Computer Security
[EN] securityvulns.ru no-pyccku


Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:30.11.2006
Source:
SecurityVulns ID:6871
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:SOFTCOMPLEX : PHP Event Calendar 1.5
 ALTERNC : AlternC 0.9
 MONKEYBOARDS : Monkey Boards 0.3
Original documentdocumentAdvisory_(at)_Aria-Security.net, [Aria-Security Team] FipsSHOP SQL Injection (30.11.2006)
 documentJesper Jurcenoks, Monkey Boards version 0.3.5 Multiple Path Disclosure Vulnerabilities (30.11.2006)
 documentsubere_(at)_uncon.org, OWASP JBroFuzz 0.3 Fuzzer Released! (30.11.2006)
 documentVincent A.Menard, Multiple Vulnerabilities in AlternC version 0.9.5 (30.11.2006)
 documentphilip anselmo, PHP Event Calendar 1.5.1 (index.php) Remote File Include Vulnerability (30.11.2006)

Multiple MacOS X security vulnerabilities
Published:30.11.2006
Source:
SecurityVulns ID:6873
Type:remote
Threat Level:
7/10
Description:Apple Type Services server font processing buffer overflow. ftpd may allow arbitrary users to determine account name validity. CFNetwork may allow arbitrary FTP commands to be executed via a crafted FTP URI. Security Framework Secure Transport may not negotiate the best cipher available. PPP driver fails to properly validate PADI packets (buffer overflow). Finder fails to properly handle malformed .DS_Store files. WebKit deallocated object access vulnerability.
Original documentdocumentnoreply_(at)_musecurity.com, [Full-disclosure] [MU-200611-01] Pre-Authentication Vulnerability in Mac OSX kernel PPP (30.11.2006)
 documentCERT, US-CERT Technical Cyber Security Alert TA06-333A -- Apple Releases Security Update to Address Multiple Vulnerabilities (30.11.2006)

libgsf buffer overflow
updated since 30.11.2006
Published:01.12.2006
Source:
SecurityVulns ID:6874
Type:library
Threat Level:
5/10
Description:ole_init_info() heap overflow.
Affected:GNOME : libgsf 1.11
 GNOME : libgsf 1.14
Original documentdocumentIDEFENSE, iDefense Security Advisory 11.30.06: Multiple Vendor libgsf Heap Overflow Vulnerability (01.12.2006)
 documentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1221-1] New libgsf packages fix arbitrary code execution (30.11.2006)

KOffice integer overflow
updated since 30.11.2006
Published:05.12.2006
Source:
SecurityVulns ID:6872
Type:remote
Threat Level:
5/10
Description:OLEfilter integer overflow on .PPT file open.
Affected:KDE : koffice 1.4
 KDE : koffice 1.6
Original documentdocumentKDE, [KOffice security advisory] KOffice OLEfilter integer overflow (05.12.2006)
 documentUBUNTU, [USN-388-1] KOffice vulnerability (30.11.2006)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod