Section: .. / 0804-advisories /
| /// File Name: |
sa30012.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for iceape. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/30012/ | | File Size: | 16109 | | Last Modified: | Apr 29 19:20:27 2008 |
| MD5 Checksum: | fde52baf453024d9cd8fb877a2d0bf84 |
|
| /// File Name: |
sa30014.txt |
Description:
|
Secunia Security Advisory - A weakness has been reported in util-linux-ng, which can be exploited by malicious people to manipulate certain data.
| | Homepage: | http://secunia.com/advisories/30014/ | | File Size: | 2592 | | Last Modified: | Apr 29 19:20:27 2008 |
| MD5 Checksum: | a1d607f6c7cd844b6b356f9b1a09f45c |
|
| /// File Name: |
secunia-activeapplix.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in activePDF DocConverter, which can be exploited by malicious people to compromise a vulnerable system when converting Applix documents. A couple of boundary errors and an unsafe call may allow for arbitrary code execution. A logic error may cause a denial of service condition.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4770 | | Related CVE(s): | CVE-2007-5405, CVE-2007-5406 | | Last Modified: | Apr 14 17:43:35 2008 |
| MD5 Checksum: | 57556bf4ae454d318bc134811ae3017c |
|
| /// File Name: |
secunia-activefolio.txt |
Description:
|
Secunia Research has discovered 21 vulnerabilities in activePDF DocConverter, which can be exploited by malicious people to compromise a vulnerable system. Boundary errors within the "Folio Flat File" speed reader (foliosr.dll) when handling attribute values of a number of tags (eg. DI, FD, FT, JD, JL, LE, OB, OD, OL, PN, PS, PW, RD, QL, or TS) can be exploited to cause stack-based buffer overflows.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4427 | | Related CVE(s): | CVE-2007-6020 | | Last Modified: | Apr 14 17:37:16 2008 |
| MD5 Checksum: | 1c9df97a790f8ff13a24742726f83853 |
|
| /// File Name: |
secunia-adobeheap.txt |
Description:
|
Secunia Research has discovered a vulnerability in Adobe Flash Player, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of "Declare Function (V7)" tags. This can be exploited to cause a heap-based buffer overflow via specially crafted argument preload flags. Successful exploitation may allow execution of arbitrary code. Adobe Flash Player 9.0.115.0 is affected.
| | Author: | Alin Rad Pop | | Homepage: | http://secunia.com/ | | File Size: | 4263 | | Related CVE(s): | CVE-2007-6019 | | Last Modified: | Apr 14 16:49:44 2008 |
| MD5 Checksum: | 85907b98a4a0365807e5c2b1c7cfffaf |
|
| /// File Name: |
secunia-applix.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. A couple of boundary errors and an unsafe call may allow for arbitrary code execution. A logic error may cause a denial of service condition.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4877 | | Related CVE(s): | CVE-2007-5405 | | Last Modified: | Apr 14 17:31:57 2008 |
| MD5 Checksum: | 722239f5c8c2446ddc8174a02afe027c |
|
| /// File Name: |
secunia-clamav.txt |
Description:
|
Secunia Research has discovered a vulnerability in ClamAV, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "cli_scanpe()" function in libclamav/pe.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted "Upack" executable. Successful exploitation allows execution of arbitrary code. Versions 0.92 and 0.92.1 are affected.
