Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:18 ноября 2012 г.
Источник:
SecurityVulns ID:12719
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:TYPO3 : typo3 4.5
 BUGZILLA : Bugzilla 4.2
 WORDPRESS : WordPress 3.3
 DJANGO : django 1.4
 XENFORO : XenForo 1.1
 OPENREALITY : Open-Realty 2.5
 BABYGEKKO : BabyGekko 1.2
 BULBSECURITY : Smartphone Pentest Framework 0.1
 BUGZILLA : Bugzilla 4.4
 IDEV : iDev Rentals 1.0
CVE:CVE-2012-5700 (Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko before 1.2.2f allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to admin/index.php or the (2) username or (3) password parameter in blocks/loginbox/loginbox.template.php to index.php. NOTE: some of these details are obtained from third party information.)
 CVE-2012-5699
 CVE-2012-5698
 CVE-2012-5697 (The btinstall installation script in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 uses weak permissions (777) for all files in the frameworkgui/ directory, which allows local users to obtain sensitive information or inject arbitrary Perl code via direct access to these files.)
 CVE-2012-5696 (Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 does not properly restrict access to frameworkgui/config, which allows remote attackers to obtain the plaintext database password via a direct request.)
 CVE-2012-5695 (Multiple cross-site request forgery (CSRF) vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allow remote attackers to hijack the authentication of administrators for requests that conduct (1) shell metacharacter or (2) SQL injection attacks or (3) send an SMS message.)
 CVE-2012-5694 (Multiple SQL injection vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allow remote attackers to execute arbitrary SQL commands via the (1) agentPhNo, (2) controlPhNo, (3) agentURLPath, (4) agentControlKey, or (5) platformDD1 parameter to frameworkgui/attach2Agents.pl; the (6) modemPhoneNo, (7) controlKey, or (8) appURLPath parameter to frameworkgui/attachMobileModem.pl; the agentsDD parameter to (9) escalatePrivileges.pl, (10) getContacts.pl, (11) getDatabase.pl, (12) sendSMS.pl, or (13) takePic.pl in frameworkgui/; or the modemNoDD parameter to (14) escalatePrivileges.pl, (15) getContacts.pl, (16) getDatabase.pl, (17) SEAttack.pl, (18) sendSMS.pl, (19) takePic.pl, or (20) CSAttack.pl in frameworkgui/.)
 CVE-2012-5693
 CVE-2012-5475 (** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5881, CVE-2012-5882, CVE-2012-5883. Reason: This candidate is a duplicate of CVE-2012-5881, CVE-2012-5882, and CVE-2012-5883. Notes: All CVE users should reference one or more of CVE-2012-5881, CVE-2012-5882, and CVE-2012-5883 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.)
 CVE-2012-4520 (The django.http.HttpRequest.get_host function in Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 allows remote attackers to generate and display arbitrary URLs via crafted username and password Host header values.)
 CVE-2012-4199 (template/en/default/bug/field-events.js.tmpl in Bugzilla 3.x before 3.6.12, 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 generates JavaScript function calls containing private product names or private component names in certain circumstances involving custom-field visibility control, which allows remote attackers to obtain sensitive information by reading HTML source code.)
 CVE-2012-4198 (The User.get method in Bugzilla/WebService/User.pm in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 has a different outcome for a groups request depending on whether a group exists, which allows remote authenticated users to discover private group names by observing whether a call throws an error.)
 CVE-2012-4197 (Bugzilla/Attachment.pm in attachment.cgi in Bugzilla 2.x and 3.x before 3.6.12, 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 allows remote attackers to read attachment descriptions from private bugs via an obsolete=1 insert action.)
 CVE-2012-4189 (Cross-site scripting (XSS) vulnerability in Bugzilla 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1, allows remote attackers to inject arbitrary web script or HTML via a field value that is not properly handled during construction of a tabular report, as demonstrated by the Version field.)
 CVE-2012-3414 (Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the "ExternalInterface.call" function.)
Оригинальный текстdocumentVulnerability Lab, iDev Rentals v1.0 - Multiple Web Vulnerabilities (18.11.2012)
 documentLpSolit_(at)_gmail.com, Security advisory for Bugzilla 4.4rc1, 4.2.4, 4.0.9 and 3.6.12 (18.11.2012)
 documentDEBIAN, [SECURITY] [DSA 2574-1] typo3-src security update (18.11.2012)
 documentUBUNTU, [USN-1632-1] Django vulnerability (18.11.2012)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in BabyGekko (18.11.2012)
 documentHigh-Tech Bridge Security Research, Multiple Vulnerabilities in Smartphone Pentest Framework (SPF) (18.11.2012)
 documentYGN Ethical Hacker Group, Open-Realty CMS 2.5.8 (2.x.x) <= Cross Site Request Forgery (CSRF) Vulnerability (18.11.2012)
 documentMustLive, XSS vulnerability in web applications with swfupload: AionWeb, Magento, Liferay Portal, SurgeMail, symfony. (18.11.2012)
 documentMustLive, XSS vulnerability in web applications with swfupload: Dotclear, XenForo, InstantCMS, AionWeb, Dolphin (18.11.2012)
 documentMustLive, XSS vulnerability in swfupload in WordPress (18.11.2012)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород