Computer Security
[EN] securityvulns.ru no-pyccku


t1lib library / PHP buffer overflow
Published:21.09.2007
Source:
SecurityVulns ID:8171
Type:library
Threat Level:
6/10
Description:Buffer overflow in intT1_Env_GetCompletePath()
Affected:PHP : PHP 4.4
 PHP : PHP 5.2
 T1LIB : t1lib 5.1
Original documentdocumentrazavi_(at)_bugtraq.ir, T1Lib Buffer Overflow Vulnerability (21.09.2007)
 documentUBUNTU, [USN-515-1] t1lib vulnerability (21.09.2007)

Adobe Acrobat / Reader 0-day vulnerability
Published:21.09.2007
Source:
SecurityVulns ID:8173
Type:client
Threat Level:
6/10
Description:Undisclosed vulnerability in PDF parsing can be used for code execution.
Affected:ADOBE : Reader 8.1
Original documentdocumentpdp (architect), 0day: PDF pwns Windows (21.09.2007)

VMWare software multiple security vulnerabilities
Published:21.09.2007
Source:
SecurityVulns ID:8174
Type:remote
Threat Level:
7/10
Description:Multiple bugs, including remote DHCP server vulnerabilities are fixed.
Affected:VMWARE : VMware Workstation 5.5
 VMWARE : VMware Player 1.0
 VMWARE : VMware Server 1.0
 VMWARE : VMware ACE 1.0
 VMWARE : VMWare Workstation 6.0
 VMWARE : VMware Player 2.0
 VMWARE : VMWare ACE 2.0
 VMWARE : VMware ESX 3.0
 VMWARE : VMware ESX 2.5
 VMWARE : VMware ESX 2.1
 VMWARE : VMware ESX 2.0
CVE:CVE-2007-4497
 CVE-2007-4496
 CVE-2007-4155 (Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first two arguments to the (1) CreateProcess or (2) CreateProcessEx method.)
 CVE-2007-4059 (Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging.dll 5.5.3.42958 in EMC VMware allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SetLogFileName method.)
 CVE-2007-0063
 CVE-2007-0062
 CVE-2007-0061
Original documentdocumentVMWARE, VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player (21.09.2007)

Dibbler DHCPv6 server/client implementation multiple seucrity vulnerabilities
Published:21.09.2007
Source:
SecurityVulns ID:8175
Type:remote
Threat Level:
5/10
Description:Reading behined allocated memory, NULL pointer dereferences, etc.
Affected:DIBBLER : Dibbler 0.6
Original documentdocumentnoreply_(at)_musecurity.com, [Full-disclosure] [MU-200709-02] Dibbler Remote Denial of Service Vulnerability (21.09.2007)

ClamAV antivirus multiple security vulnerabilities
Published:21.09.2007
Source:
SecurityVulns ID:8176
Type:remote
Threat Level:
5/10
Description:DoS on RTF and HTML parsing.
Affected:CLAMAV : ClamAV 0.91
CVE:CVE-2007-4510 (ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod