菁英科技

本週更新弱點

平台	數量
第三方 Windows 應用程式	5
BSD	2
跨平台	12
Web 應用程式 - Cross Site Scripting	1
Web 應用程式 - SQL Injection	1
Web 應用程式	3
硬體	2

第三方 Windows 應用程式

1. Winamp Essentials FLV File Heap-Based Buffer Overflow Vulnerability
2. ESTsoft ALZip MIM File Processing Buffer Overflow
3. HP Intelligent Management Centre Products Remote Code Execution
4. IMesh "IMWebControl.dll" ActiveX Control Buffer Overflow
5. XnView DLL Loading Arbitrary Code Execution Vulnerability

BSD

1. OpenSSH "pam_thread()" Remote Buffer Overflow Vulnerability
2. NetBSD Multiple 'libc/net' Functions Stack Buffer Overflow Vulnerability

跨平台

1. Asterisk SIP Authentication Request User Enumeration Weakness
2. Sybase Advantage Server "ADS" Process Memory Corruption Vulnerability
3. Zope Unspecified Security Bypass Vulnerability
4. Ingate Firewall and SIParator SIP Module Remote Denial of Service Vulnerability
5. Wireshark Lucent/Ascend File Parser Denial of Service
6. SAP Netweaver Insecure SAPTerm User Account Creation Security Bypass Vulnerability
7. IBM DB2 "DT_RPATH" Insecure Library Loading Arbitrary Code Execution Vulnerability
8. Multiple Virtualization Applications Intel VT-d chipsets Local Privilege Escalation Vulnerability
9. IBM InfoSphere Information Server Multiple Local Privilege Escalation Vulnerabilities
10. IBM Tivoli Storage Manager Client Multiple Buffer Overflow
11. Vsftpd Compromised Source Packages Backdoor Vulnerability
12. ISC BIND 9 RPZ Configurations Remote Denial of Service
13. Opera Web Browser Multiple Remote Denial of Service Vulnerabilities

Web 應用程式 - Cross Site Scripting

1. WebCalendar Multiple Cross-Site Scripting Vulnerabilities

Web 應用程式 - SQL Injection

1. PhpFood "restaurant.php" SQL Injection Vulnerability

Web 應用程式

1. AeroMail Multiple Vulnerabilities
2. IBM Rational DOORS Multiple Unspecified Vulnerabilities
3. WeBid Local File Include and SQL Injection Vulnerabilities

硬體

1. Portech MV-372 VoIP Gateway Multiple Security Vulnerabilities