Computer Security

Search:Vulnerability:27.02.2008
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Mozilla Firefox / Opera information leak
updated since 16.02.2008
Published:27.02.2008
Source:BUGTRAQ
SecurityVulns ID:8697
Type:client
Level:5/10
Description:Error on BMP files displaying allows to read content of heap memory.
Affected:MOZILLA : Firefox 2.0
 MOZILLA : Thunderbird 2.0
 MOZILLA : SeaMonkey 1.1
 OPERA : Opera 9.50
CVE:CVE-2008-0420
Original documentdocumentMOZILLA, Mozilla Foundation Security Advisory 2008-07 (27.02.2008)
 documentGynvael Coldwind, [HISPASEC] FireFox 2.0.0.11 and Opera 9.50 beta Remote Memory Information Leak, FireFox 2.0.0.11 Remote Denial of Service (16.02.2008)
Discuss:Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:27.02.2008
Source:
SecurityVulns ID:8721
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:DIATHEKE : diatheke 1.5
 NETWINSITE : SurgeMail 38
 NETWINSITE : NetWin WebMail 3.1
CVE:CVE-2008-0932 (diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the range parameter.)
Original documentdocumentLuigi Auriemma, Format string and buffer-overflow in SurgeMail 38k4 (27.02.2008)
 documentlovebug_(at)_hotmail.it, php-nuke sql injection reportaj [secid] (27.02.2008)
 documentDEBIAN, [SECURITY] [DSA 1508-1] New diatheke packages fix arbirary shell command execution (27.02.2008)
Files:SurgeMail <= 38k4 multiple vulnerabilities
Discuss:Read or add your comments to this news (0 comments)

Nortel IP Phone DoS
Published:27.02.2008
Source:BUGTRAQ
SecurityVulns ID:8723
Type:remote
Level:5/10
Description:Large fragmented ICMP packet causes device to crash.
Original documentdocumentDerek striemer, Nortel IP Phone DoS (27.02.2008)
Discuss:Read or add your comments to this news (0 comments)

Symantec antiviral engine API multiple security vulnerabilities
Published:27.02.2008
Source:BUGTRAQ
SecurityVulns ID:8725
Type:library
Level:6/10
Description:Multiple DoS conditions and buffer overflow on RAR archives parsing.
Affected:SYMANTEC : Symantec Scan Engine 5.1
Original documentdocumentIDEFENSE, iDefense Security Advisory 02.26.08: Symantec Scan Engine 5.1.2 RAR File Buffer Overflow Vulnerability (27.02.2008)
 documentIDEFENSE, iDefense Security Advisory 02.26.08: Symantec Scan Engine 5.1.2 RAR File Denial of Service Vulnerability (27.02.2008)
Discuss:Read or add your comments to this news (0 comments)

Mozilla Thunderbird buffer overflow
Published:27.02.2008
Source:BUGTRAQ
SecurityVulns ID:8727
Type:client
Level:8/10
Description:Buffer overflow on external-body MIME type parsing.
Affected:MOZILLA : Thunderbird 2.0
 MOZILLA : SeaMonkey 1.1
CVE:CVE-2008-0304
Original documentdocumentMOZILLA, Mozilla Foundation Security Advisory 2008-12 (27.02.2008)
 documentIDEFENSE, iDefense Security Advisory 02.26.08: Mozilla Thunderbird MIME External-Body Heap Overflow Vulnerability (27.02.2008)
Discuss:Read or add your comments to this news (0 comments)

SurgeFTP FTP server DoS
Published:27.02.2008
Source:BUGTRAQ
SecurityVulns ID:8722
Type:remote
Level:4/10
Description:Administration web interface Content-Length memory consumption.
Affected:NETWINSITE : SurgeFTP 2.3
Original documentdocumentLuigi Auriemma, NULL pointer in SurgeFTP 2.3a2 (27.02.2008)
Discuss:Read or add your comments to this news (0 comments)

Cups multiple security vulnerabilities
Published:27.02.2008
Source:BUGTRAQ
SecurityVulns ID:8724
Type:remote
Level:5/10
Description:Code execution on URI handling, multiple DoS conditions.
Affected:CUPS : cups 1.1
 CUPS : cups 1.2
CVE:CVE-2008-0886
 CVE-2008-0882 (Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. NOTE: some of these details are obtained from third party information.)
 CVE-2008-0597
 CVE-2008-0596
 CVE-2008-0047
 CVE-2007-5848 (Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service.)
Original documentdocumentMANDRIVA, [ MDVSA-2008:050 ] - Updated cups packages fix multiple vulnerabilities (27.02.2008)
Discuss:Read or add your comments to this news (0 comments)

Ghostscript buffer overflow
Published:27.02.2008
Source:BUGTRAQ
SecurityVulns ID:8726
Type:local
Level:4/10
CVE:CVE-2008-0411
Original documentdocumentDEBIAN, [SECURITY] [DSA 1510-1] New ghostscript packages fix arbitrary code execution (27.02.2008)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru