 |
|
|
|
ImageMagic PSD files buffer overflow
updated since 18.01.2005 | | Published: |  | 24.01.2005 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 4376 | | Type: |  | library | | Level: |  | 5/10 | | Description: |  | Integer array overflow in psd.c |
| Affected: |  | IMAGEMAGIC : ImageMagick 6.1 | | | | GRAPHICSMAGIC : GraphicsMagick 1.1 |
| Original document |  | SECUNIA, [SA13960] GraphicsMagick PSD Image Decoding Buffer Overflow (24.01.2005) |
| | | IDEFENSE, [Full-Disclosure] iDEFENSE Security Advisory 01.17.05: Multiple Vendor ImageMagick .psd Image File Decode Heap Overflow Vulnerability (18.01.2005) |
Konversation KDE IRC client multiple vulnerabilities
updated since 20.01.2005 | | Published: | | 24.01.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4383 | | Type: | | client | | Level: | | 5/10 | | Description: | | Special characters filtering problem. |
| Affected: | | KONVERSATION : Konversation 0.15 |
| Original document | | SECURITEAM, [EXPL] Multiple Vulnerabilities in Konversation (Exploit) (24.01.2005) |
| | | Wouter Coekaerts, [Full-Disclosure] Multiple vulnerabilities in Konversation (20.01.2005) |
| Netgear FVS318 router multiple vulnerabilities | | Published: | | 24.01.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4396 | | Type: | | remote | | Level: | | 5/10 | | Description: | | URL filtering bypass, log file crossite scripting. |
| Affected: | | NETGEAR : Netgear FVS318 |
| Original document | | SECURITEAM, [NEWS] Multiple Vulnerabilities in Netgear FVS318 Router (24.01.2005) |
| FireHOL Linux firewall builder symbolic links problem | | Published: | | 24.01.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4398 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Symbolic links problem on temporary files creation. |
| Affected: | | FIREHOL : FireHOL 1.214 |
| Original document | | SECUNIA, [SA13970] FireHOL Insecure Temporary File Creation Vulnerabilities (24.01.2005) |
| Xerox WorkCentre Pro 32/40 Color PostScript Directory Traversal | | Published: | | 24.01.2005 | | Source: | | SECUNIA | | SecurityVulns ID: | | 4399 | | Type: | | client | | Level: | | 5/10 | | Description: | | Directory traversal on PostScript files processing. |
| Affected: | | XEROX : Xerox WorkCentre Pro 32 | | | | XEROX : Xerox WorkCentre Pro 40 |
| Original document | | SECUNIA, [SA13971] Xerox WorkCentre Pro PostScript Directory Traversal (24.01.2005) |
| Multiple applications fd_set structure bitmap array index overflow | | Published: | | 24.01.2005 | | Source: | | 3APA3A | | SecurityVulns ID: | | 4400 | | Type: | | remote | | Level: | | 7/10 | | Description: | | Absence of control for large number of open file descriptors or sockets (FD_SETSIZE) allow to write arbitrary memory. |
| Affected: | | NEC : socks5 1.0 | | | | JABBER : jabber 1.4 | | | | BNC : bnc 2.8 | | | | GNUGK : gnugk 2.2 | | | | CITADEL : Citadel 6.27 | | | | Dante : Dante 1.1 | | | | RINETD : rinetd 0.62 | | | | 3APA3A : 3proxy 0.4 | | | | BLD : bld 0.3 |
| Original document | | 3APA3A, Multiple applications fd_set structure bitmap array index overflow (24.01.2005) |
PHP/ASP/CGI web applications security bugs
updated since 24.01.2005 | | Published: | | 05.02.2005 | | Source: | | | | SecurityVulns ID: | | 4397 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, etc. |
| Affected: | | PAFILEDB : paFileDB 3.1 | | | | PHPBB : phpBB 2.2 | | | | SQUIRRELMAIL : Squirrelmail 1.4 | | | | JSHOP : JShop 1.2 | | | | ICEWARP : Icewarp Web Mail 5.3 | | | | GALLERY : Gallery 2.0 | | | | COMERSUS : Comersus ASP Shopping Cart 6.01 | | | | HELPDESKRELOADED : Help Desk Reloaded 3.3 | | | | MERCURYBOARD : MercuryBoard 1.1 | | | | EXPONENT : Exponent CMS 0.95 | | | | PHPEVENTCALENDAR : phpEventCalendar 0.2 | | | | UEBIMIAU : UebiMiau 2.7 | | | | BRIBBLE : BRIBBLE 1.5 | | | | COMDEVWEB : Comdev eCommerce 3.0 | | | | GINP : ginp 0.20 | | | | COOLFORUM : CoolForum 0.7 | | | | MERAK : MERAK Mail Server 7.6 | | | | CAPTARIS : Infinite Mobile Delivery 2.6 | | | | PHPOPENADS : phpPgAds 2.0 | | | | XOOPS : Incontent 3.0 | | | | PHPFUSION : PHP-Fusion 4.01 | | | | EUROFULL : Eurofull E-Commerce | | | | SMARTERTOOLS : SmarterMail 2.0 | | | | MAMBO : Mambo 4.5 | | | | SUNSHOP : SunShop Shopping Cart 3.4 | | | | CLAROLINE : Claroline 1.5 |
| Original document | | SECUNIA, [SA14131] Claroline Add Course Script Insertion Vulnerability (05.02.2005) |
| | | SECUNIA, [SA14118] SunShop Shopping Cart "search" Cross-Site Scripting (05.02.2005) |
| | | SECUNIA, [SA14124] Mambo Global Variables Security Bypass Vulnerability (05.02.2005) |
| | | Jon Keating, Gallery is still vulnerable to Cross-site Scripting attacks (04.02.2005) |
| | | SECUNIA, [SA14080] SmarterMail Attachment Upload Vulnerability (02.02.2005) |
| | | SECUNIA, [SA14090] PHP-Fusion "forum_search.php" Information Disclosure (02.02.2005) |
| | | Pedram hayati, [PersianHacker.net] Full Path Disclosure and PHP Injection In Pafiledb 3.1 Final (01.02.2005) |
| | | SECUNIA, [SA14064] Xoops Incontent Module Arbitrary File Content Disclosure (31.01.2005) |
| | | SECURITEAM, [UNIX] JShop Cross Site Scripting (31.01.2005) |
| | | SECUNIA, [SA14051] phpPgAds "dest" Parameter HTTP Response Splitting Vulnerability (30.01.2005) |
| | | steven_(at)_lovebug.org, XSS in Infinite Mobile Delivery v2.6 Webmail (30.01.2005) |
| | | SQUIRRELMAIL, SquirrelMail Security Advisory (30.01.2005) |
| | | ShineShadow, Multiple vulnerabilities in Icewarp Web Mail 5.3.0: New holes (30.01.2005) |
| | | SECUNIA, [SA14016] CoolForum Two Vulnerabilities (28.01.2005) |
| | | SECUNIA, [SA13993] ginp Java Preferences API Security Bypass (27.01.2005) |
| | | SECURITEAM, [UNIX] Comdev eCommerce Cross Site Scripting (27.01.2005) |
| | | SECUNIA, [SA13976] BRIBBLE webadmin Authentication Bypass Vulnerability (27.01.2005) |
| | | SECUNIA, [SA13964] Comersus Cart Multiple Vulnerabilities (27.01.2005) |
| | | Predrag Damnjanovic, List of all admin accounts in phpBB (27.01.2005) |
| | | Martin Fallon, Advisore: UeBIMIAU <= 2.7.2 Multiples Vulnerabilities (27.01.2005) |
| | | Madelman, phpEventCalendar HTML injection (26.01.2005) |
| | | ahmad muammar, Vulnerabilities in eXponent 0.95 (26.01.2005) |
| | | Alberto Trivero, Multiple vulnerabilities in MercuryBoard 1.1.1 (25.01.2005) |
| | | SECUNIA, [SA13962] SquirrelMail Three Vulnerabilities (24.01.2005) |
| | | SECUNIA, [SA13935] Help Desk Reloaded Unspecified Login Vulnerability (24.01.2005) |
|
|
|
|
|
| |
|
| |
