Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:23.04.2006
Source:
SecurityVulns ID:6038
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:VBULLETIN : vBulletin 3.0
 JELSOFT : vBulletin 3.5
 VWAR : VWar 1.21
 MYGAMINGLADDER : MyGamingLadder 7.0
Original documentdocumentMustafa Can Bjorn IPEKCI, [Full-disclosure] Advisory: My Gaming Ladder Combo System <= 7.0 Remote File Inclusion Vulnerability. (23.04.2006)
 documentАгиевич Игорь aka Shanker, XSS в vBulletin 3.x (23.04.2006)
Files:VWar <= ver 1.21 Remote Code Execution Exploit
 My Gaming Ladder Combo System <= 7.0 Remote Command Execution Exploit

Microsoft Internet Explorer memory corruption
updated since 23.04.2006
Published:28.04.2006
Source:
SecurityVulns ID:6039
Type:client
Threat Level:
8/10
Description:Uninitialized pointer dereference on OBJECT tag processing. Can be used for hidden malware installation.
Affected:MICROSOFT : Internet Explorer 6.0
Original documentdocumentSECUNIA, [Full-disclosure] MSIE Nested Object Vulnerability Is Exploitable (28.04.2006)
 documentMatthew Murphy, Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability (23.04.2006)
 documentMichal Zalewski, [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability (23.04.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod