2009-4 应用安全漏洞选录

		当前位置：主页>安全文章>文章资料>漏洞资料>文章内容

2009-4 应用安全漏洞选录

来源：www.vfcocus.net 作者：vfocus 发布时间：2009-05-04

这个月严重漏洞较多，比如Adobe Reader、Linux Kernel、Oracle的，Joomla和Pligg的漏洞也不少，赶紧修补。

Adobe Reader 8.1.4-9.1 GetAnnots() Remote Code Execution Exploit    29-04-2009
Adobe 8.1.4-9.1 customDictionaryOpen() Code Execution Exploit    29-04-2009
Symantec Fax Viewer Control 10 (DCCFAXVW.DLL) Remote BOF Exploit    29-04-2009
Linux Kernel 2.6.x SCTP FWD Memory Corruption Remote Exploit    28-04-2009
Opencart 1.1.8 (route) Local File Inclusion Vulnerability    27-04-2009
ECShop 2.5.0 (order_sn) Remote SQL Injection Vulnerability    27-04-2009
Norton Ghost Support module for EasySetup wizard Remote DoS PoC    23-04-2009
Joomla Component rsmonials Remote Cross Site Scxripting Exploit    22-04-2009
Oracle RDBMS 10.2.0.3-11.1.0.6 TNS Listener PoC (CVE-2009-0991)    21-04-2009
Pligg 9.9.0 (editlink.php id) Blind SQL Injection Exploit    20-04-2009
MS Internet Explorer EMBED Memory Corruption PoC (MS09-014)    20-04-2009
Linux Kernel 2.6 UDEV Local Privilege Escalation Exploit    20-04-2009
Microsoft Media Player (quartz.dll .wav) Multiple Remote DoS Vulns    17-04-2009
Microsoft Media Player (quartz.dll .mid) Denial of Service Exploit    17-04-2009
Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC    17-04-2009
Apache Geronimo <= 2.1.3 Multiple Directory Traversal Vulnerabilities    16-04-2009
Oracle APEX 3.2 Unprivileged DB users can see APEX password hashes    16-04-2009
MS Windows Media Player (.mid File) Integer Overflow PoC    15-04-2009
OpenBSD <= 4.5 IP datagram Null Pointer Deref DoS Exploit    14-04-2009
PowerCHM 5.7 (Long URL) Local Stack Overflow PoC    14-04-2009
OpenBSD <= 4.4 IP datagram Null Pointer Deref DoS Exploit    14-04-2009
Cisco ASA-PIX Appliances Fail to Properly Check Fragmented TCP Packets    10-04-2009
Joomla Component Maian Music 1.2.1 (category) SQL Injection Vuln    08-04-2009
Joomla Component MailTo (article) SQL Injection Vulnerability    08-04-2009
Joomla Component Cmimarketplace (viewit) Directory Traversal Vuln    08-04-2009
Linux Kernel < 2.6.29 exit_notify() Local Privilege Escalation Exploit    08-04-2009
GOM Player 2.1.16.6134 Subtitle Local Buffer Overflow PoC    08-04-2009
UltraISO <= 9.3.3.2685 .ui Off By One - Buffer Overflow PoC    06-04-2009
Amaya 11.1 XHTML Parser Remote Buffer Overflow PoC    06-04-2009
Joomla Component com_bookjoomlas 0.1 SQL Injection Vulnerability    06-04-2009
Mozilla Firefox XSL Parsing Remote Memory Corruption PoC #2    06-04-2009
UltraISO <= 9.3.3.2685 CCD-IMG Universal Buffer Overflow Exploit    03-04-2009
IBM DB2 < 9.5 pack 3a Malicious Connect Denial of Service Exploit    03-04-2009
IBM DB2 < 9.5 pack 3a Malicious Data Stream Denial of Service Exploit    03-04-2009
Oracle WebLogic IIS connector JSESSIONID Remote Overflow Exploit    01-04-2009

Source: bugsearch.net

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·XSOK环境变量本地命令执行漏洞
·N点虚拟主机管理系统致命漏洞。
·南方数据企业网站管理系统V10.0
·动网（DVBBS）Version 8.2.0 后
·Solaris 10 telnet漏洞及解决
·破解无线路由器密码，常见无线密
·Nginx %00空字节执行php漏洞
·WinWebMail、7I24提权漏洞
·XPCD xpcd-svga本地缓冲区溢出漏
·Struts2多个漏洞简要分析
·ecshop2.72 api.php 文件鸡肋注
·Discuz!后台拿Webshell 0day

推荐广告