 |
|
|
|
| JetAudio buffer overflow | | Published: |  | 28.01.2009 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 9625 | | Type: |  | client | | Level: |  | 5/10 | | Description: |  | Buffer overflow on .m3u files parsing. |
| BEA (Oracle) WebLogic Server crossite scripting | | Published: | | 28.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9626 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Crossite scripting in administration console. |
| Browser3D buffer overflow | | Published: | | 28.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9629 | | Type: | | local | | Level: | | 3/10 | | Description: | | Buffer overflow on .sfs file parsing. |
Total Video Player off-by-one overflow
updated since 25.11.2008 | | Published: | | 28.01.2009 | | Source: | | CN4PHUX | | SecurityVulns ID: | | 9460 | | Type: | | client | | Level: | | 5/10 | | Description: | | Off-by-one heap buffer overflow on .au files parsing. |
Apache Tomcat multiple security vulnerabilities
updated since 01.08.2008 | | Published: | | 28.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9193 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Crossite scripting, information leak. |
| Affected: |  | APACHE : Tomcat 4.1 | | | | APACHE : Tomcat 5.5 | | | | APACHE : Tomcat 6.0 | | | | CA : Cohesion Application Configuration Manager 4.5 | | CVE: |  | CVE-2008-2938 (Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version.) | | | | CVE-2008-2370 (Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (dot dot) in a request parameter.) | | | | CVE-2008-1232 |
| CUPS symbolic links vulnerability | | Published: | | 28.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9623 | | Type: | | local | | Level: | | 6/10 | | Description: | | Insecure /tmp/pdf.log file creation. |
| Affected: | | CUPS : cups 1.3 | | CVE: | | CVE-2009-0032 (CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.) |
| CA Antivirus protection bypass | | Published: | | 28.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9624 | | Type: | | remote | | Level: | | 3/10 | | Description: | | Invalid archives handling. |
| Linux syscall filtering bypass | | Published: | | 28.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9628 | | Type: | | local | | Level: | | 5/10 | | Description: | | 32 bit application can use 64 bit syscall and vice versa to bypass syscall filtering, because syscall numbers are different. |
| SonyEricsson mobile phones WAP DoS | | Published: | | 28.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9630 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Crash on SMS or UDP/2948 WAP PUSH message handling. |
| ganglia cluster monitoring tool buffer overflow | | Published: | | 28.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9627 | | Type: | | remote | | Level: | | 5/10 | | Description: | | gmetad buffer overflow. |
| Affected: | | GANGLIA : Ganglia 3.1 | | CVE: | | CVE-2009-0241 (Stack-based buffer overflow in the process_path function in gmetad/server.c in Ganglia 3.1.1 allows remote attackers to cause a denial of service (crash) via a request to the gmetad service with a long pathname.) |
VUPlayer buffer overflow
updated since 22.01.2009 | | Published: | | 28.01.2009 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9618 | | Type: | | local | | Level: | | 4/10 | | Description: | | Buffer overflow on .ASX / .VAX files parsing. |
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 28.01.2009 | | Published: | | 01.02.2009 | | Source: | | | | SecurityVulns ID: | | 9622 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
WP-Upload Manager 1.0: SQL injection, crossite scripting. |
| Affected: | | TYPO3 : TYPO3 4.0 | | | | OPENX : OpenX 2.6 | | | | WORDPRESS : WP-Upload Manager 1.0 | | | | MZBSERVICES : Max.Blog 1.0 | | | | WBNEWS : WB News 2.0 | | | | CONPRESSO : ConPresso CMS 4.07 | | CVE: | | CVE-2009-0291 (Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the MAX_type parameter.) | | | | CVE-2009-0258 (The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via a crafted filename containing shell metacharacters, which is not properly handled by the command-line indexer.) | | | | CVE-2009-0257 (Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) content of indexed files to the (a) Indexed Search Engine (indexed_search) system extension; (b) unspecified test scripts in the ADOdb system extension; and (c) unspecified vectors in the Workspace module.) | | | | CVE-2009-0256 (Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to (1) frontend and (2) backend authentication.) | | | | CVE-2009-0255 (The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 creates the encryption key with an insufficiently random seed, which makes it easier for attackers to crack the key.) | | | | CVE-2008-3358 (Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document.) |
| Original document |  | Salvatore "drosophila" Fresta, Max.Blog <= 1.0.6 (offline_auth.php) Offline Authentication Bypass (01.02.2009) |
| | | DEBIAN, [SECURITY] [DSA 1711-1] New TYPO3 packages fix remote code execution (28.01.2009) |
| | | Martin Suess, SAP NetWeaver XSS Vulnerability (28.01.2009) |
| | | office_(at)_hackattack.at, [HACKATTACK Advisory 25012009]ConPresso CMS 4.07 - Session Fixation, XFS, XSS (28.01.2009) |
| | | arash.setayeshi_(at)_gmail.com, Lootan(kedor) Sql Injection vulnerability (28.01.2009) |
| | | arash.setayeshi_(at)_gmail.com, LDF Sql injection vulnerability (28.01.2009) |
| | | HACKERS PAL, WB News v2.0.X Remote File include .. (28.01.2009) |
| | | admin_(at)_bugreport.ir, NewsCMSlite Insecure Cookie Handling (28.01.2009) |
| | | SECUNIA, Secunia Research: OpenX Multiple Vulnerabilities (28.01.2009) |
| | | admin_(at)_elites0ft.com, OpenX 2.6.3 - Local File Inclusion (28.01.2009) |
| | | Salvatore "drosophila" Fresta, Max.Blog <= 1.0.6 (show_post.php) SQL Injection Vulnerability (28.01.2009) |
| | | Salvatore "drosophila" Fresta, Max.Blog <= 1.0.6 (submit_post.php) SQL Injection Vulnerability (28.01.2009) |
| | | MustLive, Vulnerabilities in WP-Upload Manager for WordPress (28.01.2009) |
|
|
|
|
|
|
|
|
