Search:Vulnerability:28.12.2010 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 28.12.2010
Published: 27.12.2010
Source:
SecurityVulns ID: 11324
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: WAGORA : W-Agora 4.2
CRUXCMS : CruxCMS 3.0
WORDPRESS : WordPress 3.0
DJANGO : django 1.2
MYBB : MyBB 1.6
KAIBB : KaiBB 1.0
OPENCLASSIFIEDS : OpenClassifieds 1.7
PLIGG : Pligg 1.1
DJANGO : Django 1.1
ADMUNCHER : Ad Muncher 4.81
COPPERMINE : Coppermine 1.5
CVE: CVE-2010-4257 (SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.)

Original document non customers, Pre Jobo .NET "Password" SQL Injection Vulnerability (29.12.2010)

Janek Vind, [waraxe-2010-SA#079] - Reflected XSS in Coppermine 1.5.10 (29.12.2010)

DEBIAN, YEKTAWEB CMS XSS Vulnerability (29.12.2010)

DEBIAN, HotWeb Rentals "PageId" SQL Injection Vulnerability (29.12.2010)

document DEBIAN, [SECURITY] [DSA 2138-1] Security update for wordpress (29.12.2010)

ProCheckUp Research, PR10-14 Unauthenticated command execution within Mitel's AWC (Mitel Audio and Web Conferencing) (28.12.2010)

MustLive, XSS уязвимость в Ad Muncher (28.12.2010)

Adam Baldwin, Django admin list filter data extraction / leakage (28.12.2010)

document info_(at)_securitylab.ir, Sigma Portal Denial of Service Vulnerability (28.12.2010)

info_(at)_securitylab.ir, Asan Portal (IdehPardaz) Multiple Vulnerabilities (28.12.2010)

Janek Vind, [waraxe-2010-SA#078] - Multiple Vulnerabilities in CruxCMS 3.0.0 (28.12.2010)

YGN Ethical Hacker Group, MyBB 1.6 <= SQL Injection Vulnerability (28.12.2010)

document mike_(at)_sitewat.ch, Pligg XSS and SQL Injection (28.12.2010)

mike_(at)_sitewat.ch, Multiple Vulnerabilities in OpenClassifieds 1.7.0.3 (28.12.2010)

MyDoom2009_(at)_gmail.com, Social Engine 4.x (Music Plugin) Arbitrary File Upload Vulnerability (28.12.2010)

advisory_(at)_htbridge.ch, Path disclosure in KaiBB (28.12.2010)

document advisory_(at)_htbridge.ch, SQL injection in KaiBB (28.12.2010)

advisory_(at)_htbridge.ch, SQL injection in KaiBB (28.12.2010)

advisory_(at)_htbridge.ch, BBcode XSS in KaiBB (28.12.2010)

MustLive, Многочисленные уязвимости в W-Agora (28.12.2010)

Files: Exploits Multiple Vulnerabilities in OpenClassifieds 1.7.0.3
Discuss: Read or add your comments to this news (0 comments)

libxml double free vulnerability
Published: 28.12.2010
Source: BUGTRAQ
SecurityVulns ID: 11326
Type: library
Level: 5/10
Description: Double free on Xpath processing.

Affected: LIBXML : libxml 2.7
CVE: CVE-2010-4494 (Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.)

Original document DEBIAN, [SECURITY] [DSA 2137-1] Security update for libxml2 (28.12.2010)

Discuss: Read or add your comments to this news (0 comments)

Microsoft Office multiple security vulnerabilities
updated since 15.12.2010
Published: 28.12.2010
Source: MICROSOFT
SecurityVulns ID: 11307
Type: client
Level: 7/10
Description: Multiple memory corruptions in Publisher, multiple memory corruptions in graphics filters.

Affected: MICROSOFT : Office XP
MICROSOFT : Office 2003
MICROSOFT : Office 2007
MICROSOFT : Works 9
MICROSOFT : Office 2010
CVE: CVE-2010-3955 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 does not properly perform array indexing, which allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka "Array Indexing Memory Corruption Vulnerability.")
CVE-2010-3954 (Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Publisher file, aka "Microsoft Publisher Memory Corruption Vulnerability.")
CVE-2010-3952 (The FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted FlashPix image in an Office document, aka "FlashPix Image Converter Heap Corruption Vulnerability.")
CVE-2010-3951 (Buffer overflow in the FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted FlashPix image in an Office document, aka "FlashPix Image Converter Buffer Overflow Vulnerability.")
CVE-2010-3950 (The TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 does not properly convert data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image in an Office document, aka "TIFF Image Converter Memory Corruption Vulnerability.")
CVE-2010-3949 (Buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF Image Converter Buffer Overflow Vulnerability.")
CVE-2010-3947 (Heap-based buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF Image Converter Heap Overflow Vulnerability.")
CVE-2010-3946 (Integer overflow in the PICT image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted PICT image in an Office document, aka "PICT Image Converter Integer Overflow Vulnerability.")
CVE-2010-3945 (Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted CGM image in an Office document, aka "CGM Image Converter Buffer Overrun Vulnerability.")
CVE-2010-2571 (Array index error in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher 97 file, aka "Memory Corruption Due To Invalid Index Into Array in Pubconv.dll Vulnerability.")
CVE-2010-2570 (Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, 2007 SP2, and 2010 allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka "Heap Overrun in pubconv.dll Vulnerability.")
CVE-2010-2569 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, and 2007 SP2 does not properly handle an unspecified size field in certain older file formats, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted Publisher file, aka "Size Value Heap Corruption in pubconv.dll Vulnerability.")

Original document SECUNIA, Secunia Research: Microsoft Word LFO Parsing Double-Free Vulnerability (28.12.2010)

SECUNIA, Secunia Research: Microsoft Office FlashPix Property Set Parsing Buffer Overflow (22.12.2010)

SECUNIA, Secunia Research: Microsoft Office TIFF Image Converter Endian Conversion Vulnerability (21.12.2010)

document SECUNIA, Secunia Research: Microsoft Office Document Imaging Endian Conversion Vulnerability (21.12.2010)

SECUNIA, Secunia Research: Microsoft Office FlashPix Tile Data Two Buffer Overflows (21.12.2010)

SECUNIA, Secunia Research: Microsoft Office PICT Filter Integer Truncation Vulnerability (21.12.2010)

SECUNIA, Secunia Research: Microsoft Office TIFF Image Converter Two Buffer Overflows (21.12.2010)

document VUPEN Security Research, VUPEN Security Research - Microsoft Office Publisher Memory Corruption Vulnerability (VUPEN-SR-2010-041) (16.12.2010)

VUPEN Security Research, VUPEN Security Research - Microsoft Office Publisher Size Value Heap Corruption Vulnerability (VUPEN-SR-2010-200) (16.12.2010)

document VUPEN Security Research, VUPEN Security Research - Microsoft Office Publisher Record Array Indexing Vulnerability (VUPEN-SR-2010-201) (16.12.2010)

VUPEN Security Research, VUPEN Security Research - Microsoft Office Publisher "pubconv.dll" Array Indexing Vulnerability (VUPEN-SR-2010-206) (16.12.2010)

Files: Microsoft Security Bulletin MS10-103 - Important Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2292970)
Microsoft Security Bulletin MS10-105 - Important Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095)
Discuss: Read or add your comments to this news (0 comments)

FlexVision agent information leak
Published: 28.12.2010
Source: BUGTRAQ
SecurityVulns ID: 11327
Type: remote
Level: 5/10
Description: Information leak via TCP/3810 port service.

Affected: FLEXVISION : FlexVision Agent Listener 1.3

Original document Victor Ribeiro Hora, Security Advisory - FlexVision Listener Vulnerability (28.12.2010)

Discuss: Read or add your comments to this news (0 comments)

tor buffer overflow
updated since 28.12.2010
Published: 28.12.2010
Source: BUGTRAQ
SecurityVulns ID: 11325
Type: remote
Level: 6/10
Description: Buffer overflow on request parsing.

Affected: TOR : tor 0.2
CVE: CVE-2010-1676 (Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before 0.2.2.20-alpha allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.)

Original document DEBIAN, [SECURITY] [DSA-2136-1] New tor packages fix potential code execution (28.12.2010)

Discuss: Read or add your comments to this news (0 comments)