Search:Vulnerability:28.09.2009 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 28.09.2009
Source:
SecurityVulns ID: 10271
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: HORDE : Horde 3.2
CKEDITOR : CKEditor 3.0
1C : Bitrix WAF 8.0
1C : Bitrix 8.0
UMICMS : UMI CMS 2.7
HORDE : Horde 3.3
CVE: CVE-2009-3236 (Unspecified vulnerability in the form library in Horde Application Framework 3.2 before 3.2.5 and 3.3 before 3.3.5; Groupware 1.1 before 1.1.6 and 1.2 before 1.2.4; and Groupware Webmail Edition 1.1 before 1.1.6 and 1.2 before 1.2.4; allows remote attackers, with privileges to write to the address book, to overwrite arbitrary files via crafted "image form fields.")

Original document DEBIAN, [SECURITY] [DSA 1897-1] New horde3 packages fix arbitrary code execution (28.09.2009)

ONSEC, [ONSEC-09-010] Undersky CMS SQL injection (28.09.2009)

ONSEC, [ONSEC-09-017] Blogolet PHP including (28.09.2009)

ONSEC, [ONSEC-09-016] Blogolet XSS (28.09.2009)

ONSEC, [ONSEC-09-012] UMI.CMS Hash based Captcha (28.09.2009)

document ONSEC, [ONSEC-09-011] UMI.CMS Multiple XSS (28.09.2009)

ONSEC, [ONSEC-09-013] 1C Bitrix 8.0.5 Admin Console XSS (28.09.2009)

ONSEC, [ONSEC-09-014] 1C Bitrix WAF multiple XSS (28.09.2009)

MustLive, XSS and Content Spoofing vulnerabilities in CKEditor (28.09.2009)

Discuss: Read or add your comments to this news (0 comments)

xmltooling / opensaml / Shibboleth multiple security vulnerabilities
Published: 28.09.2009
Source: BUGTRAQ
SecurityVulns ID: 10272
Type: library
Level: 5/10
Description: Certificates spoofing, memory corruption.

Affected: XMLTOOLING : xmltooling 1.2

Original document DEBIAN, [SECURITY] [DSA 1896-1] New Shibboleth 1.x packages fix potential code execution (28.09.2009)

DEBIAN, [SECURITY] [DSA 1895-1] New xmltooling packages fix potential code execution (28.09.2009)

Discuss: Read or add your comments to this news (0 comments)

Cisco ACE XML Gateway information leakage
Published: 28.09.2009
Source: BUGTRAQ
SecurityVulns ID: 10273
Type: remote
Level: 4/10
Description: Internal address of server is leaked on some HTTP requests.

Affected: CISCO : Cisco ACE XML Gateway 6.0

Original document nitrŘus, Cisco ACE XML Gateway <= 6.0 Internal IP disclosure (28.09.2009)

Discuss: Read or add your comments to this news (0 comments)

VLC Media Player buffer overflow
Published: 28.09.2009
Source: BUGTRAQ
SecurityVulns ID: 10270
Type: local
Level: 4/10
Description: Buffer overflow on .xspf playlists parsing.

Affected: VLC : VLC Media Player 1.0

Original document Dr_IDE, VLC Media Player 1.0.2 smb:// URI Handling Remote Stack Overflow (28.09.2009)

Files: VLC Media Player 1.0.2 smb:// URI Handling Remote Stack Overflow PoC
Discuss: Read or add your comments to this news (0 comments)

PHP multiple security vulnerabilities
updated since 28.09.2009
Published: 20.10.2009
Source: BUGTRAQ
SecurityVulns ID: 10269
Type: library
Level: 7/10
Description: Certificates spoofing, memory corruptions on images parsing, information leakage.

Affected: PHP : PHP 5.2
PHP : PHP 5.3
CVE: CVE-2009-3546 (The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information.)
CVE-2009-3293 (Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect "sanity check for the color index.")
CVE-2009-3292 (Unspecified vulnerability in PHP before 5.2.11 has unknown impact and attack vectors related to "missing sanity checks around exif processing.")
CVE-2009-3291 (The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.)

Original document MANDRIVA, [ MDVSA-2009:284 ] gd (20.10.2009)

david_(at)_majorsecurity.info, [MajorSecurity Advisory #59]PHP <=5.3 - mysqli_real_escape_string() full path disclosure (28.09.2009)

david_(at)_majorsecurity.info, [MajorSecurity Advisory #57]PHP <=5.3 - preg_match() full path disclosure (28.09.2009)

document MANDRIVA, [ MDVSA-2009:248 ] php (28.09.2009)

Discuss: Read or add your comments to this news (0 comments)

SAP GUI ActiveX unauthorized access
updated since 28.09.2009
Published: 17.07.2010
Source: BUGTRAQ
SecurityVulns ID: 10274
Type: client
Level: 5/10
Description: EAI WebViewer2D, VSFlexGrid, SAPBExCommonResources components insecure method.

Affected: SAP : SAP GUI 6.40
SAP : SAP GUI 7.10

Original document Elazar Broad, SAPGui BI wadmxhtml.dll Tags Property Heap Corruption (17.07.2010)

Alexandr Polyakov, [DSECRG-09-064] SAP GUI - Insecure method, code execution (23.03.2010)

DSecRG, [DSECRG-09-017] SAP GUI vsflexGrid ActiveX - Buffer Overflow vulnerability (09.10.2009)

Alexandr Polyakov, (edited) [DSECRG-09-044] SAP GUI 7.1 Insecure Methods (28.09.2009)

document Alexandr Polyakov, [DSECRG-09-043] SAP GUI 7.1 Insecure Method (28.09.2009)

Discuss: Read or add your comments to this news (0 comments)

test server