Security Corporation - Weekly Summary

Full Version: Security Corporation - Weekly Summary

GovernmentSecurity.org > The Archives > Exploit Articles

GaLiaRePt

Sep 8 2003, 07:30 PM

=================================================
Security Corporation - Weekly Summary - Issue #23 - 2003-09-08

http://www.security-corporation.com
=================================================

Visit Security-Corporation for the latest security news.
http://www.security-corporation.com

Read newsletter archive :
http://www.security-corporation.com/newsletter.html

Put Security-Corporation Vulnerability Alerts on Your Web Site for Free!
For more information: http://www.security-corporation.com/backend/

ADVISORIES
=================================================

As always, if you've found a vulnerability, let us know by e-mail at:
vuln@security-corporation.com

Security advisories of the week :

-------------
2003-09-08
-------------

- ICQ Webfront Cross Site Scripting Vulnerability
» http://www.security-corporation.com/articl...030908-002.html

- Apache::Gallery local webserver compromise and privilege escalation
» http://www.security-corporation.com/articl...030908-001.html

- Incorrect Handling of Cross Site Scripting Protection in ASP.Net
» http://www.security-corporation.com/articl...030908-000.html

-------------
2003-09-07
-------------

- WS_FTP Server Buffer overflow vulnerability
» http://www.security-corporation.com/articl...030907-000.html

-------------
2003-09-06
-------------

- ISS Server Sensor Denial of Service
» http://www.security-corporation.com/articl...030906-001.html

- Potential Denial Of Service in leafnode
» http://www.security-corporation.com/articl...030906-000.html

-------------
2003-09-04
-------------

- Unchecked buffer in Microsoft Access Could Allow Code Execution
» http://www.security-corporation.com/articl...030904-004.html

- Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution
» http://www.security-corporation.com/articl...030904-003.html

- Buffer Overrun in WordPerfect Converter Could Allow Code Execution
» http://www.security-corporation.com/articl...030904-002.html

- Flaw in Microsoft Word Could Enable Macros to Run Automatically
» http://www.security-corporation.com/articl...030904-001.html

- Flaw in NetBIOS Could Lead to Information Disclosure
» http://www.security-corporation.com/articl...030904-000.html

-------------
2003-09-03
-------------

- Go2Call Cash Calling vulnerable
» http://www.security-corporation.com/articl...030903-003.html

- SMC7004VB sensitive information leak
» http://www.security-corporation.com/articl...030903-002.html

- VBE Document Property Buffer Overflow
» http://www.security-corporation.com/articl...030903-001.html

- Microsoft WordPerfect Document Converter Buffer Overflow
» http://www.security-corporation.com/articl...030903-000.html

EXPLOITS
=================================================

Security exploits of the week :

-------------
2003-09-08
-------------

- Remote exploit for Pop3 service CMailServer v4.0
» http://www.security-corporation.com/exploi...030908-000.html

-------------
2003-09-06
-------------

- Microsoft WordPerfect Document Converter Buffer Overflow Exploit
» http://www.security-corporation.com/exploi...030906-001.html

- MPlayer v0.91 local exploit
» http://www.security-corporation.com/exploi...030906-000.html

-------------
2003-09-03
-------------

- Go2Call Cash Calling exploit
» http://www.security-corporation.com/exploi...030903-001.html

- ZoneAlarm remote Denial Of Service exploit
» http://www.security-corporation.com/exploi...030903-000.html

UNSUBSCRIBE
=================================================

If you want to unsubscribe from Security Corporation's Newsletter, then
go to the following link :
» http://www.security-corporation.com/unsubscribe.html

DISLAIMER
=================================================

The information within this paper may change without notice. Use of
this information constitutes acceptance for use in an AS IS condition.
There are NO warranties with regard to this information. In no event
shall the author be liable for any damages whatsoever arising out of
or in connection with the use or spread of this information. Any use
of this information is at the user's own risk.

FEEDBACK
=================================================

Please send suggestions, updates, and comments to:

Security Corporation
http://www.security-corporation.com
info@security-corporation.com

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.