Report an Incident

If you are a CNI organisation and you have encountered or suspect a cyber threat, please complete and return an Incident Reporting Form.

All incident reports provided to the CCIP are treated in the strictest of confidence. Please see our Confidentiality Charter for more details. Read More

New at CCIP

Current e-Bulletin The CCIP e-Bulletin provides a snapshot of security related news
Read More

Centre for Critical Infrastructure Protection

Home | Vulnerabilities | Vulnerability Alert Archives | June 2007

june 2007

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.

Reference	Description	Date
RealNetworks	GameHouse dldisplay ActiveX Control Buffer Overflows	27/06/07
Red Hat	Update for kernel	27/06/07
Trend Micro	OfficeScan CGI Modules Buffer Overflow and Authentication	27/06/07
VLC	Media Player Multiple Plugins Format String Vulnerabilities	27/06/07
Trillian	UTF-8 Word Wrap Buffer Overflow Vulnerability	26/06/07
Microsoft	Visio Two Code Execution Vulnerabilities	26/06/07
VLC	Media Player Multiple Plugins Format String Vulnerabilities	21/06/07
VLC	Media Player Multiple Plugins Format String Vulnerabilities	21/06/07
Debian	Update for mplayer	21/06/07
Gentoo	Updates for Mozilla Products	21/06/07
Gentoo	Update for phprojekt	21/06/07
Debian	Update for libphp-phpmailer	21/06/07
Mandriva	Update for libexif	21/06/07
Trillian	UTF-8 Word Wrap Buffer Overflow Vulnerability	20/06/07
Solar	Empire Generic "game_listing.php" SQL Injection	20/06/07
Secunia	Papoo CMS Cross-Site Scripting and Script Insertion Vulnerabilities	20/06/07
IBM	WebSphere Application Server Multiple Vulnerabilities	19/06/07
Novell	ExteNd Director LocalExec ActiveX Control "launch()" InsecureMethod	19/06/07
WIKINDX	Localization Module Security Bypass	19/06/07
Red Hat	Update for mod_perl	19/06/07
Debian	Update for libexif	19/06/07
Sun	StarOffice Office Suite RTF File and FreeType Font ParsingVulnerabilities	19/06/07
Gentoo	Update for clamav	19/06/07
HP	System Management Homepage Root Novell eDirectory Member SecurityIssue	19/06/07
FCKeditor	ADS File Upload Vulnerability	19/06/07
Secunia	PhpListPro "site_address" Script Insertion	19/06/07
Astaro	Secure Gateway SMTP Proxy Unspecified Denial of Service	18/06/07
VirtueMart	Unspecified SQL Injection Vulnerability	18/06/07
rPath	Update for kernel and xen	18/06/07
Debian	Update for iceweasel	18/06/07
Red Hat	Update for libexif	18/06/07
Red Hat	Update for kernel	18/06/07
Sun	Solaris Multiple Samba Vulnerabilities	18/06/07
Secunia	Slackware update for libexif	18/06/07
Mandriva	Update for freetype2	15/06/07
Xoops	XT-Conteudo Module "spaw_root" File Inclusion	15/06/07
Sun	Java System Directory Server Two Vulnerabilities	15/06/07
Debian	Update for icedove	15/06/07
Corel	ActiveCGM Browser ActiveX Control Multiple Buffer Overflows	15/06/07
Red Hat	Update for openoffice.org	15/06/07
Avaya	Products PHP Multiple Vulnerabilities	15/06/07
Konqueror	Flash Player Plug-in Vulnerability	15/06/07
Xoops	Cjay Content WYSIWYG IE Module "spaw_root" File Inclusion	15/06/07
Red Hat	Update for kdebase	15/06/07
Red Hat	Update for mod_perl	15/06/07
Mandriva	Update for mozilla-thunderbird	14/06/07
Mandriva	Update for mozilla-firefox	14/06/07
Debian	Update for xulrunner	14/06/07
Xoops	Tiny Content Module "spaw_root" File Inclusion	14/06/07
HP	Help and Support Center Unspecified Vulnerability	14/06/07
YaBB	CRLF Injection Privilege Escalation Vulnerability	14/06/07
Secunia	Vitalize! Cellosoft Tokens Object Extension "RemoveChr()" BufferOverflow	14/06/07
Xoops	Horoscope Module "xoopsConfig[root_path]" File Inclusion	14/06/07
OpenOffice	RTF File Parsing Buffer Overflow Vulnerability	14/06/07
Debian	Update for openoffice	14/06/07
ARRIS	Cadant C3 CMTS IP Options Handling Denial of Service	14/06/07
Secunia	602Pro LAN SUITE 2003 Email Message Processing Buffer Overflow	14/06/07
Sun	Java System Products NSS SSLv2 Processing Buffer Overflows	14/06/07
Ubuntu	Update for libexif	13/06/07
Internet Explorer	Multiple Vulnerabilities	13/06/07
Microsoft	Windows Win32 API Code Execution Vulnerability	13/06/07
Microsoft	Outlook Express and Windows Mail Multiple Vulnerabilities	13/06/07
Windows	Secure Channel Digital Signature Parsing Vulnerability	13/06/07
Microsoft	Visio Two Code Execution Vulnerabilities	13/06/07
Gentoo	Update for madwifi	13/06/07
Firebird	"connect" Request Handling Buffer Overflow Vulnerability	13/06/07
Mbedthis	AppWeb URL Protocol Format String Vulnerability	13/06/07
D-Link	DWL-G650+ Wireless Driver Beacon TIM Buffer Overflow	13/06/07
PhpWiki	Empty LDAP Passwords Authentication Bypass	12/06/07
BrightStor	ARCserve Backup for Laptops & Desktops UnspecifiedVulnerabilities	12/06/07
Debian	Update for gimp	12/06/07
Debian	Update for lighttpd	12/06/07
Debian	Update for freetype	12/06/07
Mandriva	Update for libexif	12/06/07
Sun	Solaris sshd Identical Blocks Denial of Service Vulnerability	12/06/07
SafeNet	Products "IPSecDrv.sys" IPv6 Support Denial of Service	12/06/07
Red Hat	Update for freetype	12/06/07
e-Vision	CMS Multiple Vulnerabilities	12/06/07
Secunia	JFFNMS Multiple Vulnerabilities	12/06/07
Link Request	Contact Form PHP File Upload	12/06/07
Debian	Update for ipsec-tools	11/06/07
Sun	Solaris Mozilla 1.7 Vulnerability	11/06/07
Debian	Update for iceape	11/06/07
SGI	Advanced Linux Environment Multiple Updates	11/06/07
Linux	Kernel Multiple Vulnerabilities	11/06/07
Secunia	Hunkaray Duyuru Script "id" SQL Injection Vulnerability	11/06/07
Blue	Coat K9 Web Protection Management Service Buffer Overflow	11/06/07
Secunia	EGroupWare wz_tooltips and ADOdb Unspecified Vulnerabilities	11/06/07
Secunia	MiniWeb HTTP Server "Content-Length" Input Validation Vulnerability	11/06/07
Secunia	W1L3D4 WEBmarket "id" SQL Injection	11/06/07
c-ares	DNS Cache Poisoning Vulnerability	11/06/07
Trustix	Update for clamav	11/06/07
SUSE	Update for asterisk	08/06/07
Gentoo	Update for evolution	08/06/07
Yahoo!	Messenger Two ActiveX Controls Buffer Overflows	08/06/07
Secunia	Atom PhotoBlog Script Insertion and Cross-Site Scripting	08/06/07
MaraDNS	Denial of Service Vulnerabilities	07/06/07
Ubuntu	Update for mozilla-thunderbird	07/06/07
Symantec	Reporting Server Three Vulnerabilities	07/06/07
SUSE	Update for clamav	07/06/07
FlipViewer	FViewerLoading ActiveX Control Buffer Overflows	07/06/07
F5	FirePass 4100 SSL VPN "username" Command Injection	07/06/07
Omegasoft	Insel Cross-Site Scripting and SQL Injection	07/06/07
CA	Anti-Virus Engine CAB Archive Processing Buffer Overflows	07/06/07
HP-UX	Update for CIFS Server	07/06/07
Amavis	File Integer Underflow and Denial of Service	07/06/07
Gentoo	Update for libexif	07/06/07
MPlayer	CDDB Parsing Buffer Overflows	07/06/07
