 |
|
|
|
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: |  | 25.07.2007 | | Source: |  | | | SecurityVulns ID: |  | 7974 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Microsoft Windows ARP DoS | | Published: | | 25.07.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7980 | | Type: | | remote | | Level: | | 4/10 | | Description: | | Flood with packets with different MACs causes CPU exaustion. |
| Borland Interbase database server buffer overflow | | Published: | | 25.07.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7973 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow on oversized TCP/3050 CREATE (0x14) request. |
| Affected: |  | BORLAND : Interbase 2007 | | CVE: |  | CVE-2007-3566 (Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp.) |
| Panda AdminSecure agent buffer overflow | | Published: | | 25.07.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7972 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Heap buffer overflow on parsing TCP/19226 and TCP/19227 network traffic. |
| CVE: | | CVE-2007-3026 (Integer overflow in Panda Software AdminSecure allows remote attackers to execute arbitrary code via crafted packets with modified length values to TCP ports 19226 or 19227, resulting in a heap-based buffer overflow.) |
| CA multiple application buffer overflow | | Published: | | 25.07.2007 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 7977 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow in CA Message Queuing (TCP/3104) service. |
| NVClock symbolic links vulnerability | | Published: | | 25.07.2007 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 7979 | | Type: | | local | | Level: | | 5/10 | | Description: | | Insecure creation of temporary files. |
| Affected: | | NVCLOCK : nvclock 0.7 | | CVE: | | CVE-2007-3531 (The set_default_speeds function in backend/backend.c in NVidia NVClock before 0.8b2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/nvclock temporary file.) |
| Computer Associates AntiVirus DoS | | Published: | | 25.07.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7975 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Buffer overflow on CHM and RAR files parsing. |
| Affected: | | CA : eTrust Antivirus 8 | | CVE: | | CVE-2007-3875 (arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.) | | | | CVE-2006-5645 (Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.) | | | | CVE-2006-5645 (Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.) |
| Computer Associates eTrust Intrusion Detection code execution | | Published: | | 25.07.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7976 | | Type: | | client | | Level: | | 5/10 | | Description: | | CallCode ActiveX allows access to unsafe functions. |
| Affected: | | CA : eTrust Intrusion Detection 3.0 | | CVE: | | CVE-2007-3302 (The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions.") |
IPSwitch IMAIL IMAP server buffer overflow
updated since 19.07.2007 | | Published: | | 25.07.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7950 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow in SEARCH and SUBSCRIBE commands and also during authentication procedure. |
Mozilla Firefox / Thunderbird URL processing code execution
updated since 25.07.2007 | | Published: | | 01.08.2007 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 7978 | | Type: | | client | | Level: | | 7/10 | | Description: | | It's possible to inject shell characters into mailto:, news:, nntp: IRLs if Thunderbird is used as URL handler. |
| Affected: | | MOZILLA : Thunderbird 1.5 | | | | MOZILLA : Firefox 2.0 | | | | MOZILLA : Thunderbird 2.0 | | | | ICEAPE : iceape 1.0 | | | | XULRUNNER : xulrunner 1.8 | | | | ICEAPE : iceape 1.1 | | CVE: | | CVE-2007-3845 (Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extension at the end of the URI," a variant of CVE-2007-4041. NOTE: the vendor states that "it is still possible to launch a filetype handler based on extension rather than the registered protocol handler.") | | | | CVE-2007-3844 (Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that inserts a (1) javascript: or (2) data: link into an about:blank document loaded by chrome via (a) the window.open function or (b) a content.location assignment, aka "Cross Context Scripting." NOTE: this issue is caused by a CVE-2007-3089 regression.) |
|
|
|
|
|
|
|
|
