======================================================================== The Secunia Weekly Advisory Summary 2007-04-26 - 2007-05-03 This week: 57 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: BETA TEST: The Network Software Inspector Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_Inspector/ The NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. -- NEW BLOG ENTRY Last December, Secunia released the Software Inspector, a revolutionary tool that changed the way users all across the globe identified missing security updates. Since then, over 300,000 inspections has been made using the Software Inspector. Secunia has received hundreds of emails with feedback, feature requests, and suggestions, all of which were thoroughly read and taken note of. Because of these, Secunia is able to finetune and improve the Software Inspector so that it can be a better tool for computer users everywhere. Now, Secunia is planning to release the Network Software Inspector (NSI) which basically is an expanded version of the Software Inspector geared for scanning on internal corporate networks. Read More: http://secunia.com/blog/9/ ======================================================================== 2) This Week in Brief: The Month of ActiveX Bugs project was launched in the beginning of the month, with what even the reporter claimed was just another Denial of Service bug in a Powerpoint viewer. However, Secunia Research was able to confirm that it was remotely exploitable, due to boundary errors within several areas in the code. These errors could be exploited to cause stack-based buffer overflows by passing long arguments to certain vulnerable methods. The vulnerable code was also confirmed to be in the Excel viewer and Word viewer products all from the same vendor. These vulnerabilities remain unpatched, and successful exploitation can occur if a user is tricked into visiting a malicious website. Secunia urges users to refrain from browsing untrusted websites. For more information, please refer to: http://secunia.com/advisories/25092/ http://secunia.com/advisories/25077/ http://secunia.com/advisories/25100/ -- Several vulnerabilities have been discovered in Trillian, the popular instant messaging application capable of connecting to various IM services. These vulnerabilities can be used by attackers to gain control of a user's system, or to read instant messages without the user's knowledge. These vulnerabilities have been patched in the latest version of Trillian, which is available in the vendor website. For more information, please refer to: http://secunia.com/advisories/25086/ -- A vulnerability has been discovered in Winamp, which can be used by attackers to gain access to a vulnerable computer. The vulnerability is due to an error in the way that Winamp handles MP4 files. Successful exploitation allows an attacker to execute arbitrary code on a system, but requires that the user is first tricked into opening a specially crafted MP4 file. The vulnerability remains unpatched; thus users are urged to avoid opening untrusted MP4 files. The vendor expects to release a new Winamp version to fix this vulnerability within the next few days. For more information: http://secunia.com/advisories/25089/ -- An error in the way that PNG files are handled was discovered in four different graphics editor programs: Corel Paint Shop Pro, Adobe Photoshop CS2 and CS3, and Adobe Photoshop Elements Editor for Windows. These programs were found to be vulnerable to various boundary errors in handling PNG files, which could be exploited to cause stack-based buffer overflows. Successful exploitation requires that an attacker create a specially crafted PNG file, and allows execution of arbitrary code. These vulnerabilities are unpatched, and users are urged to avoid opening untrusted PNG files. For more information: Corel Paint Shop Pro: http://secunia.com/advisories/25034/ Adobe Products: http://secunia.com/advisories/25044/ -- Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_Inspector/ -- VIRUS ALERTS: During the past week Secunia collected 169 virus descriptions from the Antivirus vendors. However, none were deemed MEDIUM risk or higher according to the Secunia assessment scale. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA25023] Adobe Photoshop BMP.8BI Bitmap File Handling Buffer Overflow 2. [SA25011] Apple QuickTime Java Extension "toQTPointer()" Code Execution 3. [SA25044] Adobe Products PNG.8BI PNG File Handling Buffer Overflow 4. [SA25089] Winamp MP4 File Handling Memory Corruption Vulnerability 5. [SA25013] Symantec Products Information Disclosure and Buffer Overflow 6. [SA25047] Cisco Products PHP "htmlentities()" and "htmlspecialchars()" Buffer Overflows 7. [SA25057] Ubuntu update for php 8. [SA25006] Sun Solaris X11 Multiple Vulnerabilities 9. [SA25037] Sun Solaris PostgreSQL SECURITY DEFINER Privilege Escalation 10. [SA25045] IBM WebSphere Application Server Unspecified Vulnerability ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA25100] Word Viewer OCX ActiveX Control Buffer Overflow Vulnerabilities [SA25092] PowerPoint Viewer OCX ActiveX Control Buffer Overflow Vulnerabilities [SA25089] Winamp MP4 File Handling Memory Corruption Vulnerability [SA25086] Trillian Information Leakage and Buffer Overflow Vulnerabilities [SA25077] Excel Viewer OCX ActiveX Control Buffer Overflow Vulnerabilities [SA25076] LiveData Protocol Server WSDL Request Buffer Overflow [SA25129] Progress WebSpeed "edit.r" Denial of Service Vulnerability [SA25113] LiveData Server Unspecified COTP Denial of Service [SA25126] AtomixMP3 mp3database.txt Handling Buffer Overflow Vulnerability [SA25087] Nukedit "terms" Cross-Site Scripting [SA25064] ZoneAlarm Pro vsdatant Driver Denial of Service UNIX/Linux: [SA25072] SUSE Update for Multiple Packages [SA25110] Gentoo update for mod_perl [SA25097] Gentoo update for ktorrent [SA25096] Gentoo update for freetype [SA25095] Debian update for qemu [SA25091] Sun Java System Directory Server Denial of Service [SA25083] rPath update for kernel [SA25071] Papoo CMS "menuid" SQL Injection Vulnerability [SA25068] Linux Kernel IPv6 Type 0 Route Headers Denial of Service [SA25062] Debian update for php5 [SA25057] Ubuntu update for php [SA25073] QEMU Various Vulnerabilities [SA25128] PHPChain Two Cross-Site Scripting Vulnerabilities [SA25108] Debian update for wordpress [SA25106] Gentoo update for tomcat [SA25084] Gentoo update for quagga [SA25115] Ubuntu update for net-snmp [SA25078] Debian update for linux-2.6 [SA25061] iputils rarpd Replies Denial of Service [SA25058] Ubuntu update for postgresql [SA25112] Avaya CMS / IR Sun Solaris libX11 Integer Overflow Vulnerability [SA25098] Red Hat Update for Multiple Packages [SA25080] Red Hat update for kernel [SA25066] HP Power Manager Remote Agent Unspecified Code Execution [SA25059] Gentoo update for beast [SA25118] Mandriva update for xscreensaver [SA25105] Red Hat update for xscreensaver [SA25081] Sun Solaris 9 Auditing BSM Denial of Service [SA25065] XScreenSaver "getpwuid()" Authentication Bypass Weakness Other: [SA25109] Cisco PIX and ASA Denial of Service and Security Bypass [SA25094] OpenVMS Exception Handling Denial of Service Cross Platform: [SA25074] WordPress wordTube Plugin "wpPATH" File Inclusion [SA25063] WordPress wp-Table Plugin "wpPATH" File Inclusion [SA25060] OPeNDAP CGI Server Command Execution Vulnerability [SA25120] 1024 CMS "item" Directory Traversal [SA25085] sendcard Local File Inclusion and Cross-Site Scripting [SA25082] CMS Made Simple "templateid" SQL Injection [SA25070] ISC BIND "query_addsoa" Denial of Service [SA25069] Java 2 Platform Privilege Escalation Vulnerability [SA25079] VMware Products Multiple Vulnerabilities [SA25127] DVDdb Cross-Site Scripting Vulnerabilities [SA25124] CodePress codepress.html Cross-Site Scripting [SA25090] Ariadne "ARLogin" Cross-Site Scripting [SA25088] All In One Control Panel (AIOCP) Cross-Site Scripting Vulnerability [SA25075] FileRun SQL Injection and Cross-Site Scripting [SA25067] LAN Management System "OD" Cross-Site Scripting Vulnerability ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA25100] Word Viewer OCX ActiveX Control Buffer Overflow Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-03 shinnai has discovered some vulnerabilities in Word Viewer OCX, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25100/ -- [SA25092] PowerPoint Viewer OCX ActiveX Control Buffer Overflow Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-02 shinnai has discovered some vulnerabilities in PowerPoint Viewer OCX, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25092/ -- [SA25089] Winamp MP4 File Handling Memory Corruption Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-01 Marsu has reported a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25089/ -- [SA25086] Trillian Information Leakage and Buffer Overflow Vulnerabilities Critical: Highly critical Where: From remote Impact: Exposure of sensitive information, System access Released: 2007-05-01 Some vulnerabilities have been reported in Trillian, which can be exploited by malicious people to gain knowledge of sensitive information or compromise a user's system. Full Advisory: http://secunia.com/advisories/25086/ -- [SA25077] Excel Viewer OCX ActiveX Control Buffer Overflow Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-02 shinnai has discovered some vulnerabilities in Excel Viewer OCX, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25077/ -- [SA25076] LiveData Protocol Server WSDL Request Buffer Overflow Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-05-03 A vulnerability has been reported in LiveData Protocol Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25076/ -- [SA25129] Progress WebSpeed "edit.r" Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-05-03 Eelko Neven has reported a vulnerability in Progress, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25129/ -- [SA25113] LiveData Server Unspecified COTP Denial of Service Critical: Moderately critical Where: From local network Impact: DoS Released: 2007-05-03 A vulnerability has been reported in LiveData Server, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25113/ -- [SA25126] AtomixMP3 mp3database.txt Handling Buffer Overflow Vulnerability Critical: Less critical Where: From remote Impact: System access Released: 2007-05-03 Preth00nker has discovered a vulnerability in AtomixMP3, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25126/ -- [SA25087] Nukedit "terms" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-01 Nexus has reported a vulnerability in Nukedit, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25087/ -- [SA25064] ZoneAlarm Pro vsdatant Driver Denial of Service Critical: Not critical Where: Local system Impact: DoS Released: 2007-05-02 Matousec has discovered a vulnerability in ZoneAlarm Pro, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25064/ UNIX/Linux:-- [SA25072] SUSE Update for Multiple Packages Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-04-30 SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25072/ -- [SA25110] Gentoo update for mod_perl Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-05-02 Gentoo has issued an update for mod_perl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25110/ -- [SA25097] Gentoo update for ktorrent Critical: Moderately critical Where: From remote Impact: Manipulation of data, System access Released: 2007-05-02 Gentoo has issued an update for ktorrent. This fixes two vulnerabilities, which can be exploited by malicious people to overwrite arbitrary files on a user's system or potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/25097/ -- [SA25096] Gentoo update for freetype Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-05-02 Gentoo has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. Full Advisory: http://secunia.com/advisories/25096/ -- [SA25095] Debian update for qemu Critical: Moderately critical Where: From remote Impact: Security Bypass, DoS Released: 2007-05-01 Debian has issued an update for qemu. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25095/ -- [SA25091] Sun Java System Directory Server Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-05-02 A vulnerability has been reported in Sun Java System Directory Server, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25091/ -- [SA25083] rPath update for kernel Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-05-02 rPath has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25083/ -- [SA25071] Papoo CMS "menuid" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-04-30 Kacper has discovered a vulnerability in Papoo CMS, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25071/ -- [SA25068] Linux Kernel IPv6 Type 0 Route Headers Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-04-30 A security issue has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25068/ -- [SA25062] Debian update for php5 Critical: Moderately critical Where: From remote Impact: Security Bypass, Exposure of sensitive information, System access Released: 2007-04-30 Debian has issued an update for php5. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, malicious users to disclose potentially sensitive information, bypass certain security restrictions or compromise a vulnerable system, and by malicious people to bypass certain security restrictions and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25062/ -- [SA25057] Ubuntu update for php Critical: Moderately critical Where: From remote Impact: Security Bypass, Privilege escalation, DoS, System access Released: 2007-04-27 Ubuntu has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information, bypass certain security restrictions, gain escalated privileges, cause a DoS (Denial of Service), compromise a vulnerable system, and by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25057/ -- [SA25073] QEMU Various Vulnerabilities Critical: Moderately critical Where: Local system Impact: Security Bypass, DoS Released: 2007-05-01 Tavis Ormandy has reported some vulnerabilities in QEMU, which can be exploited by malicious uses to bypass certain security restrictions or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25073/ -- [SA25128] PHPChain Two Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-03 r0t has discovered some vulnerabilities in PHPChain, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25128/ -- [SA25108] Debian update for wordpress Critical: Less critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of sensitive information Released: 2007-05-02 Debian has issued an update for wordpress. This fixes some vulnerabilities, which can be exploited by malicious users to conduct SQL injection attacks and bypass certain security restrictions, or by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25108/ -- [SA25106] Gentoo update for tomcat Critical: Less critical Where: From remote Impact: Security Bypass Released: 2007-05-02 Gentoo has issued an update for tomcat. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25106/ -- [SA25084] Gentoo update for quagga Critical: Less critical Where: From remote Impact: DoS Released: 2007-05-02 Gentoo has issued an update for quagga. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25084/ -- [SA25115] Ubuntu update for net-snmp Critical: Less critical Where: From local network Impact: DoS Released: 2007-05-03 Ubuntu has issued an update for net-snmp. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25115/ -- [SA25078] Debian update for linux-2.6 Critical: Less critical Where: From local network Impact: Privilege escalation, DoS Released: 2007-05-03 Debian has issued an update for linux-2.6. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges, and by malicious people to cause a DoS. Full Advisory: http://secunia.com/advisories/25078/ -- [SA25061] iputils rarpd Replies Denial of Service Critical: Less critical Where: From local network Impact: DoS Released: 2007-04-30 A vulnerability has been reported in iputils, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25061/ -- [SA25058] Ubuntu update for postgresql Critical: Less critical Where: From local network Impact: Privilege escalation Released: 2007-04-30 Ubuntu has issued an update for postgresql. This fixes a security issue, which can be exploited by malicious users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25058/ -- [SA25112] Avaya CMS / IR Sun Solaris libX11 Integer Overflow Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-05-03 Avaya has acknowledged a vulnerability in Avaya CMS and IR, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25112/ -- [SA25098] Red Hat Update for Multiple Packages Critical: Less critical Where: Local system Impact: Security Bypass, Spoofing, Privilege escalation, DoS, System access Released: 2007-05-02 Red Hat has issued updates for multiple packages. This fixes some vulnerabilities and security issues, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges or to gain escalated privileges, bypass certain security restrictions, and cause a DoS (Denial of Service), or by malicious users to bypass certain security restrictions and malicious people to spoof emails, cause a DoS or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25098/ -- [SA25080] Red Hat update for kernel Critical: Less critical Where: Local system Impact: Exposure of sensitive information, DoS Released: 2007-05-01 Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/25080/ -- [SA25066] HP Power Manager Remote Agent Unspecified Code Execution Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-04-30 A vulnerability has been reported in HP Power Manager Remote Agent (RA), which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25066/ -- [SA25059] Gentoo update for beast Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-04-30 Gentoo has issued an update for beast. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges. Full Advisory: http://secunia.com/advisories/25059/ -- [SA25118] Mandriva update for xscreensaver Critical: Not critical Where: Local system Impact: Security Bypass Released: 2007-05-03 Mandriva has issued an update for xscreensaver. This fixes a weakness, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25118/ -- [SA25105] Red Hat update for xscreensaver Critical: Not critical Where: Local system Impact: Security Bypass Released: 2007-05-03 Red Hat has issued an update for xscreensaver. This fixes a weakness, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25105/ -- [SA25081] Sun Solaris 9 Auditing BSM Denial of Service Critical: Not critical Where: Local system Impact: DoS Released: 2007-05-02 A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25081/ -- [SA25065] XScreenSaver "getpwuid()" Authentication Bypass Weakness Critical: Not critical Where: Local system Impact: Security Bypass Released: 2007-05-03 Alex Yamauchi has reported a weakness in XScreenSaver, which potentially can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25065/ Other:-- [SA25109] Cisco PIX and ASA Denial of Service and Security Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass, DoS Released: 2007-05-03 Some vulnerabilities have been reported in Cisco PIX and ASA, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25109/ -- [SA25094] OpenVMS Exception Handling Denial of Service Critical: Not critical Where: Local system Impact: DoS Released: 2007-05-01 A vulnerability has been reported in OpenVMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25094/ Cross Platform:-- [SA25074] WordPress wordTube Plugin "wpPATH" File Inclusion Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-05-02 M.Hasran Addahroni has reported a vulnerability in the wordTube plugin for WordPress, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25074/ -- [SA25063] WordPress wp-Table Plugin "wpPATH" File Inclusion Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-05-02 M.Hasran Addahroni has reported a vulnerability in the wp-Table plugin for WordPress, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25063/ -- [SA25060] OPeNDAP CGI Server Command Execution Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-01 A vulnerability has been reported in OPeNDAP CGI Server, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25060/ -- [SA25120] 1024 CMS "item" Directory Traversal Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2007-05-03 Dj7xpl has discovered a vulnerability in 1024 CMS, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/25120/ -- [SA25085] sendcard Local File Inclusion and Cross-Site Scripting Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Exposure of system information, Exposure of sensitive information Released: 2007-05-02 Some vulnerabilities have been discovered in sendcard, which can be exploited by malicious people to conduct cross-site scripting attacks and to disclose sensitive information. Full Advisory: http://secunia.com/advisories/25085/ -- [SA25082] CMS Made Simple "templateid" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-05-02 Daniel Lucq has discovered a vulnerability in CMS Made Simple, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25082/ -- [SA25070] ISC BIND "query_addsoa" Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-05-01 A vulnerability has been reported in BIND, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25070/ -- [SA25069] Java 2 Platform Privilege Escalation Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-05-01 Sun has acknowledged a vulnerability in the Java Web Start of the Java 2 Platform, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25069/ -- [SA25079] VMware Products Multiple Vulnerabilities Critical: Moderately critical Where: Local system Impact: Security Bypass, DoS Released: 2007-05-01 Some vulnerabilities have been reported in various VMware products, which can be exploited by malicious users to cause a DoS (Denial of Service) or bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25079/ -- [SA25127] DVDdb Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-03 r0t has discovered vulnerabilities in DVDdb, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25127/ -- [SA25124] CodePress codepress.html Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-03 A vulnerability has been reported in CodePress, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25124/ -- [SA25090] Ariadne "ARLogin" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-01 Ronald van den Heetkamp has reported a vulnerability in Ariadne, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25090/ -- [SA25088] All In One Control Panel (AIOCP) Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-03 A vulnerability has been reported in All In One Control Panel (AIOCP), which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25088/ -- [SA25075] FileRun SQL Injection and Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Released: 2007-05-02 r0t has reported some vulnerabilities in FileRun, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25075/ -- [SA25067] LAN Management System "OD" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-04-30 A vulnerability has been reported in LAN Management System, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25067/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 __________________________ Subscribe to InfoSec News http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Thu May 03 2007 - 23:34:23 PDT