 |
|
|
|
| AOL software DoS | | Published: |  | 30.03.2007 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 7509 | | Type: |  | remote | | Level: |  | 5/10 |
| Affected: |  | AOL : AOL 9.0 | | CVE: |  | CVE-2007-1767 (Unspecified vulnerability in (1) Deskbar.dll and (2) Toolbar.dll in AOL 9.0 before February 2007 allows remote attackers to cause a denial of service (browser crash) via unknown vectors.) |
| IBM Lotus Sametime code execution | | Published: | | 30.03.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7510 | | Type: | | remote | | Level: | | 5/10 | | Description: |  | LoadLibrary function is available through ActiveX element. |
| Affected: | | IBM : Lotus Sametime 3.1 | | CVE: | | CVE-2007-1784 (The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus Notes Sametime before 7.5 allows remote attackers to load arbitrary DLL libraries and execute arbitrary code via arbitrary arguments to the loadLibrary function.) |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 30.03.2007 | | Source: | | | | SecurityVulns ID: | | 7511 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| Affected: | | SOFTERRA : Time-Assistant 6.2 | | CVE: | | CVE-2007-1964 (member.php in MyBB (aka MyBulletinBoard), when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a do_lostpw action, which prints the change password verification code in the debug output.) | | | | CVE-2007-1963 (SQL injection vulnerability in the create_session function in class_session.php in MyBB (aka MyBulletinBoard) 1.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header, as utilized by index.php, a related issue to CVE-2006-3775.) | | | | CVE-2007-1850 (Directory traversal vulnerability in classes/captcha/captcha.jpg.php in Drake CMS allows remote attackers to read arbitrary files or list arbitrary directories, and obtain the installation path, via a .. (dot dot) in the d_private parameter. NOTE: Drake CMS has only a beta version available, and the vendor has previously stated "We do not consider security reports valid until the first official release of Drake CMS.") | | | | CVE-2007-1849 (Directory traversal vulnerability in 404.php in Drake CMS allows remote attackers to include and execute arbitrary local arbitrary files via a .. (dot dot) in the d_private parameter. NOTE: some of these details are obtained from third party information. NOTE: Drake CMS has only a beta version available, and the vendor has previously stated "We do not consider security reports valid until the first official release of Drake CMS.") | | | | CVE-2007-1848 (Cross-site scripting (XSS) vulnerability in admin/classes/ui.dta.php in Drake CMS allows remote attackers to inject arbitrary web script or HTML via the desc[][title] field. NOTE: Drake CMS has only a beta version available, and the vendor has previously stated "We do not consider security reports valid until the first official release of Drake CMS.") | | | | CVE-2007-1787 (Multiple PHP remote file inclusion vulnerabilities in lib/timesheet.class.php in Softerra Time-Assistant 6.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) inc_dir or (2) lib_dir parameter.) |
AIX lsmcode privilege escalation
updated since 30.05.2006 | | Published: | | 30.03.2007 | | Source: | | SECUNIA | | SecurityVulns ID: | | 6201 | | Type: | | local | | Level: | | 5/10 | | Description: | | User's environment variable is used to launch external application. |
Microsoft Windows animated cursors buffer overflow
updated since 30.03.2007 | | Published: | | 04.04.2007 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 7508 | | Type: | | client | | Level: | | 10/10 | | Description: | | Stack buffer overflow (stack overrun) is actively used for hidden malware installation. |
| Affected: | | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server | | | | MICROSOFT : Windows Vista | | CVE: | | CVE-2007-1867 (Buffer overflow in IrfanView 3.99 allows remote attackers to execute arbitrary code via a crafted animated cursor (ANI) file.) | | | | CVE-2007-1765 (Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.) | | | | CVE-2007-0038 (Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred.) |
|
|
|
|
|
|
|
|
