Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:30.03.2008
Source:
SecurityVulns ID:8844
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SIMPLEMACHINES : Simple Machines Forum 1.4
 JAFCMS : JAF-CMS 4.0
 CUTEFLOW : CuteFlow 1.5
Original documentdocumenthadihadi_zedehal_2006_(at)_yahoo.com, CuteFlow Version 1.5.0 Multiple Remote Vulnerabilities (30.03.2008)
 documentsibertrwolf_(at)_live.com, Simple Machines Forum 1.4 (30.03.2008)
 documentr57blg_(at)_gmail.com, JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities (30.03.2008)

Microsoft Internet Explorer / mozilla Firefox address spoofing
Published:30.03.2008
Source:
SecurityVulns ID:8845
Type:client
Threat Level:
4/10
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MOZILLA : Firefox 2.0
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
Original documentdocumentjplopezy_(at)_gmail.com, Internet explorer 7.0 spoofing (30.03.2008)

HP notebooks multiple security vulnerabilities
Published:30.03.2008
Source:
SecurityVulns ID:8846
Type:local
Threat Level:
5/10
Description:BIOS vulnerabilities allows unauthorized access and DoS.
CVE:CVE-2008-0706
 CVE-2008-0211
Original documentdocumentHP, [security bulletin] HPSBGN02319 SSRT080027 rev.1 - HP Compaq Notebook PC BIOS, Local Unauthorized Access (30.03.2008)
 documentHP, [security bulletin] HPSBGN02305 SSRT080004 rev.1 - HP Compaq Business Notebook PC BIOS, Local Denial of Service (DoS) (30.03.2008)

HP OpenVMS unauthorized SSH access
Published:30.03.2008
Source:
SecurityVulns ID:8847
Type:remote
Threat Level:
6/10
CVE:CVE-2008-0704
Original documentdocumentHP, [security bulletin] HPSBOV02278 SSRT071479 rev.1 - HP OpenVMS SSH Using TCP/IP Services for OpenVMS, Remote Unauthorized Access (30.03.2008)

policyd-weight symbolic links vulnerabilities
Published:30.03.2008
Source:
SecurityVulns ID:8848
Type:local
Threat Level:
5/10
Description:Symbolic links vulnerability on temporary file creation.
Affected:POSTFIX : policyd-weight 0.1
Original documentdocumentDEBIAN, [SECURITY] [DSA 1531-1] New policyd-weight packages fix insecure temporary files (30.03.2008)

CA BrightStor ARCserve Backup ActiveX Buffer overflow
updated since 20.03.2008
Published:30.03.2008
Source:
SecurityVulns ID:8811
Type:client
Threat Level:
6/10
Description:Buffer overflow in ListCtrl.ocx AddColumn().
Affected:CA : Brightstor ARCserve Backup 11.5
CVE:CVE-2008-1472 (Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long argument to the AddColumn method.)
Original documentdocumentCA, CA Multiple Products DSM ListCtrl ActiveX Control Buffer Overflow Vulnerability (30.03.2008)
 documentKrystian Kloskowski, CA BrightStor ARCserve Backup r11.5 AddColumn() 0day ActiveX Remote Buffer Overflow Exploit (20.03.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod