ðòïåëôù 


  áòèé÷ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  óôáôøé 


  ðåòóïîáìøîïå 


  ðòïçòáííù 



ðéûéôå
ðéóøíá

outsource flow blockchain development Boosty Labs













     áòèé÷ :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: @RISK: The Consensus Security Vulnerability Alert Vol. 6 No. 25



> *****************************
> Widely Deployed Software
> *****************************
> 
> (1) CRITICAL: Microsoft Windows Schannel Remote Code 
> Execution (MS07-031)
> Affected:
> Microsoft Windows 2000
> Microsoft Windows XP
> Microsoft Windows Server 2003
> 
> Description: The Microsoft Windows Secure Channel (Schannel) subsystem
> is the Microsoft Windows implementation of the 
> Internet-standard Secure
> Sockets Layer (SSL) and Transport Layer Security (TLS) 
> protocols. These
> protocols are used for cryptographically secure communications across
> the Internet. This subsystem contains a flaw in the handling of
> cryptographic signatures. A specially-crafted signature sent 
> by a server
> could trigger a remote code execution vulnerability. Any application
> utilizing the SSL or TLS protocols via the Schannel subsystem is
> potentially vulnerable; this includes Internet Explorer. This
> vulnerability could be exploited by a malicious web site. 
> Full technical
> details for this vulnerability are publicly available.
> 
> Status: Microsoft confirmed, updates available.
> 
> Council Site Actions:
> All of the reporting council sites plan to distribute the 
> updates during
> their next regularly schedule system maintenance cycle.
> 
> References:
> Microsoft Security Bulletin
> http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx
> Posting by Thomas Lim
> http://www.securityfocus.com/archive/1/471203
> Wikipedia Articles on SSL and TLS
> http://en.wikipedia.org/wiki/Secure_Sockets_Layer
> http://en.wikipedia.org/wiki/Transport_Layer_Security
> SecurityFocus BID
> http://www.securityfocus.com/bid/24416
> 
> **************************************************************
> ************
> 
> (2) CRITICAL: Microsoft Internet Explorer Multiple 
> Vulnerabilities (MS07-033)
> Affected:
> Microsoft Windows 2000
> Microsoft Windows XP
> Microsoft Windows Server 2003
> Microsoft Windows Vista
> Microsoft Internet Explorer 6
> Microsoft Internet Explorer 7
> 
> Description: Microsoft Internet Explorer contains multiple
> vulnerabilities. Flaws in the handling of Microsoft Component Object
> Model (COM) objects, Cascading Style Sheets (CSS), Microsoft language
> packs, JavaScript scripts, and the Microsoft Speech Control 
> could allow
> a specially-crafted web page to execute arbitrary code with the
> privileges of the current user. Additionally, a specially-crafted web
> page could exploit a flaw in the browser's "Navigation Canceled" page.
> Exploiting this flaw would allow an attacker to display arbitrary
> content in the context of that page, including script content. Any
> scripts executed in this page would execute with elevated 
> privileges as
> compared to scripts in remote web pages. Some technical details for
> these vulnerabilities are publicly available.
> 
> Status: Microsoft confirmed, updates available.
> 
> Council Site Actions: All of the reporting council sites plan to
> distribute the updates during their next regularly schedule system
> maintenance cycle.
> 
> References:
> Microsoft Security Bulletin
> http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx
> Zero Day Initiative Advisories
> http://zerodayinitiative.com/advisories/ZDI-07-038.html
> http://zerodayinitiative.com/advisories/ZDI-07-037.html
> SecurityFocus BIDs
> http://www.securityfocus.com/bid/24372
> http://www.securityfocus.com/bid/24423
> http://www.securityfocus.com/bid/24429
> http://www.securityfocus.com/bid/24418
> http://www.securityfocus.com/bid/22966
> http://www.securityfocus.com/bid/24426
> 
> **************************************************************
> ************
> 
> (3) CRITICAL: Microsoft Outlook Express and Windows Mail 
> Multiple Vulnerabilities (MS07-034)
> Affected:
> Microsoft Windows XP
> Microsoft Windows Server 2003
> Microsoft Windows Vista
> 
> Description: Microsoft Outlook Express and Microsoft Windows Mail
> contain multiple vulnerabilities. Failure to properly validate local
> Universal Naming Convention (UNC) paths in email messages 
> could allow a
> specially crafted email to execute arbitrary commands if the 
> user clicks
> on a link in that email. Additionally, a web page containing 
> a specially
> crafted MIME HTML (MHTML) link could trigger a cross-site scripting
> vulnerability. Note that this flaw can be exploited from a 
> web browser.
> Two additional information disclosure vulnerability applications were
> patched as part of this security bulletin. Some technical details are
> publicly available for these vulnerabilities.
> 
> Status: Microsoft confirmed, updates available.
> 
> Council Site Actions: All of the reporting council sites plan to
> distribute the updates during their next regularly schedule system
> maintenance cycle.
> 
> References:
> Microsoft Security Bulletin
> http://www.microsoft.com/technet/security/bulletin/ms07-034.mspx
> Wikipedia Article on MHTML
> http://en.wikipedia.org/wiki/MHTML
> SecurityFocus BIDs
> http://www.securityfocus.com/bid/17717
> http://www.securityfocus.com/bid/23103
> http://www.securityfocus.com/bid/24392
> http://www.securityfocus.com/bid/24410
> 
> **************************************************************
> ************
> 
> (4) HIGH: Microsoft Win32 API Remote Code Execution (MS07-035)
> Affected:
> Microsoft Windows 2000
> Microsoft Windows XP
> Microsoft Windows Server 2003
> 
> Description: Microsoft Windows's "Win32" application programming
> interface (API) contains a flaw in validating certain 
> parameters passed
> to functions. The exact functions are not known, but Microsoft has
> confirmed that Internet Explorer calls the vulnerable 
> functions in such
> a way as to be vulnerable to this attack. Any other application that
> uses these functions would likely be vulnerable as well. A
> specially-crafted web page could trigger the flaw in Internet 
> Explorer;
> other vectors are possible through other applications. Successfully
> exploiting this vulnerability would allow an attacker to execute
> arbitrary code in the context of the vulnerable application.
> 
> Status: Microsoft confirmed, updates available.
> 
> Council Site Actions: All of the reporting council sites plan to
> distribute the updates during their next regularly schedule system
> maintenance cycle.
> 
> References:
> Microsoft Security Bulletin
> http://www.microsoft.com/technet/security/Bulletin/ms07-035.mspx
> SecurityFocus BID
> http://www.securityfocus.com/bid/24370
> 
> **************************************************************
> ************
> 
> (5) HIGH: Microsoft Visio Multiple Vulnerabilities (MS07-030)
> Affected:
> Microsoft Visio 2002
> Microsoft Office 2003
> 
> Description: Microsoft Visio, Microsoft's diagramming suite, contains
> multiple vulnerabilities. A specially-crafted Visio file containing an
> invalid version number or malformed packed object could trigger memory
> corruption vulnerabilities. Successfully exploiting these
> vulnerabilities would allow an attacker to execute arbitrary code with
> the privileges of the current user. Note that, depending upon
> configuration, Visio files may be opened without prompting.
> 
> Status: Microsoft confirmed, updates available.
> 
> Council Site Actions: All of the reporting council sites plan to
> distribute the updates during their next regularly schedule system
> maintenance cycle.
> 
> References:
> Microsoft Security Bulletin
> http://www.microsoft.com/technet/security/Bulletin/MS07-030.mspx
> SecurityFocus BIDs
> http://www.securityfocus.com/bid/24349
> http://www.securityfocus.com/bid/24384
> 
> **************************************************************
> **************************************************************
> ************
> 
> (7) HIGH: Firebird Database "connect" Buffer Overflow
> Affected:
> Firebird SQL Server versions 2.x
> BakBone NetVault versions 6.x
> 
> Description: The Firebird SQL database server contains a flaw in its
> handling of "connect" requests. An attacker who issues a specially
> crafted connect request could trigger a memory overwrite condition.
> Successfully exploiting this condition would allow an attacker to
> execute arbitrary code with the privileges of the current user. No
> authentication is necessary to exploit this vulnerability. Note that
> full technical details are available for this vulnerability.
> 
> Status: Firebird confirmed, updates available. Users can mitigate the
> impact of this vulnerability by blocking access to TCP port 3050, if
> possible.
> 
> Council Site Actions: The affected software and/or 
> configuration are not
> in production or widespread use, or are not officially 
> supported at any
> of the responding council sites. They reported that no action was
> necessary.
> 
> References:
> TippingPoint DVLabs Security Advisory
> http://dvlabs.tippingpoint.com/advisory/TPTI-07-11
> Firebird Release Notes
> http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf
> Firebird Home Page
> http://www.firebirdsql.org/
> SecurityFocus BID
> http://www.securityfocus.com/bid/24436
> 
> **************************************************************
> ************
> 
> (8) MODERATE: Sun Java System Directory Server Authentication Bypass
> Affected:
> Sun Java System Directory Server version 5.2
> 
> Description: The Sun Java System Directory Server is Sun's Lightweight
> Directory Access Protocol (LDAP) server. A flaw in handling
> authentication requests could allow an attacker to access the LDAP
> directory and modify its contents without proper authentication. No
> further technical details are available for this vulnerability.
> 
> Status: Sun confirmed, updates available. Users may be able 
> to mitigate
> the impact of this vulnerability  by blocking access to port 389 (TCP
> and UDP) at the network perimeter, if possible.
> 
> Council Site Actions: The affected software and/or 
> configuration are not
> in production or widespread use, or are not officially 
> supported at any
> of the responding council sites. They reported that no action was
> necessary.
> 
> References:
> Sun Security Advisory
> http://sunsolve.sun.com/search/document.doassetkey=1-26-102875
-1&searchclause=
> Product Home Page
> http://www.sun.com/software/products/directory_srvr/home_directory.xml
> SecurityFocus BID
> http://www.securityfocus.com/bid/24468
> 
> 
> Part II - Comprehensive List of Newly Discovered Vulnerabilities from
> Qualys (www.qualys.com)
> 
> Week 25, 2007
> 
> 
> 07.25.2 CVE: Not Available
> Platform: Windows
> Title: Microsoft Windows CE .NET Compact Framework Components Multiple
> Vulnerabilities
> Description: Microsoft Windows CE is a compact version of Windows for
> embedded systems. The .NET Compact Framework is a version of the .NET
> Framework designed for Windows CE. Memory corruption may occur on
> Windows CE devices that have the native security model enabled.
> Microsoft Windows CE version 5.0 is affected. Please refer to the
> advisory for further details.
> Ref: http://support.microsoft.com/kb/837392/
> ______________________________________________________________________
> 
> 07.25.3 CVE: Not Available
> Platform: Windows
> Title: Windows CE Abstract Syntax Notation One Library Integer
> Overflow
> Description: Windows CE ASN.1 is exposed to an integer overflow issue
> because it fails to prevent an arithmetic operation from wrapping
> around an integer value. This condition will cause the affected
> library to later allocate an insufficiently sized memory buffer,
> resulting in a heap buffer overflow. Microsoft Windows CE version 4.2
> is affected.
> Ref: http://support.microsoft.com/kb/837052
> ______________________________________________________________________
> 
> 07.25.4 CVE: Not Available
> Platform: Windows
> Title: Apple Safari for Windows Unspecified SVG Parse Engine Multiple
> Unspecified Vulnerabilities
> Description: Apple Safari for Microsoft Windows is exposed to multiple
> unspecified issues. These issues reside in the SVG parsing engines.
> Safari 3 public beta for windows is affected. Please refer to the
> advisory for further details.
> Ref: http://www.securityfocus.com/bid/24446
> ______________________________________________________________________
> 
> 07.25.5 CVE: CVE-2007-2219
> Platform: Windows
> Title: Microsoft Win32 API Parameter Validation Remote Code Execution
> Description: The Microsoft Win32 API is an application programmer's
> interface library designed for use on the Microsoft Windows operating
> system. The library is exposed to a remote code-execution issue that
> occurs when the Win32 API component parses unspecified parameters that
> are passed to it from other applications such as Internet Explorer.
> Ref: http://www.kb.cert.org/vuls/id/457281
> ______________________________________________________________________
> 
> 07.25.6 CVE: CVE-2007-2218
> Platform: Windows
> Title: Microsoft Windows SChannel Security Remote Code Execution
> Description: The Microsoft Windows Schannel security package is used
> to provide 128-bit strong encryption in Internet Explorer. The
> application is exposed to a remote code-execution issue during the
> processing and validation of server-sent digital signatures by the
> client application.
> Ref: http://www.microsoft.com/technet/security/Bulletin/MS07-031.mspx
> ______________________________________________________________________
> 
> 07.25.7 CVE: CVE-2007-2229
> Platform: Windows
> Title: Microsoft Windows Vista Permissive User Information Store ACLs
> Information Disclosure
> Description: Microsoft Windows Vista is exposed to a local information
> disclosure issue that occurs because the application permits
> non-privileged users to access local user information stores contained
> within the registry and local file system.
> Ref: http://www.microsoft.com/technet/security/Bulletin/MS07-032.mspx
> ______________________________________________________________________
> 
> 07.25.8 CVE: Not Available
> Platform: Windows
> Title: Apple Safari for Windows Unspecified Remote Code Execution and
> Denial of Service Vulnerabilities
> Description: Apple Safari for Windows is exposed to a multiple issues
> including two remote code execution and four denial of service issues.
> Safari 3 public beta for Windows is affected.
> Ref: http://www.securityfocus.com/bid/24433
> ______________________________________________________________________
> 
> 07.25.9 CVE: Not Available
> Platform: Windows
> Title: Apple Safari for Windows Protocol Handler Command Injection
> Description: Apple Safari is a web browser for multiple operating
> platforms. It is produced by Apple and is currently in Beta for the
> Windows platform. Apple Safari for Windows is exposed to a protocol
> handler command injection issue that allows remote attackers to pass
> arbitrary command line arguments to any application that can be called
> through a protocol handler. Apple Safari for Windows 3 Beta is
> affected.
> Ref: http://www.securityfocus.com/bid/24434
> ______________________________________________________________________
> 
> 07.25.10 CVE: Not Available
> Platform: Windows
> Title: Apple Safari for Windows Unspecified Denial of Service
> Description: Apple Safari for Windows is exposed to a denial of
> service issue because it fails to properly handle user-supplied input.
> Safari 3 public beta for windows is affected.
> Ref: http://www.securityfocus.com/bid/24431
> ______________________________________________________________________
> 
> 07.25.11 CVE: Not Available
> Platform: Windows
> Title: Microsoft Windows CE Pocket Internet Explorer PNG Denial of
> Service
> Description: Windows CE is an embedded version of the Windows
> operating system which runs on portable devices. The application is
> exposed to a denial of service issue which arises because an exception
> can occur when the browser loads PNG graphics files.
> Windows CE version 4.2 is affected.
> Ref: http://support.microsoft.com/kb/875504
> ______________________________________________________________________
> 
> 07.25.12 CVE: Not Available
> Platform: Windows
> Title: Microsoft Windows CE TCP/IP Requests Denial of Service
> Description: Windows CE is an embedded version of the Windows
> operating system which runs on portable devices. The application is
> exposed to a denial of service issue. Windows CE version 4.2 is
> affected.
