Section: .. / 0706-advisories /
| /// File Name: |
CVE-2007-1358.txt |
Description:
|
Apache Tomcat versions 4.0.0 to 4.0.6, 4.1.0 to 4.1.34, 5.0.0 to 5.0.30, 5.5.0 to 5.5.20, and 6.0.0 to 6.0.5 suffer from a cross site scripting flaw in Accept-Language header processing.
| | Homepage: | http://tomcat.apache.org/ | | File Size: | 1351 | | Related CVE(s): | CVE-2007-1358 | | Last Modified: | Jun 20 00:53:01 2007 |
| MD5 Checksum: | fc3b3bcfefce5d61eb18aa13d0de4e53 |
|
| /// File Name: |
06.18.07-1.txt |
Description:
|
iDefense Security Advisory 06.18.07 - Remote exploitation of a heap overflow vulnerability in Cerulean Studios Trillian Instant Messenger could allow attackers to execute arbitrary code as the currently logged on user. The vulnerability specifically exists due to improper handling of UTF-8 sequences. When word-wrapping UTF-8 text, the window width is improperly used as a buffer size value. As such, heap corruption can occur leading to a potentially exploitable condition. iDefense has confirmed the existence of this vulnerability in Cerulean Studios Trillian 3.1.5.1. Previous versions are suspected to be vulnerable.
| | Author: | blurredlogic.com | | Homepage: | http://www.idefense.com/ | | File Size: | 3090 | | Last Modified: | Jun 20 00:40:08 2007 |
| MD5 Checksum: | 4aa4fa081c88b36634a6a56d03402567 |
|
| /// File Name: |
fusetalk-sql.txt |
Description:
|
FuseTalk version 2.0 suffers from a SQL injection vulnerability.
| | Author: | Charles H. Kim | | File Size: | 3715 | | Last Modified: | Jun 20 00:27:18 2007 |
| MD5 Checksum: | 4e99df24fc4578088e34bba914c63324 |
|
| /// File Name: |
dsa-1312-1.txt |
Description:
|
Debian Security Advisory 1312-1 - It was discovered that the Apache 1.3 connector for the Tomcat Java servlet engine decoded request URLs multiple times, which can lead to information disclosure.
| | Homepage: | http://www.debian.org/security | | File Size: | 10270 | | Related CVE(s): | CVE-2007-1860 | | Last Modified: | Jun 20 00:20:21 2007 |
| MD5 Checksum: | 70d5798b6f48581fdbb7d154013012ca |
|
| /// File Name: |
dsa-1311-1.txt |
Description:
|
Debian Security Advisory 1311-1 - It was discovered that the PostgreSQL database performs insufficient validation of variables passed to privileged SQL statement called "security definers", which could lead to SQL privilege escalation.
| | Homepage: | http://www.debian.org/security | | File Size: | 32964 | | Related CVE(s): | CVE-2007-2138 | | Last Modified: | Jun 19 16:35:57 2007 |
| MD5 Checksum: | eefad625b43958f3ae0784c74aeb5931 |
|
| /// File Name: |
dsa-1310-1.txt |
Description:
|
Debian Security Advisory 1310-1 - A vulnerability has been discovered in libexif, a library to parse EXIF files, which allows denial of service and possible execution of arbitrary code via malformed EXIF data.
| | Homepage: | http://www.debian.org/security | | File Size: | 6495 | | Related CVE(s): | CVE-2006-4168 | | Last Modified: | Jun 19 16:23:52 2007 |
| MD5 Checksum: | c012f8241627391e730ed9ce2f70a62e |
|
| /// File Name: |
dsa-1309-1.txt |
Description:
|
Debian Security Advisory 1309-1 - It was discovered that the PostgreSQL database performs insufficient validation of variables passed to privileged SQL statements, so called "security definers", which could lead to SQL privilege escalation.
| | Homepage: | http://www.debian.org/security | | File Size: | 28160 | | Related CVE(s): | CVE-2007-2138 | | Last Modified: | Jun 19 16:21:31 2007 |
| MD5 Checksum: | df58f5754151ca2c00c2769afcaf62f8 |
|
| /// File Name: |
safari-dos.txt |
Description:
|
Safari version 3.0.1 for Windows appears to suffer from a denial of service condition in corefoundation.dll.
| | Author: | Lostmon | | Homepage: | http://lostmon.blogspot.com/ | | File Size: | 2444 | | Last Modified: | Jun 19 16:13:31 2007 |
| MD5 Checksum: | 36ced3fd1098af210b30fa69e200ca17 |
|
| /// File Name: |
dsa-1304-1.txt |
Description:
|
Debian Security Advisory 1304-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 34109 | | Related CVE(s): | CVE-2005-4811, CVE-2006-4814, CVE-2006-4623, CVE-2006-5753, CVE-2006-5754, CVE-2006-5757, CVE-2006-6053, CVE-2006-6056, CVE-2006-6060, CVE-2006-6106, CVE-2006-6535, CVE-2007-0958, CVE-2007-1357, CVE-2007-1592 | | Last Modified: | Jun 19 14:39:52 2007 |
| MD5 Checksum: | 1d8a803d6cd25a9ae00f96aa85c482a1 |
|
| /// File Name: |
phplistpro-xss.txt |
Description:
|
phpListPro version 2.0.1 suffers from a cross site scripting flaw.
| | Author: | CorryL | | File Size: | 1170 | | Last Modified: | Jun 19 14:38:00 2007 |
| MD5 Checksum: | 616d1c2b561dd399197ed20e86bcfaab |
|
| /// File Name: |
kaspersky-is6.txt |
Description:
|
Kaspersky Internet Security 6 hooks many functions in SSDT and in at least nine cases it fails to validate arguments that come from the user mode.
| | Homepage: | http://www.matousec.com/ | | Related Exploit: | BTP00000P006KA.zip | | File Size: | 1433 | | Last Modified: | Jun 15 14:45:25 2007 |
| MD5 Checksum: | 7c65a8678ae988278cfbb4e964b3c93d |
|
| /// File Name: |
MDKSA-2007-125.txt |
Description:
|
Mandriva Linux Security Advisory - SpamAssassin 3.1.x, when running as root with unusual configuration options using vpopmail or virtual users, could allow local users to cause a denial of service (via corrupting arbitrary files) using a symlink attack on a file used by spamd.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5779 | | Related CVE(s): | CVE-2007-2873 | | Last Modified: | Jun 14 23:13:38 2007 |
| MD5 Checksum: | 28c7a96678bd21e0c6515908d42d8a19 |
|
| /// File Name: |
elxis-sql.txt |
Description:
|
Elxis CMS versions 2006.4 and below suffer from a SQL injection vulnerability.
| | Author: | Nico Leidecker | | File Size: | 1878 | | Last Modified: | Jun 14 23:12:31 2007 |
| MD5 Checksum: | 27a45dcd948db61da36c9cdaaae72831 |
|
| /// File Name: |
06.14.07-1.txt |
Description:
|
iDefense Security Advisory 06.14.07 - Remote exploitation of an input validation vulnerability in Apache Software Foundation's MyFaces Tomahawk JSF framework could allow an attacker to perform a cross-site scripting (XSS) attack. The code responsible for parsing HTTP requests is vulnerable to an XSS vulnerability. When parsing the 'autoscroll' parameter from a POST or GET request, the value of this variable is directly inserted into JavaScript that is sent back to the client. This allows an attacker to run arbitrary JavaScript in the context of the affected domain of the MyFaces application being targeted. iDefense has confirmed the existence of this vulnerability in MyFaces Tomahawk version 1.1.5. Previous versions may also be affected.
| | Author: | Rajat Swarup | | Homepage: | http://www.idefense.com/ | | File Size: | 3774 | | Related CVE(s): | CVE-2007-3101 | | Last Modified: | Jun 14 23:07:45 2007 |
| MD5 Checksum: | e872f4db6ae74a07dc365aa79ad418d6 |
|
| /// File Name: |
CVE-2007-2450.txt |
Description:
|
Apache Tomcat versions 4.0.0 to 4.0.6, 4.1.0 to 4.1.36, 5.0.0 to 5.0.30, 5.5.0 to 5.5.24, and 6.0.0 to 6.0.13 suffer from a cross site scripting flaw in the Host Manager Application.
| | Homepage: | http://tomcat.apache.org/ | | File Size: | 1377 | | Related CVE(s): | CVE-2007-2450 | | Last Modified: | Jun 14 23:00:20 2007 |
| MD5 Checksum: | d749caffa30a4143a19313f8a0e45291 |
|
| /// File Name: |
rtf-office.txt |
Description:
|
John Heasman of NGSSoftware has discovered a high risk vulnerability in the handling of RTF documents within OpenOffice. The vulnerability affects all versions of OpenOffice prior to 2.2.1. If an attacker can coax a user into opening a specially crafted RTF document then the attacker can execute arbitrary code in the security context of their victim.
| | Author: | John Heasman | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 2082 | | Last Modified: | Jun 14 01:21:11 2007 |
| MD5 Checksum: | 441625f8c894ccf28e88b1f84926d095 |
|
| /// File Name: |
MDKSA-2007-124.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw in libgd2 was found by Xavier Roche where it would not correctly validate PNG callback results. If an application linked against libgd2 was tricked into processing a specially-crafted PNG file, it could cause a denial of service scenario via CPU resource consumption. Tetex uses an embedded copy of the gd source and may also be affected by this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 10779 | | Related CVE(s): | CVE-2007-2756 | | Last Modified: | Jun 14 01:13:18 2007 |
| MD5 Checksum: | a087c34ebaa86347b374a97442437c85 |
|
| /// File Name: |
MDKSA-2007-123.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw in libgd2 was found by Xavier Roche where it would not correctly validate PNG callback results. If an application linked against libgd2 was tricked into processing a specially-crafted PNG file, it could cause a denial of service scenario via CPU resource consumption. Libwmf uses an embedded copy of the gd source and may also be affected by this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5559 | | Related CVE(s): | CVE-2007-2756 | | Last Modified: | Jun 14 01:12:31 2007 |
| MD5 Checksum: | 64610f58ede948763eb5c90cb91a1571 |
|
| /// File Name: |
MDKSA-2007-122.txt |
Description:
|
Mandriva Linux Security Advisory - A flaw in libgd2 was found by Xavier Roche where it would not correctly validate PNG callback results. If an application linked against libgd2 was tricked into processing a specially-crafted PNG file, it could cause a denial of service scenario via CPU resource consumption.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6165 | | Related CVE(s): | CVE-2007-2756 | | Last Modified: | Jun 14 01:02:56 2007 |
| MD5 Checksum: | e89299e4416279f2b4893e51810b958f |
|
| /// File Name: |
MDKSA-2007-121.txt |
Description:
|
Mandriva Linux Security Advisory - An integer overflow vulnerability was discovered in the way the FreeType font engine processed TTF files. If a user were to load a special font file with a program linked against freetype, it could cause the application to crash or possibly execute arbitrary code as the user running the program.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6302 | | Related CVE(s): | CVE-2007-2754 | | Last Modified: | Jun 14 01:01:55 2007 |
| MD5 Checksum: | 531c409c2a601e8e9693a3c8d625ca05 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
