Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:19.10.2010
Source:
SecurityVulns ID:11203
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:BLOGTURKCE : blog turkce 1.1
 DJANGO : django 1.2
CVE:CVE-2010-3082 (Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a csrfmiddlewaretoken (aka csrf_token) cookie.)
Original documentdocumentUBUNTU, [USN-1004-1] Django vulnerability (19.10.2010)
 documentindoushka salah el ddine, icblogger full-(tr) (ziyaretci.mdb) Database Disclosure Exploit (19.10.2010)
 documentindoushka salah el ddine, icblogger full-(tr) (mail.mdb) Database Disclosure Exploit (19.10.2010)
 documentindoushka salah el ddine, icblogger full-(tr) (blogs.mdb) Database Disclosure Exploit (19.10.2010)
 documentindoushka salah el ddine, fatihsoftblog-(tr) Database Disclosure Exploit (19.10.2010)
 documentindoushka salah el ddine, complete-blog-(ing) Database Disclosure Exploit (19.10.2010)
 documentindoushka salah el ddine, blogit-(ing) Database Disclosure Exploit (19.10.2010)
 documentindoushka salah el ddine, acs-blog turkce v1.1.3-(tr) Database Disclosure Exploit (19.10.2010)
Files:icblogger full-(tr) (mail.mdb) Database Disclosure Exploit
 icblogger full-(tr) (ziyaretci.mdb) Database Disclosure Exploit
 icblogger full-(tr) (blogs.mdb) Database Disclosure Exploit
 blog turkce v1.1.3-(tr) Database Disclosure Exploit
 blogit-(ing) Database Disclosure Exploit
 complete-blog-(ing) Database Disclosure Exploit
 fatihsoftblog-(tr) Database Disclosure Exploit

HP ProCurve access points / access controllers / mobility controllers privilege escalation
Published:19.10.2010
Source:
SecurityVulns ID:11204
Type:local
Threat Level:
5/10
Affected:HP : HP M110
 HP : HP MSM310
 HP : HP MSM320
 HP : HP MSM325
 HP : HP MSM335
 HP : HP MSM410
 HP : HP MSM422
 HP : HP MSM710
 HP : HP MSM730
 HP : HP MSM750
CVE:CVE-2010-3287 (Unspecified vulnerability on HP ProCurve Access Points, Access Controllers, and Mobility Controllers with software 5.1.x through 5.1.9, 5.2.x through 5.2.7, 5.3.x through 5.3.5, and 5.4.x through 5.4.0 allows remote attackers to execute arbitrary code via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBGN02589 SSRT100296 rev.1 - HP ProCurve Access Points, Access Controllers, and Mobility Controllers, Privilege Escalation (19.10.2010)

RealPlayer buffer overflow
Published:19.10.2010
Source:
SecurityVulns ID:11205
Type:client
Threat Level:
5/10
Description:Buffer overflow on QCP format parsing.
Affected:REAL : RealPlayer SP 1.1
 REAL : RealPlayer Enterprise 2.1
CVE:CVE-2010-2578 (Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via a crafted QCP file.)
Original documentdocumentSECUNIA, Secunia Research: RealPlayer QCP Sample Chunk Parsing Buffer Overflow (19.10.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod