Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:25.05.2009
Source:
SecurityVulns ID:9927
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. myPHPNuke: SQL injection, crossite scripting. PostNuke: SQL injection.
Affected:POSTNUKE : PostNuke 0.7
 MYPHPNUKE : myPHPNuke 1.8
 DOTNETNUKE : DotNetNuke 4.9
 JOOMLA : Boy Scout Advancement 0.3 component for Joomla
 AMEMBER : AMember 3.1
 MINITWITTER : MiniTwitter 0.3
Original documentdocumenty3nh4ck3r_(at)_gmail.com, MULTIPLE REMOTE VULNERABILITIES --MiniTwitter<=v0.3-Beta--> (25.05.2009)
 documenty3nh4ck3r_(at)_gmail.com, [InterN0T] AMember 3.1.7 - Multiple Vulnerabilities (25.05.2009)
 documenty3nh4ck3r_(at)_gmail.com, MULTIPLE SQL INJECTION VULNERABILITIES --Joomla Component 'Boy Scout Advancement' <= v-0.3 (com_bsadv)--> (25.05.2009)
 documentinfo_(at)_securitylab.ir, LxBlog (25.05.2009)
 documentBen Hawkes, DotNetNuke ErrorPage.aspx Cross-Site Scripting Vulnerability (25.05.2009)
 documentMustLive, SQL Injection vulnerability in PostNuke (25.05.2009)
 documentMustLive, Multiple vulnerabilities in myPHPNuke (25.05.2009)

Android UID protection bypass
Published:25.05.2009
Source:
SecurityVulns ID:9931
Type:local
Threat Level:
4/10
Description:Improper package UID validation allows application to access another application's data.
Affected:ANDROID : Android 1.5
CVE:CVE-2009-1754 (The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote attackers to access application data by creating a package that specifies a shared user ID with an arbitrary application.)
Original documentdocumentWill Drewry, [oCERT-2009-006] Android improper package verification when using shared uids (25.05.2009)

Sun Solaris sadmind multiple security vulnerabilities
Published:25.05.2009
Source:
SecurityVulns ID:9933
Type:remote
Threat Level:
7/10
Description:Integer overflow, buffer overflow.
Affected:ORACLE : Solaris 8
 ORACLE : Solaris 9
CVE:CVE-2008-3870 (Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation.)
 CVE-2008-3869 (Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters.)
Original documentdocumentSECUNIA, Secunia Research: Sun Solaris "sadmind" Buffer Overflow Vulnerability (25.05.2009)
 documentSECUNIA, Secunia Research: Sun Solaris "sadmind" Integer Overflow Vulnerability (25.05.2009)

lcms multiple security vulnerabilities
Published:25.05.2009
Source:
SecurityVulns ID:9928
Type:remote
Threat Level:
6/10
Description:Multiple buffer overflows and DoS conditions.
CVE:CVE-2009-0793 (cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles.")
 CVE-2009-0733 (Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.)
 CVE-2009-0723 (Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.)
 CVE-2009-0581 (Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file.)

Novell GroupWise buffer overflow
Published:25.05.2009
Source:
SecurityVulns ID:9929
Type:remote
Threat Level:
7/10
Description:Novell GroupWise Internet Agent SMTP e-mail address buffer overflow.
Affected:NOVELL : GroupWise 7.03
 NOVELL : GroupWise 8.0
Original documentdocumentVUPEN Security Research, Novell GroupWise Internet Agent Remote Buffer Overflow Vulnerabilities (25.05.2009)

Serena Dimensions CM cryptographic vulnerability
Published:25.05.2009
Source:
SecurityVulns ID:9930
Type:m-i-t-m
Threat Level:
5/10
Description:Server certificate is not validated by client.
Affected:SERENA : Dimensions CM 10.1
Original documentdocumentroland.gruber.extern_(at)_unicreditgroup.eu, Serena Dimensions CM Desktop Client does not validate the server SSL certificate (25.05.2009)

ChinaGames ActiveX buffer overflow
Published:25.05.2009
Source:
SecurityVulns ID:9932
Type:client
Threat Level:
5/10
Description:Buffer overflow in CGAgent.dll CreateChinagames() method.
Original documentdocumentinfo_(at)_securitylab.ir, ChinaGames (CGAgent.dll) ActiveX Remote Code Execution Exploit (25.05.2009)
Files:ChinaGames (CGAgent.dll) ActiveX Remote Code Execution Exploit

FreeType integer overflows
Published:25.05.2009
Source:
SecurityVulns ID:9934
Type:library
Threat Level:
5/10
Description:Multiple integer overflows.
Affected:FREETYPE : FreeType 2.3
CVE:CVE-2009-0946 (Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.)
Original documentdocumentGENTOO, [ GLSA 200905-05 ] FreeType: Multiple vulnerabilities (25.05.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod