Current e-BulletinThe CCIP e-Bulletin provides a snapshot of security related news.
Read More
Latest Information Note VoIP. This report outlines characteristics and history of VoIP.
Read More
Go to the New Zealand Government Website

May 2007

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.
Reference Description Date
LEADTOOLS
LEAD Raster ISIS Object ActiveX Control Buffer Overflow
30/05/07
Avira
Antivir Multiple File Processing Vulnerabilities
30/05/07
Ingate
Firewall and SIParator Multiple Vulnerabilities
30/05/07
Geeklog
CAPTCHA Plugin "_CONF[path]" File Inclusion
30/05/07
Sun
Java System Web Proxy Server SOCKS Module Buffer Overflows
29/05/07
SUSE
Update for Multiple Packages
29/05/07
Gentoo
Blackdown-jdk and blackdown-jre Vulnerabilities
29/05/07
Gentoo
Update for php
29/05/07
LEADTOOLS
LEAD Raster OCR Document Object Library ActiveX ControlBuffer Overflow
29/05/07
Ademco
ATNBaseLoader100 Module ActiveX Control Buffer Overflows
29/05/07
Ubuntu
Update for pulseaudio
29/05/07
gCards
"newsid" SQL Injection Vulnerability
29/05/07
My
Little Forum "id" SQL Injection Vulnerability
29/05/07
Secunia
WabCMS "/db/wabcmsn.mdb" Database Disclosure Security Issue
29/05/07
Secunia
CpCommerce "name" Script Insertion Vulnerability
29/05/07
Secunia
Techno Dreams Web Directory "Database.mdb" Database Disclosure
29/05/07
Secunia
Rm-forum "rmforum.mdb" Database Disclosure Security Issue
29/05/07
Fundanemt
"spellcheck.php" Shell Command Injection Vulnerability
29/05/07
Debian
Update for gforge-plugin-scmcvs
28/05/07
Ubuntu
Update for kernel
28/05/07
SGI
Advanced Linux Environment Multiple Updates
28/05/07
GForge
Cvsweb.php Shell Command Injection Vulnerability
28/05/07
Nortel
Meridian CS 1000 Unspecified Denial of Service Vulnerability
28/05/07
Trustix
Updates for Multiple Packages
28/05/07
cpCommerce
"id_category" SQL Injection
28/05/07
Apple
Mac OS X Security Update for Multiple Vulnerabilities
28/05/07
LEADTOOLS
LEAD Raster Dialog File_D Object ActiveX Control MemoryCorruption
28/05/07
avast!
CAB File Processing Buffer Overflow Vulnerability
25/05/07
LEADTOOLS
LEAD Raster Dialog File Object ActiveX Control MemoryCorruption
25/05/07
2z Project
"rating" SQL Injection
25/05/07
UltraISO
CUE File Parsing Buffer Overflow Vulnerability
25/05/07
WebGUI
"dataform.pm" Security Bypass
25/05/07
rPath
Update for freetype
25/05/07
avast!
CAB File Processing Buffer Overflow Vulnerability
25/05/07
LEADTOOLS
LEAD Raster Dialog File Object ActiveX Control MemoryCorruption
25/05/07
2z Project
"rating" SQL Injection
25/05/07
UltraISO
CUE File Parsing Buffer Overflow Vulnerability
25/05/07
WebGUI
"dataform.pm" Security Bypass
25/05/07
rPath
Update for freetype
25/05/07
Secunia
Sky Software Shell MegaPack ActiveX ShComboBox ActiveX Control BufferOverflow
25/05/07
Cisco
IOS SSL Messages Denial of Service Vulnerabilities
25/05/07
Mandriva
Update for gimp
25/05/07
Ubuntu
Update for php
25/05/07
Cisco
Products Crypto Library Denial of Service
25/05/07
Ubuntu
Update for vim
25/05/07
eScan
Products Agent Service Command Decryption Buffer Overflow
25/05/07
NOD32
Antivirus Two Buffer Overflow Vulnerabilities
25/05/07
HP-UX
Update for Kerberos
25/05/07
AlstraSoft
Live Support managesettings.php Information Disclosure
25/05/07
MadWifi
Multiple Denial of Service Vulnerabilities
25/05/07
SUSE
Update for php
25/05/07
Secunia
Sky Software Shell MegaPack ActiveX ShComboBox ActiveX Control BufferOverflow
24/05/07
Cisco
IOS SSL Messages Denial of Service Vulnerabilities
24/05/07
Mandriva
Update for gimp
24/05/07
Ubuntu
Update for php
24/05/07
Cisco
Products Crypto Library Denial of Service
24/05/07
Ubuntu
Update for vim
24/05/07
eScan
Products Agent Service Command Decryption Buffer Overflow
24/05/07
NOD32
Antivirus Two Buffer Overflow Vulnerabilities
24/05/07
HP-UX
Update for Kerberos
24/05/07
MadWifi
Multiple Denial of Service Vulnerabilities
24/05/07
SUSE
Update for php
24/05/07
ImagN'For Windows
IMW32040.OCX ActiveX Control Buffer Overflows
23/05/07
Group-Office
Message.php and messages.php E-Mail Security Bypass
23/05/07
KSignSWAT
AxKSignSWAT Module ActiveX Control Buffer Overflow
23/05/07
BlockHosts
"hosts.allow" Denial of Service
23/05/07
RSA
BSAFE Unspecified Denial of Service Vulnerability
23/05/07
HT Editor
Display Width Buffer Overflow Vulnerability
23/05/07
FreeType
TTF Font Parsing Vulnerability
23/05/07
MolyX
Board "lang" Local File Inclusion
23/05/07
LEADTOOLS
LEAD ISIS Control ActiveX Control Buffer Overflow
23/05/07
ol'bookmarks
Multiple Vulnerabilities
23/05/07
SUSE
Update for samba
23/05/07
ircd-ratbox
Unspecified Denial of Service Vulnerability
22/05/07
Eggdrop
Server Module Private Message Processing Buffer Overflow
22/05/07
Libstats
"rInfo[content]" File Inclusion Vulnerability
22/05/07
Debian
Update for php5
22/05/07
LEADTOOLS
LEAD Thumbnail Browser Control ActiveX Control BufferOverflow
22/05/07
LEADTOOLS
LEAD Raster Thumbnail Object Library ActiveX Control BufferOverflow
22/05/07
Secunia
Vizayn Urun Tanitim Sitesi "id" SQL Injection
22/05/07
OPeNDAP
BES Software File Enumeration and Command ExecutionVulnerabilities
22/05/07
Secunia
Gazi Download Portal "id" SQL Injection
22/05/07
Secunia
Opera Torrent File Handling Buffer Overflow Vulnerability
22/05/07
SunLight
CMS "root" File Inclusion Vulnerability
22/05/07
Red Hat
Update for gimp
22/05/07
WordPress
"admin-ajax.php" SQL Injection
22/05/07
Interchange
Unspecified HTTP POST Request Handling Denial Of Service
21/05/07
LEADTOOLS
JPEG2000 LTJ2K14.OCX ActiveX Control Buffer Overflow
21/05/07
Globus Toolkit
Nexus Unspecified Denial of Service Vulnerability
21/05/07
Magic
ISO Maker CUE File Parsing Memory Corruption Vulnerability
21/05/07
Gentoo
Update for PhpWiki
21/05/07
Red Hat
Update for ipsec-tools
21/05/07
WinImage
FAT Image Long Pathname Buffer Overflow Vulnerabilities
18/05/07
Norton
Personal Firewall ISAlertDataCOM ActiveX Control Buffer Overflow
18/05/07
Trustix
Updates for Multiple Packages
18/05/07
Red Hat
Update for kernel
18/05/07
Gentoo
Update for samba
18/05/07
Gentoo
Update for samba
18/05/07
PrecisionID
Linear Barcode ActiveX Control Buffer Overflow
18/05/07
SUSE
Updates for Multiple Packages
18/05/07
Sun
JDK ICC and BMP Parser Vulnerabilities
18/05/07
Symantec
Discovery XferWan.exe Packet Parsing Buffer Overflows
18/05/07
Centennial Discovery
XferWan.exe Packet Parsing Buffer Overflows
18/05/07
Little Cms
ICC Profile Parsing Buffer Overflow Vulnerability
18/05/07
Ubuntu
Update for samba
18/05/07
Debian
Update for samba
18/05/07
Geeklog
Media Gallery Module "_MG_CONF[path_html]" File Inclusion
16/05/07
BEA
JRockit Multiple Vulnerabilities
16/05/07
BEA
Products Multiple Vulnerabilities
16/05/07
rPath
Update for samba and samba-swat
16/05/07
Samba
Multiple Vulnerabilities
16/05/07
Slackware
Update for samba
16/05/07
Mandriva
Update for samba
16/05/07
Red Hat
Update for samba
16/05/07
IDAutomation
Linear Barcode ActiveX Control Buffer Overflow
15/05/07
Database Comparer
ActiveX Control Buffer Overflow Vulnerability
15/05/07
CommuniGate
Pro WebMail Script Insertion Vulnerability
15/05/07
Debian
Update for kernel
15/05/07
H-Sphere
SiteStudio "template" Information Disclosure
14/05/07
Apple
Darwin Streaming Server Buffer Overflow Vulnerabilities
14/05/07
Secunia
Original Photo Gallery "x[1]" File Inclusion Vulnerability
14/05/07
Secunia
Thyme "eid" SQL Injection Vulnerability
14/05/07
SGI
Advanced Linux Environment Multiple Updates
14/05/07
Gentoo
Update for imagemagick
14/05/07
Novell
NetMail NMDMC.EXE Buffer Overflow Vulnerability
14/05/07
CA
Buffer Overflow and Privilege Escalation Vulnerabilities
14/05/07
Mandriva
Update for php
14/05/07
SUSE
Update for kernel
11/05/07
Mandriva
Update for vim
11/05/07
SimpleNews
"news_id" SQL Injection Vulnerability
11/05/07
AForum
"CommonAbsDir" and "header" File Inclusion
11/05/07
Symantec
Products NAVOpts.dll ActiveX Control Security BypassVulnerability
11/05/07
Cisco
IOS FTP Server Multiple Vulnerabilities
11/05/07
IBM
WebSphere Application Server Java Message Service UnspecifiedVulnerability
10/05/07
Red Hat
Red Hat update for vim
10/05/07
CGX
"pathCGX" File Inclusion Vulnerability
10/05/07
BearShare
NCTAudioFile2 ActiveX Control Buffer Overflow
10/05/07
Advanced
Guestbook Multiple Vulnerabilities
10/05/07
BarCodeWiz
Barcode ActiveX Control Buffer Overflow Vulnerability
10/05/07
Nokia
Intellisync Mobile Suite Multiple Vulnerabilities
10/05/07
Red Hat
Red Hat update for php
10/05/07
IBM
DB2 Universal Database Unspecified Code Execution Vulnerability
10/05/07
McAfee
SecurityCenter Subscription Manager ActiveX Control BufferOverflow
10/05/07
RIM
TeamOn Import Object ActiveX Control Buffer OverflowVulnerability
10/05/07
Mandriva
Update for clamav
10/05/07
Internet
Explorer Multiple Vulnerabilities
10/05/07
Microsoft
Exchange Multiple Vulnerabilities
10/05/07
Microsoft
Internet Explorer Multiple Vulnerabilities
09/05/07
Microsoft
Microsoft Exchange Multiple Vulnerabilities
09/05/07
Microsoft
Excel Three Code Execution Vulnerabilities
09/05/07
Microsoft
Office Drawing Object Code Execution Vulnerability
09/05/07
CAPICOM
CAPICOM.Certificates ActiveX Control Vulnerability
09/05/07
Slackware
Update for php
09/05/07
Gentoo
Update for ipsec-tools
09/05/07
Gentoo
Update for lighttpd
09/05/07
Secunia
TAL Bar Code ActiveX Control Buffer Overflow Vulnerability
09/05/07
Gentoo
Update for gimp
09/05/07
Trend Micro
ServerProtect Two Buffer Overflow Vulnerabilities
09/05/07
HTTP File Upload
ActiveX Control Buffer Overflow Vulnerability
08/05/07
SUSE
Update for Multiple Packages
08/05/07
Secunia
Nuked-Klan "X-Forwarded-For" SQL Injection Vulnerability
08/05/07
Office Viewer
ActiveX Control Buffer Overflow Vulnerabilities
08/05/07
AXIS
Camera Control "SaveBMP()" Method Buffer Overflow
07/05/07
PHP
Multiple Vulnerabilities
07/05/07
Secunia
Open Translation Engine "ote_home" File Inclusion
07/05/07
Secunia
PHP Coupon Script "bus" SQL Injection
07/05/07
rPath
Update for gimp
07/05/07
Red Hat
Red Hat update for evolution
04/05/07
HP
ProCurve 9300m Unspecified Denial of Service
04/05/07
Treble Designs
1024 CMS "item" Directory Traversal
04/05/07
Mambo
Unspecified Bypass Vulnerabilities
04/05/07
Cisco
PIX and ASA Denial of Service and Security Bypass
04/05/07
CMS
Made Simple "templateid" SQL Injection
03/05/07
Gentoo
Update for mod_perl
03/05/07
WordPress
WordTube Plugin "wpPATH" File Inclusion
03/05/07
Excel
Viewer OCX ActiveX Control Buffer Overflow Vulnerabilities
03/05/07
WordPress
Wp-Table Plugin "wpPATH" File Inclusion
03/05/07
Sun
Java System Directory Server Denial of Service
03/05/07
sendcard
Local File Inclusion and Cross-Site Scripting
03/05/07
Gentoo
Update for freetype
03/05/07
Gentoo
Update for ktorrent
03/05/07
rPath
Update for kernel
03/05/07
PowerPoint
Viewer OCX ActiveX Control Buffer Overflow
03/05/07
The Merchant
"show" File Inclusion Vulnerability
02/05/07
TCExam
PHP Code Execution and Cross-Site Scripting
02/05/07
psipuss
Multiple SQL Injection Vulnerabilities
02/05/07
Debian
Update for qemu
02/05/07
QEMU
Various Vulnerabilities
02/05/07
Progress
Information Disclosure and Data Manipulation
02/05/07
Vim
Modelines "feedkeys()" Shell Command Execution
02/05/07
VMware
Workstation Multiple Vulnerabilities
02/05/07
Winamp
MP4 File Handling Memory Corruption Vulnerability
02/05/07
Trillian
Information Leakage and Buffer Overflow Vulnerabilities
02/05/07
ISC
BIND "query_addsoa" Denial of Service
02/05/07
OPeNDAP
CGI Server Command Execution Vulnerability
02/05/07
Java 2
Privilege Escalation Vulnerability
02/05/07
WordPress
MyGallery Plugin "myPath" File Inclusion
01/05/07
Plesk
"locale_id" Directory Traversal Vulnerabilities
01/05/07
PostNuke
PnFlashGames Module "cid" SQL Injection
01/05/07
Imager
8Bit BMP File Parsing Buffer Overflow Vulnerability
01/05/07
Linux
Kernel IPv6 Type 0 Route Headers Denial of Service
01/05/07
MyServer
Data Processing Denial of Service Vulnerability
01/05/07
SUSE
Update for Multiple Packages
01/05/07
FreeBSD
IPv6 Type 0 Route Headers Denial of Service
01/05/07
Corel
Paint Shop Pro Photo PNG File Handling Buffer Overflow
01/05/07
Secunia
Pi3Web HTTP Request Processing Denial of Service Vulnerability
01/05/07
Adobe
Products PNG.8BI PNG File Handling Buffer Overflow
01/05/07
Sun
Java System Directory Server NSS Denial of Service
01/05/07
IrfanView
Formats Plug-in IFF File Handling Buffer OverflowVulnerability
01/05/07
Debian
Update for php5
01/05/07
Debian
Update for php4
01/05/07
Debian
Update for clamav
01/05/07

About this Site & Accessibility | Legal, Privacy & Copyright Information | Sitemap | newzealand.govt.nz

Accessibility Page: 0 | Homepage: 1 | Sitemap: 2 | About CCIP: 4 | Vulnerabilities: 5 | Incidents: 6 | Newsroom: 7 | gcsb.govt.nz: 8 | Contact CCIP: 9 | Skip Link: [ | newzealand.govt.nz: /