Current e-BulletinThe CCIP e-Bulletin provides a snapshot of security related news.
Read More
Latest Information Note VoIP. This report outlines characteristics and history of VoIP.
Read More
Go to the New Zealand Government Website

January 2007

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.
Reference Description Date
MAXdev
MD-Pro "startrow" SQL Injection Vulnerability
31/01/07
Drupal
Comment Preview Arbitrary Code Execution
31/01/07
SUSE
Update for Multiple Packages
30/01/07
SECUNIA
IBM AIX Mail Services Authentication Vulnerability
30/01/07
DEBIAN
Update for vlc
30/01/07
SUN
Solaris FreeType Integer Overflow and Underflow Vulnerabilities
30/01/07
Gentoo
Gentoo update for vlc
29/01/07
Gentoo
Gentoo update for cacti
29/01/07
Secunia
Xero Portal "phpbb_root_path" File Inclusion Vulnerability
29/01/07
Debian
Debian update for cacti
29/01/07
Secunia
Virtual Path for phpBB "phpbb_root_path" File Inclusion
29/01/07
Secunia
Microsoft Word Unspecified Code Execution Vulnerability
29/01/07
ASP
Edge "user" SQL Injection Vulnerability
26/01/07
Gentoo
update for mit-krb5
26/01/07
Avaya
Products tar "GNUTYPES_NAMES" Record Type Security Issue
26/01/07
SGI
Advanced Linux Environment Multiple Updates
26/01/07
Cisco
IOS Multiple Vulnerabilities
26/01/07
HP-UX
update for Apache
26/01/07
Citrix
Presentation Server Print Provider Buffer Overflow Vulnerability
26/01/07
Shopping Basket
Professional Command Injection
26/01/07
CDBurnerXP
Pro NCTAudioFile2 ActiveX Control Buffer Overflow
25/01/07
Aurora
Media Workshop NCTAudioFile2 ActiveX Control Buffer Overflow
25/01/07
McFunSoft
Products NCTAudioFile2 ActiveX Control Buffer Overflow
25/01/07
Sami
HTTP Server Connection Handling Denial of Service
25/01/07
Power
Audio Editor NCTAudioFile2 ActiveX Control Buffer Overflow
25/01/07
MP3
Normalizer NCTAudioFile2 ActiveX Control Buffer Overflow
25/01/07
NCTsoft
Products NCTAudioFile2 ActiveX Control Buffer Overflow
25/01/07
Sienzo
Digital Music Mentor NCTAudioFile2 ActiveX Control BufferOverflow
25/01/07
Quikscribe
Products NCTAudioFile2 ActiveX Control Buffer Overflow
25/01/07
Mystik
Media Products NCTAudioFile2 ActiveX Control Buffer Overflow
25/01/07
NextLevel
Systems Products NCTAudioFile2 ActiveX Control BufferOverflow
25/01/07
Roemer
Software Products NCTAudioFile2 ActiveX Control BufferOverflow
25/01/07
BBClone
"BBC_LIB_PATH" File Inclusion Vulnerability
25/01/07
AWFFull
Unspecified Buffer Overflows
25/01/07
Linux-PAM
Login Bypass Security Vulnerability
25/01/07
phpXMLDOM
"path" File Inclusion Vulnerabilities
25/01/07
PHP
Link Directory "URL" Script Insertion Vulnerability
25/01/07
FreeWebShop.org
"lang_file" File Inclusion Vulnerability
25/01/07
MaklerPlus
Unspecified Vulnerabilities
25/01/07
BrightStor
ARCserve Backup for Laptops & Desktops Vulnerabilities
25/01/07
Secunia
Random PHP Quote pwd.txt Password Disclosure
25/01/07
Audio
Edit Magic NCTAudioFile2 ActiveX Control Buffer Overflow
25/01/07
Code-it
Software Products NCTAudioFile2 ActiveX Control BufferOverflow
25/01/07
Magic
Video Products NCTAudioFile2 ActiveX Control Buffer Overflow
25/01/07
Movavi
Products NCTAudioFile2 ActiveX Control Buffer Overflow
25/01/07
DB
Audio Mixer And Editor NCTAudioFile2 ActiveX Control BufferOverflow
25/01/07
Gentoo
Update for xine-ui
25/01/07
EXPStudio
Audio Editor NCTAudioFile2 ActiveX Control Buffer Overflow
25/01/07
SoftDiv
Software Products NCTAudioFile2 ActiveX Control BufferOverflow
25/01/07
Xrlly
Software NCTAudioFile2 ActiveX Control Buffer Overflow
25/01/07
Altdo
Software Products NCTAudioFile2 ActiveX Control Buffer Overflow
25/01/07
Secunia
Smart PHP Subscriber pwd.txt Password Disclosure
25/01/07
Secunia
Website Baker "REMEMBER_KEY" Cookie SQL Injection
25/01/07
Secunia
Vote! Pro PHP "eval()" Injection Vulnerability
24/01/07
SUSE
Update for xine
24/01/07
Secunia
Enthusiast Cross-Site Scripting and SQL Injection
24/01/07
VisoHotlink
"mosConfig_absolute_path" File Inclusion Vulnerability
24/01/07
SUSE
Update for acroread
24/01/07
Gentoo
Update for sun-jdk and sun-jre-bin
24/01/07
Gentoo
Update for acroread
24/01/07
Gentoo
Update for mod-auth-kerb
24/01/07
Red Hat
Update for acroread
24/01/07
Rumpus
Multiple Vulnerabilities
23/01/07
Transmit
"sftp://" URI Handler Buffer Overflow
23/01/07
Microsoft
Help Workshop Two Buffer Overflow Vulnerabilities
23/01/07
Fritz!Box
UDP Packet SIP Denial of Service
23/01/07
SUSE
Update for Multiple Packages
23/01/07
Debian
Update for netrik
23/01/07
OpenBSD
ICMP6 Denial of Service Vulnerability
23/01/07
Django
Two Vulnerabilities
23/01/07
MGB
"id" SQL Injection Vulnerability
19/01/07
SUSE
Update for IBMJava2
19/01/07
WebGUI
User Name Script Insertion Vulnerability
19/01/07
uniForum
"wbsearch.aspx" SQL Injection Vulnerability
19/01/07
SISCO
OSI Stack Denial of Service Vulnerability
19/01/07
HP-UX
IPFilter Unspecified Denial of Service Vulnerability
19/01/07
Fedora
Update for squirrelmail
19/01/07
PentaZip
Archive Handling Vulnerabilities
19/01/07
Micrsoft
Revised Security Bulletin MS07-002: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198)
19/01/07
Oracle
Products Multiple Vulnerabilities
18/01/07
Ezboxx
Portal Multiple Vulnerabilities
17/01/07
Secunia
FdWeB Espace Membre "path" File Inclusion Vulnerability
17/01/07
Gentoo
Update for wordpress
17/01/07
Gentoo
Update for oftpd
17/01/07
oftpd
LPSV and LPRT Denial of Service Vulnerability
17/01/07
GOsa
Unspecified Manipulation of Data
17/01/07
Secunia
MiNT Haber Sistemi "id" SQL Injection Vulnerability
17/01/07
IPCop
Update for various packages
17/01/07
Secunia
Okul Web Otomasyon Sistemi "id" SQL Injection Vulnerability
17/01/07
Ubuntu
Update for krb5
17/01/07
rPath
Update for gd
17/01/07
Fedora
Update for w3m
17/01/07
SUSE
Update for opera
16/01/07
Gentoo
Update for w3m
16/01/07
Gentoo
Update for openoffice
16/01/07
Poplar
Gedcom Viewer "env[rootPath]" File Inclusion Vulnerability
16/01/07
Gentoo
Update for opera
16/01/07
SUSE
Update for cacti
15/01/07
SUSE
Update for mozilla
15/01/07
Ubuntu
Update for openoffice.org
15/01/07
Mandriva
Update for mozilla-firefox
15/01/07
Mandriva
Update for mozilla-thunderbird
15/01/07
Mandriva
Update for OpenOffice.org
12/01/07
Mandriva
Update for nvidia
12/01/07
Red Hat
Update for acroread
12/01/07
Mandriva
Update for krb5
12/01/07
Astaro
Update for ClamAV
12/01/07
Axiom
Photo/News Gallery "baseAxiomPath" File Inclusion Vulnerability
12/01/07
Apple
Mac OS X UFS ffs_mountfs() Integer Overflow
12/01/07
SUSE
Update for w3m
12/01/07
Gentoo
Update for seamonkey
12/01/07
Kerberos
Kadmind "mechglue" Code Execution Vulnerability
11/01/07
Adobe
Reader Unspecified Heap Corruption Vulnerability
11/01/07
Magic Photo
Storage "_config[site_path]" File Inclusion Vulnerability
11/01/07
SUSE
Update for Kerberos
11/01/07
Fedora Core 5
Update for krb5
11/01/07
Kerberos
Kadmind xprt->xp_auth Code Execution Vulnerability
11/01/07
Fedora
Update for krb5
11/01/07
adobe
ColdFusion MX File Content Disclosure Vulnerability
11/01/07
Microsoft
Excel Unspecified Code Execution Vulnerability
10/01/07
Microsoft
Windows Vector Markup Language Buffer Overflow
10/01/07
Microsoft
Outlook Multiple Vulnerabilities
10/01/07
Microsoft
Office Brazilian Portuguese Grammar Checker Vulnerability
10/01/07
SUSE
Update for Sun Java
10/01/07
Direct
Web Rendering Security Bypass and Denial of Service
10/01/07
VMWare
ESX Server Multiple Vulnerabilities
10/01/07
Debian
Update for openoffice.org
10/01/07
Debian
Update for libapache-mod-auth-kerb
10/01/07
Sun
Solaris update for gzip
10/01/07
Microsoft
Excel Unspecified Code Execution Vulnerability
10/01/07
IBM
AIX ftpd Two Vulnerabilities
10/01/07
rPath
Update for openoffice.org
10/01/07
Sun
Java System Content Delivery Server Content Details Disclosure
10/01/07
phpMyFAQ
SQL Injection and File Upload Vulnerability
10/01/07
Cisco
Secure ACS Multiple Vulnerabilities
09/01/07
Secunia
Opera Browser Two Vulnerabilities
08/01/07
Wordpress
Unspecified Vulnerability
08/01/07
Apple
iLife iPhoto Photocast XML "title" Format String Vulnerability
08/01/07
Ubuntu
Update for mozilla-thunderbird
08/01/07
Gentoo
Update for mozilla-thunderbird
08/01/07
Secunia
Fedora update for openoffice.org
08/01/07
SUSE
Update for OpenOffice_org
08/01/07
Secunia
Simple Web Content Management System "id" SQL Injection
08/01/07
Secunia
PowerArchiver PAISO.DLL ISO File Handling Buffer Overflow
08/01/07
Secunia
E-SMART CART "product_id" SQL Injection Vulnerability
08/01/07
Secunia
WineGlass Database Disclosure Security Issue
08/01/07
CMS
Simple Web Content Management System "id" SQL Injection
05/01/07
PowerArchiver
PowerArchiver PAISO.DLL ISO File Handling Buffer Overflow
05/01/07
OpenOffice
OpenOffice WMF/EMF Integer Overflow Vulnerability
05/01/07
Red Hat
Red Hat update for openoffice.org
05/01/07
Gentoo
Gentoo update for denyhosts
05/01/07
VLC Media Player
VLC Media Player "udp://" URI Handling Format String Vulnerability
04/01/07
rPath
rPath update for thunderbird
04/01/07
Ubuntu
Ubuntu update for w3m
04/01/07
Ubuntu
Ubuntu update for firefox
04/01/07
Apple
Apple Quicktime RTSP URL Handling Buffer Overflow Vulnerability
03/01/07
Novell
Novell NetMail NMAP/IMAP Multiple Vulnerabilities
03/01/07

About this Site & Accessibility | Legal, Privacy & Copyright Information | Sitemap | newzealand.govt.nz

Accessibility Page: 0 | Homepage: 1 | Sitemap: 2 | About CCIP: 4 | Vulnerabilities: 5 | Incidents: 6 | Newsroom: 7 | gcsb.govt.nz: 8 | Contact CCIP: 9 | Skip Link: [ | newzealand.govt.nz: /