Current e-BulletinThe CCIP e-Bulletin provides a snapshot of security related news.
Read More
Latest Information Note VoIP. This report outlines characteristics and history of VoIP.
Read More
Go to the New Zealand Government Website

April 2007

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.
Reference Description Date
MyDNS
DNS Update Denial of Service
30/04/07
Ubuntu
Update for php
30/04/07
Gimp
SUNRAS Plugin "set_color_table()" Buffer Overflow
30/04/07
IBM
WebSphere Application Server Unspecified Vulnerability
30/04/07
IncrediMail
IMMenuShellExt ActiveX Control Buffer Overflow
30/04/07
Red Hat
update for java-1.4.2-ibm
30/04/07
Secunia
AccuSoft ImageGear igcore15d.dll Buffer Overflow Vulnerability
27/04/07
Secunia
NaviCOPA GET Request Denial of Service Vulnerability
27/04/07
Ripe
Website Manager SQL Injection and Cross-Site Scripting
26/04/07
Secunia
Adobe Photoshop Bitmap File Handling Buffer Overflow Vulnerability
26/04/07
Avaya
Products Wireshark Multiple Denial of Service Vulnerabilities
26/04/07
Secunia
InterVideo HomeTheater WinDVDX ActiveX Control Buffer Overflow
26/04/07
Asterisk
T.38 SDP Buffer Overflows and Management Interface Denial ofService
26/04/07
CA
BrightStor ARCserve Backup Media Server Multiple Buffer Overflows
26/04/07
SilverStripe
"search" Unspecified Vulnerability
26/04/07
Gentoo
Update for clamav
26/04/07
SUSE
Update for opera
26/04/07
Debian
Update for aircrack-ng
26/04/07
Secunia
Post Revolution "dir" File Inclusion Vulnerabilities
26/04/07
Secunia
Big Blue Guestbook "comments" Script Insertion
26/04/07
Secunia
EsForum "idsalon" SQL Injection Vulnerability
26/04/07
Microgaming
Download Helper ActiveX Control Buffer Overflow Vulnerability
26/04/07
OpenBSD
IPv6 Type 0 Route Headers Denial of Service
26/04/07
Secunia
ACVSWS "CheminInclude" File Inclusion Vulnerability
26/04/07
HP-UX
Sendmail Unspecified Denial of Service
26/04/07
Gentoo
Update for blender
26/04/07
Apple
QuickTime Java Handling Unspecified Code Execution
26/04/07
SUSE
Update for Multiple Packages
24/04/07
3proxy
Transparent Request Handling Buffer Overflow
24/04/07
Secunia
ACDSee Products "ID_X.apl" XPM File Handling Buffer Overflow
24/04/07
Secunia
XnView XPM File Handling Buffer Overflow
24/04/07
Gentoo
Update for aircrack-ng
24/04/07
Gentoo
Update for 3proxy
24/04/07
Trustix
Update for freetype and clamav
24/04/07
Nortel
VPN Router Security
23/04/07
SUSE
Update for clamav
23/04/07
Slackware
Update for freetype
23/04/07
Nortel
VPN Router Default User Accounts and Missing AuthenticationChecks
23/04/07
Red Hat
Stronghold update for php
23/04/07
Slackware
Update for xine-lib
23/04/07
HP
Oracle for OpenView Multiple Vulnerabilities
23/04/07
Secunia
PHP-Nuke SQL Filter Bypass and SQL Injection Vulnerabilities
23/04/07
Apple
Updates for Multiple Vulnerabilities
20/04/07
SUSE
Update for clamav
20/04/07
Sun
Solaris Mozilla 1.7 Vulnerabilities
20/04/07
Second
Sight ActiveMod ActiveX Control Buffer Overflow Vulnerability
20/04/07
IBM
Tivoli Monitoring Various Services Buffer OverflowVulnerabilities
20/04/07
Novell
GroupWise WebAccess Base64 Decoding Buffer Overflow
20/04/07
rPath
Update for lighttpd
20/04/07
BMC
PATROL "bgs_sdservice.exe" Memory Corruption
20/04/07
rPath
Update for php, php-mysql, and php-pgsql
20/04/07
Oracle
Products Multiple Vulnerabilities
19/04/07
Secunia
HP UX Tru64 Multiple SSL and BIND Vulnerabilities
19/04/07
Secunia
HP Insight Management Agents SSL Vulnerabilities
19/04/07
Secunia
ShoutPro "shout" PHP Code Injection Vulnerability
19/04/07
McAfee
VirusScan Enterprise On-Access Scanner Unicode Filename Buffer Overflow
19/04/07
Sun
Solaris and Java Web Console Format String Vulnerability
19/04/07
Gentoo
Update for madwifi-ng
19/04/07
webMethods
Glue "resource" Directory Traversal Vulnerability
19/04/07
PHP-Nuke
VWar Module SQL Injection and Cross-Site Scripting
19/04/07
US-CERT
New Rinbot Variant Attempting to Exploit Microsoft Windows DNS RPC Vulnerability
18/04/07
Secunia
Simple PHP Scripts Gallery "gallery" File Inclusion
18/04/07
Mozilla
Firefox Wizz RSS News Reader Extension Cross-Context Scripting
18/04/07
Red Hat
Update for php
18/04/07
Mandriva
Update for ipsec-tools
18/04/07
Secunia
StoreFront For Gallery "GALLERY_BASEDIR" File InclusionVulnerabilities
18/04/07
Red Hat
Update for php
18/04/07
Akamai
Download Manager ActiveX Control Buffer Overflow Vulnerabilities
18/04/07
Gentoo
Update for inkscape
18/04/07
Gentoo
Update for openoffice and openoffice-bin
18/04/07
Secunia
LS Simple guestbook "message" PHP Code Execution
17/04/07
FileZilla
Unspecified Format String Vulnerabilities
17/04/07
Red Hat
Update for freetype
17/04/07
Red Hat
Update for squid
17/04/07
SUSE
Update for Multiple Packages
17/04/07
Gentoo
Update for xine-lib
17/04/07
LANDesk
Management Suite Alert Service Buffer Overflow
17/04/07
lighttpd
"mtime" and "\r\n\r\n\" Denial of Service Vulnerabilities
17/04/07
Clam AntiVirus
Two Vulnerabilities
16/04/07
PhpWiki
"UpLoad" PHP Script Upload Vulnerability
16/04/07
Open Business Management
Authentication Bypass
16/04/07
Cisco
Wireless Control System Vulnerability and Security Issues
16/04/07
Avaya
Products Incorrect GnuPG Usage
16/04/07
Microsoft
Windows DNS Service Buffer Overflow Vulnerability
16/04/07
IBM
WebSphere Application Server Unspecified Vulnerabilities
13/04/07
CoSign
POST Request Carriage Return Insertion Vulnerabilities
13/04/07
Opera
Unspecified Flash Player Plug-In Vulnerability
13/04/07
Mandriva
Update for madwifi-source
13/04/07
Mandriva
Update for apache-mod_perl
13/04/07
Sun
StarOffice and StarSuite 8 WordPerfect Vulnerability
12/04/07
Microsoft
MS07-018: Content Management Server Two Vulnerabilities
11/04/07
Microsoft
MS07-020: Agent URL Parsing Memory Corruption Vulnerability
11/04/07
Microsoft
MS07-019: Windows XP UPnP Memory Corruption Vulnerability
11/04/07
IPsec
Tools "isakmp_inf.c" Denial of Service
11/04/07
Ubuntu
Update for ipsec-tools
11/04/07
rPath
Update for openoffice.org
11/04/07
Winamp
.MAT File Handling NULL Byte Overwrite
10/04/07
SGI
Update for krb5
10/04/07
Gentoo
Update for libwpd
10/04/07
Debian
Update for xmms
10/04/07
Gentoo
Update for evince
10/04/07
Trustix
Updates for Multiple Packages
10/04/07
FastStone
Image Viewer BMP Image Handling Memory Corruption
10/04/07
ACDSee
Products BMP Image Handling Memory Corruption
10/04/07
Symantec
Enterprise Security Manager Remote Upgrade Missing Authentication
10/04/07
Secunia
IBM OpenSSH for AIX Two Vulnerabilities
10/04/07
SUSE
Update for krb5
10/04/07
HP-UX
Update for CIFS Server
10/04/07
Mozilla
Firefox Firebug Extension "console.log()" Cross-ContextScripting
10/04/07
Novell
Kerberos KDC "krb5_klog_syslog()" Buffer Overflow
10/04/07
SAP
RFC Library Multiple Vulnerabilities
10/04/07
Enterasys
Networks NetSight Products TFTPD/BOOTPD Vulnerabilities
10/04/07
VMware
ESX Server Multiple Vulnerabilities
10/04/07
Kaspersky
Products Multiple Vulnerabilities
10/04/07
FreeType
BDF Font Integer Overflow Vulnerability
10/04/07
Mandriva
Update for freetype2
10/04/07
rpath
Update for ImageMagick
10/04/07
Mandriva
Update for krb5
10/04/07
Slackware
Update for ktorrent
10/04/07
Gentoo
Update for openpbs
10/04/07
MyBB
"Client-IP" SQL Injection and Code Execution
10/04/07
Sun
SEAM Kerberized telnetd Daemon Arbitrary User Login
10/04/07
Ubuntu
Update for krb5
10/04/07
PHP-Nuke
Addressbook Module "module_name" Local File Inclusion
10/04/07
SUSE
Update for Multiple Packages
10/04/07
MadWifi
Denial of Service and Information Disclosure Vulnerabilities
10/04/07
Gentoo
Update for asterisk
10/04/07
HP
OpenView Network Node Manager Unspecified Unauthorized Access
10/04/07
ImageMagick
DCM and XWD Buffer Overflows
10/04/07
IBM
Tivoli Provisioning Manager for OS Deployment"multipart/form-data" Handling Multiple Vulnerabilities
10/04/07
Winmail
Server "sid" Directory Traversal Vulnerability
10/04/07
Netscape
Multiple Vulnerabilities
05/04/07
Yahoo!
Messenger AudioConf ActiveX Control Buffer Overflow
05/04/07
Kerberos
Multiple Vulnerabilities
05/04/07
rPath
Updates for krb5
05/04/07
SolidWorks
Sldimdownload ActiveX Control "Run()" Insecure Method
05/04/07
Gentoo
Update for mit-krb5
05/04/07
Red Hat
update for krb5
05/04/07
Debian
Update for krb5
05/04/07
Microsoft
MS07-017 - Vulnerability in GDI Could Allow Remote Code Execution (925902)
04/04/07
SUSE
Update for gpg
03/04/07
SUSE
Update for gpg
03/04/07
HP
Mercury Quality Center Unspecified ActiveX Control Vulnerability
03/04/07
Sun
Solaris Mozilla 1.7 Vulnerability
03/04/07
Gentoo
Update for squid
03/04/07
Secunia
Advanced Login "root" File Inclusion Vulnerability
02/04/07
CA BrightStor
ARCserve Backup MEDIASVR.EXE RPC Request Code Execution
02/04/07
Sun
Solaris and Java Enterprise System Network Security Services Vulnerabilities
02/04/07
Secunia
VMware ESX Server Multiple Security Updates
02/04/07
Secunia
Linksys Products Information Disclosure Security Issue
02/04/07
Gentoo
Update for ekiga
02/04/07
Mandriva
Update for openoffice.org
02/04/07
Microsoft
Windows Animated Cursor Handling Vulnerability
02/04/07

About this Site & Accessibility | Legal, Privacy & Copyright Information | Sitemap | newzealand.govt.nz

Accessibility Page: 0 | Homepage: 1 | Sitemap: 2 | About CCIP: 4 | Vulnerabilities: 5 | Incidents: 6 | Newsroom: 7 | gcsb.govt.nz: 8 | Contact CCIP: 9 | Skip Link: [ | newzealand.govt.nz: /