Top Five Web Application Vulnerabilities 2/26/07 - 3/11/07 - Top Web Vulnerabilities -
Top Web Vulnerabilities » Top Five Web Application Vulnerabilities 2/26/07 - 3/11/07
Top Five Web Application Vulnerabilities 2/26/07 - 3/11/07

1) Wordpress 2.1.1 Command Execution Backdoor Vulnerability

Wordpress 2.1.1 contains a command execution backdoor vulnerability due to a compromise of the application source code. Remote users could exploit this vulnerability to inject PHP code or execute operating system commands on the affected system. An updated version of Wordpress has been released which resolves this issue. Contact the vendor for additional information.

 

http://www.securityfocus.com/bid/22797

 

2) Citrix Presentation Server Client Unspecified Remote Code Execution Vulnerability

Citrix Presentation Server Client is susceptible to an unspecified remote code-execution vulnerability. An attacker who entices a victim into visiting a malicious page can exploit this vulnerability to execute arbitrary code within the context of the affected application, possibly leading to remote unauthorized access. A fix has been released. Contact the vendor for further details.

 

http://www.securityfocus.com/bid/22762/



3) SQL-Ledger/LedgerSMB Remote Code Execution Vulnerability

SQL Ledger and LedgerSMB are susceptible to a remote code execution vulnerability. A remote attacker can leverage this vulnerability to execute arbitrary code in context of the application, possibly leading to a complete compromise of the affected system. Updated versions of LedgerSMB and SQL-Ledger that resolve this issue have been released. Contact the vendor for additional information.

 

http://www.securityfocus.com/bid/22828

 

4) PHP Import_Request_Variables Arbitrary Variable Overwrite Vulnerability

PHP is susceptible to an arbitrary variable overwrite vulnerability that could permit an attacker to overwrite arbitrary variables. This could lead to a complete comprise of vulnerable applications or be utilized to create a denial-of-service condition. An update which addresses this issue has been released. Contact the vendor for further details.

 

http://www.securityfocus.com/bid/22886/

 

5) Novell Netmail WebAdmin Buffer Overflow

Novell NetMail is susceptible to multiple buffer-overflow vulnerabilities. An attacker could remotely exploit these vulnerabilities to execute arbitrary code in context of the affected application. An update which resolves these issues has been released. Contact the vendor for additional details.

 

http://www.securityfocus.com/bid/22857

Posted 03-13-2007 9:53 AM by mark.painter
Privacy Statement
Powered by Community Server (Non-Commercial Edition), by Telligent Systems