Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:22.04.2008
Source:
SecurityVulns ID:8932
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SERENDIPITY : serendipity 1.3
 GCARDS : gCards 1.46
CVE:CVE-2008-1386
 CVE-2008-1385
Original documentdocumentHanno Bock, [Full-disclosure] Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387) (22.04.2008)
 documentcrazy_kinq_(at)_hotmail.co.uk, Xoops All Version -Articles- Article.PHP (ID) Blind SQL Injection ExpL0it (22.04.2008)
 documentturkish-warriorr_(at)_hotmail.com, Powered by gCards v1.46 SQL (22.04.2008)
Files:Xoops All Version -Articles- Article.PHP (ID) Blind SQL Injection ExpL0it

Motorolla Surfboard cable modem multiple security vulnerabilities
Published:22.04.2008
Source:
SecurityVulns ID:8933
Type:remote
Threat Level:
5/10
Description:DoS conditions, crossite request forgery.
Original documentdocumentth3.r00k_(at)_gmail.com, Sea-Surfing on the Motorola Surfboard (22.04.2008)

DBMail unauthorized access
Published:22.04.2008
Source:
SecurityVulns ID:8934
Type:remote
Threat Level:
5/10
Description:It's possible to access any account without password if authldap is used.
Affected:DBMAIL : DBMail 2.2
CVE:CVE-2007-6714 (DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication.)
Original documentdocumentGENTOO, [ GLSA 200804-24 ] DBmail: Data disclosure (22.04.2008)

Adobe Photoshop / Adobe After Effects buffer overflow
Published:22.04.2008
Source:
SecurityVulns ID:8935
Type:client
Threat Level:
6/10
Description:Buffer overflow on BMP files parsing.
Affected:ADOBE : Photoshop CS3
 ADOBE : Photoshop Album Starter 3.2
 ADOBE : After Effects CS3
Original documentdocumentc0ntexb_(at)_gmail.com, [Full-disclosure] Adobe Unchecked Overflow (22.04.2008)
Files:Exploit for Adobe Album Starter 3.2 on Windows XP SP2

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod