Section: .. / 0707-advisories /
| /// File Name: |
MDKSA-2007-144.txt |
Description:
|
Mandriva Linux Security Advisory - A heap overflow flaw was found in the RTF import filter of OpenOffice.org. If a victim were to open a specially-crafted RTF file, OpenOffice.org could crash or possibly execute arbitrary code.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 31343 | | Related CVE(s): | CVE-2007-0245 | | Last Modified: | Jul 11 10:45:30 2007 |
| MD5 Checksum: | c5dd5ecf3d74f3fd2aa7cd0efa87728c |
|
| /// File Name: |
07.09.07-3.txt |
Description:
|
iDefense Security Advisory 07.09.07 - Local exploitation of a buffer overflow vulnerability in IBM Corp.'s AIX libodm library could allow an attacker to execute arbitrary code on a targeted host. iDefense has confirmed the existence of this vulnerability in AIX version 5.3 SP 4. Previous versions may be vulnerable.
| | Homepage: | http://www.idefense.com/ | | File Size: | 3071 | | Last Modified: | Jul 11 10:44:39 2007 |
| MD5 Checksum: | 0d23d29c03247682a5eaebb7f6823828 |
|
| /// File Name: |
centericq_421_bo_06_063.txt |
Description:
|
Centericq version 4.21 on FreeBSD as well as the official sources have been found vulnerable to multiple buffer overflows.
| | Author: | Nico Leidecker | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 4456 | | Last Modified: | Jul 11 10:41:46 2007 |
| MD5 Checksum: | b55568551bdb25dc83172c91c617cca3 |
|
| /// File Name: |
easql-06-057.txt |
Description:
|
eVisit Analyst is susceptible to SQL injection vulnerabilities.
| | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 1704 | | Last Modified: | Jul 11 10:25:41 2007 |
| MD5 Checksum: | f38be95649827042f62cfc989acffee7 |
|
| /// File Name: |
psinjection-06_056.txt |
Description:
|
The P-Synch Windows domain password reset web applications style parameter allows JavaScript injection.
| | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 1812 | | Last Modified: | Jul 11 10:24:35 2007 |
| MD5 Checksum: | 3e7ebc2ba727e8a635d76f0e70bd1136 |
|
| /// File Name: |
vauninstall-06_45.txt |
Description:
|
The Visionsoft Audit VSAOD server allows unauthenticated remote uninstalls.
| | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 1853 | | Last Modified: | Jul 11 10:22:51 2007 |
| MD5 Checksum: | b7946225f4438b008477609fbb64f020 |
|
| /// File Name: |
vareplay-06_044.txt |
Description:
|
The Visionsoft Audit VSAOD server allows remote execution via replay attacks.
| | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 2610 | | Last Modified: | Jul 11 10:21:41 2007 |
| MD5 Checksum: | e7d5eaf8dd0de53efd3d04a56ac09459 |
|
| /// File Name: |
vapassword-06-042.txt |
Description:
|
The Visionsoft Audit VSAOD server uses a weak algorithm to obscure passwords on the wire and within configuration files.
| | Author: | Tim Brown, Mark Lowe | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 2255 | | Last Modified: | Jul 11 10:12:18 2007 |
| MD5 Checksum: | ffa43823200cb8febf97c88cd85b06b2 |
|
| /// File Name: |
vaheapoverflow-06_040.txt |
Description:
|
The Visionsoft Audit VSAOD server has input validation flaws which can result in an unauthenticated heap overflow.
| | Author: | Tim Brown | | Homepage: | http://www.portcullis-security.com/ | | File Size: | 2188 | | Last Modified: | Jul 11 10:07:41 2007 |
| MD5 Checksum: | 6efa6cb9145412b7d3dc4b682a919f62 |
|
| /// File Name: |
USN-481-1.txt |
Description:
|
Ubuntu Security Notice 481-1 - Multiple vulnerabilities were found in ImageMagick's handling of DCM and WXD image files. By tricking a user into processing a specially crafted image with an application that uses imagemagick, an attacker could execute arbitrary code with the user's privileges.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 15633 | | Related CVE(s): | CVE-2007-1667, CVE-2007-1797 | | Last Modified: | Jul 11 09:07:00 2007 |
| MD5 Checksum: | 095128437acef8fc0977a7ab0e8f6c21 |
|
| /// File Name: |
SSRT071424-1.txt |
Description:
|
HP Security Bulletin - Potential vulnerabilities have been identified with Samba provided with HP Internet Express for Tru64 UNIX (IX) v 6.6. The potential vulnerabilities could be exploited by a remote, unauthenticated user to execute arbitrary commands or by a local, unauthorized user to gain privilege elevation.
| | Homepage: | http://www.hp.com/ | | File Size: | 6153 | | Related CVE(s): | CVE-2007-2444, CVE-2007-2446, CVE-2007-2447 | | Last Modified: | Jul 11 09:05:36 2007 |
| MD5 Checksum: | 0991bc3f4f0c48427f55531db4ac65ea |
|
| /// File Name: |
MDKSA-2007-143.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long album title or category.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5280 | | Related CVE(s): | CVE-2007-2948 | | Last Modified: | Jul 11 09:03:52 2007 |
| MD5 Checksum: | cb31c9dd1e9358a920a966e22797417b |
|
| /// File Name: |
ie-protocol.txt |
Description:
|
There is a URL protocol handler command injection vulnerability in Internet Explorer for Windows that allows you to execute shell commands with arbitrary arguments. This vulnerability can be triggered without user interaction simply by visiting a webpage.
| | Author: | Thor Larholm | | File Size: | 763 | | Last Modified: | Jul 11 09:01:53 2007 |
| MD5 Checksum: | 8beffac1da7c49ef8f8355f2635237ae |
|
| /// File Name: |
SYMSA-2007-005.txt |
Description:
|
Symantec Vulnerability Research SYMSA-2007-005 - Due to an implementation issue, the Windows Firewall does not apply firewall rules correctly on the Teredo Interface. This allows a level of remote access to TCP and UDP ports and services that exceeds what Microsoft expected and what an administrator would expect.
| | Author: | Jim Hoagland, Ollie Whitehouse | | Homepage: | http://www.symantec.com/research | | File Size: | 7139 | | Related CVE(s): | CVE-2007-3038 | | Last Modified: | Jul 11 08:08:12 2007 |
| MD5 Checksum: | eae03b3c9a9fce0f86440a00133e2842 |
|
| /// File Name: |
sa26003.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft .NET Framework, which can be exploited by malicious people to disclose potentially sensitive information or compromise a user's system.
| | Homepage: | http://secunia.com/advisories/26003/ | | File Size: | 6473 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | 6b8b7451e2a6607b604b1903a0fb2f1c |
|
| /// File Name: |
sa26002.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities have been reported in Windows Active Directory, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/26002/ | | File Size: | 3758 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | e027604da1dc10a86de8ccd89ed18dda |
|
| /// File Name: |
sa26001.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in Windows Vista, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/26001/ | | File Size: | 2824 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | 7e18a1db3d6e91f45fbd4ac821eb35c3 |
|
| /// File Name: |
sa25997.txt |
Description:
|
Secunia Security Advisory - Cody CypherXero Rester has discovered a vulnerability in OpenLD, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/25997/ | | File Size: | 2271 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | 9687893f1831d1284328df3f260c8b06 |
|
| /// File Name: |
sa25996.txt |
Description:
|
Secunia Security Advisory - Cody CypherXero Rester has discovered a vulnerability in Aigaion, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/25996/ | | File Size: | 2291 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | d7f201667f4dac723f576a133f430d55 |
|
| /// File Name: |
sa25995.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Excel, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25995/ | | File Size: | 4246 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | cb760173688a95f0c5c0e806debab95c |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
