Current e-BulletinThe CCIP e-Bulletin provides a snapshot of security related news.
Read More
Latest Information Note VoIP. This report outlines characteristics and history of VoIP.
Read More
Go to the New Zealand Government Website

August 2007

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.
Reference Description Date
Cisco
CallManager / CUCM Cross-Site Scripting and SQL Injection
31/08/07
Debian
Update for postfix-policyd
31/08/07
Yahoo!
Messenger YVerInfo.dll ActiveX Control Buffer Overflow
31/08/07
Pakupaku
CMS File Upload and Local File Inclusion
31/08/07
Ubuntu
Update for tcp-wrappers
31/08/07
Debian
Update for lighttpd
31/08/07
Doomsday
Multiple Vulnerabilities
31/08/07
SUSE
Update for opera
31/08/07
PDFedit
"StreamPredictor" Multiple Vulnerabilities
30/08/07
BEA
WebLogic Multiple Vulnerabilities and Security Issues
30/08/07
Mandriva
Update for kernel
30/08/07
Debian
Update for rsync
30/08/07
BEA
JRockit Multiple Vulnerabilities
30/08/07
Novell
Client NWSPOOL.DLL Buffer Overflow Vulnerabilities
30/08/07
Oracle
JInitiator "beans.ocx" ActiveX Control Buffer Overflow Vulnerabilities
30/08/07
BIND
8 Predictable DNS Query IDs Vulnerability
29/08/07
Secunia
MSN Messenger Video Conversation Buffer Overflow Vulnerability
29/08/07
BitchX
"MODE" Buffer Overflow
29/08/07
Subversion
Client Directory Traversal Vulnerability
29/08/07
Motorola
Timbuktu Pro Directory Traversal and Buffer Overflows
29/08/07
TortoiseSVN
Client Directory Traversal Vulnerability
29/08/07
ACTi
NVR Server nvUtility.Utility ActiveX Control Insecure Methods
29/08/07
Ubuntu
Update for mozilla-thunderbird
29/08/07
2532|Gigs
"language" Local File Inclusion
29/08/07
SGI
Advanced Linux Environment Multiple Updates
28/08/07
Debian
Update for asterisk
28/08/07
Helix
DNA Server RTSP Buffer Overflow
28/08/07
ALPass
"Import Site Information" Multiple Vulnerabilities
28/08/07
Thomson
SpeedTouch 2030 Denial of Service Vulnerability
28/08/07
Grandstream
GXV3000 Eavesdropping and Denial of Service Vulnerability
27/08/07
Mandriva
Update for gimp
27/08/07
Ipswitch
WS_FTP Server Script Insertion Vulnerability
27/08/07
Media Player
Classic FLI File Processing Buffer Overflow
27/08/07
Sophos
Anti-Virus UPX and BZIP Processing Denial of Service Vulnerabilities
27/08/07
Joomla
Nice Talk Component "tagid" SQL Injection
27/08/07
Soldat
Multiple Denial of Service Vulnerabilities
27/08/07
rPath
Update for rsync
24/08/07
Gentoo
Update for opera
24/08/07
Gentoo
Update for qt
24/08/07
Rogue Trooper
Asura Engine Packet Handling Buffer Overflow
24/08/07
PRISM
Guard Shield Asura Engine Packet Handling Buffer Overflow
24/08/07
Asterisk
SIP Channel Driver Dialog History Memory Exhaustion
23/08/07
Trend Micro
Products SSAPI Module Long Path Processing BufferOverflow
23/08/07
ClamAV
Multiple Denial of Service Vulnerabilities
23/08/07
Trend Micro
ServerProtect Multiple Buffer Overflow Vulnerabilities
23/08/07
IBM
AIX BIND Predictable DNS Query IDs Vulnerability
23/08/07
Secunia
Joomla SimpleFAQ Component "aid" SQL Injection
23/08/07
EMC
NetWorker Remote Exec Service Buffer Overflow
22/08/07
Ubuntu
Update for rsync
22/08/07
Debian
Update for koffice
22/08/07
Mandriva
Update for rsync
22/08/07
Mandriva
Update for libvorbis
22/08/07
Yahoo!
Messenger Webcam JPEG 2000 Processing Buffer Overflow
21/08/07
rFactor
Multiple Vulnerabilities
21/08/07
Mercury
Mail Transport System SMTP AUTH CRAM-MD5 Buffer Overflow
21/08/07
Slackware
Update for tcpdump
21/08/07
SUSE
Update for Multiple Packages
21/08/07
Debian
Update for kernel
20/08/07
Secunia
JobLister index.php Two SQL Injection Vulnerabilities
20/08/07
Red Hat
update for RealPlayer
20/08/07
Gentoo
Update for lighttpd
20/08/07
Nortel
Products BIND Predictable DNS Query IDs Vulnerability
20/08/07
Gentoo
Update for wireshark
20/08/07
rsync
"f_name()" Off-By-One Vulnerability
17/08/07
Sun
JRE Font Parsing Vulnerability
17/08/07
IBM
DB2 Multiple Vulnerabilities
17/08/07
Dell
Remote Access Card SSH Denial of Service Vulnerability
17/08/07
Opera
JavaScript Invalid Pointer Vulnerability
16/08/07
Motive
Communications ActiveUtils EmailData ActiveX Buffer Overflow Vulnerabilities
16/08/07
IBM / Lenovo
Access Support acpRunner ActiveX Multiple Vulnerabilities
16/08/07
rPath
Update for openoffice.org
16/08/07
Mandriva
Update for kdegraphics
16/08/07
Gentoo
Update for Mozilla Products
16/08/07
Secunia
PHPCentral Poll "_SERVER[DOCUMENT_ROOT]" File Inclusion
16/08/07
Mandriva
Update for koffice
16/08/07
Mandriva
Update for tetex
16/08/07
Microsoft
Internet Explorer Multiple Vulnerabilities
15/08/07
Microsoft
XML Core Services Memory Corruption Vulnerability
15/08/07
Microsoft
Windows Vector Markup Language Buffer Overflow
15/08/07
Microsoft
Windows Vista Gadgets Code Execution Vulnerabilities
15/08/07
Microsoft
Windows OLE Automation Memory Corruption Vulnerability
15/08/07
Microsoft
Graphics Rendering Engine Image Handling Vulnerability
15/08/07
Microsoft
Media Player Skin Handling Code Execution Vulnerabilities
15/08/07
Microsoft
Excel rtWnDesk Record Memory Corruption Vulnerability
15/08/07
Fedora
Commons Empty LDAP Passwords Authentication Bypass
15/08/07
Debian
Update for kdegraphics
15/08/07
Debian
Update for gpdf
15/08/07
Mandriva
Update for xpdf
15/08/07
pdftohtml
"StreamPredictor::StreamPredictor()" Integer OverflowVulnerability
15/08/07
Mandriva
Update for pdftohtml
15/08/07
Mandriva
Update for poppler
15/08/07
Slackware
Update for seamonkey
14/08/07
Slackware
Update for qt
14/08/07
Debian
Update for tcpdump
14/08/07
SUSE
Update for Multiple Packages
14/08/07
Trustix
Update for Multiple Packages
14/08/07
Slackware
Update for gimp
14/08/07
Slackware
Update for xpdf
14/08/07
Gentoo
Update for squirrelmail
14/08/07
Gentoo
Update for gd
13/08/07
Gentoo
Update for clamav
13/08/07
Secunia
SAS Hotel Management System Administrator Login SQL Injection
13/08/07
Gentoo
Update for libarchive
10/08/07
Gentoo
Update for xvid
10/08/07
Gentoo
Update for netscape-flash
10/08/07
Cisco
Unified Communications Manager SIP Packet ProcessingVulnerability
10/08/07
Cisco
IOS Voice Service Multiple Protocol Handling Vulnerabilities
10/08/07
Cisco
IOS Next Hop Resolution Protocol Buffer Overflow
10/08/07
Cisco
IOS IPv6 Routing Header Information Disclosure and Denial ofService
10/08/07
HP-UX
11.11 ldcconn Buffer Overflow Vulnerability
10/08/07
Symantec
Products NavComUI ActiveX Control Code Execution
10/08/07
Red Hat
update for java-1.5.0-ibm
09/08/07
Debian
Update for pdfkit.framework
09/08/07
Ubuntu
Update for poppler
09/08/07
Debian
Update for bochs
09/08/07
Debian
Update for tetex-bin
08/08/07
Red Hat
update for java-1.5.0-sun
08/08/07
Red Hat
update for java-1.4.2-ibm
08/08/07
Red Hat
update for kdegraphics
08/08/07
Secunia
Gallery in a Box Administrator Login SQL Injection
07/08/07
Mandriva
Update for gd
07/08/07
Secunia
Next Gen Portfolio Manager SQL Injection Vulnerabilities
07/08/07
SUSE
Update for Multiple Packages
07/08/07
HP
System Management Homepage Apache and OpenSSL Vulnerabilities
07/08/07
Debian
Update for iceape
07/08/07
Debian
Update for poppler
07/08/07
Slackware
Update for thunderbird
07/08/07
Debian
Update for xpdf
07/08/07
Debian
Update for iceweasel
07/08/07
Debian
Update for xulrunner
07/08/07
Debian
Update for libextractor
07/08/07
HP-UX
Update for Bind
07/08/07
Secunia
LANAI CMS module.php SQL Injection
07/08/07
Sun
Java System Portal Server XSLT Processing Vulnerability
07/08/07
Tor
Unspecified ControlPort "torrc" Rewrite Vulnerability
06/08/07
SUSE
Update for MozillaFirefox, MozillaThunderbird, and Seamonkey
06/08/07
Ubuntu
Update for koffice
06/08/07
Ubuntu
Update for qt
06/08/07
SUSE
Update for qt3
03/08/07
FreeBSD
Update for tcpdump
03/08/07
rPath
Update for qt-x11-free
03/08/07
Slackware
Update for firefox
03/08/07
Secunia
Ipswitch IMail Server "SEARCH" Command Multiple Buffer Overflows
03/08/07
Mandriva
Update for mozilla-firefox
03/08/07
Ubuntu
Update for gimp
03/08/07
FreeBSD
Update for bind
03/08/07
Mandriva
Update for qt3
03/08/07
SUSE
Update for bind
03/08/07
Music
Box libvorbis Multiple Vulnerabilities
02/08/07
Mac
OS X Security Update Fixes Multiple Vulnerabilities
02/08/07
teTeX
Xpdf "StreamPredictor::StreamPredictor()" Integer Overflow
02/08/07
Apple
IPhone Multiple Vulnerabilities
02/08/07
Red Hat
update for qt
02/08/07
Ubuntu
Update for firefox
02/08/07
QT
QTextEdit Error Message Handling Format String Vulnerability
02/08/07
Red Hat
update for tetex
02/08/07
Hitachi
JP1/Cm2/Hierarchical Viewer Unspecified Denial of Service
01/08/07
Avaya
Products Linux Kernel Multiple Vulnerabilities
01/08/07
Red Hat
update for xpdf
01/08/07
Xpdf
"StreamPredictor::StreamPredictor()" Integer OverflowVulnerability
01/08/07
KDE
And KOffice "StreamPredictor::StreamPredictor()" Integer Overflow
01/08/07
Ubuntu
Update for tcpdump
01/08/07
Red Hat
update for cups
01/08/07
Red Hat
update for poppler
01/08/07
Mozilla
Products Addon Chrome-Loaded "about:blank" Cross-ContextScripting
01/08/07
Red Hat
update for gpdf
01/08/07
HP-UX
ARPA Transport Unspecified Denial of Service
01/08/07
Secunia
E-commerceScripts Products admin.aspx SQL Injection
01/08/07

About this Site & Accessibility | Legal, Privacy & Copyright Information | Sitemap | newzealand.govt.nz

Accessibility Page: 0 | Homepage: 1 | Sitemap: 2 | About CCIP: 4 | Vulnerabilities: 5 | Incidents: 6 | Newsroom: 7 | gcsb.govt.nz: 8 | Contact CCIP: 9 | Skip Link: [ | newzealand.govt.nz: /