Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		20.05.2006
Source:		BUGTRAQ
SecurityVulns ID:		6163
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected:		ACTUALSCRIPTS : ActualAnalyzer Server 8.23
		CODEAVALANCHE : CodeAvalanche 1.2
		NEWSWRITER2005 : Newswriter 1.0
		JEMSCRIPTS : Download Control 1.0
		PHPBAZAR : phpBazar 2.1
		RACEEVENTMANAGER : RaceEventManagement 0.7
		XTREMESCRIPTS : Topsites 1.1

Original document		luny_(at)_youfucktard.com, Xtremescripts Topsites v1.1 (20.05.2006)
		Mster-X_(at)_hotmail.com, RaceEventManagement <--v0.7.6 SQL injection & XSS (20.05.2006)
		i6d_(at)_hotmail.com, ActualAnalyzer Server <=8.23 - Remote File Include Vulnerability (20.05.2006)
		i6d_(at)_hotmail.com, phpBazar <= 2.1.0 Multiple vulnerabilites (20.05.2006)
		luny_(at)_youfucktard.com, Jemscripts Download Control v1.0 (20.05.2006)
		luny_(at)_youfucktard.com, Yourfreeworld Styleish Text Ads Script (20.05.2006)
		luny_(at)_youfucktard.com, Yourfreeworld.com Short Url & Url Tracker Script (20.05.2006)
		omnipresent_(at)_email.it, Newswriter v1.0 Remote XSS Exploit (20.05.2006)
		omnipresent_(at)_email.it, CANews Remote Multiple Vulnerability (20.05.2006)
		omnipresent_(at)_email.it, Dayfox Blog Insecure Password Storage (20.05.2006)
		omnipresent_(at)_email.it, Dayfox Blog Insecure Password Storage (20.05.2006)

Discuss:

Read or add your comments to this news (0 comments)

Sun ONE Web server crossite scripting
Published:		20.05.2006
Source:		SECUNIA
SecurityVulns ID:		6165
Type:		remote
Level:		5/10
Description:		Crossite scripting on URL with quote sign.

Affected:		SUN : Sun Java System Application Server 7
		SUN : Sun ONE Web Server 6.0
		SUN : Sun Java System Web Server 6.1
		SUN : Sun ONE Application Server 7

Original document

SECUNIA, [SA20147] Sun ONE/Java System Web Server Cross-Site Scripting Vulnerability (20.05.2006)

Discuss:

Read or add your comments to this news (0 comments)

Windows limited service account privilege escalation
Published:		20.05.2006
Source:		BUGTRAQ
SecurityVulns ID:		6166
Type:		local
Level:		5/10
Description:		By using security tokens located in process memory it's possible to escalate privileges from limited service account, such as Network Service or Microsoft SQL Service account.

Affected:		MICROSOFT : Windows 2000 Server
		MICROSOFT : Windows 2000 Professional
		MICROSOFT : Windows XP
		MICROSOFT : Windows 2003 Server

Original document		Brian L. Walche, Re[2]: The Weakness of Windows Impersonation Model (20.05.2006)
		Brian L. Walche, Re[2]: The Weakness of Windows Impersonation Model (20.05.2006)
		David Litchfield, Re: The Weakness of Windows Impersonation Model (20.05.2006)
		Brian L. Walche, The Weakness of Windows Impersonation Model (20.05.2006)

Files:		Snagging Security Tokens to Elevate Privileges
Discuss:		Read or add your comments to this news (0 comments)

Microsoft Word memory corruption updated since 20.05.2006
Published:		13.06.2006
Source:		CERT
SecurityVulns ID:		6164
Type:		client
Level:		9/10
Description:		Malformув object pointer memory corruption is used in-the-wild for malware distribution.

Affected:		MICROSOFT : Office 2000
		MICROSOFT : Office XP
		MICROSOFT : Works 2001
		MICROSOFT : Works 2002
		MICROSOFT : Works 2003
		MICROSOFT : Office 2003
		MICROSOFT : Works 2000
		MICROSOFT : Works 2004
		MICROSOFT : Works 2005
		MICROSOFT : Works 2006

Original document		MICROSOFT, Microsoft Security Bulletin MS06-027 Vulnerability in Microsoft Word Could Allow Remote Code Execution (917336) (13.06.2006)
		SANS, Targeted attack: experience from the trenches (20.05.2006)
		CERT, US-CERT Technical Cyber Security Alert TA06-139A -- Microsoft Word Vulnerability (20.05.2006)

Files:		Microsoft Security Bulletin MS06-027 Vulnerability in Microsoft Word Could Allow Remote Code Execution (917336)
Discuss:		Read or add your comments to this news (0 comments)