Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Imagemagic
Опубликовано:1 мая 2012 г.
Источник:
SecurityVulns ID:12351
Тип:библиотека
Уровень опасности:
5/10
Описание:Переполнения буфера, недостаточная проверка пользовательских данных.
CVE:CVE-2012-1798 (The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.)
 CVE-2012-1186 (Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in the IFD in an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0248.)
 CVE-2012-1185 (Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset value in the ResolutionUnit tag in the EXIF IFD0 of an image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0247.)
 CVE-2012-0260 (The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.)
 CVE-2012-0259 (The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2462-1] imagemagick security update (01.05.2012)

Многочисленные уязвимости безопасности в Symantec PCAnywhere
дополнено с 30 января 2012 г.
Опубликовано:1 мая 2012 г.
Источник:
SecurityVulns ID:12163
Тип:удаленная
Уровень опасности:
7/10
Описание:Выполнение кода, повышение привилегий.
Затронутые продукты:SYMANTEC : pcAnywhere 12.5
 SYMANTEC : IT Management Suite 7.0
 SYMANTEC : IT Management Suite 7.1
CVE:CVE-2011-3478 (The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.)
Оригинальный текстdocument[email protected], NGS00117 Technical Advisory: Symantec pcAnywhere insecure file permissions local privilege escalation (01.05.2012)
 document[email protected], NGS00118 Technical Advisory: Symantec pcAnywhere Remote Code Execution as SYSTEM (01.05.2012)
 document[email protected], ZDI-12-018 : Symantec PCAnywhere awhost32 Remote Code Execution Vulnerability (30.01.2012)
 document[email protected], NGS00117 Patch Notification: Symantec PCAnywhere Local Privilege Escalation (30.01.2012)
 document[email protected], NGS00118 Patch Notification: Symantec PCAnywhere Remote Code Execution as SYSTEM (30.01.2012)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:1 мая 2012 г.
Источник:
SecurityVulns ID:12352
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:SPIP : spip 2.1
 DIRECTADMIN : DirectAdmin 1.403
 WORDPRESS : Organizer 1.2
 PIWIGO : Piwigo 2.3
 PHPVOLUNTEER : PHP Volunteer Management 1.0
 OPIAL : Opial CMS 2.0
 C4BXPHONE : UC Web 4.1
 PRITLOG : Pritlog 0.821
 WEBSENSE : Triton 7.6
 CARPORTAL : Car Portal CMS 3.0
 ACTI : ACTi Web Configurator 3.0
 MYSQLDUMPER : MySQLDumper 1.24
CVE:CVE-2012-2209 (Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Piwigo before 2.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) section parameter in the configuration module, (2) installstatus parameter in the languages_new module, or (3) theme parameter in the theme module.)
 CVE-2012-2208 (Directory traversal vulnerability in upgrade.php in Piwigo before 2.3.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.)
Оригинальный текстdocumentchin4b0y, mysqldumper1.24.4_LFI_XSS_CSRF_PHPEXEC_TRAVERSAL_INFO_DISCLOS (01.05.2012)
 documentMustLive, IA, CSRF and FPD vulnerabilities in Organizer for WordPress (01.05.2012)
 documentDEBIAN, [SECURITY] [DSA 2461-1] spip security update (01.05.2012)
 documentVulnerability Lab, DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities (01.05.2012)
 documentVulnerability Lab, Car Portal CMS v3.0 - Multiple Web Vulnerabilities (01.05.2012)
 documentVulnerability Lab, C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability (01.05.2012)
 documentVulnerability Lab, DIY CMS v1.0 Poll - Multiple Web Vulnerabilities (01.05.2012)
 documentThomas Richards, PHP Volunteer Management 'id' 1.0.2 Multiple Vulnerabilities (01.05.2012)
 document[email protected], NGS00141 Technical Advisory: Websense Triton 7.6 stored XSS in report management UI (01.05.2012)
 document[email protected], NGS00140 Technical Advisory: Websense Triton 7.6 - unauthenticated remote command execution as SYSTEM (01.05.2012)
 document[email protected], NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI (01.05.2012)
 document[email protected], NGS00137 Technical Advisory: Websense Triton 7.6 - reflected XSS in report management UI (01.05.2012)
 documentAmir_(at)_irist.ir, Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities (01.05.2012)
 documentVulnerability Lab, Pritlog v0.821 CMS - Multiple Web Vulnerabilities (01.05.2012)
 documentVulnerability Lab, C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability (01.05.2012)
 documentVulnerability Lab, Opial CMS v2.0 - Multiple Web Vulnerabilities (01.05.2012)
 documentariosrandy_(at)_gmail.com, PHP Volunteer Management (get_messages.php) SQL Injection Vulnerabilities (01.05.2012)

Выполнение кода в ActiveX McAfee Virtual Technician
Опубликовано:1 мая 2012 г.
Источник:
SecurityVulns ID:12354
Тип:клиент
Уровень опасности:
5/10
Описание:Небезопасная функция GetObject()
Затронутые продукты:MCAFEE : Virtual Technician 6.3
Оригинальный текстdocumentrgod, McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject() Security Bypass Remote Code Execution Vulnerability (01.05.2012)

DoS против Opera / Mozilla / Internet Explorer
дополнено с 12 февраля 2010 г.
Опубликовано:1 мая 2012 г.
Источник:
SecurityVulns ID:10614
Тип:клиент
Уровень опасности:
5/10
Описание:Большое количество вложенных тегов приводит к отказу приложения.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
 OPERA : Opera 10.10
 MOZILLA : Firefox 11.0
 OPERA : Opera 10.62
Оригинальный текстdocumentMustLive, DoS vulnerabilities in Firefox, Internet Explorer and Opera (01.05.2012)
 documentInj3ct0r.com, Opera <= 10.10 Remote Denial of Service Exploit (12.02.2010)
Файлы:Opera <= 10.10 Remote Denial of Service Exploit

Многочисленные уязвимости безопасности в PHP
дополнено с 1 мая 2012 г.
Опубликовано:24 мая 2012 г.
Источник:
SecurityVulns ID:12353
Тип:библиотека
Уровень опасности:
7/10
Описание:DoS-условия, выполнение кода, инъекции SQL.
Затронутые продукты:PHP : PHP 5.3
CVE:CVE-2012-2336 (sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.)
 CVE-2012-2335 (php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string beginning with a +- sequence.)
 CVE-2012-2311 (sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.)
 CVE-2012-1823 (sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.)
 CVE-2012-1172 (The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote attackers to cause a denial of service (malformed $_FILES indexes) or conduct directory traversal attacks during multi-file uploads by leveraging a script that lacks its own filename restrictions.)
 CVE-2012-0831 (PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c.)
 CVE-2012-0830 (The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.)
 CVE-2012-0788 (The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.)
Оригинальный текстdocumentadmin_(at)_bugreport.ir, PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version (24.05.2012)
 documentMANDRIVA, [ MDVSA-2012:071 ] php (14.05.2012)
 documentMANDRIVA, [ MDVSA-2012:065 ] php (01.05.2012)
Файлы:PHP CVE-2012-1823 exploit

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород