Report an Incident

If you are a CNI organisation and you have encountered or suspect a cyber threat, please complete and return an Incident Reporting Form.

All incident reports provided to the CCIP are treated in the strictest of confidence. Please see our Confidentiality Charter for more details. Read More

New at CCIP

Current e-Bulletin The CCIP e-Bulletin provides a snapshot of security related news
Read More

Centre for Critical Infrastructure Protection

Home | Vulnerabilities | Vulnerability Alert Archives | February 2007

February 2007

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.

Reference	Description	Date
SUSE	Update for kernel	28/02/07
Secunia	Audins Audiens Authentication Bypass	28/02/07
Stanford	Conference And Research Forum "generaloptions.php" Security Bypass	28/02/07
Fedora	Update for seamonkey	28/02/07
Secunia	Netscape Multiple Vulnerabilities	28/02/07
Pagesetter	"id" File Disclosure Vulnerability	28/02/07
Fedora	Update for nspr and nss	28/02/07
Gentoo	Update for nexuiz	28/02/07
Nexuiz	Denial of Service and Command Injection	28/02/07
Secunia	STWC-Counter "stwc_counter_verzeichniss" File Inclusion Vulnerabilities	28/02/07
Fedora	Update for firefox	28/02/07
Avaya	Products Linux Kernel Denial of Service	28/02/07
rPath	Update for firefox	28/02/07
SUSE	Update for clamav	28/02/07
Fedora	Update for php	28/02/07
Pickle	"file" Directory Traversal Vulnerability	27/02/07
Shop Kit Plus	"changetheme" Local File Inclusion	27/02/07
Secunia	PhotoStand Cross-Site Scripting and Script Insertion	27/02/07
Secunia	Xt:Commerce "template" Local File Inclusion	27/02/07
Secunia	CS-Gallery "album" File Inclusion Vulnerability	27/02/07
Secunia	NukeSentinel "Client-IP" SQL Injection Vulnerability	27/02/07
Red Hat	Stronghold update for php	27/02/07
Red Hat	Update for firefox	27/02/07
Gentoo	Multiple Vulnerabilities in ufo2000	27/02/07
Red Hat	Update for seamonkey	27/02/07
Mandriva	Update for spamassassin	27/02/07
rPath	Update for spamassassin	27/02/07
Secunia	Mozilla Thunderbird Multiple Vulnerabilities	26/02/07
Secunia	Network Security Services SSLv2 Processing Buffer Overflows	26/02/07
Secunia	Mozilla SeaMonkey Multiple Vulnerabilities	26/02/07
Secunia	Mozilla Firefox Multiple Vulnerabilities	26/02/07
Secunia	Connectix Boards SQL Injection and File Upload	26/02/07
SUSE	Update for clamav	26/02/07
Secunia	TeeChart Pro ActiveX Control Insecure Methods	26/02/07
Hitachi	JP1/Cm2/Network Node Manager Unspecified Vulnerabilities	26/02/07
Secunia	eFiction "path_to_smf" Two File Inclusion Vulnerabilities	26/02/07
Macrovision	FLEXnet Connect Update Service Agent Buffer Overflow	26/02/07
SGI	Advanced Linux Environment 3 Multiple Updates	26/02/07
InstallShield	InstallFromTheWeb Multiple Buffer Overflows	26/02/07
Secunia	ZPanel "body" and "page" File Inclusion Vulnerabilities	26/02/07
Secunia	LoveCMS Multiple Vulnerabilities	26/02/07
Secunia	FlashGameScript "func" File Inclusion Vulnerability	26/02/07
SupportSoft	ActiveX Controls Buffer Overflow Vulnerabilities	26/02/07
VeriSign	ConfigChk ActiveX Control Buffer Overflow	26/02/07
Symantec	Multiple Products SupportSoft ActiveX Controls Buffer Overflow	26/02/07
Slackware	Update for php	26/02/07
TYPO3	Mail Header Injection Vulnerability	26/02/07
Mandriva	Update for php	26/02/07
Cisco	Unified IP Conference Station / IP Phone Default Accounts	23/02/07
Mandriva	Update for ekiga	23/02/07
Fedora	Update for php	23/02/07
Secunia	PhpTrafficA "file" and "lang" Local File Inclusion	23/02/07
Trend Micro	ServerProtect for Linux Web Interface AuthenticationBypass	23/02/07
Red Hat	Update for spamassassin	23/02/07
Fedora	Update for ekiga	23/02/07
Ubuntu	Update for php	23/02/07
Red Hat	Update for php	22/02/07
Trend Micro	ServerProtect Buffer Overflow Vulnerabilities	22/02/07
Online Web Building	"art_id" SQL Injection Vulnerability	22/02/07
Secunia	PHP-Nuke HTTP "referer" SQL Injection Vulnerability	22/02/07
Nortel	Threat Protection System DCE/RPC Preprocessor Buffer Overflow	22/02/07
Ultimate	Fun Book "gbpfad" File Inclusion Vulnerability	22/02/07
Red Hat	Update for koffice	22/02/07
Red Hat	Update for php	21/02/07
Sourcefire	Intrusion Sensor DCE/RPC Preprocessor Buffer Overflow	21/02/07
Snort	DCE/RPC Preprocessor Buffer Overflow	21/02/07
Mandriva	Update for clamav	21/02/07
Secunia	Turuncu Portal "id" SQL Injection Vulnerability	20/02/07
Htaccess	Passwort Generator "ht_pfad" File Inclusion Vulnerability	20/02/07
DCC	Unspecified Manipulation of Data	20/02/07
Secunia	VicFTPS Data Processing Buffer Overflow	20/02/07
SUSE	Update for Multiple Packages	20/02/07
Gentoo	Update for sun-jkd and sun-jre-bin	20/02/07
Gentoo	Update for emul-linux-x86-java	20/02/07
LifeType	Unspecified File Retrieval Vulnerability	19/02/07
Trend Micro	OfficeScan Client Unspecified ActiveX Buffer Overflow	19/02/07
Gentoo	Update for fail2ban	19/02/07
Red Hat	Update for ImageMagick	19/02/07
SpamAssassin	Long URI Denial of Service	19/02/07
Ubuntu	Update for imagemagick	19/02/07
Fedora	Update for spamassassin	19/02/07
ClamAV	MIME Header Handling and CAB File Processing Vulnerabilities	19/02/07
Mozilla Firefox	"locations.hostname" DOM Property HandlingVulnerability	19/02/07
HP	Serviceguard Unspecified Remote Access Vulnerability	19/02/07
Apple	Mac OS X Security Update Fixes Multiple Vulnerabilities	17/02/07
Cisco	PIX SIP Inspection Denial of Service	16/02/07
Cisco	PIX and ASA Privilege Escalation and Denial of Service	16/02/07
Debian	Update for imagemagick	16/02/07
IP3	NetAccess "getfile.cgi" Directory Traversal Vulnerability	16/02/07
Cisco	Firewall Services Module Multiple Vulnerabilities	16/02/07
Cisco	Firewall Services Module SIP DoS and ACL Corruption	16/02/07
Microsoft	Word Unspecified Memory Corruption Vulnerability	16/02/07
Gentoo	Update for rar and unrar	15/02/07
Cisco	IOS IPS Security Bypass and Denial of Service	15/02/07
Sun	Solaris TCP Subsystem Denial of Service	15/02/07
HP-UX	Single Logical Screen Daemon Arbitrary File Access	15/02/07
Gentoo	Update for samba	15/02/07
Microsoft	Windows OLE Dialog Memory Corruption Vulnerability	15/02/07
Microsoft	RichEdit OLE Dialog Memory Corruption Vulnerability	15/02/07
Microsoft	MFC OLE Dialog Memory Corruption Vulnerability	15/02/07
Microsoft	Step-by-Step Interactive Training Bookmark Link File BufferOverflow	15/02/07
Microsoft	MS07-016: Cumulative Security Update for Internet Explorer	14/02/07
Microsoft	MS07-015: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution	14/02/07
Microsoft	MS07-014: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution	14/02/07
Microsoft	MS07-010: Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution	14/02/07
Microsoft	MS07-009: Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution	14/02/07
Microsoft	MS07-008: Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution	14/02/07
Aruba	Mobility Controller Two Vulnerabilities	14/02/07
Secunia	Virtual Calendar Password Disclosure and Cross-Site Scripting	14/02/07
Sun	Solaris Mozilla 1.7 Vulnerabilities	14/02/07
Trustix	Update for Various Packages	14/02/07
Secunia	EXtreme File Hosting File Upload Vulnerability	14/02/07
uTorrent	"announce" Option Buffer Overflow	14/02/07
Sun	Solaris "in.telnetd" Authentication Bypass	14/02/07
ejabberd	"mod_roster_odbc" Unspecified Vulnerability	13/02/07
Ubuntu	Update for kernel	13/02/07
Plain	Old Webserver Directory Traversal Vulnerability	13/02/07
MIMEDefang	Unspecified Buffer Overflow Vulnerability	13/02/07
PHP	Multiple Vulnerabilities	12/02/07
AXIGEN	Mail Server Denial of Service Vulnerabilities	12/02/07
Kiwi	CatTools TFTP Server Directory Traversal Vulnerability	12/02/07
SysCP	Execution of Arbitrary Commands	09/02/07
Secunia	Webmatic Two File Inclusion Vulnerabilities	09/02/07
Mandriva	Update for kernel	09/02/07
RARLabs	UnRAR Password Prompt Buffer Overflow Vulnerability	09/02/07
Trend Micro	Products UPX Processing Buffer Overflow Vulnerability	09/02/07
Red Hat	Update for java-1.4.2-ibm	09/02/07
Secunia	Alipay PTA Module ActiveX Control Code Execution Vulnerability	09/02/07
Secunia	DevTrack Script Insertion and SQL Injection Vulnerabilities	09/02/07
Debian	Update for mozilla-thunderbird	08/02/07
Ubuntu	Update for samba	08/02/07
Fedora	Update for wireshark	08/02/07
Avaya	Products GnuPG Multiple Vulnerabilities	07/02/07
Debian	Update for samba	07/02/07
VirtueMart	Unspecified SQL Injection and Cross-Site Scripting	07/02/07
Mandriva	Update for samba	07/02/07
Samba	Denial of Service and Format String Vulnerability	07/02/07
Secunia	phpBB++ "phpbb_root_path" File Inclusion Vulnerability	07/02/07
rPath	Update for wireshark and tshark	07/02/07
Mandriva	Update for wireshark	07/02/07
Microsoft	Office Unspecified String Handling Vulnerability	07/02/07
Secunia	phpEventMan "level" File Inclusion Vulnerabilities	07/02/07
Secunia	GOM Player ASX Playlist Buffer Overflow	07/02/07
Debian	Update for mozilla-firefox	07/02/07
Red	Hat update for squirrelmail	02/02/07
Gentoo	Update for thttpd	02/02/07
Wireshark	Multiple Denial of Service Vulnerabilities	02/02/07
Gentoo	Update for elinks	02/02/07
Cisco	IOS SIP Packet Handling Reload Denial of Service	01/02/07
Sun	Solaris ICMP Denial of Service Vulnerability	01/02/07