PBLang	"lang" Local File Inclusion Vulnerability	07/06/07
rPath	Update for libexif	06/06/07
Mandriva	Update for mplayer	06/06/07
Mandriva	Update for clamav	06/06/07
Secunia	Basic Analysis and Security Engine Multiple Security Bypass	06/06/07
Macrovision	FLEXnet boisweb.dll ActiveX Control Buffer Overflows	06/06/07
PostNuke	PNphpBB2 Module "c" SQL Injection	05/06/07
Symantec	Veritas Storage Foundation Scheduler Service AuthenticationBypass	05/06/07
Provideo	ISSCCamControl Module ActiveX Control Buffer Overflow	05/06/07
Ubuntu	Update for firefox	05/06/07
Quick.Cart	"sLanguage" Local File Inclusion Vulnerability	05/06/07
DVD	X Player PLF File Parsing Buffer Overflow Vulnerability	05/06/07
Slackware	Update for php5	05/06/07
Slackware	Update for Mozilla products	05/06/07
IBM	Lotus Domino Unspecified Denial of Service Vulnerability	05/06/07
Particle	Gallery "editcomment" SQL Injection Vulnerability	05/06/07
Xoops	IContent Module "spaw_root" File Inclusion	05/06/07
Kolab	Server ClamAV Denial of Service	05/06/07
rPath	Update for firefox and thunderbird	05/06/07
Ubuntu	Update for gimp	05/06/07
Gentoo	Updates for sun-jdk and sun-jre-bin	05/06/07
Avaya	Products FreeType BDF Font Integer Overflow Vulnerability	05/06/07
Apple	Xserve Lights-Out Management Firmware IPMI Vulnerability	05/06/07
PHP	Integer Overflow Vulnerability and Security Bypass	05/06/07
Hitachi	TP1/NET/OSI-TP-Extended Denial of Service Vulnerability	05/06/07
Secunia	Madirish Webmail "basedir" File Inclusion Vulnerabilities	05/06/07
Vortex	Library "select(2)" Buffer Overflow Vulnerability	05/06/07
Logitech	VideoCall Multiple ActiveX Controls Buffer Overflows	05/06/07
Macrovision	FLEXnet Connect DWUpdateService ActiveX Control InsecureMethods	05/06/07
Secunia	PHP JackKnife Gallery System Two SQL Injection Vulnerabilities	05/06/07
Authentium	Command Antivirus ActiveX Controls Buffer Overflows	05/06/07
IBM	AIX Perl Unspecified Code Execution Vulnerability	01/06/07
Ubuntu	Update for freetype	01/06/07
Gentoo	Update for mplayer	01/06/07
Gentoo	Update for freetype	01/06/07
Secunia	Mozilla Thunderbird Memory Corruption Vulnerability	01/06/07
Mozilla	Firefox Multiple Vulnerabilities	01/06/07
Mozilla	SeaMonkey Multiple Vulnerabilities	01/06/07
Bochs	NE2000 RX Frame Overflow and Disk Controller Denial of Service	01/06/07
IBM	AIX WebSM Unspecified Denial of Service Vulnerability	01/06/07
Red Hat	Update for firefox	01/06/07
Red Hat	Update for thunderbird	01/06/07
Zenturi	ProgramChecker ActiveX Components ActiveX Control"DownloadFile()" Insecure Method	01/06/07
Red Hat	Update for seamonkey	01/06/07
F-Secure	Packed Executable and Archive Scanning Denial of Service	01/06/07
EDraw	Office Viewer Component ActiveX Control Insecure Method andBuffer Overflow Vulnerabilities	01/06/07
F-Secure	Products LHA Archive Handling Buffer Overflow	01/06/07
British Telecommunications	webhelper ActiveX Controls Vulnerabilities	01/06/07
Zenturi	ProgramChecker ActiveX Components ActiveX Control BufferOverflows	01/06/07
Media Technology Group	CDPass ActiveX Control Buffer Overflows	01/06/07
Sun	Solaris Kerberos kadm5 Library Vulnerability	01/06/07
Pheap	PHP Code Execution and Information Disclosure	01/06/07
FileCloset	File Upload Vulnerability	01/06/07
Apple	QuickTime Java Extension Two Vulnerabilities	01/06/07
HP	System Management Homepage PHP Multiple Vulnerabilities	01/06/07