======================================================================== The Secunia Weekly Advisory Summary 2008-12-27 - 2009-01-03 This week: 41 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: Secunia PSI: Habla espaol! The Secunia PSI 1.0 - now available in Spanish! Remember; installing the latest security patches for your programs is just as important as having an anti-virus program and being behind a firewall. Read more: http://secunia.com/blog/39/ -- Internet Explorer Data Binding 0-Day Clarifications As everyone using Internet Explorer hopefully are aware of, then there's a new 0-day circulating. There has been a lot of confusion as to both the problem cause and the browser versions affected, but in this blog, I should be able to sort it all out. Basically, this vulnerability was initially reported by everyone (including ourselves) as an XML processing vulnerability in Internet Explorer 7. PoCs and working exploits were immediately made publicly available by various sources and security vendors were quick to report that their products were successfully detecting attacks. But were they really? Read more: http://secunia.com/blog/38/ ======================================================================== 2) This Week in Brief: Some vulnerabilities have been reported in RealNetworks Helix Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. For more information, refer to: http://secunia.com/advisories/33360/ ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA33089] Internet Explorer Data Binding Memory Corruption Vulnerability 2. [SA32270] Adobe Flash Player Multiple Security Issues and Vulnerabilities 3. [SA32991] Sun Java JDK / JRE Multiple Vulnerabilities 4. [SA20153] Microsoft Word Malformed Object Pointer Vulnerability 5. [SA33360] RealNetworks Helix Server Multiple Vulnerabilities 6. [SA29773] Adobe Acrobat/Reader Multiple Vulnerabilities 7. [SA31821] Apple QuickTime Multiple Vulnerabilities 8. [SA13769] Zeroboard Multiple Vulnerabilities 9. [SA33327] Hex Workshop Color Map Buffer Overflow Vulnerability 10. [SA33310] PGP Desktop PGPwded.sys Driver Denial of Service ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA33327] Hex Workshop Color Map Buffer Overflow Vulnerability [SA33326] Megacubo URI Handling PHP Code Injection Vulnerability [SA33376] FlexPHPic SQL Injection Vulnerabilities [SA33373] Pixel8 Web Photo Album "AlbumID" SQL Injection Vulnerability [SA33358] Sepcity Shopping Mall "ID" SQL Injection Vulnerability [SA33357] Sepcity Faculty Portal "ID" SQL Injection Vulnerability [SA33355] Elecard MPEG Player M3U Buffer Overflow Vulnerability [SA33354] Sepcity Classified Ads "ID" SQL Injection Vulnerability [SA33344] ForumApp Database Disclosure [SA33334] BlackJumboDog Authentication Bypass Vulnerability UNIX/Linux: [SA33349] Fedora update for mediawiki [SA33345] MWP Blog System "id" SQL Injection Vulnerability [SA33350] Fedora update for kvm [SA33341] FreeBSD ftpd Long Command Processing Vulnerability [SA33325] Avaya CMS Solaris "libICE" Denial of Service Vulnerability [SA33328] Sun SNMP Management Agent Insecure Temporary Files [SA33348] Fedora update for kernel Other: Cross Platform: [SA33375] CMScout Multiple Vulnerabilities [SA33360] RealNetworks Helix Server Multiple Vulnerabilities [SA33353] FlexPHPDirectory Multiple Vulnerabilities [SA33343] FlexPHPLink Pro Multiple Vulnerabilities [SA33374] Vacation Script "editid1" SQL Injection Vulnerability [SA33370] 2Capsule's Sticker Extreme Edition "id" SQL Injection Vulnerability [SA33369] Memberkit Arbitrary File Upload Vulnerability [SA33367] PHPFootball SQL Injection and Cross-Site Scripting Vulnerabilities [SA33364] w3blabor CMS "benutzername" SQL Injection Vulnerability [SA33363] PowerNews "newsid" SQL Injection Vulnerability [SA33362] PowerClan "loginemail" SQL Injection Vulnerability [SA33356] Audacity "String_parse::get_nonspace_quoted()" Buffer Overflow [SA33352] Joomla PaxGallery Component "gid" SQL Injection Vulnerability [SA33347] FlexPHPSite SQL Injection Vulnerabilities [SA33339] OpenEdit DAM Multiple Vulnerabilities [SA33337] webClassifieds SQL Injection Vulnerability [SA33336] eDNews File Inclusion and SQL Injection Vulnerabilities [SA33335] eDContainer "lg" File Inclusion Vulnerability [SA33329] Ultimate PHP Board "User-Agent" Script Insertion [SA33366] eggBlog Cross-Site Request Forgery Vulnerability [SA33351] DeluxeBB "delete*" SQL Injection Vulnerability [SA33340] ViArt Shop Cross-Site Request Forgery and Cross-Site Scripting [SA33333] Mayaa Error Page Cross-Site Scripting Vulnerability [SA33330] IBM Tivoli Netcool/Webtop Tomcat Vulnerability ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA33327] Hex Workshop Color Map Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2008-12-29 Encrypt3d.M!nd has discovered a vulnerability in Hex Workshop, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/33327/ -- [SA33326] Megacubo URI Handling PHP Code Injection Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2009-01-02 pyrokinesis has discovered a vulnerability in Megacubo, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/33326/ -- [SA33376] FlexPHPic SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data