Section: .. / 0602-advisories /
| /// File Name: |
sa18996.txt |
Description:
|
Secunia Security Advisory - Aliaksandr Hartsuyeu has reported a vulnerability in Easy Forum, which can be exploited by malicious people to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/18996/ | | File Size: | 1891 | | Last Modified: | Feb 23 21:22:26 2006 |
| MD5 Checksum: | ba29bb32c44ed18117891f263a7f5db1 |
|
| /// File Name: |
sa18997.txt |
Description:
|
Secunia Security Advisory - Roozbeh Afrasiabi has discovered a vulnerability in Runcms, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/18997/ | | File Size: | 1839 | | Last Modified: | Feb 23 21:22:26 2006 |
| MD5 Checksum: | d01b5a21f93fe72fecb92c058aedde77 |
|
| /// File Name: |
sa18998.txt |
Description:
|
Secunia Security Advisory - Nemesis Security Audit Group has discovered a vulnerability in Mailgust, which can be exploited by malicious people to disclose certain sensitive information.
| | Homepage: | http://secunia.com/advisories/18998/ | | File Size: | 1906 | | Last Modified: | Feb 25 01:55:07 2006 |
| MD5 Checksum: | 9e6c63cb7569ac0c1eb623798b5499c0 |
|
| /// File Name: |
sa18999.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for tar. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) and to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18999/ | | File Size: | 3507 | | Last Modified: | Feb 23 21:22:26 2006 |
| MD5 Checksum: | 89b152a95e8cfc839f6016031086c97c |
|
| /// File Name: |
sa19000.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for metamail. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19000/ | | File Size: | 1928 | | Last Modified: | Feb 23 21:22:26 2006 |
| MD5 Checksum: | eced55d166deb68ad405c71838cc5b60 |
|
| /// File Name: |
sa19001.txt |
Description:
|
Secunia Security Advisory - KeyShore and Yog have discovered a vulnerability in iCal, which can be exploited by malicious people to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/19001/ | | File Size: | 1840 | | Last Modified: | Feb 25 01:55:07 2006 |
| MD5 Checksum: | 2723d9bd680cf5c3fe8ce6a0ac7af724 |
|
| /// File Name: |
sa19002.txt |
Description:
|
Secunia Security Advisory - Jean-Sébastien Guay-Leroux has discovered a vulnerability in zoo, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19002/ | | File Size: | 1967 | | Last Modified: | Feb 25 01:55:07 2006 |
| MD5 Checksum: | 41441b988218e84af1c3190b67d1bee6 |
|
| /// File Name: |
sa19003.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities with unknown impacts have been reported in iUser Ecommerce.
| | Homepage: | http://secunia.com/advisories/19003/ | | File Size: | 1550 | | Last Modified: | Feb 23 21:22:26 2006 |
| MD5 Checksum: | 808d002088f56da159189b5e8b451d57 |
|
| /// File Name: |
sa19004.txt |
Description:
|
Secunia Security Advisory - Aliaksandr Hartsuyeu has reported a vulnerability in Simple Machines Forum, which can be exploited by malicious people to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/19004/ | | File Size: | 1956 | | Last Modified: | Feb 25 01:55:07 2006 |
| MD5 Checksum: | d225be36f0f6ec8e3017b7ce4a29b3c4 |
|
| /// File Name: |
sa19006.txt |
Description:
|
Secunia Security Advisory - Hamid Ebadi has reported a vulnerability in various SpeedProject products, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19006/ | | File Size: | 2169 | | Last Modified: | Feb 25 01:55:07 2006 |
| MD5 Checksum: | db864484b9ba8735e113300a0386c879 |
|
| /// File Name: |
sa19007.txt |
Description:
|
Secunia Security Advisory - KeyShore and KeyYog have discovered a vulnerability in Calcium, which can be exploited by malicious people to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/19007/ | | File Size: | 1845 | | Last Modified: | Feb 25 01:55:07 2006 |
| MD5 Checksum: | 78958483fa1b93be2a65d6d51ff03b2c |
|
| /// File Name: |
sa19008.txt |
Description:
|
Secunia Security Advisory - Matt Van Gundy has reported some vulnerabilities in PEAR Auth, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/19008/ | | File Size: | 1724 | | Last Modified: | Feb 23 21:22:26 2006 |
| MD5 Checksum: | 8502ca847c171521527f7dbcdbfc3c3c |
|
| /// File Name: |
sa19009.txt |
Description:
|
Secunia Security Advisory - Peter Vreugdenhil has reported a vulnerability in Macromedia ShockWave Player, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19009/ | | File Size: | 2404 | | Last Modified: | Feb 25 01:55:07 2006 |
| MD5 Checksum: | a0c359a7241130ce13d6222c8c8caf42 |
|
| /// File Name: |
sa19010.txt |
Description:
|
Secunia Security Advisory - Hamid Ebadi has reported a vulnerability in StuffIt and ZipMagic, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19010/ | | File Size: | 2297 | | Last Modified: | Feb 25 01:55:07 2006 |
| MD5 Checksum: | bce51ed60db7593dfc401b6842b87882 |
|
| /// File Name: |
sa19011.txt |
Description:
|
Secunia Security Advisory - Hamid Ebadi has discovered a vulnerability in PEAR Archive_Tar, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19011/ | | File Size: | 1894 | | Last Modified: | Feb 25 01:55:07 2006 |
| MD5 Checksum: | 2dc0b022b0f8b471f00c8b4380c63029 |
|
| /// File Name: |
sa19013.txt |
Description:
|
Secunia Security Advisory - Hamid Ebadi has discovered a vulnerability in WinACE, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/19013/ | | File Size: | 1902 | | Last Modified: | Feb 25 01:55:07 2006 |
| MD5 Checksum: | 0e4dfaa7248a6999242ad81ac9a7a752 |
|
| /// File Name: |
sa19014.txt |
Description:
|
Secunia Security Advisory - Nemesis Security Audit Group has discovered a vulnerability in Website Generator, which can be exploited by malicious users to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/19014/ | | File Size: | 1964 | | Last Modified: | Feb 25 01:55:07 2006 |
| MD5 Checksum: | 9f8cfd1805dc63751588f80d029cf22d |
|
| /// File Name: |
SA2006-01.txt |
Description:
|
NSFOCUS Security Advisory - The NSFocus Security Team has discovered a buffer overflow vulnerability when Winamp processes .m3u files, which might cause Winamp to crash or even execute arbitrary code when a user loads a malicious .m3u file and plays it. Affected software includes Nullsoft Winamp version 5.12 and 5.13.
| | Author: | Liu Yexin. | | Homepage: | http://www.nsfocus.com | | File Size: | 2770 | | Related CVE(s): | CAN-2006-0720 | | Last Modified: | Feb 26 04:38:32 2006 |
| MD5 Checksum: | 445600afb0a4ead37ec73f5efec66567 |
|
| /// File Name: |
secunia-LotusDomino.txt |
Description:
|
Secunia Research has discovered some vulnerabilities in Lotus Domino iNotes Client, which can be exploited by malicious people to conduct script insertion attacks. Affected versions include IBM Lotus Domino Web Access 7.x, IBM Lotus Domino Web Access (iNotes) 6.x, IBM Lotus Domino 6.x, and IBM Lotus Domino 7.x.
| | Author: | Jakob Balle, Tan Chew Keong | | Homepage: | http://secunia.com/ | | File Size: | 4835 | | Last Modified: | Feb 13 07:29:16 2006 |
| MD5 Checksum: | f2c60fa5995b0dbee60e181aabb794b1 |
|
| /// File Name: |
secunia-LotusNotesOverflow.txt |
Description:
|
Secunia Research has discovered two boundary condition vulnerabilities in Lotus Notes, which can be exploited by malicious people to compromise a user's system. Affected versions are Lotus Notes 6.5.4 and Lotus Notes 7.0.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4629 | | Related CVE(s): | CAN-2005-2618 | | Last Modified: | Feb 13 07:34:02 2006 |
| MD5 Checksum: | 86c5534939f8020b99e061598d320dc4 |
|
| /// File Name: |
secunia-LotusNotesTar.txt |
Description:
|
Secunia Research has discovered a vulnerability in Lotus Notes, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the TAR reader (tarrdr.dll) when extracting files from a TAR archive. This can be exploited to cause a stack-based buffer overflow via a TAR archive containing a file with a long filename. Successful exploitation allows execution of arbitrary code, but requires that the user views a malicious TAR archive and chooses to extracts a compressed file to a directory with a very long path (more than 220 bytes). Affected versions are Lotus Notes 6.5.4 and Lotus Notes 7.0.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4224 | | Related CVE(s): | CAN-2005-2618 | | Last Modified: | Feb 13 07:35:13 2006 |
| MD5 Checksum: | 1a2d46a055e17e348078941b24c32d31 |
|
| /// File Name: |
secunia-LotusNotesUUE.txt |
Description:
|
Secunia Research has discovered a vulnerability in Lotus Notes, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in uudrdr.dll when handling an UUE file containing an encoded file with an overly long filename. This can be exploited to cause a stack-based buffer overflow. Successful exploitation allows execution of arbitrary code when a malicious UUE file is opened in the Notes attachment viewer. Affected versions are Lotus Notes 6.5.4 and Lotus Notes 7.0.
| | Author: | Tan Chew Keong | | Homepage: | http://secunia.com/ | | File Size: | 3488 | | Related CVE(s): | CAN-2005-2618 | | Last Modified: | Feb 13 07:36:44 2006 |
| MD5 Checksum: | 46e061cc9c8caffba9ab50e805555d1b |
|
| /// File Name: |
secunia-LotusNotesZIP.txt |
Description:
|
Secunia Research has discovered a vulnerability in Lotus Notes, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in kvarcve.dll when constructing the full pathname of a compressed file to check for its existence before extracting it from a ZIP archive. This can be exploited to cause a stack-based buffer overflow. Successful exploitation allows execution of arbitrary code when the user extracts a compressed file with a long filename from within the Notes attachment viewer. Affected versions is Lotus Notes 6.5.4.
| | Author: | Tan Chew Keong | | Homepage: | http://secunia.com/ | | File Size: | 3545 | | Related CVE(s): | CAN-2005-2618 | | Last Modified: | Feb 13 07:37:55 2006 |
| MD5 Checksum: | 9439534009569c4b9183a5225164e604 |
|
| /// File Name: |
secunia-LotusTraverse.txt |
Description:
|
Secunia Research has discovered a vulnerability in Lotus Notes, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to directory traversal errors in kvarcve.dll when generating the preview of a compressed file from ZIP, UUE and TAR archives. This can be exploited to delete arbitrary files that are accessible to the Notes user. Affected versions are Lotus Notes 6.5.4 and Lotus Notes 7.0.
| | Author: | Tan Chew Keong, Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 3624 | | Related CVE(s): | CAN-2005-2619 | | Last Modified: | Feb 13 07:30:55 2006 |
| MD5 Checksum: | 33831d7b65b685f808fa0da72f848588 |
|
| /// File Name: |
secunia-NJStar.txt |
Description:
|
Secunia Research has discovered a vulnerability in NJStar Word Processor, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/ | | File Size: | 3409 | | Last Modified: | Feb 20 23:32:12 2006 |
| MD5 Checksum: | 184496717b8cdb835ba46ae90e191dae |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
