Report an Incident

If you are a CNI organisation and you have encountered or suspect a cyber threat, please complete and return an Incident Reporting Form.

All incident reports provided to the CCIP are treated in the strictest of confidence. Please see our Confidentiality Charter for more details. Read More

New at CCIP

Current e-Bulletin The CCIP e-Bulletin provides a snapshot of security related news
Read More

Centre for Critical Infrastructure Protection

Home | Vulnerabilities | Vulnerability Alert Archives | December 2006

December 2006

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.

Reference	Description	Date
TYPO3	Rtehtmlarea Extension "userUid" Command Execution	22/12/06
TYPO3	"userUid" Command Execution Vulnerability	22/12/06
Secunia	NeoTrace Express/Pro ActiveX Control "TraceTarget()" Buffer Overflow	22/12/06
Ubuntu	Update for mono	22/12/06
Mandriva	Update for mono	22/12/06
Mono	System.Web Source Code Disclosure Vulnerability	22/12/06
Secunia	Valdersoft Shopping Cart "commonIncludePath" File Inclusion	22/12/06
Kolab	Server ClamAV Denial of Service Vulnerability	22/12/06
Hitachi	Directory Server LDAP Multiple Vulnerabilities	22/12/06
Gentoo	Update for imlib2	22/12/06
Secunia	cwmCounter "path" File Inclusion Vulnerability	22/12/06
Secunia	TextSend "ROOT_PATH" File Inclusion Vulnerability	22/12/06
Secunia	phpProfiles Multiple File Inclusion Vulnerabilities	21/12/06
Sun	Java JRE Applet Security Bypass	21/12/06
Secunia	PHP-Update blog.php Multiple Vulnerabilities	21/12/06
Sun	Java JRE Multiple Vulnerabilities	21/12/06
RedHat	Update for firefox	21/12/06
Secunia	Burak Yilmaz Download Portal "id" SQL Injection Vulnerability	21/12/06
RedHat	Update for seamonkey	21/12/06
Secunia	WinFtp Server Data Handling Denial of Service Vulnerability	21/12/06
SUSE	Update for Multiple Packages	21/12/06
Secunia	cwmVote "abs" File Inclusion Vulnerability	21/12/06
RedHat	Update for thunderbird	21/12/06
RedHat	Update for tar	21/12/06
Mozilla	Mozilla Thunderbird Multiple Vulnerabilities	20/12/06
Mozilla	Mozilla SeaMonkey Multiple Vulnerabilities	20/12/06
Secunia	Mozilla Firefox Multiple Vulnerabilities	20/12/06
Secunia	DeepBurner DBR File Parsing Buffer Overflow Vulnerability	20/12/06
Nortel	CallPilot Server Unspecified Vulnerability	20/12/06
Secunia	Azucar CMS "_VIEW" File Inclusion Vulnerability	20/12/06
Secunia	VerliAdmin "q" File Inclusion Vulnerability	20/12/06
Secunia	Intel 2200BG W29N51.SYS Driver Beacon Frame Race Condition	20/12/06
Marathon	Aleph One Denial of Service	20/12/06
Gentoo	Update for clamav	20/12/06
MailEnable	POP Service "PASS" Command Buffer Overflow	19/12/06
McAfee	VirusScan Command Line Scanner Insecure DT_RPATH	19/12/06
Gentoo	Vlnx Insecure DT_RPATH Vulnerability	19/12/06
Secunia	CuteNews AJ-Fork "cutepath" File Inclusion Vulnerability	19/12/06
SUSE	Update for clamav	19/12/06
Secunia	MxBB Portal mx_meeting Module "module_root_path" File Inclusion	19/12/06
IBM	WebSphere Application Server Multiple Vulnerabilities	19/12/06
eyeOS	File Upload Vulnerability	19/12/06
BitDefender	AntiVirus Engine PE File Parsing Buffer Overflow	19/12/06
Debian	Update for sql-ledger	19/12/06
Secunia	MxBB Portal mx_charts Module "module_root_path" File Inclusion	19/12/06
Debian	Update for kernel-source-2.4.27	19/12/06
Trustix	Update for clamav	19/12/06
Debian	Update for clamav	19/12/06
Secunia	ScriptMate User Manager Multiple Vulnerabilities	18/12/06
IBM	WebSphere Application Server Unspecified Vulnerability	18/12/06
Yahoo!	Messenger Unspecified ActiveX Control Buffer Overflow	18/12/06
Avaya	CMS / IR Sun Solaris libXfont Integer Overflow Vulnerability	18/12/06
italkplus	Unspecified Buffer Overflow Vulnerabilities	18/12/06
rPath	Update for libgsf	15/12/06
SUSE	Update for libgsf	15/12/06
Secunia	HyperAccess Two Security Issues	15/12/06
Debian	Update for kernel	15/12/06
Ubuntu	Update for kernel	15/12/06
Enemies Of Carlotta	Shell Command Injection	15/12/06
Secunia	CoolPlayer Skin Long Key Buffer Overflow Vulnerability	15/12/06
Debian	Update for enemies-of-carlotta	15/12/06
Symantec	Veritas Netbackup Multiple Vulnerabilities	15/12/06
Mandriva	Update for clamav	15/12/06
Mandriva	Update for evince	15/12/06
ml_ipod	"readAA()" Buffer Overflow Vulnerability	14/12/06
Secunia	TorrentFlux Multiple Vulnerabilities	14/12/06
OpenLDAP	"krbv4_ldap_auth()" Buffer Overflow Vulnerability	14/12/06
Avaya	PDS HP-UX Secure Shell / OpenSSL Multiple Vulnerabilities	14/12/06
Solaris	OpenSSL Denial of Service Vulnerabilities	14/12/06
Secunia	Kerio MailServer LDAP Query Denial of Service	14/12/06
SUSE	Update for gnupg	14/12/06
Secunia	MxBB Portal mx_newssuite Module "mx_root_path" File Inclusion	14/12/06
Gentoo	Update for f-prot	14/12/06
Sophos	Anti-Virus SIT/CPIO File Processing Vulnerabilities	14/12/06
Secunia	MxBB Portal Knowledge Base/mx_kb Module "module_root_path" FileInclusion	14/12/06
Debian	Update for clamav	14/12/06
Gentoo	Update for libgsf	14/12/06
Secunia	MxBB Portal mx_modsdb Module "module_root_path" File Inclusion	14/12/06
rPath	Update for squirrelmail	14/12/06
rPath	Update for evince	14/12/06
Microsoft	Microsoft Security Bulletin MS06-078 - Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)	13/12/06
Microsoft	Microsoft Security Bulletin MS06-077 - Vulnerability in Remote Installation Service Could Allow Remote Code Execution (926121)	13/12/06
Microsoft	Microsoft Security Bulletin MS06-076 - Cumulative Security Update for Outlook Express (923694)	13/12/06
Microsoft	Microsoft Security Bulletin MS06-075 - Vulnerability in Windows Could Allow Elevation of Privilege (926255)	13/12/06
Microsoft	Microsoft Security Bulletin MS06-074 - Vulnerability in SNMP Could Allow Remote Code Execution (926247)	13/12/06
Microsoft	Microsoft Security Bulletin MS06-073 - Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674)	13/12/06
Microsoft	Microsoft Security Bulletin MS06-072 - Cumulative Security Update for Internet Explorer (925454)	13/12/06
Secunia	Internet Explorer Script Error Handling Memory Corruption Vunerability	13/12/06
Secunia	Clam AntiVirus Multipart Nestings Denial of Service	13/12/06
Secunia	Adobe ColdFusion MX Cross-Site Scripting Protection Bypass	13/12/06
Secunia	MxBB Portal mx_errordocs Module "module_root_path" File Inclusion	13/12/06
Gentoo	Gentoo update for tar	13/12/06
Gentoo	Gentoo update for emul-linux-x86-baselibs	13/12/06
RedHat	Red Hat Stronghold update for php	13/12/06
Mandriva	Mandriva update for gnupg	13/12/06
Secunia	PhpLeague "cheminmini" File Inclusion Vulnerabilities	12/12/06
Secunia	Messageriescripthp SQL Injection and Cross-Site Scripting	12/12/06
Secunia	IBM WebSphere Host On-Demand Authentication Bypass	12/12/06
Secunia	CM68 News "addpath" Remote File Inclusion Vulnerability	12/12/06
b2evolution	"inc_path" File Inclusion Vulnerability	12/12/06
Drupal	Chatroom Module Session ID Information Disclosure	12/12/06
Secunia	Golden FTP USER Denial of Service Vulnerability	12/12/06
Secunia	KhaledMuratList Database Disclosure Security Issue	12/12/06
Secunia	HR Assist "vdateUsr.asp" SQL Injection Vulnerabilities	12/12/06
Gentoo	Update for mozilla-thunderbird	12/12/06
Gentoo	Update for seamonkey	12/12/06
SUSE	Update for Multiple Packages	12/12/06
WAWI	Multiple Vulnerabilities	12/12/06
Trend Micro	RAR Processing Denial Of Service	12/12/06
Trustix	Update for gnupg and proftpd	12/12/06
Debian	Update for l2tpns	12/12/06
Debian	Update for gnupg	12/12/06
Secunia	KDPics Cross-Site Scripting and File Inclusion Vulnerabilities	12/12/06
Gentoo	Update for gnupg	12/12/06
Gentoo	Update for xine-lib	12/12/06
Gentoo	Update for mozilla-firefox	12/12/06
Microsoft	Word Unspecified Code Execution Vulnerability	12/12/06
Gentoo	Update for libmodplug	12/12/06
Ubuntu	Ubuntu update for gnupg	08/12/06
rPath	rPath update for gnupg	08/12/06
Slackware	Slackware update for gnupg	08/12/06
Red Hat	Red Hat update for mod_auth_kerb	08/12/06
Red Hat	Red Hat update for gnupg	07/12/06
GnuPG	GnuPG OpenPGP Message Decryption Vulnerability	07/12/06
Debian	Debian update for asterisk	07/12/06
FreeBSD	FreeBSD update for gtar	07/12/06
Mandriva	Mandriva update for xine-lib	07/12/06
Barracuda	Barracuda Spam Firewall Buffer Overflow Vulnerability	07/12/06
Citrix	Citrix ICA Client ActiveX Control Heap Overflow Vulnerability	07/12/06
Adobe	Adobe Download Manager AOM Buffer Overflow Vulnerability	07/12/06
Cybsec	SAP Internet Graphics Service Two Vulnerabilities	07/12/06
HP	HP-UX update for Apache	07/12/06
HP	HP-UX update for Secure Shell	07/12/06
Microsoft	Microsoft Word Unspecified Memory Corruption Vulnerability	07/12/06
Debian	Debian update for elinks	07/12/06
Secunia	Mac OS X ftpd Buffer Overflow Vulnerability	06/12/06
Ubuntu	Ubuntu update for xine-lib	06/12/06
Sourceforge	xine-lib libreal and libmms Buffer Overflow Vulnerabilities	06/12/06
Sourceforge	Anna^ IRC Bot SQL Injection Vulnerabilities	06/12/06
Ubuntu	Ubuntu update for libgsf	06/12/06
Debian	Debian update for links	06/12/06
Debian	Debian update for mozilla-thunderbird	05/12/06
Debian	Debian update for mozilla-firefox	05/12/06
Slackware	Slackware update for tar	05/12/06
Secunia	PHP Upload Center "footerpage" and "language" File Inclusion	05/12/06
Mandriva	Mandriva update for ImageMagick	05/12/06
Squirrelmail	SquirrelMail Multiple Cross-Site Scripting Vulnerabilities	05/12/06
Mandriva	Mandriva update for koffice	05/12/06
Slackware	Slackware update for proftpd	05/12/06
Debian	Debian update for mozilla	05/12/06
Debian	Debian update for tar	05/12/06
Ubuntu	Ubuntu update for evince	04/12/06
Mandriva	Mandriva update for GnuPG	04/12/06
Trustix	Trustix update for gnupg and tar	04/12/06
Mandriva	Mandriva update for libgsf	04/12/06
Mandriva	Mandriva update for proftpd	04/12/06
rPath	rPath update for dovecot	04/12/06
Debian	Debian update for proftpd	04/12/06
Gentoo	Gentoo update for proftpd	04/12/06
rPath	rPath update for gnupg	04/12/06
TWiki	TWiki Authentication Bypass Vulnerability	04/12/06
rPath	rPath update for openldap	04/12/06
rPath	rPath update for tar	04/12/06
Debian	Debian update for libgsf	01/12/06
Debian	GNOME Structured File Library "ole_info_read_metabat()" Buffer Overflow	01/12/06
Secunia	Kronolith "view" Local File Inclusion Vulnerability	01/12/06
Ubuntu	Ubuntu update for koffice	01/12/06
Secunia	MailEnable IMAP Service Two Vulnerabilities	01/12/06
Debian	Debian update for texinfo	01/12/06
Secunia	Safari AutoFill Information Disclosure	01/12/06
Ubuntu	Ubuntu update for gnupg	01/12/06