Monthly Archive: April 2007

Buffer overflow in Fresh View 7.15 allows user-assisted remote attackers to execute arbitrary code via a crafted .PSP file. Date published : 2007-04-26 http://www.securityfocus.com/bid/23660 https://www.exploit-db.com/exploits/3798

Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before 6.0 has an nfcuser account with the default password nfcuser, which allows remote attackers to modify the product configuration and, when installed on Linux, obtain...

Stack-based buffer overflow in the DoWebMenuAction function in the IncrediMail IMMenuShellExt ActiveX control (ImShExt.dll) allows remote attackers to execute arbitrary code via unspecified vectors. Date published : 2007-04-26 http://www.securityfocus.com/bid/23674 http://www.kb.cert.org/vuls/id/906777

Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx...

The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory....

Multiple PHP remote file inclusion vulnerabilities in DCP-Portal 6.1.1 allow remote attackers to execute arbitrary PHP code via a URL in (1) the path parameter to library/adodb/adodb.inc.php, (2) the abs_path_editor parameter to library/editor/editor.php, or...

Session fixation vulnerability in Plogger allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. Date published : 2007-04-25 http://www.securityfocus.com/archive/1/466772/100/0/threaded http://www.majorsecurity.de/index_2.php?major_rls=major_rls46

** DISPUTED ** 3Com TippingPoint IPS allows remote attackers to cause a denial of service (device hang) via a flood of packets on TCP port 80 with sequentially increasing source ports, related to a...

Unspecified vulnerability in HP StorageWorks Command View Advanced Edition for XP before 5.6.0-01, XP Replication Monitor before 5.6.0-01, and XP Tiered Storage Manager before 5.5.0-02 allows local users to access other accounts via unspecified...

The BitTorrent implementation in Opera 9.2 allows remote attackers to cause a denial of service (CPU consumption and application crash) via a malformed torrent file. NOTE: the original disclosure refers to this as a...

PHP remote file inclusion vulnerability in include/loading.php in Alessandro Lulli wavewoo 0.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the path_include parameter. Date published : 2007-04-25 http://www.securityfocus.com/bid/23636 https://www.exploit-db.com/exploits/3796

PHP remote file inclusion vulnerability in docs/front-end-demo/cart2.php in Advanced Webhost Billing System (AWBS) 2.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the workdir parameter. Date published : 2007-04-25 http://www.securityfocus.com/bid/23633...

Directory traversal vulnerability in Rajneel Lal TotaRam USP FOSS Distribution 1.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the dnld parameter. Date published : 2007-04-25 http://www.securityfocus.com/bid/23632 https://www.exploit-db.com/exploits/3794

The Linksys SPA941 VoIP Phone allows remote attackers to cause a denial of service (device reboot) via a 0377 (0xff) character in the From header, and possibly certain other locations, in a SIP INVITE...