Computer Security
[EN] securityvulns.ru no-pyccku


D-Link DIR-615 / DIR-600 / DIR-300 multiple security vulnerabilities
updated since 11.02.2013
Published:28.04.2013
Source:
SecurityVulns ID:12874
Type:remote
Threat Level:
5/10
Description:Code execution, information leakage, XSS, etc.
Affected:DLINK : D-Link DIR-300
 DLINK : D-Link DIR-600
 DLINK : D-Link DIR-615
Original documentdocumentdevnull_(at)_s3cur1ty.de, Multiple Vulnerabilities in D'Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A (28.04.2013)
 documentdevnull_(at)_s3cur1ty.de, Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B) (11.02.2013)

IBM Lotus Domino information leakage
Published:28.04.2013
Source:
SecurityVulns ID:13031
Type:remote
Threat Level:
4/10
Description:Unprivileged user can access system information.
Affected:IBM : Lotus Domino 8.5
 IBM : Lotus Domino 9.0
Original documentdocumentMustLive, BF and IA vulnerabilities in IBM Lotus Domino (28.04.2013)

D-Link DIR-635 router multiple security vulnerabilities
Published:28.04.2013
Source:
SecurityVulns ID:13032
Type:remote
Threat Level:
4/10
Description:XSS, CSRF.
Affected:DLINK : D-Link DIR-635
Original documentdocumentdevnull_(at)_s3cur1ty.de, Multiple Vulnerabilities in D'Link DIR-635 (28.04.2013)

HP Data Protector privilege escalation
Published:28.04.2013
Source:
SecurityVulns ID:13033
Type:local
Threat Level:
5/10
Affected:HP : HP Storage Data Protector 6.21
 HP : HP Storage Data Protector 7.01
CVE:CVE-2012-5220 (Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows local users to gain privileges via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBMU02830 SSRT100889 rev.2 - HP Data Protector, Local Increase of Privilege (28.04.2013)

Borland ActiveX security vulnerabilities
Published:28.04.2013
Source:
SecurityVulns ID:13035
Type:library
Threat Level:
5/10
Description:Buffer overflows, unsafe method.
Affected:BORLAND : Caliber 11.0
 BORLAND : Silk Central 12.1
CVE:CVE-2009-4663 (Heap-based buffer overflow in the Quiksoft EasyMail Objects 6 ActiveX control allows remote attackers to execute arbitrary code via a long argument to the AddAttachment method.)
 CVE-2007-4607 (Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029.)
Original documentdocumentrgod, Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows (28.04.2013)
 documentrgod, Borland Silk Central 12.1 TeeChart Pro Activex control AddSeries Remote Code Execution (28.04.2013)

nginx integer overflow
updated since 28.04.2013
Published:04.05.2013
Source:
SecurityVulns ID:13034
Type:remote
Threat Level:
9/10
Description:Integer overflow leads to code execution.
Affected:NGINX : nginx 1.4
Original documentdocumentmaxim.konovalov_(at)_gmail.com, Re: Nginx ngx_http_close_connection function integer overflow (04.05.2013)
 documentsafe3q_(at)_gmail.com, Nginx ngx_http_close_connection function integer overflow (28.04.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod