Search:Vulnerability:23.06.2008 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

XnView / NConvert / GFL SDK buffer overflow
Published: 23.06.2008
Source: BUGTRAQ
SecurityVulns ID: 9101
Type: remote
Level: 6/10
Description: Buffer overflow on oversized Sun TAAC files 'format' field.

Affected: XNVIEW : XnView 1.93
XNVIEW : XnView 1.70
NCONVERT : NConvert 4.92
GFL : GFL SDK 2.82
CVE: CVE-2008-2427 (Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file.)

Original document SECUNIA, Secunia Research: XnView, NConvert, and GFL SDK Sun TAAC Buffer Overflow (23.06.2008)

Discuss: Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 23.06.2008
Source: BUGTRAQ
SecurityVulns ID: 9103
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: BENJA : Benja CMS 0.1

Original document tan_prathan_(at)_hotmail.com, Benja CMS 0.1 (Upload/XSS) Multiple Remote Vulnerabilities (23.06.2008)

Discuss: Read or add your comments to this news (0 comments)

Jscape Secure FTP Applet sessions spoofing
Published: 23.06.2008
Source: FULL-DISCLOSURE
SecurityVulns ID: 9105
Type: m-i-t-m
Level: 5/10
Description: SSH key is not checked.

Original document security_(at)_nruns.com, n.runs-SA-2008.001 - Jscape Secure FTP Applet (23.06.2008)

Discuss: Read or add your comments to this news (0 comments)

exiv2 / libexiv2 DoS
Published: 23.06.2008
Source: BUGTRAQ
SecurityVulns ID: 9102
Type: library
Description: Division by zero on zero Nikon lens metadata parameter.

CVE: CVE-2008-2696 (Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to "pretty printing" and the RationalValue::toLong function.)

Original document MANDRIVA, [ MDVSA-2008:119 ] - Updated exiv2 packages fix vulnerability (23.06.2008)

Discuss: Read or add your comments to this news (0 comments)

Diigo Toolbar crossite scripting
Published: 23.06.2008
Source: BUGTRAQ
SecurityVulns ID: 9104
Type: remote
Level: 5/10
Description: Crossite scripting with publiс comments.

Original document Ferruh Mavituna, Diigo Toolbar - Global XSS and Information Leakage in SSL URLs (23.06.2008)

Discuss: Read or add your comments to this news (0 comments)

PHP safe_mode protection bypass
Published: 23.06.2008
Source: FULL-DISCLOSURE
SecurityVulns ID: 9106
Type: local
Level: 5/10
Description: Protection bypass with posix_access(), chdir(), ftok() functions.

Affected: PHP : PHP 5.2
CVE: CVE-2008-2666 (Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependent attackers to bypass safe_mode restrictions by creating a subdirectory named http: and then placing ../ (dot dot slash) sequences in an http URL argument to the (1) chdir or (2) ftok function.)
CVE-2008-2665 (Directory traversal vulnerability in the posix_access function in PHP 5.2.6 and earlier allows remote attackers to bypass safe_mode restrictions via a .. (dot dot) in an http URL, which results in the URL being canonicalized to a local filename after the safe_mode check has successfully run.)

Original document Maksymilian Arciemowicz, [Full-disclosure] PHP 5.2.6 posix_access() (posix ext) safe_mode bypass (23.06.2008)

Maksymilian Arciemowicz, [Full-disclosure] PHP 5.2.6 chdir(), ftok() (standard ext) safe_mode bypass (23.06.2008)

Discuss: Read or add your comments to this news (0 comments)

test server