Released: 2009-01-02 S.W.A.T. has discovered some vulnerabilities in FlexPHPic, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33376/ -- [SA33373] Pixel8 Web Photo Album "AlbumID" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2009-01-02 AlpHaNiX has reported a vulnerability in Pixel8 Web Photo Album, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33373/ -- [SA33358] Sepcity Shopping Mall "ID" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2008-12-30 Osmanizim has discovered a vulnerability in Sepcity Shopping Mall, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33358/ -- [SA33357] Sepcity Faculty Portal "ID" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2008-12-30 Osmanizim has discovered a vulnerability in Sepcity Faculty Portal, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33357/ -- [SA33355] Elecard MPEG Player M3U Buffer Overflow Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2009-01-02 aBo MoHaMeD has discovered a vulnerability in Elecard MPEG Player, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/33355/ -- [SA33354] Sepcity Classified Ads "ID" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2008-12-30 S.W.A.T. has discovered a vulnerability in Sepcity Classified Ads, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33354/ -- [SA33344] ForumApp Database Disclosure Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2008-12-29 Cyber.Zer0 has discovered a security issue in ForumApp, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/33344/ -- [SA33334] BlackJumboDog Authentication Bypass Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2008-12-26 A vulnerability has been reported in BlackJumboDog, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/33334/ UNIX/Linux:-- [SA33349] Fedora update for mediawiki Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2008-12-26 Fedora has issued an update for mediawiki. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and request forgery attacks. Full Advisory: http://secunia.com/advisories/33349/ -- [SA33345] MWP Blog System "id" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2008-12-29 A vulnerability has been discovered in MWP Blog System for PHP-Fusion, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33345/ -- [SA33350] Fedora update for kvm Critical: Moderately critical Where: Local system Impact: Security Bypass, DoS Released: 2008-12-26 Fedora has issued an update for kvm. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions and cause a DoS (Denial of Service) or by malicious users to cause a DoS. Full Advisory: http://secunia.com/advisories/33350/ -- [SA33341] FreeBSD ftpd Long Command Processing Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-12-26 FreeBSD has acknowledged a vulnerability in ftpd, which can be exploited by malicious people to conduct cross-site request forgery attacks. Full Advisory: http://secunia.com/advisories/33341/ -- [SA33325] Avaya CMS Solaris "libICE" Denial of Service Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2008-12-26 Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/33325/ -- [SA33328] Sun SNMP Management Agent Insecure Temporary Files Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2008-12-26 A security issue has been reported in Sun SNMP Management Agent, which can be exploited by malicious, local users to perform certain actions with escalated privileges. Full Advisory: http://secunia.com/advisories/33328/ -- [SA33348] Fedora update for kernel Critical: Not critical Where: Local system Impact: DoS Released: 2008-12-26 Fedora has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/33348/ Other: Cross Platform:-- [SA33375] CMScout Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Manipulation of data, System access Released: 2009-01-02 SirGod has discovered some vulnerabilities in CMScout, which can be exploited by malicious people and malicious users to conduct SQL injection attacks, and by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/33375/ -- [SA33360] RealNetworks Helix Server Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2008-12-30 Some vulnerabilities have been reported in RealNetworks Helix Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/33360/ -- [SA33353] FlexPHPDirectory Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Manipulation of data, System access Released: 2008-12-30 Some vulnerabilities have been discovered in FlexPHPDirectory, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/33353/ -- [SA33343] FlexPHPLink Pro Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Manipulation of data, System access Released: 2008-12-29 Some vulnerabilities have been discovered in FlexPHPLink Pro, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/33343/ -- [SA33374] Vacation Script "editid1" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2009-01-02 x0r has reported a vulnerability in Vacation Script, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33374/ -- [SA33370] 2Capsule's Sticker Extreme Edition "id" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2009-01-02 A vulnerability has been discovered in 2Capsule's Sticker Extreme Edition, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33370/ -- [SA33369] Memberkit Arbitrary File Upload Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2009-01-02 Lo$er has reported a vulnerability in Memberkit, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/33369/ -- [SA33367] PHPFootball SQL Injection and Cross-Site Scripting Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of sensitive information Released: 2009-01-02 Some vulnerabilities have been discovered in PHPFootball, which can be exploited by malicious people to conduct SQL injection and cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/33367/ -- [SA33364] w3blabor CMS "benutzername" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2009-01-02 DNX has discovered a vulnerability in w3blabor CMS, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33364/ -- [SA33363] PowerNews "newsid" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2009-01-02 Virangar Security has discovered a vulnerability in PowerNews, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33363/ -- [SA33362] PowerClan "loginemail" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data Released: 2009-01-02 Virangar Security has discovered a vulnerability in PowerClan, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33362/ -- [SA33356] Audacity "String_parse::get_nonspace_quoted()" Buffer Overflow Critical: Moderately critical Where: From remote Impact: System access Released: 2009-01-02 A vulnerability has been discovered in Audacity, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/33356/ -- [SA33352] Joomla PaxGallery Component "gid" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2008-12-29 XaDoS has reported a vulnerability in the PaxGallery component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33352/ -- [SA33347] FlexPHPSite SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2008-12-30 Some vulnerabilities have been reported in FlexPHPSite, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33347/ -- [SA33339] OpenEdit DAM Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2008-12-30 Some vulnerabilities have been reported in OpenEdit DAM, which can be exploited by malicious people to conduct script-insertion and cross-site request forgery attacks. Full Advisory: http://secunia.com/advisories/33339/ -- [SA33337] webClassifieds SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data Released: 2008-12-29 AnGeL25dZ has reported a vulnerability in webClassifieds, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33337/ -- [SA33336] eDNews File Inclusion and SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of system information, Exposure of sensitive information Released: 2008-12-29 Some vulnerabilities have been discovered in eDNews, which can be exploited by malicious people to disclose sensitive information or conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33336/ -- [SA33335] eDContainer "lg" File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information, Exposure of system information Released: 2008-12-29 GoLd_M has reported a vulnerability in eDContainer, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/33335/ -- [SA33329] Ultimate PHP Board "User-Agent" Script Insertion Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2008-12-29 A vulnerability has been discovered in Ultimate PHP Board, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/33329/ -- [SA33366] eggBlog Cross-Site Request Forgery Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2009-01-02 x0r has discovered a vulnerability in eggBlog, which can be exploited by malicious people to conduct cross-site request forgery attacks. Full Advisory: http://secunia.com/advisories/33366/ -- [SA33351] DeluxeBB "delete*" SQL Injection Vulnerability Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2008-12-29 StAkeR has discovered a vulnerability in DeluxeBB, which can be exploited by malicious users to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/33351/ -- [SA33340] ViArt Shop Cross-Site Request Forgery and Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-12-30 Xia Shing Zee has reported some vulnerabilities in ViArt Shop, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. Full Advisory: http://secunia.com/advisories/33340/ -- [SA33333] Mayaa Error Page Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-12-26 A vulnerability has been reported in Mayaa, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/33333/ -- [SA33330] IBM Tivoli Netcool/Webtop Tomcat Vulnerability Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2008-12-26 A vulnerability has been reported in IBM Tivoli Netcool/Webtop, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/33330/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Subscribe: http://secunia.com/advisories/weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support_at_private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _______________________________________________ Please help InfoSecNews.org with a donation! http://www.infosecnews.org/donate.htmlReceived on Mon Jan 05 2009 - 00:00:35 PST
This archive was generated by hypermail 2.2.0 : Mon Jan 05 2009 - 00:04:56 PST