Computer Security
[EN] securityvulns.ru no-pyccku


flack123 buffer overflow
Published:30.06.2007
Source:
SecurityVulns ID:7872
Type:client
Threat Level:
5/10
Description:Stack-based buffer overflow on Vorbis comments parsing
Affected:FLACKTOOLS : flac123 0.0
CVE:CVE-2007-3507 (Stack-based buffer overflow in the local__vcentry_parse_value function in vorbiscomment.c in flac123 (aka flac-tools or flac) before 0.0.10 allows user-assisted remote attackers to execute arbitrary code via a large comment value_length.)
Original documentdocumentDavid Thiel, flac123 0.0.9 - Stack overflow in comment parsing (30.06.2007)

Mozilla Firefox focus spoofing
Published:30.06.2007
Source:
SecurityVulns ID:7873
Type:client
Threat Level:
3/10
Description:It's possible to spoof the focus of key press events.
Affected:MOZILLA : Firefox 2.0
 XULRUNNER : xulrunner 1.8
 ICEWEASEL : iceweasel 2.0
Original documentdocumentcarl hardwick, [Full-disclosure] New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities (30.06.2007)

Microsoft Internet Explorer DoS
Published:30.06.2007
Source:
SecurityVulns ID:7874
Type:client
Threat Level:
4/10
Description:Browser DoS on the page in domain with special characters.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
Original documentdocumentAditya K Sood, [Full-disclosure] Advisory : Internet Explorer Zone Domain Specification Dos and Page suppressing. (30.06.2007)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:30.06.2007
Source:
SecurityVulns ID:7875
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:WHEATBLOG : Wheatblog 1.1
 VBZOOM : VBZooM 1.12
Original documentdocumentRaeD Hasadya, SQL Injection In Script VBZooM V1.12 (30.06.2007)
 documentunderwater_(at)_itdefence.ru, WheatBlog 1.1 RFI/SQL Injection (30.06.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod