Computer Security
[EN] securityvulns.ru no-pyccku


Sun Java JRE / JDK multiple security vulnerabilities
updated since 07.03.2008
Published:25.04.2008
Source:
SecurityVulns ID:8759
Type:remote
Threat Level:
7/10
Description:Vulnerabilities on image parsing.
Affected:SUN : JRE 1.3
 SUN : JDK 1.3
 SUN : JDK 1.4
 ORACLE : JRE 1.4
 SUN : JRE 5.0
 ORACLE : JDK 5.0
 BEA : JRockit 1.4
 ORACLE : JRE 6
 ORACLE : JDK 6
 BEA : JRockit 1.5
Original documentdocumentGENTOO, [ GLSA 200804-28 ] JRockit: Multiple vulnerabilities (25.04.2008)
 documentSECURITEAM, [NEWS] Sun JDK Image Parsing Library Vulnerabilities (More ICC Parsing) (17.03.2008)
 documentChris Evans, Sun JDK image parsing vulnerabilities (07.03.2008)
 documentCERT, US-CERT Technical Cyber Security Alert TA08-066A -- Sun Updates for Multiple Vulnerabilities in Java (07.03.2008)

Trillian buffer overflow
Published:25.04.2008
Source:
SecurityVulns ID:8945
Type:remote
Threat Level:
6/10
Description:Buffer overflow on oversized MSN messenger nickname.
Affected:TRILLIAN : Trillian 3.1
Original documentdocumentjplopezy_(at)_gmail.com, Trillian 3.1 basic nick crash (25.04.2008)

perl buffer overflow
Published:25.04.2008
Source:
SecurityVulns ID:8946
Type:library
Threat Level:
6/10
Description:Heap memory overflow on regular expression handling.
Affected:PERL : perl 5.8
CVE:CVE-2008-1927 (Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1556-1] New perl packages fix denial of service (25.04.2008)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:25.04.2008
Source:
SecurityVulns ID:8947
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Coppermine: SQL injection.
Affected:COPPERMINE : Coppermine 1.4
Original documentdocumentElekt, Coppermine <=1.4.17 SQL-inj Session Hijack Exploit (25.04.2008)
 documentElekt, Coppermine <=1.4.16 [Content-type] SQL-injection Exploit (25.04.2008)
Files:Coppermine <=1.4.16 [Content-type] SQL-injection Exploit
 Coppermine <=1.4.16 [Content-type] SQL-injection Exploit

BadBlue Web server multiple security vulnerabilities
updated since 13.12.2007
Published:25.04.2008
Source:
SecurityVulns ID:8443
Type:remote
Threat Level:
6/10
Description:Buffer overflow, directory traversal, information leak, DoS.
Affected:BADBLUE : BadBlue 2.72
CVE:CVE-2007-6378 (Directory traversal vulnerability in upload.dll in BadBlue 2.72b and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the filename parameter.)
Original documentdocumentVulnerabilityResearch_(at)_digitaldefense.net, DDIVRT-2008-11 BadBlue uninst.exe DoS (25.04.2008)
 documentLuigi Auriemma, Multiple vulnerabilities in BadBlue 2.72b (13.12.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod