Current e-BulletinThe CCIP e-Bulletin provides a snapshot of security related news.
Read More
Latest Information Note VoIP. This report outlines characteristics and history of VoIP.
Read More
Go to the New Zealand Government Website

March 2007

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.
Reference Description Date
mod_perl
"path_info" Denial of Service Vulnerability
30/03/07
Corel
WordPerfect Document Processing Buffer Overflow
30/03/07
Joomla
Component D4J eZine "article" SQL Injection Vulnerability
30/03/07
Cisco
Unified CallManager and Presence Server ICMP Echo and IPSecDenial of Service
30/03/07
rPath
Update for inkscape
30/03/07
Ubuntu
Update for xmms
29/03/07
NaviCOPA
GET cgi-bin/cgi Request Buffer Overflow Vulnerability
29/03/07
IBM
Lotus Domino Cross-Site Scripting and Buffer Overflow Vulnerabilities
29/03/07
Ubuntu
Update for openoffice.org
29/03/07
Mandriva
Update for evolution
29/03/07
Web
Content System "path[JavascriptEdit]" File Inclusion
29/03/07
Slackware
Update for libwpd
28/03/07
Gentoo
Mgv Buffer Overflow Vulnerability
28/03/07
Avaya
Products php Multiple Vulnerabilities
28/03/07
Ubuntu
Update for evolution
28/03/07
StarOffice
Two Vulnerabilities
28/03/07
Ubuntu
Update for squid
28/03/07
WinDVD
IASystemInfo.dll ActiveX Control Buffer Overflow
27/03/07
dproxy
UDP Packet Buffer Overflow Vulnerability
27/03/07
SGI
Advanced Linux Environment Multiple Updates
27/03/07
Mercur
Messaging IMAP SUBSCRIBE Command Buffer Overflow
27/03/07
Sun
Java System Directory Server "ns-slapd" Denial of Service
27/03/07
Secunia
PHPX Multiple SQL Injection and Cross-Site Scripting
26/03/07
LAN
Management System Multiple File Inclusion
26/03/07
Mandriva
Update for inkscape
26/03/07
Mandriva
Update for squid
26/03/07
Inkscape
Format String Vulnerabilities
23/03/07
Red Hat
update for openoffice.org
23/03/07
Ubuntu
Update for inkscape
23/03/07
Secunia
Active Link Engine "catid" SQL Injection Vulnerability
23/03/07
Secunia
Active Photo Gallery "catid" SQL Injection Vulnerability
23/03/07
Secunia
W-Agora Multiple Vulnerabilities
22/03/07
OpenOffice.org
Multiple Vulnerabilities
22/03/07
SUSE
Update for openoffice_org and libwpd
22/03/07
Grandstream
BudgeTone 200 SIP Messages "WWW-Authenticate" Denial of Service
22/03/07
Squid
TRACE Request Denial of Service Vulnerability
22/03/07
XMMS
Integer Overflow and Underflow Vulnerabilities
22/03/07
Asterisk
SIP INVITE Denial of Service Vulnerability
22/03/07
Web
Wiz Forums "formatSQLInput()" SQL Injection
22/03/07
Debian
Update for openoffice.org
22/03/07
Evolution
Shared Memo Categories Format String Vulnerability
22/03/07
Gentoo
Update for nss
22/03/07
CinePlayer
IASystemInfo.dll ActiveX Control Buffer Overflow
22/03/07
InterActual
Player IASystemInfo.dll ActiveX Control Buffer Overflow
22/03/07
Gentoo
Update for php
22/03/07
Secunia
Particle Blogger "postid" SQL Injection Vulnerability
21/03/07
SUSE
Update for Mozilla Thunderbird and seamonkey
21/03/07
Secunia
Cisco IP Phone 7940/7960 SIP INVITE Denial of Service Vulnerability
21/03/07
Ubuntu
Update for libwpd
21/03/07
Secunia
NPDS "_FILES[DB][tmp_name]" SQL Injection Vulnerability
21/03/07
Fedora
Update for libwpd
21/03/07
Gentoo
Update for mod_jk
20/03/07
Gentoo
Update for ltsp
20/03/07
Mandriva
Update for libwpd
20/03/07
Mandriva
Update for openoffice.org
20/03/07
Secunia
MPM Chat "logi" Local File Inclusion Vulnerability
20/03/07
Secunia
Katalog Plyt Audio "kolumna" SQL Injection Vulnerability
20/03/07
Debian
Update for libwpd
20/03/07
Gentoo
Update for thunderbird
20/03/07
Gentoo
Update for asterisk
20/03/07
rPath
Update for gnupg
20/03/07
rPath
Update for libwpd
20/03/07
Gentoo
Update for ulogd
20/03/07
Secunia
Absolute Image Gallery XE "categoryid" SQL Injection
19/03/07
SUSE
Update for kernel
19/03/07
Fujitsu
FENCE-Pro Self-Decoding File Information Disclosure
19/03/07
Secunia
Creative Guestbook Authentication Bypass and Script Insertion
19/03/07
Secunia
Web-app.org WebAPP Unspecified Security Bypass
19/03/07
CA
BrightStor ARCserve Backup Vulnerabilities
19/03/07
WebSphere
Application Server JSP Source Code Disclosure
19/03/07
Sun
Java System Web Server Unspecified Information Disclosure
19/03/07
Debian
Update for webcalendar
19/03/07
Gentoo
Net-misc/ssh Vulnerability
16/03/07
Sun
Solaris Adobe Acrobat Multiple Vulnerabilities
16/03/07
Trend
Micro Products UPX Processing Denial of Service
16/03/07
SUSE
Update for php4 and php5
16/03/07
Red
Hat update for wireshark
16/03/07
Linux
Kernel NULL Pointer Dereferences and Security Bypass
15/03/07
Mac
OS X Security Update Fixes Multiple Vulnerabilities
15/03/07
Secunia
War FTP Daemon Unspecified Buffer Overflow Vulnerability
15/03/07
Adobe
JRun IIS 6 Connector Denial of Service
15/03/07
MySQL
Commander "home" File Inclusion Vulnerability
15/03/07
Debian
Update for gnupg
15/03/07
McAfee
EPolicy Orchestrator / ProtectionPilot ActiveX Control BufferOverflows
15/03/07
Gentoo
Update for amarok
15/03/07
Mandriva
Update for mplayer
14/03/07
Mandriva
Update for xine-lib
14/03/07
Secunia
Xine-lib Two Buffer Overflow Vulnerabilities
14/03/07
HP-UX
Update for JRE / JDK
14/03/07
Ubuntu
Update for xine-lib
14/03/07
Ubuntu
Update for ktorrent
14/03/07
MPlayer
Two Buffer Overflow Vulnerabilities
14/03/07
Fedora
Update for gnupg
14/03/07
OpenBSD
Unspecified ICMP6 Packet "mbuf" Vulnerability
13/03/07
Debian
Update for mozilla
13/03/07
Gentoo
Update for seamonkey
13/03/07
Secunia
PHP-Nuke "lang" Local File Inclusion Vulnerability
13/03/07
KTorrent
Two Vulnerabilities
13/03/07
Secunia
D-Link TFTP Server Data Handling Memory Corruption
13/03/07
WORK
System e-commerce "g_include" File Inclusion Vulnerability
13/03/07
Trustix
Update for php4
12/03/07
Magic
CMS "file" File Inclusion Vulnerability
12/03/07
Mandriva
Update for gnupg and gpgme
12/03/07
Debian
Update for php4
09/03/07
Slackware
Update for imagemagick
09/03/07
Slackware
Update for mozilla-firefox
09/03/07
Slackware
Update for seamonkey
09/03/07
Slackware
Update for mozilla-thunderbird
09/03/07
Novell
Netmail WebAdmin Long Username Buffer Overflow
09/03/07
Ubuntu
Update for gnupg
09/03/07
Slackware
Update for gnupg
09/03/07
Ubuntu
Update for thunderbird
08/03/07
Mandriva
Update for thunderbird
08/03/07
Avaya
Products PHP Multiple Vulnerabilities
08/03/07
SUSE
Update for Mozilla Firefox and seamonkey
08/03/07
SILC
Server Invalid hmac/cipher Denial of Service
08/03/07
Asterisk
Unspecified SIP Packet Handling Denial of Service
08/03/07
Mercury
Mail Transport System IMAP Data Handling Buffer Overflow
08/03/07
HP-UX
Update for GZIP
08/03/07
Conquest
"metaGetServerList()" and "processPacket()" Vulnerabilities
08/03/07
Ipswitch
IMail Server/Collaboration Suite Multiple Buffer Overflows
08/03/07
Debian
Update for clamav
08/03/07
Mani Stats Reader
"ipath" File Inclusion Vulnerability
07/03/07
Secunia
HyperBook Guestbook "data/gbconfiguration.dat" Information Disclosure
07/03/07
Red Hat
Update for gnupg
07/03/07
Enigmail
"--status-fd" Incorrect GnuPG Usage
07/03/07
WebCalendar
"noSet" Variable Overwrite Vulnerability
07/03/07
Sava's
GuestBook Script Insertion and SQL Injection
07/03/07
Links
Management Application "lcnt" SQL Injection
07/03/07
GNUMail
"--status-fd" Incorrect GnuPG Usage
07/03/07
Evolution
"--status-fd" Incorrect GnuPG Usage
07/03/07
KMail
"--status-fd" Incorrect GnuPG Usage
07/03/07
Mutt
"--status-fd" Incorrect GnuPG Usage
07/03/07
Sylpheed
"--status-fd" Incorrect GnuPG Usage
07/03/07
Apple
QuickTime Multiple Vulnerabilities
07/03/07
Fedora
Update for thunderbird
07/03/07
Simple Invoices
PDF Print Preview Security Bypass
06/03/07
Secunia
MailEnable IMAP Service "APPEND" Buffer Overflow
06/03/07
WordPress
Command Execution and PHP "eval()" Injection
06/03/07
Apache
Tomcat JK Web Server Connector Long URL Buffer Overflow
06/03/07
Lenovo
Intel PRO/1000 LAN Adapter Software Unspecified Vulnerability
06/03/07
EMC
NetWorker Management Console Weak Authentication
06/03/07
Kaspersky
Anti-Virus Engine UPX Processing Denial of Service
06/03/07
Red Hat
Update for thunderbird
06/03/07
Gentoo
Update for mozilla-firefox and mozilla-firefox-bin
06/03/07
ANGEL
Learning Management Suite "id" SQL Injection
06/03/07
Gentoo
Update for emul-linux-x86-qtlibs
06/03/07
Secunia
ISPUtil "activesessions.ini" Information Disclosure
06/03/07
Gentoo
Multiple Vulnerabilities in mozilla and mozilla-bin
06/03/07
Novell
Access Manager SSLVPN Server "policy.txt" Security Bypass
05/03/07
Gentoo
Update for spamassassin
05/03/07
Gentoo
Update for clamav
05/03/07
Symantec
Mail Security for SMTP Unspecified Message HandlingVulnerability
05/03/07
Gentoo
Update for snort
05/03/07
Secunia
Blender KML/KMZ Import Command Injection Vulnerability
02/03/07
Mandriva
Update for firefox
02/03/07
Ubuntu
Update for firefox
02/03/07
Gentoo
Update for mplayer
02/03/07
Citrix
Presentation Server Client Unspecified Code Execution
02/03/07
Cisco
NAM SNMP Spoofing Vulnerability
02/03/07
Secunia
XM Easy Personal FTP Server Format String Vulnerability
02/03/07
MPlayer
RTSP Stream Buffer Overflow Vulnerability
02/03/07
Secunia
FCRing "s_fuss" File Inclusion Vulnerability
02/03/07
SGI
Update for seamonkey
02/03/07
Secunia
SQLiteManager "SQLiteManager_currentTheme" Directory Traversal
01/03/07
Fedora
Update for firefox
01/03/07
rPath
Update for php, php-mysql, and php-pgsql
01/03/07
Secunia
SHOUTcast Logfile Script Insertion Vulnerability
01/03/07
Gentoo
Update for chmlib
01/03/07

About this Site & Accessibility | Legal, Privacy & Copyright Information | Sitemap | newzealand.govt.nz

Accessibility Page: 0 | Homepage: 1 | Sitemap: 2 | About CCIP: 4 | Vulnerabilities: 5 | Incidents: 6 | Newsroom: 7 | gcsb.govt.nz: 8 | Contact CCIP: 9 | Skip Link: [ | newzealand.govt.nz: /