Search:Vulnerability:27.03.2006 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Microsoft Office memory corruption
Published: 27.03.2006
Source: MILW0RM
SecurityVulns ID: 5948
Type: client
Level: 5/10
Description: Memory corruption on XLS/XLW files parsing.

Affected: MICROSOFT : Office XP

Original document posidron, Microsoft Office 2002 - Excel/Powerpoint/Word.. 10.0.2614.0 => 11.0.5612.0 (27.03.2006)

Files: Exploits Microsoft Excel memory corruption
Discuss: Read or add your comments to this news (0 comments)

libVC library buffer overflow
Published: 27.03.2006
Source: BUGTRAQ
SecurityVulns ID: 5949
Type: library
Level: 6/10
Description: Buffer overflow in count_vcards( on VCF files parsing.

Affected: LIBVC : LibVC 003

Original document SECUNIA, [SA19295] LibVC "count_vcards()" Buffer Overflow Vulnerability (27.03.2006)

Discuss: Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 27.03.2006
Published: 27.03.2006
Source:
SecurityVulns ID: 5946
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: INFOPOP : UBBThreads 5.5
PHPBB : phpBB 2.0
INVISION : Invision Power Board 1.3
PHPADSNEW : phpAdsNew 2.0
PHPOPENADS : phpPgAds 2.0
PHPMYFAMILY : phpmyfamily 1.4
CUREPHP : CuteNews 1.4
NUKEDKLAN : Nuked-Klan 1.7
JELSOFT : vBulletin 3.5
MININUKE : Mini-NUKE 1.8
ABSOLUTELIVE : Absolute Live Support XE 2.0
DSPORTAL : DSCounter 1.0
DSPORTAL : DSDownload 1.0
CUTECAST : CuteCast 1.2
INFOPOP : UBBThreads 6.0
EZHOMEPAGEPRO : EZHomepagePro 1.5
ESCHOOL : E-School 1.0
METISWARE : Metisware Instructor 1.3
WEBHOSTINGAUTOMA : Helm Web Hosting Control Panel 3.2
AZTEK : Aztek 4.0
TFTGALLERY : TFT Gallery 0.10
GBOOK : G-Book 1.0
PHPTICKET : php ticket 0.71
CALENDEREXPRESS : Calendar Express 2.2
MEETINGRESERVE : Meeting Reserve 1.0
SAPHPLESSON : SaphpLesson2.0
MAMBO : AkoComment 2.0

Original document dabdoub_mosikar_(at)_forislam.com, nuked-klan<=1.7.5 SQL Injection (27.03.2006)

SECUNIA, [SA19397] uniForum "websecadmin.aspx" Cross-Site Scripting (27.03.2006)

mfoxhacker_(at)_gmail.com, SQL injection in VGM Forbin. (27.03.2006)

Stefan Keller, AkoComment SQL injection vulnerability (27.03.2006)

document xx_hack_xx_2004_(at)_hotmail.com, SQL Injection in SaphpLesson2.0 (27.03.2006)

SECUNIA, [SA19372] Meeting Reserve Cross-Site Scripting Vulnerability (27.03.2006)

SECUNIA, [SA19393] Calender Express Cross-Site Scripting Vulnerability (27.03.2006)

SECUNIA, [SA19415] Absolute Live Support XE Script Insertion Vulnerability (27.03.2006)

document h4cky0u, [Full-disclosure] HYSA-2006-007 phpmyfamily 1.4.1 CRLF injection & XSS (27.03.2006)

h4cky0u, [Full-disclosure] HYSA-2006-006 G-Book 1.0 XSS And Other Vulnerabilities (27.03.2006)

Matteo Beccati, [Full-disclosure] [PHPADSNEW-SA-2006-001] phpAdsNew and phpPgAds 2.0.8 fix multiple vulnerabilities (27.03.2006)

document r0t, Helm Web Hosting Control Panel XSS vuln. (27.03.2006)

r0t, Metisware Instructor XSS vuln. (27.03.2006)

r0t, E-School Management System XSS vuln. and Web Quiz pro XSS vuln. (27.03.2006)

r0t, EZHomepagePro multiple XSS vuln. (27.03.2006)

r0t, BlankOL XSS vuln. (27.03.2006)

document dabdoub_mosikar_(at)_forislam.com, UBBThreads<=5.5.1+6.0.2+6.0 br5+6.0.1 SQL injection (27.03.2006)

SpiderZ, Xss Vbulletin 3.5.x ( test: 3.5.4 ) (27.03.2006)

SpiderZ, phpBB v 2.0.X upload html .gif ( "not 2.0.19" ) (27.03.2006)

SpiderZ, IPB v1.x upload html .gif (27.03.2006)

document SpiderZ, Mini-NUKE v1.8 (27.03.2006)

SpiderZ, New exploit by SpiderZ (26.03.2006)

Aliaksandr Hartsuyeu, [eVuln] DSDownload Multiple SQL Injection Vulnerabilities (26.03.2006)

Aliaksandr Hartsuyeu, [eVuln] DSCounter 'X-Forwarded-For' SQL Injection Vulnerability (26.03.2006)

Files: tftgallery 0.10 exploit
php ticket <= 0.71 exploit
Exploits: Aztek 4.0 Gives Admin rights to a normal user
CuteNews 1.4.1 (CutePHP.com) Hash password Finder
Topic infinitely exploit phpBB 2.0.19
Search infinitely exploit phpBB 2.0.19
ontinuous recordings CuteCast Version 1.2
Discuss: Read or add your comments to this news (0 comments)

csDoom / Vavoom / Zdaemon / Doomsday / Skulltag Doom clone game engines multiple vulnerabilities
updated since 27.03.2006
Published: 24.04.2006
Source: ALUIGI
SecurityVulns ID: 5947
Type: remote
Level: 5/10
Description: Buffer overflows, format string vulnerabilities, DoS confitions.

Affected: CSDOOM : csDoom 0.7
VAVOOM : Vavoom 1.19
DOOMSDAY : Doomsday 1.8
SKULLTAG : Skulltag 0.96

Original document Luigi Auriemma, [Full-disclosure] Format string bug in Skulltag 0.96f (24.04.2006)

Luigi Auriemma, [Full-disclosure] Format string in Doomsday 1.8.6 (04.04.2006)

Luigi Auriemma, Buffer-overflow and in-game crash in Zdaemon 1.08.01 (02.04.2006)

Luigi Auriemma, Socket unreachable and decompression buffer-overflow in Vavoom 1.19.1 (27.03.2006)

document Luigi Auriemma, Multiple vulnerabilities in csDoom 0.7 (27.03.2006)

Files: Exploits csDoom <= 0.7 multiple vulnerabilities
Exploits Skulltag <= 0.96f format string
Exploits Vavoom <= 1.19.1 multiple vulnerabilities
Exploits Zdaemon buffer overflow
Exploits Zdaemon fake player DoS
Discuss: Read or add your comments to this news (0 comments)