Unreal Tournament multiple security vulnerabilities
Published:		30.07.2008
Source:		BUGTRAQ
SecurityVulns ID:		9182
Type:		remote
Level:		5/10
Description:		Memory corruption, NULL pointer dereference on network packet parsing.

Affected:		EPICGAMES : Unreal Tournament III 1.2
		EPICGAMES : Unreal Tournament 2004 3369

Original document		Luigi Auriemma, NULL pointer in Unreal Tournament 2004 v3369 (30.07.2008)
		Luigi Auriemma, Memory corruption and NULL pointer in Unreal Tournament III 1.2 (30.07.2008)

Files:		Exploits Unreal Tournament 3 <= 1.2/1.3beta4 memory corruption and NULL pointer
		Exploits Unreal Tournament 2004 <= v3369 NULL pointer
Discuss:		Read or add your comments to this news (0 comments)

poppler library DoS
Published:		30.07.2008
Source:		BUGTRAQ
SecurityVulns ID:		9180
Type:		library
Level:		5/10
Description:		Problem with PDF file widgets initialization.

Affected:		POPPLER : libpoppler 0.6
CVE:		CVE-2008-2950 (The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.)

Original document

UBUNTU, [USN-631-1] poppler vulnerability (30.07.2008)

Discuss:

Read or add your comments to this news (0 comments)

ffmpeg library code execution
Published:		30.07.2008
Source:		BUGTRAQ
SecurityVulns ID:		9179
Type:		library
Level:		6/10
Description:		Memory corruption on STR files parsing.

Affected:		FFMPEG : ffmpeg 0.4
CVE:		CVE-2008-3162 (Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors.)

Original document

UBUNTU, [USN-630-1] ffmpeg vulnerability (30.07.2008)

Discuss:

Read or add your comments to this news (0 comments)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:		30.07.2008
Source:
SecurityVulns ID:		9181
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. myPHPNuke: crossite scripting, automation protection bypass.

Affected:		MYPHPNUKE : myPHPNuke 1.8
		GREGARIOUS : Gregarius 0.5
		HIOX : HIOX Star Rating System 1.0
		HIOX : HIOX Random Ad 1.3
		HIOX : HIOX Browser Statistics 2.0
		MINISHOWCASE : Minishowcase Image Gallery 09
		MJGUEST : MJGuest 6.8

Original document		irancrash_(at)_gmail.com, MJGuest 6.8 GT Cross Site Scripting Vulnerability (30.07.2008)
		JeiAr, Gregarius <= 0.5.4 SQL Injection (30.07.2008)
		Digital Security Research Group [DSecRG], [DSECRG-08-034] Local File Include Vulnerability in Minishowcase v09b136 (30.07.2008)
		Ghost hacker, HIOX Random Ad 1.3 (hioxRandomAd.php hm) RFI Vulnerability (30.07.2008)
		Ghost hacker, HIOX Browser Statistics 2.0 Remote File Inclusion Vulnerability (30.07.2008)
		Ghost hacker, HIOX Star Rating System 1.0 Remote File Inclusion Vulnerability (30.07.2008)
		Ghost hacker, plugin Rss Remote File Inclusion Vulnerability (30.07.2008)
		MustLive, Vulnerabilities in myPHPNuke (30.07.2008)
		Ghost hacker, shoutbox Remote Database Dawnload Exploit (30.07.2008)

Discuss:

Read or add your comments to this news (0 comments)