菁英科技

本週更新弱點

平台	數量
第三方 Windows 應用程式	7
Mac Os	1
BSD	1
Novell	1
跨平台	10
Web 應用程式 - SQL Injection	1
Web 應用程式	4
網路裝置	2

第三方 Windows 應用程式

1. Easewe FTP OCX ActiveX Control "EaseWeFtp.ocx" Multiple Insecure Method Vulnerabilities
2. xAurora "RSRC32.DLL" DLL Loading Arbitrary Code Execution
3. FreeAmp ".pls" File Buffer Overflow
4. Winamp Multiple Remote Issues
5. MySQLDriverCS SQL Injection
6. Novell ZENworks Handheld Management "ZfHSrvr.exe" Service Directory Traversal
7. CygniCon CyViewer ActiveX Control "SaveData()" Insecure Method Vulnerability

Mac Os

1. Apple Mac OS X Multiple Vulnerabilities

BSD

1. tftp-hpa FTP Server "utimeout" Option Remote Buffer Overflow

Novell

1. Novell File Reporter "NFRAgent.exe" Security Bypass

跨平台

1. Torque "job name" Argument Remote Buffer Overflow
2. Rampart "util/rampart_timestamp_token.c" Remote Security Bypass
3. LibreOffice ".lwp" File Multiple Remote Stack Buffer Overflow Vulnerabilities
4. Wireshark "bytes_repr_len()" NULL Pointer Dereference Denial of Service
5. cURL/libcURL GSS/Negotiate Feature Spoofing Security Vulnerability
6. Asterisk Multiple Remote Denial of Service Vulnerabilities
7. Apache Tomcat "MemoryUserDatabase" Information Disclosure
8. D-Bus Configuration Insecure Temporary File Creation Vulnerability
9. Sybase Advantage Server "ADS" Process Off-By-One Buffer Overflow
10. Google Chrome Multiple Security Vulnerabilities

Web 應用程式 - SQL Injection

1. IdevSpot iSupport "x_category" Parameter SQL Injection

Web 應用程式

1. ActivDesk Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
2. Nodesforum "3rd_party_limits.php" Remote File Include Vulnerability
3. Avactis Shopping Cart Security Bypass and HTML Injection Vulnerabilities
4. phpMyAdmin "$_SESSION" Array Unauthorized Access Vulnerability

網路裝置

1. IBM Web Application Firewall Security Bypass
2. H3C ER5100 Authentication Bypass Vulnerability