Computer Security

Search:Vulnerability:21.09.2007
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



ClamAV antivirus multiple security vulnerabilities
Published:21.09.2007
Source:CVE
SecurityVulns ID:8176
Type:remote
Level:5/10
Description:DoS on RTF and HTML parsing.
Affected:CLAMAV : ClamAV 0.91
CVE:CVE-2007-4510 (ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information.)
Discuss:Read or add your comments to this news (0 comments)

Adobe Acrobat / Reader 0-day vulnerability
Published:21.09.2007
Source:BUGTRAQ
SecurityVulns ID:8173
Type:client
Level:6/10
Description:Undisclosed vulnerability in PDF parsing can be used for code execution.
Affected:ADOBE : Reader 8.1
Original documentdocumentpdp (architect), 0day: PDF pwns Windows (21.09.2007)
Discuss:Read or add your comments to this news (2 comments)

VMWare software multiple security vulnerabilities
Published:21.09.2007
Source:BUGTRAQ
SecurityVulns ID:8174
Type:remote
Level:7/10
Description:Multiple bugs, including remote DHCP server vulnerabilities are fixed.
Affected:VMWARE : VMware Workstation 5.5
 VMWARE : VMware Player 1.0
 VMWARE : VMware Server 1.0
 VMWARE : VMware ACE 1.0
 VMWARE : VMWare Workstation 6.0
 VMWARE : VMware Player 2.0
 VMWARE : VMWare ACE 2.0
 VMWARE : VMware ESX 3.0
 VMWARE : VMware ESX 2.5
 VMWARE : VMware ESX 2.1
 VMWARE : VMware ESX 2.0
CVE:CVE-2007-4497
 CVE-2007-4496
 CVE-2007-4155 (Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first two arguments to the (1) CreateProcess or (2) CreateProcessEx method.)
 CVE-2007-4059 (Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging.dll 5.5.3.42958 in EMC VMware allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SetLogFileName method.)
 CVE-2007-0063
 CVE-2007-0062
 CVE-2007-0061
Original documentdocumentVMWARE, VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player (21.09.2007)
Discuss:Read or add your comments to this news (0 comments)

t1lib library / PHP buffer overflow
Published:21.09.2007
Source:CVE
SecurityVulns ID:8171
Type:library
Level:6/10
Description:Buffer overflow in intT1_Env_GetCompletePath()
Affected:PHP : PHP 4.4
 PHP : PHP 5.2
 T1LIB : t1lib 5.1
Original documentdocumentrazavi_(at)_bugtraq.ir, T1Lib Buffer Overflow Vulnerability (21.09.2007)
 documentUBUNTU, [USN-515-1] t1lib vulnerability (21.09.2007)
Discuss:Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:21.09.2007
Source:
SecurityVulns ID:8172
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SIMPLEPHP : Simple PHP Blog 0.4
 GOOGLE : Google Search Appliance
 BUGZILLA : Bugzilla 3.0
 BUGZILLA : Bugzilla 3.1
 ITCMS : Vigile CMS 1.8
 WEBED : WebED 0.8999
 BMACHINE : bMachine 2.8
Original documentdocumentIvan Niiiil, bMachine v 2.8 Local File Include Vulnerabilityes (21.09.2007)
 documentwebmaster666_(at)_email.it, SimplePHPBlog Hacking (21.09.2007)
 documentHackers Center Security Group, WebBatch Applications Cross Site Scripting Vulrnability (21.09.2007)
 documenth3llcode_(at)_hotmail.it, PhpBB Xs 2 profile.php Permanent Xss Vulnerability (21.09.2007)
 documenth3llcode_(at)_hotmail.it, WebED-0.8999 Multiple Remote File Inclusion Vulnerability (21.09.2007)
 documenth3llcode_(at)_hotmail.it, PHP-Nuke add admin ALL Versions (21.09.2007)
 documentx0kster_(at)_gmail.com, Vigile CMS v1.8 Multiple Remote XSS Vulnerability (21.09.2007)
 documentMustLive, Vulnerabilities in Google Search Appliance (21.09.2007)
 documentBUGZILLA, Security Advisory for Bugzilla 3.0.1 and 3.1.1 (21.09.2007)
Discuss:Read or add your comments to this news (0 comments)

Dibbler DHCPv6 server/client implementation multiple seucrity vulnerabilities
Published:21.09.2007
Source:BUGTRAQ
SecurityVulns ID:8175
Type:remote
Level:5/10
Description:Reading behined allocated memory, NULL pointer dereferences, etc.
Affected:DIBBLER : Dibbler 0.6
Original documentdocumentnoreply_(at)_musecurity.com, [Full-disclosure] [MU-200709-02] Dibbler Remote Denial of Service Vulnerability (21.09.2007)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server