| | Author: | Alin Rad Pop | | Homepage: | http://secunia.com/ | | File Size: | 4482 | | Related CVE(s): | CVE-2008-1100 | | Last Modified: | Apr 14 16:48:27 2008 |
| MD5 Checksum: | bc71a35fc0ef71c2746cdc41b8e30f13 |
|
| /// File Name: |
secunia-datastream.txt |
Description:
|
Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when processing data streams and can be exploited to trigger a use-after-free condition by returning a specially crafted data stream of e.g. an unexpected MIME-type for which no handler is registered. Successful exploitation allows execution of arbitrary code when a user visits a malicious website. Versions 5.01, 6, and 7 are affected.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4256 | | Related CVE(s): | CVE-2008-1085 | | Last Modified: | Apr 14 17:34:40 2008 |
| MD5 Checksum: | 1f288ff9a8f03d249d4baf06e66ac53c |
|
| /// File Name: |
secunia-eml.txt |
Description:
|
Secunia Research has discovered multiple vulnerabilities in Lotus Notes, which can be exploited by malicious people to compromise a user's system. Various boundary errors exist in the EML reader (emlsr.dll). Lotus Notes version 8.0 is affected.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4727 | | Related CVE(s): | CVE-2007-5399 | | Last Modified: | Apr 14 17:18:04 2008 |
| MD5 Checksum: | e6020892898385c53e8429c09144723d |
|
| /// File Name: |
secunia-emlreader.txt |
Description:
|
Secunia Research has discovered multiple vulnerabilities in Autonomy Keyview, which can be exploited by malicious people to compromise a user's system. Various boundary errors exist in the EML reader (emlsr.dll). Autonomy Keyview version 10.3.0.0 is affected.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4842 | | Related CVE(s): | CVE-2007-5399 | | Last Modified: | Apr 14 17:33:35 2008 |
| MD5 Checksum: | 2b9ab8c858a1e87599cd6acaed1cc49d |
|
| /// File Name: |
secunia-folioflat.txt |
Description:
|
Secunia Research has discovered 21 vulnerabilities in Lotus Notes, which can be exploited by malicious people to compromise a vulnerable system. Boundary errors within the "Folio Flat File" speed reader (foliosr.dll) when handling attribute values of a number of tags (eg. DI, FD, FT, JD, JL, LE, OB, OD, OL, PN, PS, PW, RD, QL, or TS) can be exploited to cause stack-based buffer overflows. Lotus Notes versions 7.0.3 and 8.0 are affected.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4305 | | Related CVE(s): | CVE-2007-6020 | | Last Modified: | Apr 14 17:15:20 2008 |
| MD5 Checksum: | 658d6de2e5bf506bdc6b9c42899cd2ed |
|
| /// File Name: |
secunia-graphics.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in Autonomy Keyview utilised in Lotus Notes, which can be exploited by malicious people to compromise a vulnerable system when viewing Applix documents. Lotus Notes versions 7.0.3 and 8.0 are affected.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4937 | | Related CVE(s): | CVE-2007-5405, CVE-2007-5406 | | Last Modified: | Apr 14 17:43:43 2008 |
| MD5 Checksum: | 6b1e5c2f43af293caf0561ec4dd4a5e9 |
|
| /// File Name: |
secunia-hpopenwide.txt |
Description:
|
Secunia Research has discovered a vulnerability in HP OpenView Network Node Manager, which can be exploited by malicious people to disclose certain information. It is possible to download or view arbitrary files by sending a HTTP request to the OpenView5.exe CGI application and passing strings containing directory traversal sequences to the "Action" parameter. HP OpenView Network Node Manager version 7.51 is affected.
| | Author: | JJ Reyes | | Homepage: | http://secunia.com/ | | File Size: | 4311 | | Related CVE(s): | CVE-2008-0068 | | Last Modified: | Apr 14 17:46:36 2008 |
| MD5 Checksum: | fe82ad6a60c92b2a8a4138eb93854f3c |
|
| /// File Name: |
secunia-htmsr.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in Lotus Notes, which can be exploited by malicious people to compromise a user's system. A boundary error within the HTML speed reader (htmsr.dll) when handling links in e.g. the "background" attribute of BODY tags can be exploited to cause a stack-based buffer overflow. A boundary error within the HTML speed reader (htmsr.dll) when handling e.g. the "src" attribute of IMG tags can be exploited to cause a stack-based buffer overflow. A boundary error within the HTML speed reader (htmsr.dll) when handling large chunks of data inside an HTML document can be exploited to cause a heap-based buffer overflow. Lotus Notes version 7.0.2 and 7.0.3 are affected.
| | Author: | Secunia Research | | Homepage: | http://secunia.com/ | | File Size: | 4381 | | Related CVE(s): | CVE-2008-0066 | | Last Modified: | Apr 14 17:13:29 2008 |
| MD5 Checksum: | a558444c02a80ac7014bcf1ad4adba8f |
|
| /// File Name: |
secunia-keyview.txt |
Description:
|
Secunia Research has discovered 21 vulnerabilities in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. Boundary errors within the "Folio Flat File" speed reader (foliosr.dll) when handling attribute values of a number of tags (eg. DI, FD, FT, JD, JL, LE, OB, OD, OL, PN, PS, PW, RD, QL, or TS) can be exploited to cause stack-based buffer overflows. Autonomy Keyview version 10.3.0.0 is affected.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4229 | | Related CVE(s): | CVE-2007-6020 | | Last Modified: | Apr 14 17:22:08 2008 |
| MD5 Checksum: | 355e6bf2288853d5658d3ab39bceee50 |
|
| /// File Name: |
secunia-lotusnotes.txt |
Description:
|
Secunia Research has discovered a vulnerability in Lotus Notes, which can be exploited by malicious people to compromise a user's system. A boundary error within kvdocve.dll when processing overly long paths can be exploited to cause a buffer overflow via e.g. an overly long link inside the "src" attribute of an ![]() tag in an HTML document. Lotus Notes versions 7.0.2 and 7.0.3 are affected.
| | Author: | Secunia Research | | Homepage: | http://secunia.com/ | | File Size: | 4052 | | Related CVE(s): | CVE-2008-1101 | | Last Modified: | Apr 14 16:50:35 2008 |
| MD5 Checksum: | c73dd6de3a917119766b3fc6935c9997 |
|
| /// File Name: |
secunia-symanapplix.txt |
Description:
|
Secunia Research has discovered some vulnerabilities Symantec Mail Security, which can be exploited by malicious people to compromise a vulnerable system when scanning Applix documents. A couple of boundary errors and an unsafe call may allow for arbitrary code execution. A logic error may cause a denial of service condition.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 5312 | | Related CVE(s): | CVE-2007-5405, CVE-2007-5406 | | Last Modified: | Apr 14 17:41:27 2008 |
| MD5 Checksum: | 26481917edf681de247a0112ffd45302 |
|
| /// File Name: |
secunia-symantec.txt |
Description:
|
Secunia Research has discovered 21 vulnerabilities in Symantec Mail Security, which can be exploited by malicious people to compromise a vulnerable system. Boundary errors within the "Folio Flat File" speed reader (foliosr.dll) when handling attribute values of a number of tags (eg. DI, FD, FT, JD, JL, LE, OB, OD, OL, PN, PS, PW, RD, QL, or TS) can be exploited to cause stack-based buffer overflows.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4780 | | Related CVE(s): | CVE-2007-6020 | | Last Modified: | Apr 14 17:35:59 2008 |
| MD5 Checksum: | e7d7d5429a32af526b6677bedbf2cdec |
|
| /// File Name: |
SSRT071455.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified in the embedded management console in certain HP Integrity Servers iLO-2 Management Processors (iLO-2 MP). The vulnerability could be remotely exploited to cause a Denial of Service (DoS).
| | Homepage: | http://www.hp.com/ | | File Size: | 6725 | | Related CVE(s): | CVE-2008-0711 | | Last Modified: | Apr 8 22:48:05 2008 |
| MD5 Checksum: | 29707edfb5a756fe04a2e9c07b304c30 |
|
| /// File Name: |
SSRT080000.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running WBEM Services. These vulnerabilities could be exploited remotely to execute arbitrary code or to gain extended privileges.
| | Homepage: | http://www.hp.com/ | | File Size: | 7962 | | Related CVE(s): | CVE-2007-5360, CVE-2008-0003 | | Last Modified: | Apr 30 20:46:10 2008 |
| MD5 Checksum: | e06432718809d3e5fcaa0f82bc13921f |
|
| /// File Name: |
SSRT080006.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified in PostgreSQL versions 8.2.4 and earlier running on HP Internet Express for Tru64 UNIX. The vulnerabilities could be exploited to execute arbitrary code, elevation of privilege, or cause a Denial of Service (DoS).
| | Homepage: | http://www.hp.com/ | | File Size: | 6953 | | Related CVE(s): | CVE-2007-3278, CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601 | | Last Modified: | Apr 3 01:07:41 2008 |
| MD5 Checksum: | 6dd7bac8e9064b173aa9ca45a9fdc5fa |
|
| /// File Name: |
SSRT080018.txt |
Description:
|
HP Security Bulletin - A potential security vulnerability has been identified with HP Storage Essentials Software. The vulnerability could be exploited remotely to gain unauthorized access to data.
| | Homepage: | http://www.hp.com/ | | File Size: | 7086 | | Related CVE(s): | CVE-2006-5750 | | Last Modified: | Apr 8 22:51:21 2008 |
| MD5 Checksum: | 75c3fdaf6cfffba07de1fa7af61a616f |
|
| /// File Name: |
SSRT080026.txt |
Description:
|
HP Security Bulletin - Potential security vulnerabilities have been identified with HP Select Identity software. The vulnerabilities could be exploited by an authenticated user to gain unauthorized access to other user accounts.
| | Homepage: | http://www.hp.com/ | | File Size: | 7313 | | Related CVE(s): | CVE-2008-0709 | | Last Modified: | Apr 3 01:06:37 2008 |
| MD5 Checksum: | e80411e7253ce945ff5e2ca6230942bd |
|
| /// File Name: |
SSRT080031.txt |
Description:
|
HP Security Bulletin - A potential vulnerability has been identified with the HPeDiag ActiveX control which is a component of HP Software Update running under windows. The vulnerability could be exploited to allow remote disclosure of information and execution of arbitrary code.
| | Homepage: | http://www.hp.com/ | | File Size: | 7674 | | Related CVE(s): | CVE-2008-0712 | | Last Modified: | Apr 24 16:49:38 2008 |
| MD5 Checksum: | 94d1e54ffae4bc8b8badbca2a431fe5f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
