Computer Security

Search:Vulnerability:28.05.2007
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:28.05.2007
Source:
SecurityVulns ID:7752
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WORDPRESS : WordPress 2,0
 OTRS : Open Ticket Request System 2.0
 FLASHCHAT : FlashChat 4.79
CVE:CVE-2007-2524 (Cross-site scripting (XSS) vulnerability in index.pl in OTRS (Open Ticket Request System) 2.0.x allows remote attackers to inject arbitrary web script or HTML via the Subaction parameter in an AgentTicketMailbox Action. NOTE: DEBIAN:DSA-1299 originally used this identifier for an ipsec-tools issue, but the proper identifier for the ipsec-tools issue is CVE-2007-1841.)
Original documentdocumentBlackHawk, Inout Meta Searh engine Remote Code Execution (28.05.2007)
 documentRaeD Hasadya, RFI In Script FlashChat_v479 (28.05.2007)
 documentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1298-1] New otrs2 packages fix cross-site scripting (28.05.2007)
 documentMustLive, Vulnerability in WordPress (28.05.2007)
Files:Inout Search Engine (all version) Remote Code Execution Exploit
Discuss:Read or add your comments to this news (0 comments)

OpenOffice Writer DoS
Published:28.05.2007
Source:BUGTRAQ
SecurityVulns ID:7753
Type:client
Level:3/10
Description:Crash on .otp files parocessing.
Affected:OPENOFFICE : OpenOffice 2.2
Files:OpenOffice.org 2.2.0 Writer Denial of Service
Discuss:Read or add your comments to this news (0 comments)

Avira Antivir integer overflow
updated since 28.05.2007
Published:31.05.2007
Source:BUGTRAQ
SecurityVulns ID:7754
Type:remote
Level:6/10
Description:Integer overflow during .LZH archive parsing leads to buffer overflow. Devision by zero on UPX decoding. Infinite loop on TAR parsing.
Original documentdocumentsecurity_(at)_nruns.com, n.runs-SA-2007.012 - Avira Antivir Antivirus TAR Denial of Service (31.05.2007)
 documentsecurity_(at)_nruns.com, n.runs-SA-2007.011 - Avira Antivir Antivirus UPX parsing Divide by Zero Advisory (29.05.2007)
 documentsecurity_(at)_nruns.com, [Full-disclosure] n.runs-SA-2007.010 - Avira Antivir Antivirus LZH parsing Arbitrary Code Execution Advisory (28.05.2007)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server