Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:23.11.2006
Source:
SecurityVulns ID:6853
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WRSCRIPTS : wr-board 1.4
 INVERSEFLOW : InverseFlow Help Desk 2.31
Original documentdocumentgamr-14_(at)_hotmail.com, XSS in scriptat support InverseFlow Help Desk v2.31 (23.11.2006)
 documentКот Кузькин, уязвимости скриптов с www.wr-script.ru (wr-board 1.4Lite) (23.11.2006)

Microsoft Windows Media Player 10 buffer overflow
Published:23.11.2006
Source:
SecurityVulns ID:6854
Type:client
Threat Level:
7/10
Description:Stack overflow on ASX files parsing.
Original documentdocumentsehato, Windows Media ASX PlayList File Denial Of Service Vulnerability (23.11.2006)
Files:Exploits Windows Media ASX PlayList File Denial Of Service Vulnerability

Firefox password manager form information leak
Published:23.11.2006
Source:
SecurityVulns ID:6855
Type:client
Threat Level:
4/10
Description:Password manager doesn't check form destination. It makes it possible for attacker to retrieve saved paramters, including saved login/password if he can insert form into content of the site.
Affected:MOZILLA : Firefox 1.5
 MOZILLA : Firefox 2.0
Files:Cross-Site Forms + Password Manager = Security Failure

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod