 |
|
|
|
| Apple QuickTime JPEG buffer overflow | | Published: |  | 28.03.2005 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 4614 | | Type: |  | client | | Level: |  | 5/10 | | Description: |  | Buffer overflow on JPEG format parsing. |
| Affected: |  | APPLE : QuickTime PictureViewer 6.5 |
| Original document |  | liquid_(at)_cyberspace.org, QuickTime malformed JPEG buffer overflow (28.03.2005) |
| Linux Kernel Bluetooth support integer overflow | | Published: | | 28.03.2005 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 4615 | | Type: | | local | | Level: | | 6/10 | | Description: | | Integer overflow in socket call processing. |
| Affected: | | LINUX : kernel 2.4 | | | | LINUX : kernel 2.6 |
| Original document | | advisories, local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5 (28.03.2005) |
| mpg321 MP3 player ID3 tags format string vulnerability | | Published: | | 28.03.2005 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 4616 | | Type: | | client | | Level: | | 5/10 | | Description: | | Format string bug on IDv3 tags processing. |
| Affected: | | MPG321 : mpg321 0.2 |
| Original document | | GENTOO, [Full-disclosure] [ GLSA 200503-34 ] mpg321: Format string vulnerability (28.03.2005) |
| Maxthon search bar information leak | | Published: | | 28.03.2005 | | Source: | | SECUNIA | | SecurityVulns ID: | | 4617 | | Type: | | client | | Level: | | 5/10 | | Description: | | Javascript may access search strings. |
| Affected: | | MAXTHON : Maxthon 1.2 |
| Original document | | SECUNIA, [SA14712] Maxthon "m2_search_text" Search Bar Exposure of Information (28.03.2005) |
PHP, ASP, CGI web applications security vulnerabilities
updated since 28.03.2005 | | Published: | | 03.04.2005 | | Source: | | | | SecurityVulns ID: | | 4613 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, etc. |
| Affected: | | SUN : Answerbook2 1.4 | | | | PAFILEDB : paFileDB 3.1 | | | | INVISION : Invision Power Board 2.0 | | | | ASPAPP : PortalApp | | | | HORDE : Horde 3.0 | | | | PHPCOIN : phpCOIN 1.2 | | | | PHOTOPOST : Photopost 5.0 | | | | ASPRESS : ACS Blog 1.1 | | | | MAGICSCRIPTS : E-Store Kit-2 | | | | EXOOPS : exoops 1.0 | | | | VLADERSOFT : Vladersoft Shopping 3.0 | | | | MAILREADER : mailreader 2.3 | | | | SMARTY : Smarty 2.6 | | | | UAPPLICATION : Ublog 1.0 | | | | CHATNESS : Chatness 2.5 | | | | INTERAKT : MX Shop 1.1 | | | | INTERAKT : MX Kart 1.1 | | | | CPGNUKE : Dragonfly CMS 9.0 | | | | YETANOTHERFORUM : Yet Another Forum.net 0.9 | | | | ALSTRASOFT : EPay Pro 2.0 | | | | ASPDEV : ASP-Dev Forum RC3 |
| Original document | | SECUNIA, [SA14701] XMB Script Insertion Vulnerabilities (07.04.2005) |
| | | SECURITEAM, [NT] ASP-Dev Multiple Cross Site Scripting Vulnerabilities (03.04.2005) |
| | | dcrab_(at)_hackerscenter.com, AlstraSoft EPay Pro v2.0 has file include and multiple xss vulnerabilities (03.04.2005) |
| | | maty siman, Yet Another Forum.net XSS vulnerabilities (03.04.2005) |
| | | SECUNIA, [SA14748] CPG Dragonfly CMS Two Cross-Site Scripting Vulnerabilities (01.04.2005) |
| | | SECUNIA, [SA14730] Horde Page Title Cross-Site Scripting Vulnerability (01.04.2005) |
| | | SECUNIA, [SA14730] Horde Page Title Cross-Site Scripting Vulnerability (01.04.2005) |
| | | SECUNIA, [SA14770] Squirrelcart PHP Shopping Cart SQL Injection Vulnerabilities (01.04.2005) |
| | | dcrab_(at)_hackerscenter.com, MX Shop 1.1.1 and MX Kart 1.1.2 are vulnerable to multiple SQL injection vulnerabilities (01.04.2005) |
| | | hoang yen, Invision Power Board v2.0.3 XSS vulnerabilities (31.03.2005) |
| | | dcrab_(at)_hackerscenter.com, Multiple sql injection, and xss vulnerabilities in PortalApp (31.03.2005) |
| | | Pedram hayati, [PersianHacker.NET 200503-12]Chatness 2.5.1 and prior XSS Vulnerabilities (31.03.2005) |
| | | Antone Roundy, Code insertion in Blogger comments (31.03.2005) |
| | | JeiAr, Multiple phpCoin Vulnerabilities (31.03.2005) |
| | | Pedram hayati, [PersianHacker.NET 200503-11]Ublog reload 1.0.4 and prior Multiple Vulnerbilities (31.03.2005) |
| | | GENTOO, [ GLSA 200503-35 ] Smarty: Template vulnerability (31.03.2005) |
| | | DEBIAN, [SECURITY] [DSA 700-1] New mailreader packages fix cross-site scripting vulnerability (31.03.2005) |
| | | dcrab_(at)_hackerscenter.com, PaFileDB Version 3.1 and below are exploitable via a XSS and a SQL injection vulnerability (31.03.2005) |
| | | dcrab_(at)_hackerscenter.com, Multiple sql injection, and xss vulnerabilities in Pay pal Storefront (31.03.2005) |
| | | B00B00, Multiple XSS issues in Sun AnswerBook2 (31.03.2005) |
| | | Dan Crowley, Multiple XSS vulnerabilities in ACS Blog (31.03.2005) |
| | | dcrab_(at)_hackerscenter.com, Multiple Sql injection, and multiple XSS vulnerabilities in Easy Community Management System Forum (E-XOOPS) (31.03.2005) |
| | | dcrab_(at)_hackerscenter.com, Multiple Sql injection, and multiple XSS vulnerabilities in Photopost PHP Pro Photo Gallery Software. (31.03.2005) |
| | | dcrab_(at)_hackerscenter.com, Multiple sql injection, and xss vulnerabilities in Vladersoft Shopping Cart v.3.0 (31.03.2005) |
| | | SECUNIA, [SA14697] exoops Cross-Site Scripting and SQL Injection Vulnerabilities (28.03.2005) |
| | | CorryL, [Full-disclosure] THai's Shoutbox XSS (Spoofing URL) BUG (28.03.2005) |
| | | dcrab_(at)_hackerscenter.com, File inclusion and XSS vulnerability in E-Store Kit-2 PayPal Edition (28.03.2005) |
|
|
|
|
|
| |
|
| |
