 |
|
|
|
| Microsoft Windows Media Player buffer overflow | | Published: |  | 29.12.2008 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 9552 | | Type: |  | client | | Level: |  | 9/10 | | Description: |  | Buffer overflow on WAV parsing |
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
updated since 28.12.2008 | | Published: | | 29.12.2008 | | Source: | | | | SecurityVulns ID: | | 9550 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
bbPress: crossite scripting, protection bypass |
| Affected: |  | PHPPGADMIN : phpPgAdmin 4.1 | | | | BBPRESS : bbPress 0.9 | | | | PSYCHOSTATS : PsychoStats 3.1 | | | | PHPPGADMIN : phpPgAdmin 4.2 | | | | JOOMLA : mdigg 2.2 | | | | VIART : ViArt Shopping Cart 3.5 | | CVE: |  | CVE-2008-5728 (Multiple directory traversal vulnerabilities in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the system parameter in modules/netshop/post.php; and the INCLUDE_FOLDER parameter in (2) auth.inc.php, (3) banner.inc.php, (4) blog.inc.php, and (5) forum.inc.php in modules/.) | | | | CVE-2008-5587 (Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the _language parameter to index.php.) | | | | CVE-2007-2865 (Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the server parameter.) |
Linux kernel multiple security vulnerabilities
updated since 09.12.2008 | | Published: | | 29.12.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9488 | | Type: | | local | | Level: | | 6/10 | | Description: | | Double listen() on the same socket causes creation of unassigned vcc table entry, which causes infinite loop in kernel on attempt to cat vc table. inotify subsystem race conditions allow privilege escalation, socket-related memory exhaustion. chip_command() NULL pointer dereference. HFS file sytem mounting buffer overflow. |
| Affected: | | LINUX : kernel 2.6 | | CVE: | | CVE-2008-5300 (Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029.) | | | | CVE-2008-5182 (The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.) | | | | CVE-2008-5079 (net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.) | | | | CVE-2008-5033 (The chip_command function in drivers/media/video/tvaudio.c in the Linux kernel 2.6.25.x before 2.6.25.19, 2.6.26.x before 2.6.26.7, and 2.6.27.x before 2.6.27.3 allows attackers to cause a denial of service (NULL function pointer dereference and OOPS) via unknown vectors.) | | | | CVE-2008-5025 (Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933.) |
Microsoft Internet Explorer multiple security vulnerabilities
updated since 10.12.2008 | | Published: | | 29.12.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 9496 | | Type: | | client | | Level: | | 9/10 | | Description: | | Multiple memory corruptions. |
| Affected: | | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server | | | | MICROSOFT : Windows Vista | | | | MICROSOFT : Windows 2008 Server | | CVE: | | CVE-2008-4261 (Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on Windows XP and Server 2003 does not properly handle extraneous data associated with an object embedded in a web page, which allows remote attackers to execute arbitrary code via crafted HTML tags that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability.") | | | | CVE-2008-4260 (Microsoft Internet Explorer 7 sometimes attempts to access a deleted object, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Uninitialized Memory Corruption Vulnerability.") | | | | CVE-2008-4259 (Microsoft Internet Explorer 7 sometimes attempts to access uninitialized memory locations, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, related to a WebDAV request for a file with a long name, aka "HTML Objects Memory Corruption Vulnerability.") | | | | CVE-2008-4258 (Microsoft Internet Explorer 5.01 SP4 and 6 SP1 does not properly validate parameters during calls to navigation methods, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Parameter Validation Memory Corruption Vulnerability.") |
|
|
|
|
|
|
|
|
