 |
|
|
|
| NVClock symbolic links vulnerability | | Published: |  | 25.07.2007 | | Source: |  | FULL-DISCLOSURE | | SecurityVulns ID: |  | 7979 | | Type: |  | local | | Level: |  | 5/10 | | Description: |  | Insecure creation of temporary files. |
| Affected: |  | NVCLOCK : nvclock 0.7 | | CVE: |  | CVE-2007-3531 (The set_default_speeds function in backend/backend.c in NVidia NVClock before 0.8b2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvclock temporary file.) |
| Original document |  | GENTOO, [Full-disclosure] [ GLSA 200707-08 ] NVClock: Insecure file usage (25.07.2007) |
IPSwitch IMAIL IMAP server buffer overflow
updated since 19.07.2007 | | Published: | | 25.07.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7950 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow in SEARCH and SUBSCRIBE commands and also during authentication procedure. |
| Affected: | | IPSWITCH : IMail 2006.2 | | CVE: | | CVE-2007-2795 |
| Original document | | ZDI, ZDI-07-042: Ipswitch IMail Server GetIMailHostEntry Memory Corruption Vulnerability (25.07.2007) |
| | | 3COM, ZDI-07-043: Ipswitch IMail IMAP Daemon SUBSCRIBE Stack Overflow Vulnerability (25.07.2007) |
| | | IDEFENSE, iDefense Security Advisory 07.18.07: Ipswitch IMail Server 2006 IMAP Search Command Buffer Overflow Vulnerability (19.07.2007) |
| Computer Associates AntiVirus DoS | | Published: | | 25.07.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7975 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Buffer overflow on CHM and RAR files parsing. |
| Affected: | | CA : eTrust Antivirus 8 | | CVE: | | CVE-2007-3875 (arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.) | | | | CVE-2006-5645 (Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.) | | | | CVE-2006-5645 (Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.) |
| Original document | | security_(at)_nruns.com, [Full-disclosure] n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory (25.07.2007) |
| | | CA, [Full-disclosure] [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities (25.07.2007) |
| | | IDEFENSE, iDefense Security Advisory 07.24.07: Computer Associates AntiVirus CHM File Handling DoS Vulnerability (25.07.2007) |
| Computer Associates eTrust Intrusion Detection code execution | | Published: | | 25.07.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7976 | | Type: | | client | | Level: | | 5/10 | | Description: | | CallCode ActiveX allows access to unsafe functions. |
| Affected: | | CA : eTrust Intrusion Detection 3.0 | | CVE: | | CVE-2007-3302 (The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions.") |
| Original document | | CA, [Full-disclosure] [CAID 35524]: CA eTrust Intrusion Detection caller.dll Vulnerability (25.07.2007) |
| | | IDEFENSE, iDefense Security Advisory 07.24.07: Computer Associates eTrust Intrusion Detection CallCode ActiveX Control Code Execution Vulnerability (25.07.2007) |
| Borland Interbase database server buffer overflow | | Published: | | 25.07.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7973 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow on oversized TCP/3050 CREATE (0x14) request. |
| Affected: | | BORLAND : Interbase 2007 | | CVE: | | CVE-2007-3566 (Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp.) |
| Original document | | 3COM, TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability (25.07.2007) |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 25.07.2007 | | Source: | | | | SecurityVulns ID: | | 7974 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| |
|
| |
