 |
|
|
|
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: |  | 19.09.2007 | | Source: |  | | | SecurityVulns ID: |  | 8162 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Alcatel-Lucent OmniPCX code execution | | Published: | | 19.09.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8163 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Code execution in Web interface. |
| OpenOffice integer overflow | | Published: | | 19.09.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8164 | | Type: | | client | | Level: | | 6/10 | | Description: | | Integer overflow on TIFF images parsing. |
| Affected: |  | OPENOFFICE : OpenOffice 2.2 | | CVE: |  | CVE-2007-2834 (Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.) |
| RemoteDocs R-Viewer multiple security vulnerabilities | | Published: | | 19.09.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8165 | | Type: | | client | | Level: | | 5/10 | | Description: | | Code execution with RDZ files. Information leak. |
| Affected: | | REMOTEDOCS : R-Viewer 1.6 | | CVE: | | CVE-2007-4751 (RemoteDocs R-Viewer before 1.6.3768 stores encrypted RDZ file data in unencrypted temporary files, which allows local users to obtain sensitive information by reading the temporary files.) | | | | CVE-2007-4750 (Unspecified vulnerability in RemoteDocs R-Viewer before 1.6.3768 allows user-assisted remote attackers to execute arbitrary code via a crafted RDZ archive in which the first file has an executable extension.) |
| OpenSSH privilege escalation | | Published: | | 19.09.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8166 | | Type: | | local | | Level: | | 5/10 | | Description: | | Invalid usage of X11 cookies. |
| Affected: | | OPENSSH : OpenSSH 4.7 | | CVE: | | CVE-2007-4752 (ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.) |
| Multiple antiviral / firewall applications SSDT hooked functions vulnerabilities | | Published: | | 19.09.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8167 | | Type: | | local | | Level: | | 6/10 |
| Automated Solutions Modbus TCP Slave ActiveX memory corruption | | Published: | | 19.09.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8168 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Memory corruption on TCP/502 request handling. |
| CVE: | | CVE-2007-4827 (Unspecified vulnerability in the Modbus/TCP Diagnostic function in MiniHMI.exe for the Automated Solutions Modbus Slave ActiveX Control before 1.5 allows remote attackers to corrupt the heap and possibly execute arbitrary code via malformed Modbus requests to TCP port 502.) |
| Level One WBR3404TX wireless router crossite scripting | | Published: | | 19.09.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 8169 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Web interface crossite scripting. |
| python imageop integer overflow | | Published: | | 19.09.2007 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 8170 | | Type: | | library | | Level: | | 5/10 | | Description: | | imageop.tovideo function integer overflow |
ISO images extracting software directory traversal
updated since 28.04.2006 | | Published: | | 19.09.2007 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 6066 | | Type: | | local | | Level: | | 5/10 | | Description: | | Directory traversal whiel extracting directory from ISO image. |
|
|
|
|
|
|
|
|
