Computer Security

Search:Vulnerability:29.12.2007
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:29.12.2007
Source:BUGTRAQ
SecurityVulns ID:8509
Type:remote
Level:5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress: directory traversal and information leak.
Affected:WORDPRESS : WordPress 2.0
 NOSERUB : NoseRub 0.5
Original documentdocumentNarf Dude, [Full-disclosure] NoseRub Login SQL Injection Vulnerability (29.12.2007)
 documentMustLive, Local file include, Directory traversal and Full path disclosure in WordPress (29.12.2007)
Discuss:Read or add your comments to this news (0 comments)

Persists Software XUpload ActiveX control buffer overflow
updated since 26.12.2007
Published:29.12.2007
Source:FULL-DISCLOSURE
SecurityVulns ID:8500
Type:client
Level:5/10
Description:Buffer overflow in AddFolder() method.
Original documentdocumentElazar Broad, [Full-disclosure] Persits Software XUpload Control AddFolder() Buffer Overflow Exploit (29.12.2007)
 documentElazar Broad, [Full-disclosure] Persits Software XUpload Control Buffer Overflow Exploit (29.12.2007)
 documentElazar Broad, [Full-disclosure] Persits Software XUpload.ocx Buffer Overflow (26.12.2007)
Files:Persits Software XUpload Control AddFolder() Buffer Overflow Exploit
Discuss:Read or add your comments to this news (0 comments)

CoolPlayer media player buffer overflow
Published:29.12.2007
Source:BUGTRAQ
SecurityVulns ID:8508
Type:client
Level:5/10
Description:Buffer overflow on OGG Vorbis parsing.
Affected:COOLPLAYER : CoolPlayer 217
Original documentdocumentLuigi Auriemma, Buffer-overflow in CoolPlayer 217 (29.12.2007)
Discuss:Read or add your comments to this news (0 comments)

Multiple security vulnerabilities in different Exif libraries (libexif, exiv2, exiftags)
Published:29.12.2007
Source:FULL-DISCLOSURE
SecurityVulns ID:8510
Type:library
Level:6/10
Description:Multiple DoS conditions, integer overflows, buffer overflows on parsing JPEG/TIFF/RIFF EXIF data.
Affected:LIBEXIF : libexif 0.6
 EXIFTAGS : exiftags 1.0
 EXIV2 : exiv2 0.13
CVE:CVE-2007-6356 (exiftags before 1.01 allows attackers to cause a denial of service (infinite loop) via recursive IFD references in the EXIF data in a JPEG image.)
 CVE-2007-6355 (Unspecified vulnerability in exiftags before 1.01 has unknown impact and attack vectors, resulting from a "field offset overflow," a different vulnerability than CVE-2007-6354.)
 CVE-2007-6354 (Unspecified vulnerability in exiftags before 1.01 has unknown impact and attack vectors, resulting from a "field offset overflow," a different vulnerability than CVE-2007-6355.)
 CVE-2007-6353 (Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.)
 CVE-2007-6352 (Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags.)
 CVE-2007-6351 (libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with crafted EXIF tags.)
Original documentdocumentGENTOO, [Full-disclosure] [ GLSA 200712-15 ] libexif: Multiple vulnerabilities (29.12.2007)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server