Search:Vulnerability:30.03.2008 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published: 30.03.2008
Source:
SecurityVulns ID: 8844
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: SIMPLEMACHINES : Simple Machines Forum 1.4
JAFCMS : JAF-CMS 4.0
CUTEFLOW : CuteFlow 1.5

Original document hadihadi_zedehal_2006_(at)_yahoo.com, CuteFlow Version 1.5.0 Multiple Remote Vulnerabilities (30.03.2008)

sibertrwolf_(at)_live.com, Simple Machines Forum 1.4 (30.03.2008)

r57blg_(at)_gmail.com, JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities (30.03.2008)

Discuss: Read or add your comments to this news (0 comments)

Microsoft Internet Explorer / mozilla Firefox address spoofing
Published: 30.03.2008
Source: BUGTRAQ
SecurityVulns ID: 8845
Type: client
Level: 4/10

Affected: MICROSOFT : Windows XP
MICROSOFT : Windows 2003 Server
MOZILLA : Firefox 2.0
MICROSOFT : Windows Vista
MICROSOFT : Windows 2008 Server

Original document jplopezy_(at)_gmail.com, Internet explorer 7.0 spoofing (30.03.2008)

Discuss: Read or add your comments to this news (0 comments)

HP notebooks multiple security vulnerabilities
Published: 30.03.2008
Source: BUGTRAQ
SecurityVulns ID: 8846
Type: local
Level: 5/10
Description: BIOS vulnerabilities allows unauthorized access and DoS.

CVE: CVE-2008-0706
CVE-2008-0211

Original document HP, [security bulletin] HPSBGN02319 SSRT080027 rev.1 - HP Compaq Notebook PC BIOS, Local Unauthorized Access (30.03.2008)

HP, [security bulletin] HPSBGN02305 SSRT080004 rev.1 - HP Compaq Business Notebook PC BIOS, Local Denial of Service (DoS) (30.03.2008)

Discuss: Read or add your comments to this news (0 comments)

HP OpenVMS unauthorized SSH access
Published: 30.03.2008
Source: BUGTRAQ
SecurityVulns ID: 8847
Type: remote
Level: 6/10

CVE: CVE-2008-0704

Original document HP, [security bulletin] HPSBOV02278 SSRT071479 rev.1 - HP OpenVMS SSH Using TCP/IP Services for OpenVMS, Remote Unauthorized Access (30.03.2008)

Discuss: Read or add your comments to this news (0 comments)

policyd-weight symbolic links vulnerabilities
Published: 30.03.2008
Source: BUGTRAQ
SecurityVulns ID: 8848
Type: local
Level: 5/10
Description: Symbolic links vulnerability on temporary file creation.

Affected: POSTFIX : policyd-weight 0.1

Original document DEBIAN, [SECURITY] [DSA 1531-1] New policyd-weight packages fix insecure temporary files (30.03.2008)

Discuss: Read or add your comments to this news (0 comments)

CA BrightStor ARCserve Backup ActiveX Buffer overflow
updated since 20.03.2008
Published: 30.03.2008
Source: MILW0RM
SecurityVulns ID: 8811
Type: client
Level: 6/10
Description: Buffer overflow in ListCtrl.ocx AddColumn().

Affected: CA : Brightstor ARCserve Backup 11.5
CVE: CVE-2008-1472 (Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long argument to the AddColumn method.)

Original document CA, CA Multiple Products DSM ListCtrl ActiveX Control Buffer Overflow Vulnerability (30.03.2008)

Krystian Kloskowski, CA BrightStor ARCserve Backup r11.5 AddColumn() 0day ActiveX Remote Buffer Overflow Exploit (20.03.2008)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server