Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:28.04.2008
Source:
SecurityVulns ID:8952
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:HORDE : Kronolith 2.1
 CHICOMAS : chicomas.2.0
 MINIBB : Minibb 2.2
Original documentdocumentirancrash_(at)_gmail.com, Minibb 2.2a XSS Vulnerability (28.04.2008)
 documenthadikiamarsi_(at)_hotmail.com, bug report (28.04.2008)
 documentDEBIAN, [SECURITY] [DSA 1560-1] New kronolith2 packages fix cross site scripting (28.04.2008)

Novell Groupwise buffer overflow
Published:28.04.2008
Source:
SecurityVulns ID:8953
Type:client
Threat Level:
6/10
Description:Buffer overflow on mailto: URI parsing.
Affected:NOVELL : GroupWise 7.0
Original documentdocumentjplopezy_(at)_gmail.com, GroupWise 7.0 mailto: scheme buffer overflow (28.04.2008)
Files:GroupWise 7.0 mailto: scheme buffer overflow proof of concept

ldm / ltsp X session hijack
Published:28.04.2008
Source:
SecurityVulns ID:8954
Type:local
Threat Level:
6/10
Description:It's possible to connect to X server of any LTSP client.
Affected:LTSP : ltsp 0.99
CVE:CVE-2008-1293
Original documentdocumentDEBIAN, [SECURITY] [DSA 1561-1] New ldm packages fix information disclosure (28.04.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod