======================================================================== The Secunia Weekly Advisory Summary 2007-05-24 - 2007-05-31 This week: 70 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/ The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. ======================================================================== 2) This Week in Brief: Secunia Research has discovered a vulnerability in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. A design error exists in the security restrictions on subclasses of QTObject, which can be exploited by malicious Java code to allow subclassing of QuickTime objects that call unsafe functions from QTJava.dll. This can be exploited to read or write arbitrary parts of memory. Successful exploitation allows execution of arbitrary code on Windows and OS X systems, when a user visits a malicious web site using a Java-enabled browser. This vulnerability is rated by Secunia as highly critical because an attacker could use this flaw to gain access to a vulnerable system. Apple has released Security update 2007-05 for this vulnerability, and users are encouraged to patch their systems. For more information: http://secunia.com/advisories/25130/ -- Along with the vulnerability discussed above, the Apple Security Update also fixes several other vulnerabilities. These include known vulnerabilities in BIND, file, and ruby, among others, as well as newly disclosed vulnerabilities in Alias Manager, pppd, vpnd, and others. These vulnerabilities have varying consequences, such as compromising a vulnerable system, disclosing user passwords, causing crashes, or allowing a user to gain escalated privileges. Users are advised to apply the security update immediately. For more inforamtion: http://secunia.com/advisories/25402/ -- Mozilla has also released multiple security updates this week, providing solutions for several known security issues and software bugs. Errors in the Javascript engine can be exploited to crash the browser or potentially execute arbitrary code. Another error in the "addEventListener" method can be exploited to inject script into another site, bypassing the browser's same-origin policy. And finally, an error in the handling of XUL popups can be exploited to spoof parts of the browser, such as the location bar, which can be used for phishing attacks. These vulnerabilities are found in Firefox and Seamonkey. The Javascript engine errors are also present in Thunderbird. All users of these Mozilla products are advised to update their systems immediately. For more information: http://secunia.com/advisories/25469/ (Firefox) http://secunia.com/advisories/25488/ (Seamonkey) http://secunia.com/advisories/25489/ (Thunderbird) -- VIRUS ALERTS: During the past week Secunia collected 165 virus descriptions from the Antivirus vendors. However, none were deemed MEDIUM risk or higher according to the Secunia assessment scale. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA25402] Apple Mac OS X Security Update for Multiple Vulnerabilities 2. [SA25130] Apple QuickTime Java Extension Two Vulnerabilities 3. [SA23769] Internet Explorer Multiple Vulnerabilities 4. [SA25398] Linux Kernel Unspecified GEODE-AES Vulnerability 5. [SA25383] Apache Tomcat JK Web Server Connector Double Encoded ".." Security Bypass 6. [SA25380] avast! CAB and SIS File Processing Buffer Overflows 7. [SA25403] Sun Solaris NFS Client Module Denial of Service 8. [SA25390] Symantec Enterprise Security Manager Denial of Service 9. [SA25411] Sun Solaris snmpd AgentX Subagent Request Processing Vulnerability 10. [SA25399] Novell International Cryptographic Infrastructure Two Vulnerabilities ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA25473] Zenturi ProgramChecker ActiveX Components ActiveX Control Buffer Overflows [SA25472] British Telecommunications webhelper ActiveX Controls Vulnerabilities [SA25471] Media Technology Group CDPass ActiveX Control Buffer Overflows [SA25468] Zenturi ProgramChecker ActiveX Components ActiveX Control "DownloadFile()" Insecure Method [SA25444] LEADTOOLS LEAD Raster OCR Document Object Library ActiveX Control Buffer Overflow [SA25433] LEADTOOLS LEAD Raster ISIS Object ActiveX Control Buffer Overflow [SA25430] Ademco ATNBaseLoader100 Module ActiveX Control Buffer Overflows [SA25418] EDraw Office Viewer Component ActiveX Control Insecure Method and Buffer Overflow Vulnerabilities [SA25455] rm-forum "rmforum.mdb" Database Disclosure Security Issue [SA25453] WabCMS "/db/wabcmsn.mdb" Database Disclosure Security Issue [SA25436] Techno Dreams Web Directory "Database.mdb" Database Disclosure [SA25422] Digirez Two Cross-Site Scripting Vulnerabilities [SA25449] F-Secure Policy Manager Server Host Module Denial of Service Vulnerability [SA25439] F-Secure Anti-Virus Real-Time Scanning Component Privilege Escalation [SA25457] Microsoft Windows Active Directory Logon Hours User Enumeration Weakness [SA25410] Credant Mobile Guardian Shield for Windows Information Disclosure UNIX/Linux: [SA25491] Red Hat update for seamonkey [SA25490] Red Hat update for firefox [SA25462] Gentoo update for mplayer [SA25445] Gentoo update for php [SA25421] Fundanemt "spellcheck.php" Shell Command Injection Vulnerability [SA25416] Debian update for gforge-plugin-scmcvs [SA25404] Gentoo blackdown-jdk and blackdown-jre Vulnerabilities [SA25492] Red Hat update for thunderbird [SA25483] Ubuntu update for freetype [SA25478] IBM AIX Perl Unspecified Code Execution Vulnerability [SA25464] Sun Solaris Kerberos kadm5 Library Vulnerability [SA25463] Gentoo update for freetype [SA25458] IBM AIX WebSM Unspecified Denial of Service Vulnerability [SA25435] DOMjudge "receive()" Denial of Service Vulnerability [SA25432] SUSE Update for Multiple Packages [SA25431] Ubuntu update for pulseaudio [SA25482] IBM AIX BIND Denial of Service Vulnerability [SA25467] Sun Solaris update for Adobe Flash Player [SA25465] Sun Solaris "in.iked" Denial of Service Vulnerability [SA25428] Red Hat update for quagga [SA25419] Debian update for otrs2 [SA25413] Avaya IR Java Web Start Insecure System Classes Vulnerability [SA25407] Web Icerik Yonetim Sistemi "No" Cross-Site Scripting [SA25411] Sun Solaris snmpd AgentX Subagent Request Processing Vulnerability [SA25425] xfsdump "xfs_fsr" Insecure Temporary Directory Creation [SA25450] Sun Solaris "inetd" Denial of Service Vulnerability [SA25408] Mutt GECOS Name Processing Buffer Overflow Vulnerability Other: [SA25420] Ingate Firewall and SIParator Multiple Vulnerabilities [SA25409] Nortel Meridian CS 1000 Unspecified Denial of Service Vulnerability [SA25448] 8e6 R3000 Internet Filter Cross-Site Scripting Vulnerabilities [SA25486] OpenVMS Local Denial of Service Vulnerability Cross Platform: [SA25488] Mozilla SeaMonkey Multiple Vulnerabilities [SA25469] Mozilla Firefox Multiple Vulnerabilities [SA25460] Pheap PHP Code Execution and Information Disclosure [SA25459] FileCloset File Upload Vulnerability [SA25426] F-Secure Products LHA Archive Handling Buffer Overflow [SA25417] Avira Antivir Multiple File Processing Vulnerabilities [SA25414] Geeklog CAPTCHA Plugin "_CONF[path]" File Inclusion [SA25405] Sun Java System Web Proxy Server SOCKS Module Buffer Overflows [SA25489] Mozilla Thunderbird Memory Corruption Vulnerability [SA25452] gCards "newsid" SQL Injection Vulnerability [SA25451] My Little Forum "id" SQL Injection Vulnerability [SA25440] F-Secure Packed Executable and Archive Scanning Denial of Service [SA25438] DGNews Cross-Site Scripting and SQL Injection Vulnerabilities [SA25424] cpCommerce "name" Script Insertion Vulnerability [SA25423] HP System Management Homepage PHP Multiple Vulnerabilities [SA25412] cpCommerce Two SQL Injection Vulnerabilities [SA25427] Openfire Unspecified Privilege Escalation Vulnerability [SA25470] Bochs NE2000 RX Frame Overflow and Disk Controller Denial of Service [SA25447] FirstClass "%00" Cross-Site Scripting Vulnerability [SA25446] phpPgAdmin login.php Cross-Site Scripting Vulnerability [SA25443] eggblog Session Fixation Vulnerability [SA25437] Invision Power Board "editorid" Cross-Site Scripting [SA25415] Tor Circuit Generation Entry Guard Check Weakness ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA25473] Zenturi ProgramChecker ActiveX Components ActiveX Control Buffer Overflows Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-30 Will Dormann has reported some vulnerabilities in Zenturi ProgramChecker, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25473/ -- [SA25472] British Telecommunications webhelper ActiveX Controls Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-30 Will Dormann has reported some vulnerabilities in the British Telecommunications Consumer webhelper and Business Connect ActiveX controls, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25472/ -- [SA25471] Media Technology Group CDPass ActiveX Control Buffer Overflows Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-30 Will Dormann has reported some vulnerabilities in Media Technology Group CDPass ActiveX Control, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25471/ -- [SA25468] Zenturi ProgramChecker ActiveX Components ActiveX Control "DownloadFile()" Insecure Method Critical: Highly critical Where: From remote Impact: Manipulation of data, System access Released: 2007-05-31 shinnai has discovered a vulnerability in Zenturi ProgramChecker, which can be exploited by malicious people to overwrite arbitrary files or compromise a user's system. Full Advisory: http://secunia.com/advisories/25468/ -- [SA25444] LEADTOOLS LEAD Raster OCR Document Object Library ActiveX Control Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-28 shinnai has discovered a vulnerability in LEADTOOLS LEAD Raster OCR Document Object Library ActiveX control, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25444/ -- [SA25433] LEADTOOLS LEAD Raster ISIS Object ActiveX Control Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-29 shinnai has discovered a vulnerability in LEADTOOLS LEAD Raster ISIS Object ActiveX control, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25433/ -- [SA25430] Ademco ATNBaseLoader100 Module ActiveX Control Buffer Overflows Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-28 rgod has discovered some vulnerabilities in Ademco ATNBaseLoader100 Module ActiveX control, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25430/ -- [SA25418] EDraw Office Viewer Component ActiveX Control Insecure Method and Buffer Overflow Vulnerabilities Critical: Highly critical Where: From remote Impact: Manipulation of data, System access Released: 2007-05-30 shinnai has discovered two vulnerabilities in EDraw Office Viewer Component, which can be exploited by malicious people to delete arbitrary files or compromise a user's system. Full Advisory: http://secunia.com/advisories/25418/ -- [SA25455] rm-forum "rmforum.mdb" Database Disclosure Security Issue Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2007-05-28 the_Edit0r has reported a security issue in rm-forum, which can be exploited by malicious people to disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/25455/ -- [SA25453] WabCMS "/db/wabcmsn.mdb" Database Disclosure Security Issue Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2007-05-28 the_Edit0r has reported a security issue in WabCMS, which can be exploited by malicious people to disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/25453/ -- [SA25436] Techno Dreams Web Directory "Database.mdb" Database Disclosure Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2007-05-28 Titanichacker(egy-virus) has reported a security issue in Techno Dreams Web Directory, which can be exploited by malicious people to disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/25436/ -- [SA25422] Digirez Two Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-28 Linux_Drox has reported two vulnerabilities in Digirez, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25422/ -- [SA25449] F-Secure Policy Manager Server Host Module Denial of Service Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2007-05-30 A vulnerability has been reported in F-Secure Policy Manager Server, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25449/ -- [SA25439] F-Secure Anti-Virus Real-Time Scanning Component Privilege Escalation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-05-30 A vulnerability has been reported in various F-Secure products, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25439/ -- [SA25457] Microsoft Windows Active Directory Logon Hours User Enumeration Weakness Critical: Not critical Where: From local network Impact: Exposure of system information Released: 2007-05-31 Sumit Siddharth has reported a weakness in Microsoft Windows, which can be exploited by malicious people to identify valid user accounts. Full Advisory: http://secunia.com/advisories/25457/ -- [SA25410] Credant Mobile Guardian Shield for Windows Information Disclosure Critical: Not critical Where: Local system Impact: Exposure of sensitive information Released: 2007-05-25 Mike Iacovacci has reported a security issue in Credant Mobile Guardian Shield for Windows (CMG Shield), which can be exploited by malicious, local users to gain knowledge of sensitive information. Full Advisory: http://secunia.com/advisories/25410/ UNIX/Linux:-- [SA25491] Red Hat update for seamonkey Critical: Highly critical Where: From remote Impact: Security Bypass, Spoofing, Exposure of sensitive information, DoS, System access Released: 2007-05-31 Red Hat has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/25491/ -- [SA25490] Red Hat update for firefox Critical: Highly critical Where: From remote Impact: Security Bypass, Spoofing, Exposure of sensitive information, DoS, System access Released: 2007-05-31 Red Hat has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/25490/ -- [SA25462] Gentoo update for mplayer Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-05-31 Gentoo has issued an update for mplayer. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25462/ -- [SA25445] Gentoo update for php Critical: Highly critical Where: From remote Impact: Unknown, Security Bypass, Manipulation of data, Brute force, Exposure of system information, Exposure of sensitive information, Privilege escalation, DoS, System access Released: 2007-05-28 Gentoo has issued an update for php. This fixes some vulnerabilities and weaknesses, where some have unknown impacts and others can be exploited by malicious, local users to bypass certain security restrictions or compromise a vulnerable system, by malicious users to manipulate certain data, disclose potentially sensitive information, bypass certain security restrictions, or cause a DoS (Denial of Service), and potentially by malicious people to cause a DoS or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25445/ -- [SA25421] Fundanemt "spellcheck.php" Shell Command Injection Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-28 Kacper has reported a vulnerability in Fundanemt, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25421/ -- [SA25416] Debian update for gforge-plugin-scmcvs Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-25 Debian has issued an update for gforge-plugin-scmcvs. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25416/ -- [SA25404] Gentoo blackdown-jdk and blackdown-jre Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Privilege escalation, System access Released: 2007-05-28 Gentoo has acknowledged some vulnerabilities in blackdown-jdk and blackdown-jre, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. Full Advisory: http://secunia.com/advisories/25404/ -- [SA25492] Red Hat update for thunderbird Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-05-31 Red Hat has issued an update for thunderbird. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25492/ -- [SA25483] Ubuntu update for freetype Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-05-31 Ubuntu has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. Full Advisory: http://secunia.com/advisories/25483/ -- [SA25478] IBM AIX Perl Unspecified Code Execution Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2007-05-31 A vulnerability has been reported in IBM AIX, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25478/ -- [SA25464] Sun Solaris Kerberos kadm5 Library Vulnerability Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-05-30 Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious users to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25464/ -- [SA25463] Gentoo update for freetype Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-05-31 Gentoo has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. Full Advisory: http://secunia.com/advisories/25463/ -- [SA25458] IBM AIX WebSM Unspecified Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-05-31 A vulnerability has been reported in IBM AIX, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25458/ -- [SA25435] DOMjudge "receive()" Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-05-29 Lennert Buytenhek has reported a vulnerability in DOMjudge, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25435/ -- [SA25432] SUSE Update for Multiple Packages Critical: Moderately critical Where: From remote Impact: Unknown, DoS, System access Released: 2007-05-28 SUSE has issued updates for multiple packages. These fix some vulnerabilities, where one has an unknown impact and others can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to cause a DoS or compromise a user's system. Full Advisory: http://secunia.com/advisories/25432/ -- [SA25431] Ubuntu update for pulseaudio Critical: Moderately critical Where: From local network Impact: DoS Released: 2007-05-28 Ubuntu has acknowledged some vulnerabilities in pulseaudio, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25431/ -- [SA25482] IBM AIX BIND Denial of Service Vulnerability Critical: Less critical Where: From remote Impact: DoS Released: 2007-05-31 IBM has acknowledged a vulnerability in AIX, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25482/ -- [SA25467] Sun Solaris update for Adobe Flash Player Critical: Less critical Where: From remote Impact: Security Bypass Released: 2007-05-31 Sun has issued an update for Sun Solaris. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25467/ -- [SA25465] Sun Solaris "in.iked" Denial of Service Vulnerability Critical: Less critical Where: From remote Impact: DoS Released: 2007-05-30 Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25465/ -- [SA25428] Red Hat update for quagga Critical: Less critical Where: From remote Impact: DoS Released: 2007-05-30 Red Hat has issued an update for quagga. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25428/ -- [SA25419] Debian update for otrs2 Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-28 Debian has issued an update for otrs2. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. Full Advisory: http://secunia.com/advisories/25419/ -- [SA25413] Avaya IR Java Web Start Insecure System Classes Vulnerability Critical: Less critical Where: From remote Impact: Security Bypass Released: 2007-05-28 Avaya has acknowledged a vulnerability in Avaya IR, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25413/ -- [SA25407] Web Icerik Yonetim Sistemi "No" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-25 Vagrant has reported a vulnerability in Web Icerik Yonetim Sistemi, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25407/ -- [SA25411] Sun Solaris snmpd AgentX Subagent Request Processing Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2007-05-25 A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25411/ -- [SA25425] xfsdump "xfs_fsr" Insecure Temporary Directory Creation Critical: Less critical Where: Local system Impact: Manipulation of data, Exposure of sensitive information Released: 2007-05-30 Paul Martin has reported a security issue in xfsdump, which can be exploited by malicious, local users to disclose potentially sensitive information or manipulate data. Full Advisory: http://secunia.com/advisories/25425/ -- [SA25450] Sun Solaris "inetd" Denial of Service Vulnerability Critical: Not critical Where: Local system Impact: DoS Released: 2007-05-30 Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25450/ -- [SA25408] Mutt GECOS Name Processing Buffer Overflow Vulnerability Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2007-05-28 A vulnerability has been reported in mutt, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25408/ Other:-- [SA25420] Ingate Firewall and SIParator Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Exposure of sensitive information, DoS, System access Released: 2007-05-29 Some vulnerabilities have been reported in Ingate Firewall and SIParator, which can be exploited by malicious users to disclose potentially sensitive information or by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25420/ -- [SA25409] Nortel Meridian CS 1000 Unspecified Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-05-25 Eldon Sprickerhoff and Richard Gowman have reported a vulnerability in Nortel Meridian CS 1000, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25409/ -- [SA25448] 8e6 R3000 Internet Filter Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-29 agentsteal has reported some vulnerabilities in 8e6's R3000 Internet Filter, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25448/ -- [SA25486] OpenVMS Local Denial of Service Vulnerability Critical: Not critical Where: From remote Impact: DoS Released: 2007-05-31 A vulnerability has been reported in OpenVMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25486/ Cross Platform:-- [SA25488] Mozilla SeaMonkey Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Spoofing, Exposure of sensitive information, DoS, System access Released: 2007-05-31 Some vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/25488/ -- [SA25469] Mozilla Firefox Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Spoofing, Exposure of sensitive information, DoS, System access Released: 2007-05-31 Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/25469/ -- [SA25460] Pheap PHP Code Execution and Information Disclosure Critical: Highly critical Where: From remote Impact: Security Bypass, Exposure of sensitive information, System access Released: 2007-05-30 Silentz has discovered some vulnerabilities in Pheap, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25460/ -- [SA25459] FileCloset File Upload Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-30 A vulnerability has been reported in FileCloset, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25459/ -- [SA25426] F-Secure Products LHA Archive Handling Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-30 A vulnerability has been reported in various F-Secure products, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25426/ -- [SA25417] Avira Antivir Multiple File Processing Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-05-29 Sergio Alvarez has reported some vulnerabilities in Avira Antivir, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25417/ -- [SA25414] Geeklog CAPTCHA Plugin "_CONF[path]" File Inclusion Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-05-29 A vulnerability has been reported in the CAPTCHA plugin for Geeklog, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25414/ -- [SA25405] Sun Java System Web Proxy Server SOCKS Module Buffer Overflows Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-28 Two vulnerabilities have been reported in Sun Java System Web Proxy Server, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25405/ -- [SA25489] Mozilla Thunderbird Memory Corruption Vulnerability Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-05-31 A vulnerability has been reported in Mozilla Thunderbird, which can potentially be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25489/ -- [SA25452] gCards "newsid" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-05-28 Silentz has discovered a vulnerability in gCards, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25452/ -- [SA25451] My Little Forum "id" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2007-05-28 Silentz has discovered a vulnerability in My Little Forum, which can be exploited by malicious users to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25451/ -- [SA25440] F-Secure Packed Executable and Archive Scanning Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-05-30 A vulnerability has been reported in various F-Secure products, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25440/ -- [SA25438] DGNews Cross-Site Scripting and SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Released: 2007-05-29 Some vulnerabilities have been reported in DGNews, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. Full Advisory: http://secunia.com/advisories/25438/ -- [SA25424] cpCommerce "name" Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-28 jadoba has reported a vulnerability in cpCommerce, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/25424/ -- [SA25423] HP System Management Homepage PHP Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Exposure of sensitive information, DoS, System access Released: 2007-05-30 HP has acknowledged some vulnerabilities in HP System Management Homepage, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25423/ -- [SA25412] cpCommerce Two SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2007-05-25 Two vulnerabilities have been discovered in cpCommerce, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25412/ -- [SA25427] Openfire Unspecified Privilege Escalation Vulnerability Critical: Moderately critical Where: From local network Impact: Privilege escalation Released: 2007-05-29 A vulnerability has been reported in Openfire, which can be exploited by malicious users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25427/ -- [SA25470] Bochs NE2000 RX Frame Overflow and Disk Controller Denial of Service Critical: Moderately critical Where: Local system Impact: DoS, System access Released: 2007-05-31 Tavis Ormandy has reported some vulnerabilities in Bochs, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25470/ -- [SA25447] FirstClass "%00" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-29 agentsteal has reported a vulnerability in FirstClass, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25447/ -- [SA25446] phpPgAdmin login.php Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-28 Michal Majchrowicz has reported a vulnerability in phpPgAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25446/ -- [SA25443] eggblog Session Fixation Vulnerability Critical: Less critical Where: From remote Impact: Hijacking Released: 2007-05-30 David Vieira-Kurz has discovered a vulnerability in eggblog, which can be exploited by malicious people to conduct session fixation attacks. Full Advisory: http://secunia.com/advisories/25443/ -- [SA25437] Invision Power Board "editorid" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-30 Iron has reported a vulnerability in Invision Power Board, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25437/ -- [SA25415] Tor Circuit Generation Entry Guard Check Weakness Critical: Not critical Where: From remote Impact: Exposure of sensitive information Released: 2007-05-28 lodger has reported a weakness in Tor, which potentially can be exploited by malicious people to expose sensitive information. Full Advisory: http://secunia.com/advisories/25415/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Fri Jun 01 2007 - 00:47:54 PDT