 |
|
|
|
| Fujitsu SystemcastWizard Lite buffer overflow | | Published: |  | 20.01.2009 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 9606 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | Buffer overflow on oversized PXE request. |
| Trend Micro OfficeScan / Trend Micro Internet Security multiple security vulnerabilities | | Published: | | 20.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9607 | | Type: | | local | | Level: | | 5/10 | | Description: | | Firewall settings manipulations, DoS. |
| Affected: |  | TM : OfficeScan 8.0 | | | | TM : Trend Micro Internet Security 2007 | | | | TM : Trend Micro Internet Security 2008 | | CVE: |  | CVE-2008-3866 (The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets.) | | | | CVE-2008-3865 (Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field.) | | | | CVE-2008-3864 (The ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allows remote attackers to cause a denial of service (service crash) via a packet with a large value in an unspecified size field.) |
| Windows NTP Time Server Syslog Monitor DoS | | Published: | | 20.01.2009 | | Source: | | | | SecurityVulns ID: | | 9609 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Crash on malformed syslog packet |
| Microsoft Windows Mobile bluetooth stack directory traversal | | Published: | | 20.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9610 | | Type: | | remote | | Level: | | 5/10 | | Description: | | OBEX FTP directory traversal. |
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 20.01.2009 | | Published: | | 20.01.2009 | | Source: | | | | SecurityVulns ID: | | 9604 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Power Phlogger: SQL injection, DoS. |
Ralinktech wireless adapter driver integer overflow
updated since 20.01.2009 | | Published: | | 31.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9605 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Integer overflow on oversized SSID. |
| Affected: | | RALINKTECH : Ralink RT73 | | CVE: | | CVE-2009-0282 (Integer overflow in Ralink Technology USB wireless adapter (RT73) 3.08 for Windows, and other wireless card drivers including rt2400, rt2500, rt2570, and rt61, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Probe Request packet with a long SSID, possibly related to an integer signedness error.) |
OpenSG / EasyHDR Pro / ksquirrel-libs buffer overflow
updated since 20.01.2009 | | Published: | | 26.02.2009 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 9608 | | Type: | | library | | Level: | | 5/10 | | Description: | | Buffer overflow on Radiance RGBE (*.hdr) images parsing. |
|
|
|
|
|
|
|
|
