Vulnerability Scanner Updates
Microsoft ASP.NET Error Handling Denial Of Service:
BUGTRAQ ID: 35985
CVE ID: 2009-1536ASP.NET in Microsoft .NET Framework 2.0 SP1 and SP2 and 3.5 Gold and SP1, when ASP 2.0 is used in integrated mode on IIS 7.0, does not properly manage request scheduling, which allows remote attackers to cause a denial of service (daemon outage) via a series of crafted HTTP requests, aka “Remote Unauthenticated Denial of Service in ASP.NET Vulnerability.”
Microsoft Active Template Library Remote Code Execution:
BUGTRAQ ID: 35982
CVE ID: 2009-2494The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and deleting this variant, aka “ATL Object Type Mismatch Vulnerability.”
Microsoft Windows AVI File Header Processing Memory Corruption:
BUGTRAQ ID: 35967
CVE ID: 2009-1545Unspecified vulnerability in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed header in a crafted AVI file, aka “Malformed AVI Header Vulnerability.”
Microsoft Windows WINS Service Heap Buffer Overflow:
BUGTRAQ ID: 35980
CVE ID: 2009-1923Heap-based buffer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buffer-length calculation, aka “WINS Heap Overflow Vulnerability.”
Microsoft Windows Workstation Service Memory Corruption:
BUGTRAQ ID: 35972
CVE ID: 2009-1544Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via a crafted RPC message to a Vista Gold, SP1, or SP2 or Server 2008 Gold or SP2 system, aka “Workstation Service Memory Corruption Vulnerability.”
Oracle Secure Backup Administration Server Authentication Bypass:
BUGTRAQ ID: 35672
CVE ID: 2009-1977Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Oracle Secure Backup Administration Server Command Injection:
BUGTRAQ ID: 35678
CVE ID: 2009-1978Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
Squid strListGetItem Denial of Service:
BUGTRAQ ID: 36091
CVE ID: 2009-2855The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.
Oracle Database REPCAT_RPC.VALIDATE_REMOTE_RC SQL Injection:
BUGTRAQ ID: 35685
CVE ID: 2009-1021Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Microsoft Internet Information Services FTP Server Remote Buffer Overflow:
BUGTRAQ ID: 36189
The Microsoft IIS FTP server contains a stack buffer overflow in the handling of directory names, which may allow a remote attacker to execute arbitrary code on a vulnerable system.
OpenOffice Word Document Table Parsing Integer Underflow:
BUGTRAQ ID: 36200
CVE ID: 2009-0200Integer underflow in OpenOffice.org (OOo) before 3.1.1 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow.