CVE-2008-1060 (Sniplets Plugin)

Eval injection vulnerability in modules/execute.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via the text parameter.

Permanent link to this post (27 words, estimated 6 secs reading time)

CVE-2008-1069 (Quantum Game Library)

Multiple PHP remote file inclusion vulnerabilities in Quantum Game Library 0.7.2c allow remote attackers to execute arbitrary PHP code via a URL in the CONFIG[gameroot] parameter to (1) server_request.php and (2) qlib/smarty.inc.php.

Permanent link to this post (33 words, estimated 8 secs reading time)

CVE-2008-0124 (Serendipity)

Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before 1.3-beta1 allows remote authenticated users to inject arbitrary web script or HTML via (1) the “Real name” field in Personal Settings, which is presented to readers of articles; or (2) a file upload, as demonstrated by a .htm, .html, or .js file.

Permanent link to this post (51 words, estimated 12 secs reading time)

CVE-2008-1068 (Portail Web Php)

Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) Vert/index.php, (2) Noir/index.php, and (3) Bleu/index.php in template/, different vectors than CVE-2008-0645.

Permanent link to this post (43 words, estimated 10 secs reading time)

CVE-2008-0309 (Symantec AntiVirus Network Attached Storage, Symantec AntiVirus Scan Engine, Syma…)

Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).

Permanent link to this post (53 words, estimated 13 secs reading time)

CVE-2008-1067 (phpQLAdmin)

Multiple PHP remote file inclusion vulnerabilities in phpQLAdmin 2.2.7 allow remote attackers to execute arbitrary PHP code via a URL in the _SESSION[path] parameter to (1) ezmlm.php and (2) tools/update_translations.php.

Permanent link to this post (31 words, estimated 7 secs reading time)

CVE-2008-1062 (WinDVD Media Center)

InterVideo IMC Server (aka IMCSvr.exe) and InterVideo Home Theater (aka IHT.exe) in InterVideo WinDVD Media Center 2.11.15.0 allow remote attackers to cause a denial of service (NULL dereference and application crash) via a crafted packet with two CRLF sequences. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Permanent link to this post (57 words, estimated 14 secs reading time)

CVE-2008-0411 (SuSE SLE SDK, enterprise_linux, Enterprise Linux Desktop Workstation, Mandrake Li…)

Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.

Permanent link to this post (36 words, estimated 9 secs reading time)

CVE-2008-1058 (Open_BSD)

The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 allows attackers to cause a denial of service (panic) via crafted TCP packets. NOTE: some of these details are obtained from third party information.

Permanent link to this post (35 words, estimated 8 secs reading time)

CVE-2008-1066 (Smarty)

The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and other products, allows attackers to call arbitrary PHP functions via templates, related to a ” character in a search string.

Permanent link to this post (34 words, estimated 8 secs reading time)

« Previous Entries