Report an Incident

If you are a CNI organisation and you have encountered or suspect a cyber threat, please complete and return an Incident Reporting Form.

All incident reports provided to the CCIP are treated in the strictest of confidence. Please see our Confidentiality Charter for more details. Read More

New at CCIP

Current e-Bulletin The CCIP e-Bulletin provides a snapshot of security related news
Read More

Centre for Critical Infrastructure Protection

Home | Vulnerabilities | Vulnerability Alert Archives | July 2007

July 2007

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.

Reference	Description	Date
Gentoo	Update for tcpdump	31/07/07
rPath	Update for libvorbis	31/07/07
Trustix	Update for Multiple Packages	31/07/07
Baidu	Soba Search Bar ActiveX Control Unspecified Code Execution Vulnerability	31/07/07
Gentoo	Update for vlc	31/07/07
Secunia	Real Estate listing website application template SQL Injection Vulnerability	31/07/07
Secunia	WebEvents "Password" SQL Injection	31/07/07
Secunia	WebStore "Password" SQL Injection	31/07/07
Secunia	Pay Roll "Password" SQL Injection	31/07/07
Slackware	Update for bind	30/07/07
Yahoo!	Widgets YDP ActiveX Control Buffer Overflow Vulnerability	30/07/07
Debian	Update for bind	30/07/07
ADempiere	Bazaar WebUI Authentication Bypass Vulnerability	30/07/07
Secunia	Dependent Forums "FrmUserName" SQL Injection Vulnerability	30/07/07
rPath	Update for bind	30/07/07
libvorbis	Multiple Vulnerabilities	30/07/07
Novell	Client NWSPOOL.DLL Buffer Overflow Vulnerability	30/07/07
Mandriva	Update for clamav	27/07/07
Ubuntu	Update for bind	27/07/07
Gentoo	Update for gimp	27/07/07
Mandriva	Update for bind	27/07/07
Gentoo	Update for mit-krb5	27/07/07
Cisco	Products Java Secure Socket Extension SSL/TLS Request Denial of Service	27/07/07
SUSE	Update for Mozilla Firefox	27/07/07
Microsoft	Windows URI Handling Command Execution Vulnerability	27/07/07
Sun	Solaris BIND Predictable DNS Query IDs Vulnerability	27/07/07
Mandriva	Update for tcpdump	27/07/07
SGI	Advanced Linux Environment Multiple Updates	26/07/07
Secunia	Slackware update for thunderbird	26/07/07
Gentoo	Update for mplayer	26/07/07
Secunia	Slackware update for seamonkey	26/07/07
Kolab	Server ClamAV RAR Archive Processing Denial of ServiceVulnerability	26/07/07
Red Hat	update for bind	26/07/07
CA	ETrust Intrusion Detection CallCode ActiveX Control InsecureMethods	26/07/07
Mozilla	SeaMonkey Multiple Vulnerabilities	26/07/07
CA	Products CHM and RAR File Processing Denial of ServiceVulnerabilities	26/07/07
Sun	Java System Application Server JSP Source Code Disclosure	26/07/07
CA	Message Queuing Server Buffer Overflow Vulnerability	26/07/07
Cisco	Multiple Products Wireless ARP Requests Denial of Service	26/07/07
Secunia	McAfee VirusScan Command Line for Linux Command Execution	26/07/07
Novell	GroupWise Mobile Server Multiple Vulnerabilities	26/07/07
Debian	Update for clamav	25/07/07
LinkedIn	Internet Explorer Toolbar IEContextMenu ActiveX Control CodeExecution	25/07/07
HP	Oracle for OpenView Multiple Vulnerabilities	25/07/07
Kerio	MailServer Attachment Filter Unspecified Vulnerability	25/07/07
Norman	Antivirus Products Multiple File Parsing Vulnerabilities	25/07/07
IBM	WebSphere Application Server Unspecified Vulnerability	25/07/07
BIND	Predictable DNS Query IDs Vulnerability	25/07/07
NOD32	Antivirus Multiple File Processing Vulnerabilities	24/07/07
Debian	Update for mozilla-firefox	24/07/07
Debian	Update for xulrunner	24/07/07
rPath	Update for firefox and thunderbird	24/07/07
Mandriva	Update for ImageMagick	24/07/07
rPath	Update for tcpdump	24/07/07
Ubuntu	Update for kernel and redhat-cluster-suite	23/07/07
Citrix	Access Gateway Multiple Vulnerabilities	23/07/07
Ubuntu	Update for firefox	23/07/07
SUSE	Update for Multiple Packages	23/07/07
Secunia	Slackware update for firefox	23/07/07
Debian	Update for gimp	23/07/07
Ubuntu	Update for kernel	23/07/07
SUSE	Update for IBM JRE/SDK Java and Sun Java JRE/SDK	23/07/07
Yahoo!	Messenger Long Email Address Book Buffer Overflow	23/07/07
Microsoft	DirectX RLE Compressed Targa Image Processing BufferOverflow	23/07/07
Red Hat	update for firefox	23/07/07
tcpdump	Print-bgp.c Buffer Overflow Vulnerability	20/07/07
Ipswitch	IMail Server/Collaboration Suite Multiple Buffer Overflows	20/07/07
Red Hat	update for seamonkey	20/07/07
Red Hat	update for thunderbird	20/07/07
SUSE	Update for flash-player	20/07/07
Opera	BitTorrent Header Parsing Vulnerability	20/07/07
Netscape	"navigatorurl" URI Handler Registration Vulnerability	19/07/07
Mozilla	Firefox Multiple Vulnerabilities	19/07/07
Ubuntu	Update for mod_perl	19/07/07
Ubuntu	Update for php	19/07/07
CA	Products Alert Notification Server Multiple Buffer Overflows	19/07/07
Secunia	Insanely Simple Blog Multiple Vulnerabilities	19/07/07
Oracle	Products Multiple Vulnerabilities	19/07/07
Asterisk	Multiple Vulnerabilities	19/07/07
Mozilla	Thunderbird Two Vulnerabilities	19/07/07
Secunia	Husrevforum Multiple Vulnerabilities	18/07/07
Trillian	"aim://" URI Handler Two Vulnerabilities	18/07/07
Infinite	Responder Unspecified SQL Injection Vulnerability	18/07/07
MailMarshal	Spam Quarantine Management Interface InformationDisclosure	18/07/07
ASP	Ziyaretci Defteri "mesaj_formu.asp" Script Insertion	18/07/07
Secunia	MzK Blog "katID" SQL Injection Vulnerability	17/07/07
Secunia	InterActual Player Two ActiveX Controls Buffer Overflow Vulnerabilities	17/07/07
Realtor	747 "categoryid" SQL Injection Vulnerability	17/07/07
Secunia	CinePlayer IAKey ActiveX Control Buffer Overflow Vulnerability	17/07/07
paFileDB	"categories[]" SQL Injection Vulnerability	17/07/07
SUSE	Update for php4 and php5	16/07/07
FreeBSD	Update for libarchive	16/07/07
RSA	Products Progress Server Buffer Overflow Vulnerability	16/07/07
Hitachi	Products Unspecified Buffer Overflow Vulnerability	16/07/07
Hitachi	TP1/Server Base Unspecified Denial of Service	16/07/07
Novell	Kerberos KDC Multiple Vulnerabilities	13/07/07
Webmatic	Unspecified SQL Injection Vulnerability and Security Bypass	13/07/07
Apple	QuickTime Multiple Vulnerabilities	13/07/07
rPath	Update for gimp	13/07/07
Symantec	Products CAB and RAR Archive Handling Vulnerabilities	13/07/07
Gentoo	XnView XPM File Handling Buffer Overflow	13/07/07
Cisco	Unified Communications Manager Two Vulnerabilities	13/07/07
ClamAV	RAR Archive Processing Denial of Service Vulnerability	13/07/07
SquirrelMail	G/PGP Encryption Plugin Multiple Vulnerabilities	13/07/07
Red Hat	update for flash-plugin	13/07/07
SUSE	Update for Java / IBM Java	13/07/07
Sun	Java JRE/JDK Processing of XSLT Stylesheets in XML SignaturesVulnerability	12/07/07
Java	Secure Socket Extension Denial of Service Vulnerability	12/07/07
Mandriva	Update for wireshark	12/07/07
Mandriva	Update for openoffice.org	12/07/07
Adobe	Flash Player Multiple Vulnerabilities	12/07/07
McAfee	EPolicy Orchestrator / ProtectionPilot Common Management AgentVulnerabilities	12/07/07
Ubuntu	Update for openoffice.org	12/07/07
rPath	Update for tshark and wireshark	12/07/07
Symantec	Backup Exec RPC Interface Heap Overflow Vulnerability	12/07/07
Mandriva	Update for mplayer	11/07/07
Debian	Update for vlc	11/07/07
Firefox	"firefoxurl" URI Handler Registration Vulnerability	11/07/07
Sun	Java JRE Web Start JNLP File Processing Buffer Overflow	11/07/07
Ubuntu	Update for imagemagick	11/07/07
Microsoft	Office Publisher Invalid Memory Reference Vulnerability	11/07/07
Microsoft	.NET Framework Multiple Vulnerabilities	11/07/07
Microsoft	Windows Active Directory Two Vulnerabilities	11/07/07
Microsoft	Excel Multiple Code Execution Vulnerabilities	11/07/07
Linux	Kernel "decode_choices()" Denial of Service	10/07/07
SUSE	Update for kernel	10/07/07
Visual	IRC JOIN Command Response Processing Buffer Overflow	10/07/07
Debian	Update for php4	10/07/07
Debian	Update for php5	10/07/07
SAP	Message Server "group" Buffer Overflow Vulnerability	09/07/07
MDaemon	Server DomainPOP malformed Messages Denial of Service	09/07/07
SAP	Web Application Server Internet Communication Manager Denial ofService	09/07/07
SAP	DB Web Server Buffer Overflow Vulnerability	09/07/07
Ubuntu	Update for gimp	09/07/07
ServerView	DBAsciiAccess Command Execution Vulnerability	09/07/07
SUSE	Update for krb5	06/07/07
Mandriva	Update for kdebase	06/07/07
Elite	Bulletin Board Two Vulnerabilities	06/07/07
SUSE	Update for freetype2	06/07/07
SUSE	Update for libexif	06/07/07
Gentoo	Update for openoffice and openoffice-bin	05/07/07
PHP	Director "id" SQL Injection Vulnerability	05/07/07
HP	Instant Support Driver Check sdd.dll Buffer Overflow	05/07/07
AV Arcade	"id" SQL Injection Vulnerability	05/07/07
1-2-3	Music Store "CategoryID" SQL Injection	05/07/07
Yoggie	Pico Pro Shell Command Injection Vulnerability	05/07/07
Gimp	PSD Plugin Integer Overflow Vulnerability	05/07/07
Gentoo	Update for firebird	04/07/07
Debian	Update for evolution	04/07/07
Youtube	Script "id" SQL Injection Vulnerability	04/07/07
Secunia	Wheatblog File Inclusion and SQL Injection Vulnerabilities	04/07/07
Secunia	Gorki Online Santrac Sitesi Script Insertion Vulnerabilities	04/07/07
Esqlanelapse	Unspecified Security Issues	03/07/07
SUSE	Update for OpenOffice_org	02/07/07
Sun	Java Web Start Untrusted Application Arbitrary File Overwrite	02/07/07
Coppermine	Photo Gallery Two SQL Injection Vulnerabilities	02/07/07
Ubuntu	Update for MadWifi	02/07/07
Trustix	Update for kerberos5	02/07/07
Xerox	ESS/ Network Controller OpenSSL Vulnerabilities	02/07/07
WebChat	"rid" SQL Injection Vulnerability	02/07/07
Debian	Update for krb5	02/07/07
AMX	VNC ActiveX Control Buffer Overflow Vulnerabilities	02/07/07
Debian	Update for hiki	02/07/07
SGI	Advanced Linux Environment Multiple Updates	02/07/07
FreeType	Bitmap Font Handling Vulnerability	02/07/07
rPath	Update for krb5	02/07/07
HP	Secure Web Server/Internet Express for Tru64 UNIX PHPVulnerabilities	02/07/07
Debian	Update for wireshark	02/07/07
Sun	Solaris KSSL Kernel Denial of Service Vulnerability	02/07/07
Sun	Solaris/SEAM kadmind Buffer Overflow Vulnerability	02/07/07
SUSE	Updates for Mozilla Products	02/07/07
Secunia	Slackware update for gd	02/07/07
Red Hat	update for HelixPlayer	02/07/07
GD	Graphics Library Multiple Vulnerabilities	02/07/07
Ubuntu	Update for krb5	02/07/07
Mandriva	Update for krb5	02/07/07
Wireshark	Multiple Denial of Service Vulnerabilities	02/07/07
Secunia	SHTTPD Script Source Code Disclosure	02/07/07
Ubuntu	Update for libexif	02/07/07
Kerberos	Multiple Vulnerabilities	02/07/07
Simple	Invoices "submit" SQL Injection	02/07/07
Gentoo	Update for emul-linux-x86-java	02/07/07
Gentoo	Update for libexif	02/07/07
Sun	Solaris Mozilla 1.7 Vulnerabilities	02/07/07
Red	Hat update for krb5	02/07/07
Sun	Solaris Kerberos RPC Library Vulnerabilities	02/07/07
Secunia	Bughunter HTTP Server Denial of Service Vulnerability	02/07/07
Secunia	Lebisoft zdefter "defter_kayit.asp" Script Insertion	02/07/07
WordPress	Custom Field PHP Script Upload	02/07/07
Red Hat	update for kernel	02/07/07
Trend	Micro OfficeScan CGI Modules Buffer Overflow and AuthenticationBypass	02/07/07
Secunia	Xvid Avi File Parsing Array Indexing Vulnerability	02/07/07
RealNetworks	GameHouse dldisplay ActiveX Control Buffer Overflows	02/07/07
Avaya	4602SW SIP Phone Multiple Vulnerabilities	02/07/07
Jasmine	CMS SQL Injection and Local File Inclusion	02/07/07
HP	Internet Express for Tru64 UNIX Samba Vulnerabilities	02/07/07
Avaya	One-X Desktop Edition Denial of Service	02/07/07
Secunia	MyServer CGI Information Disclosure Vulnerability	02/07/07
Apple	TV UPnP IGD Buffer Overflow Vulnerability	02/07/07
Sun	Solaris Gnome PDF Viewer Multiple Vulnerabilities	02/07/07
Mandriva	Update for madwifi-source and wpa_supplicant	02/07/07
Apple	Mac OS X IPv6 Type 0 Route Headers Denial of Service	02/07/07
Ingres	Database Multiple Vulnerabilities	02/07/07
CA	Products Ingres Database Vulnerabilities	02/07/07
Secunia	FuseTalk Cross-Site Scripting and SQL Injection Vulnerabilities	02/07/07
RKD	Software BarCode ActiveX ABarCode ActiveX Control Buffer Overflow	02/07/07
Dagger	"dir_edge_lang" File Inclusion Vulnerability	02/07/07
Apple	Mac OS X Security Update for Two Vulnerabilities	02/07/07
Debian	Update for clamav	02/07/07
Debian	Update for maradns	02/07/07
Debian	Update for tinymux	02/07/07
Hiki	Session ID Arbitrary File Deletion Security Issue	02/07/07
SUSE	Update for Multiple Packages	02/07/07
Dia	FreeType Font Parsing Vulnerabilities	02/07/07
Secunia	ClickGallery SQL Injection and Cross Site Scripting Vulnerabilities	02/07/07
rPath	Update for libexif	02/07/07