Computer Security

Search:Vulnerability:28.07.2010
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



PgnuPG use-after-free vulnerability
Published:28.07.2010
Source:BUGTRAQ
SecurityVulns ID:11017
Type:library
Level:7/10
Description:Use-after free vulnerability on certificate parsing.
Affected:GNU : GnuPG 2.0
CVE:CVE-2010-2547 (Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2076-1] New gnupg2 packages fix potential code execution (28.07.2010)
Discuss:Read or add your comments to this news (0 comments)

Media Player Classic buffer overflow
Published:28.07.2010
Source:BUGTRAQ
SecurityVulns ID:11018
Type:local
Level:4/10
Description:Heap buffer overflow on .m3u playlist parsing.
Affected:MEDIAPLAYERCLASS : Media Player Classic 1.3
Original documentdocumentpraveen_recker_(at)_sify.com, Heap Overflow/DoS Vulnerability in Media Player Classic (28.07.2010)
Discuss:Read or add your comments to this news (0 comments)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 23.07.2010
Published:28.07.2010
Source:
SecurityVulns ID:11011
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:COWIKI : coWiki 0.3
 JOOMLA : Joomla 1.5
 VBULLETIN : vBulletin 3.8
 CETERA : Cetera eCommerce 14.0
 YACK : YACK CMS 10.5
 SPITFIRE : Spitfire 1.0
 NOVELL : Teaming 2.1
 TOUGHTOMATO : TTVideo 1.0
 PHPKIT : PHPKIT WCMS 1.6
 THEETA : Theeta CMS 0.0
 SYNDEOCMS : SyndeoCMS 2.9
 MCCONTENTMANAGER : MC Content Manager 10.1
 WHITEBOARD : WhiteBoard 0.1
 JOOMLA : PhotoMap Gallery 1.6
 JOOMLA : Appointinator 1.0
CVE:CVE-2010-2773
Original documentdocumentSalvatore "drosophila" Fresta, PhotoMap Gallery 1.6.0 Joomla Component Multiple Blind SQL Injection (28.07.2010)
 documentMustLive, New vulnerabilities in Cetera eCommerce (28.07.2010)
 documentSalvatore "drosophila" Fresta, WhiteBoard 0.1.30 Multiple Blind SQL Injection Vulnerabilities (28.07.2010)
 documentMustLive, Multiple vulnerabilities in MC Content Manager (28.07.2010)
 documenteidelweiss randy, DM Filemanager (fckeditor) Remote Arbitrary File Upload Exploit (28.07.2010)
 documentadvisory_(at)_htbridge.ch, XSS vulnerability in SyndeoCMS (28.07.2010)
 documentadvisory_(at)_htbridge.ch, SQL injection vulnerability in Theeta CMS (28.07.2010)
 documentadvisory_(at)_htbridge.ch, XSS vulnerability in SyndeoCMS (28.07.2010)
 documentadvisory_(at)_htbridge.ch, XSS vulnerability in Theeta CMS (28.07.2010)
 documentadvisory_(at)_htbridge.ch, XSS vulnerability in SyndeoCMS (28.07.2010)
 documentadvisory_(at)_htbridge.ch, XSS vulnerability in Theeta CMS (28.07.2010)
 documentadvisory_(at)_htbridge.ch, XSS vulnerability in Theeta CMS (28.07.2010)
 documentdavid.kurz_(at)_majorsecurity.net, [MajorSecurity SA-079]PHPKIT WCMS - Multiple stored Cross Site Scripting Issues (28.07.2010)
 documentSalvatore "drosophila" Fresta, TTVideo 1.0 Joomla Component SQL Injection Vulnerability (28.07.2010)
 documentZDI, ZDI-10-136: Novell Teaming ajaxUploadImageFile Remote Code Execution Vulnerability (23.07.2010)
 documentAndrea Barisani, [oCERT-2010-002] Joomla input sanitization errors (XSS) (23.07.2010)
 documentMustLive, SQL Injection vulnerability in coWiki (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire search (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire (23.07.2010)
 documentadvisories_(at)_intern0t.net, XSS vulnerability in Spitfire (23.07.2010)
 documentadvisories_(at)_intern0t.net, vBulletin - Critical Information Disclosure (23.07.2010)
 documenteidelweiss randy, YACK CMS 10.5.27 Remote File Inclusion Vulnerability (23.07.2010)
Files:DM Filemanager (fckeditor) Remote Arbitrary File Upload Exploit
Discuss:Read or add your comments to this news (0 comments)

Nessus Web Server security vulnerabilities
Published:28.07.2010
Source:NESSUS
SecurityVulns ID:11019
Type:remote
Level:5/10
Description:nessusd_www_server.nbin plugin information disclosure and crossite scripting.
Affected:NESSUS : Nessus Web Server 1.2
Original documentdocumentNESSUS, [Security] nessusd_www_server.nbin cross site scripting and version disclosure (28.07.2010)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server