> Ref: http://support.microsoft.com/kb/837392/
> ______________________________________________________________________
> 
> 07.25.13 CVE: Not Available
> Platform: Windows
> Title: Microsoft Windows CE ASP Parser Buffer Overflow
> Description: Windows CE is an embedded version of the Windows
> operating system which runs on portable devices. The application is
> exposed to a buffer overflow issue because the application fails to
> bound check user-supplied data before copying it into an
> insufficiently sized buffer. Microsoft Windows CE version 5.0 and 6.0
> are affected.
> Ref: http://support.microsoft.com/kb/833270
> ______________________________________________________________________
> 
> 07.25.14 CVE: Not Available
> Platform: Windows
> Title: Microsoft Windows CE MSXML Multiple Vulnerabilities
> Description: Windows CE is an embedded version of the Windows
> operating system which runs on portable devices. The application is
> exposed to multiple issues including denial of service and cross site
> scripting issues. Microsoft Windows CE version 5.0 is affected.
> Ref: http://support.microsoft.com/kb/916644/
> ______________________________________________________________________
> 
> 07.25.15 CVE: Not Available
> Platform: Windows
> Title: Microsoft Windows CE Malformed RNDIS Packet Remote Denial of
> Service
> Description: Microsoft Windows CE is exposed to a remote denial of
> service issue. Microsoft Windows CE 5.0 is affected.
> Ref: http://support.microsoft.com/kb/837392/
> ______________________________________________________________________
> 
> 07.25.16 CVE: Not Available
> Platform: Windows
> Title: Microsoft Windows CE Internet Explorer Content-Type Denial of
> Service
> Description: Microsoft Internet Explorer for Windows CE is exposed to
> a denial of service issue because the application fails to handle
> exceptional conditions. Internet Explorer for Windows CE 6 is
> affected.
> Ref: http://support.microsoft.com/kb/933679
> ______________________________________________________________________
> 
> 07.25.17 CVE: Not Available
> Platform: Windows
> Title: Microsoft Windows CE Internet Explorer SSL Unspecified Denial
> of Service
> Description: Microsoft Windows CE is an embedded version of the
> Windows operating systems for embedded-based devices. The application
> is exposed to a denial of service issue. Please refer to the advisory
> for further details.
> Ref: http://support.microsoft.com/kb/837392/
> ______________________________________________________________________
> 
> 07.25.18 CVE: Not Available
> Platform: Windows
> Title: Microsoft Windows CE Internet Explorer Remote Denial of Service
> Description: Microsoft Windows CE Internet Explorer is exposed to a
> remote denial of service issue because it fails to properly handle
> maliciously crafted web server responses. Windows CE 5.0 is affected.
> Ref: http://www.securityfocus.com/bid/24395
> ______________________________________________________________________
> 
> 07.25.19 CVE: Not Available
> Platform: Microsoft Office
> Title: Microsoft Office MSODataSourceControl ActiveX Control Buffer
> Overflow
> Description: Microsoft Office Microsoft Office MSODataSourceControl
> ActiveX Control is exposed to a buffer overflow issue because the
> application fails to bounds check user-supplied data before copying it
> into an insufficiently sized buffer. This issue occurs when an
> excessive amount of data is passed to the "HelpPopup" method of the
> "DeleteRecordSourceIfUnused()" method of the MSODataSourceControl
> ActiveX control.
> Ref: http://support.microsoft.com/kb/240797
> ______________________________________________________________________
> 
> 07.25.20 CVE: CVE-2007-3027
> Platform: Other Microsoft Products
> Title: Microsoft Internet Explorer Language Pack Installation Remote
> Code Execution
> Description: Microsoft Internet Explorer is exposed to remote
> code-execution issue because of a race-condition in its language pack
> installation support.
> Ref: http://www.microsoft.com/technet/security/Bulletin/MS07-033.mspx
> ______________________________________________________________________
> 
> 07.25.21 CVE: Not Available
> Platform: Other Microsoft Products
> Title: Microsoft Internet Explorer Navigation Cancel Webpage Spoofing
> Description: Microsoft Internet Explorer is exposed to a webpage
> spoofing issue which presents itself in the Navigation canceled page.
> Ref: http://www.securityfocus.com/bid/24448
> ______________________________________________________________________
> 
> 07.25.22 CVE: CVE-2007-2222
> Platform: Other Microsoft Products
> Title: Microsoft Internet Explorer Speech API 4 COM Object
> Instantiation Memory Corruption
> Description: Microsoft Internet Explorer is exposed to a memory
> corruption issue when instantiating certain COM objects. The issue
> exists in the speech control of the Speech API 4.
> Ref: http://www.kb.cert.org/vuls/id/507433
> ______________________________________________________________________
> 
> 07.25.23 CVE: CVE-2007-0218
> Platform: Other Microsoft Products
> Title: Microsoft Internet Explorer URLMON.DLL COM Object Instantiation
> Remote Code Execution
> Description: Microsoft Internet Explorer is exposed to remote
> code-execution issue that occurs because of a flaw when the
> application tries to instantiate COM objects that are not designed to
> be instantiated via the browser. This issue is due to the flawed
> manner in which the objects return values. These COM objects are
> located in the "urlmon.dll" library.
> Ref: http://support.microsoft.com/kb/240797
> ______________________________________________________________________
> 
> 07.25.24 CVE: CVE-2007-2227
> Platform: Other Microsoft Products
> Title: Microsoft Outlook Express Content Disposition Parsing
> Information Disclosure
> Description: The MHTML protocol handler is part of Outlook Express and
> permits encoded documents to be rendered in applications. The
> application is exposed to a cross-domain information disclosure issue
> where the MHTML protocol handler fails to correctly handle
> "Content-Disposition" notifications to Internet Explorer.
> Ref: http://www.microsoft.com/technet/security/Bulletin/MS07-034.mspx
> ______________________________________________________________________
> 
> 07.25.25 CVE: CVE-2007-1751
> Platform: Other Microsoft Products
> Title: Microsoft Internet Explorer Unspecified Uninitialized Memory
> Corruption
> Description: Microsoft Internet Explorer is exposed to a memory
> corruption issue when accessing objects that are improperly
> instantiated or deleted. Please refer to the advisory for further
> details.
> Ref: http://www.securityfocus.com/bid/24418
> ______________________________________________________________________
> 
> 07.25.26 CVE: CVE-2007-1750
> Platform: Other Microsoft Products
> Title: Microsoft Internet Explorer CSS Tag Memory Corruption
> Description: Microsoft Internet Explorer is exposed to remote
> code-execution issue because it fails to properly handle certain CSS
> data. This issue stems from a memory corruption flaw when the
> application attempts to process certain CSS (Cascading Style Sheets)
> tags while rendering HTML documents.
> Ref: http://www.microsoft.com/technet/security/Bulletin/MS07-033.mspx
> ______________________________________________________________________
> 
> 07.25.27 CVE: CVE-2007-0934
> Platform: Other Microsoft Products
> Title: Microsoft Visio Version Number Remote Code Execution
> Description: Microsoft Visio is an application for visualizing and
> communicating complex drawings and diagrams. The application is
> exposed to a remote code execution issue because it fails to
> adequately validate user-supplied data.
> Ref: http://www.microsoft.com/technet/security/bulletin/ms07-030.mspx
> ______________________________________________________________________
> 
> 07.25.28 CVE: CVE-2007-0936
> Platform: Other Microsoft Products
> Title: Microsoft Visio Packed Objects Remote Code Execution
> Description: Microsoft Visio is an application for visualizing and
> communicating complex drawings and diagrams. The application is
> exposed to a remote code execution issue because it fails to
> adequately handle user-supplied data.
> Ref: http://www.securityfocus.com/bid/24384
> ______________________________________________________________________
> 
> 07.25.29 CVE: CVE-2007-2225
> Platform: Other Microsoft Products
> Title: Microsoft Outlook Express MHTML URL Redirect Information
> Disclosure
> Description: Outlook Express is exposed to a cross domain information
> disclosure issue where the browser (typically Internet Explorer) fails
> to correctly handle redirections with the "mhtml:" URI handler. The
> MHTML protocol handler is part of Outlook Express and permits encoded
> documents to be rendered in applications.
> Ref: http://www.microsoft.com/technet/security/Bulletin/MS07-034.mspx
> ______________________________________________________________________
> 
> 07.25.30 CVE: CVE-2007-3164
> Platform: Third Party Windows Apps
> Title: Microsoft Internet Explorer 7 HTTP Authentication International
> Domain Name Spoofing Weakness
> Description: Microsoft Internet Explorer 7 is a browser for the
> Windows operating system. The application is exposed to a HTTP
> authentication hostname spoofing weakness. Internet Explorer 7 is
> affected.
> Ref: http://www.securityfocus.com/bid/24483
> ______________________________________________________________________
> 
> 07.25.31 CVE: Not Available
> Platform: Third Party Windows Apps
> Title: Apple Safari for Windows Content and URLBar Spoofing
> Description: Apple Safari is a web browser, produced by Apple and is
> currently in Beta for the Windows platform. Apple Safari 3.0.1 Beta
> for Windows is exposed to a window title and urlbar spoofing issue.
> Safari version 3.0.1 (522.12.12) on Windows 2003 SE SP2 is affected.
> Ref: http://www.securityfocus.com/bid/24484
> ______________________________________________________________________
> 
> 07.25.32 CVE: Not Available
> Platform: Third Party Windows Apps
> Title: Apple Safari Feed URI Denial of Service
> Description: Apple Safari is a web browser available for multiple
> operating platforms. The browser is exposed to a denial of service
> issue because it fails to adequately sanitize user-supplied input.
> Apple Safari for Windows version 3 Beta is affected.
> Ref: http://www.securityfocus.com/bid/24460
> ______________________________________________________________________
> 
> 07.25.35 CVE: Not Available
> Platform: Third Party Windows Apps
> Title: Safari Window.setTimeout Content Spoofing
> Description: Apple Safari is a web browser for multiple operating
> platforms. It is produced by Apple and is currently in Beta for the
> Windows platform. Apple Safari Beta 3 for Windows contains a content
> spoofing issue in its javascript "window.setTimeout()" function that
> relies on a timer-trigger which is processed after a change to the
> property of "window.location". Safari version 3.0 (522.11.3) on MS
> Windows 2003 SE SP2 and Windows XP SP2 is affected.
> Ref: http://www.securityfocus.com/bid/24457
> ______________________________________________________________________
> 
> 07.25.47 CVE: CVE-2007-2873
> Platform: Linux
> Title: SpamAssassin Local Symlink Attack And Denial of Service
> Description: SpamAssassin is a mail filter designed to identify and
> process spam. It is available for Linux, UNIX, and variants. The
> application is exposed to a local denial of service issue which arises
> because the application creates files in an insecure manner.
> SpamAssassin versions prior to 3.2.1 are affected.
> Ref: http://spamassassin.apache.org/advisories/cve-2007-2873.txt
> ______________________________________________________________________
> 
> 07.25.50 CVE: Not Available
> Platform: Solaris
> Title: Sun Solaris Remote IPv6 IPSec Packet Denial of Service
> Description: The Sun Solaris is exposed to a denial of service issue
> because the operating system fails to handle exceptional conditions.
> Solaris 10 operating system is affected.
> Ref:
> http://sunsolve.sun.com/search/document.do?assetkey=1-26-10291
9-1&searchclause=
> ______________________________________________________________________
> 
> 07.25.51 CVE: Not Available
> Platform: Solaris
> Title: Sun Solaris NFS Server XDR Handling Denial of Service
> Description: The Sun Solaris is exposed to a  denial of service issue
> because the operating system fails to handle exceptional conditions.
> Solaris 10 operating system is affected.
> Ref:
> http://sunsolve.sun.com/search/document.do?assetkey=1-26-10296
5-1&searchclause=
> ______________________________________________________________________
> 
> 07.25.55 CVE: Not Available
> Platform: Cross Platform
> Title: Sun Java System Directory Server Attributes List Information
> Disclosure
> Description: Sun Java System Directory Server is exposed to an
> information disclosure issue that may allow remote attackers to reveal
> the existence of an entry's attributes. Sun ONE Directory Server 5.2,
> Sun Java System Directory Server 5, and Sun Java Directory Server
> Enterprise Edition (DSEE) 6.0 are affected.
> Ref:
> http://sunsolve.sun.com/search/document.do?assetkey=1-26-10287
6-1&searchclause=
> ______________________________________________________________________
> 
> 07.25.56 CVE: Not Available
> Platform: Cross Platform
> Title: Sun Java System Directory Server Remote Unauthorized Access
> Description: Sun Java System Directory Server is an LDAP (Lightweight
> Directory Access Protocol) server distributed with multiple Sun
> products. The server is exposed to a remote unauthorized access issue.
> Sun Java System Directory Server 5.2 Patch4, Patch3 and Sun Java
> Directory Server Enterprise Edition 6.0 are affected.
> Ref:
> http://sunsolve.sun.com/search/document.do?assetkey=1-26-10287
5-1&searchclause=
> ______________________________________________________________________
> 
> 07.25.59 CVE: CVE-2007-0245
> Platform: Cross Platform
> Title: OpenOffice RTF File Parser Buffer Overflow
> Description: OpenOffice is a multi-platform office suite. Rich Text
> Format (RTF) is developed by Microsoft as a cross-platform document
> format. The application is exposed to a remote heap-based buffer
> overflow issue that occurs because the application fails to bounds
> check user-supplied data before copying it into an insufficiently
> sized buffer.
> Ref: http://rhn.redhat.com/errata/RHSA-2007-0406.html
> ______________________________________________________________________
> 
> 07.25.60 CVE: Not Available
> Platform: Cross Platform
> Title: Mozilla Firefox URLBar Null Byte File Remote Code Execution
> Description: Mozilla Firefox is exposed to a remote code execution
> issue because it fails to adequately sanitize user-supplied input.
> Please refer to the advisory for further details.
> Ref: http://www.securityfocus.com/bid/24447
> ______________________________________________________________________
> 
> 07.25.61 CVE: Not Available
> Platform: Cross Platform
> Title: Firebird SQL Fbserver Remote Buffer Overflow
> Description: Firebird SQL is a relational database that runs on
> Windows, Linux and Unix systems. The application is exposed to a
> remote buffer overflow issue because the application fails to properly
> check boundaries on user-supplied data before using it in a finite
> sized buffer. Firebird SQL version 2.0 is affected.
> Ref: http://dvlabs.tippingpoint.com/advisory/TPTI-07-11
> ______________________________________________________________________
> 
> 07.25.101 CVE: CVE-2007-0933
> Platform: Network Device
> Title: D-Link DWL-G650 TIM Information Element Wireless Driver Beacon
> Buffer Overflow
> Description: The D-Link Wireless Device Driver for DWL-G650 devices is
> exposed to a buffer overflow issue because the driver fails to
> properly bounds check user-supplied data before copying it into an
> insufficiently sized memory buffer. The D-Link Wireless Device Driver
> version 6.0.0.18 (Rev. A1) is affected.
> Ref: http://www.securityfocus.com/bid/24438
> ______________________________________________________________________
> 
> (c) 2007.  All rights reserved.  The information contained in this
> newsletter, including any external links, is provided "AS IS," with no
> express or implied warranty, for informational purposes only.  In some
> cases, copyright for material in this newsletter may be held 
> by a party
> other than Qualys (as indicated herein) and permission to use such
> material must be requested from the copyright owner.
> 



 




Copyright © Lexa Software, 1996-2009.