers to corrupt memory and possibly execute arbitrary code via (1) a URL with a long UTF-8 string, which triggers the overflow when the user highlights it, or (2) a font HTML tag with a face attribute containing a long UTF-8 string.) | | | | CVE-2007-2418 (Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding.) |
| Original document |  | ZDI, TPTI-07-06: Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption (04.05.2007) |
| | | IDEFENSE, iDefense Security Advisory 04.30.07: Cerulean Studios Trillian Multiple IRC Vulnerabilities (02.05.2007) |
VMWare multiple security vulnerabilities
updated since 08.05.2007 | | Published: | | 19.05.2007 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 7683 | | Type: | | local | | Level: | | 5/10 | | Description: | | Multiple denial of service conditions against guest and host system. |
| Affected: |  | VMWARE : VMware Workstation 5.5 | | | | VMWARE : VMware Player 1.0 | | | | VMWARE : VMware Server 1.0 | | | | VMWARE : VMware ACE 1.0 | | CVE: | | CVE-2007-2491 (The PIIX4 power management subsystem in EMC VMware Workstation 5.5.3.34685 and VMware Server 1.0.1.29996 allows local users to write to arbitrary memory locations via a crafted poke to I/O port 0x1004, triggering a denial of service (virtual machine crash) or other unspecified impact, a related issue to CVE-2007-1337.) | | | | CVE-2007-1877 (VMware Workstation before 5.5.4 allows attackers to cause a denial of service against the guest OS by causing the virtual machine process (VMX) to store malformed configuration information.) | | | | CVE-2007-1876 (VMware Workstation before 5.5.4, when running a 64-bit Windows guest on a 64-bit host, allows local users to "corrupt the virtual machine's register context" by debugging a local program and stepping into a "syscall instruction.") | | | | CVE-2007-1337 (The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors.) | | | | CVE-2007-1069 (The memory management in VMware Workstation before 5.5.4 allows attackers to cause a denial of service (Windows virtual machine crash) by triggering certain general protection faults (GPF).) |
| Original document | | VMWARE, VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability (19.05.2007) |
| | | Reversemode, [Reversemode Advisory] VMware Products - GPF Denial of Service (08.05.2007) |
| | | VMWARE, VMSA-2007-0004 Multiple Denial-of-Service issues fixed (08.05.2007) |
realpath() BSD and wu-ftpd / BSD FTP / SSH buffer overflow
updated since 01.08.2003 | | Published: | | 19.05.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3022 | | Type: | | library | | Level: | | 8/10 | | Description: | | off-by-one overflow in fb_realpath() function in oversized path of few FTP commands. |
| Affected: | | FREEBSD : FreeBSD 5.0 | | | | NETBSD : NetBSD 1.5 | | | | WU : WU-FTPD 2.6 | | | | NETBSD : NetBSD 1.6 | | | | WU : wu-ftpd 2.5 | | | | FREEBSD : FreeBSD 4.8 |
| Original document | | kingcope_(at)_gmx.net, [Full-disclosure] ssh.com ssh-3.2.9.1 sftp server remote off by one (19.05.2007) |
| | | NETBSD, NetBSD Security Advisory 2003-011: off-by-one error in realpath(3) (05.08.2003) |
| | | FREEBSD, FreeBSD Security Advisory FreeBSD-SA-03:08.realpath (04.08.2003) |
| | | Janusz Niewiadomski, wu-ftpd fb_realpath() off-by-one bug (01.08.2003) |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 19.05.2007 | | Source: | | | | SecurityVulns ID: | | 7724 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: | | APACHE : Tomcat 4.0 | | | | APACHE : Tomcat 4.1 | | | | APACHE : Tomcat 5.0 | | | | APACHE : Tomcat 5.5 | | | | APACHE : Tomcat 6.0 | | | | CANDYPRESS : CandyPress 3.5 | | | | PARODIA : Parodia 6.4 | | | | CLIENTEXEC : ClientExec 3.0 | | | | TRACKPLUS : Track+ 3.3 | | | | ACAL : ACal Web Calendar 2.2 | | | | MADRISHWEBMAIL : Madirish Webmail 2.0 | | | | PSYCHOSTATS : PsychoStats 3.0 | | CVE: | | CVE-2007-1355 (Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.23, and 6.0.0 through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via the test parameter and unspecified vectors.) |
| Original document | | Mark Thomas, [CVE-2007-1355] Tomcat documentation XSS vulnerabilities (19.05.2007) |
| | | mybeni websecurity, [Full-disclosure] Wordpress Akismet XSS flaw (19.05.2007) |
| | | kefka, [Full-disclosure] PsychoStats 3.0.6b and prior (19.05.2007) |
| | | ...::BoZKuRTSeRDaR::..., ACal Web Calendar 2.2.6 Remote File Include Vulnerabilities (19.05.2007) |
| | | ...::BoZKuRTSeRDaR::..., Madirish Webmail v2.0 Remote File Include Vulnerabilities (19.05.2007) |
| | | r0t, Track+ XSS vuln. (19.05.2007) |
| | | r0t, ClientExec XSS vuln. (19.05.2007) |
| | | r0t, Parodia XSS vuln (19.05.2007) |
| | | r0t, CandyPress™ Store XSS vuln. (19.05.2007) |
| PHP SOAP extension buffer overflow | | Published: | | 19.05.2007 | | Source: | | CVE | | SecurityVulns ID: | | 7727 | | Type: | | library | | Level: | | 6/10 | | Description: | | Buffer overflow in make_http_soap_request function. |
| Affected: | | PHP : PHP 5.2 | | CVE: | | CVE-2007-2510 (Buffer overflow in the make_http_soap_request function in PHP before 5.2.2 has unknown impact and remote attack vectors, possibly related to "/" (slash) characters.) |
| |
|
| |
