Информационная безопасность
[RU] switch to English


Многочисленные уязвимости в Sun JRE / JDK (multiple bugs)
Опубликовано:1 июня 2007 г.
Источник:
SecurityVulns ID:7762
Тип:библиотека
Уровень опасности:
7/10
Описание:Переполнения буфера и целочисленные переполнения при разборе JPG/BMP, обход зашиты ограниченной среды через системные классы.
Затронутые продукты:SUN : JRE 1.5
 SUN : JDK 1.5
 SUN : JDK 1.6
 SUN : JRE 1.6
CVE:CVE-2007-2789 (The BMP image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03, and 1.6.x before 1.6.0_01-b06, on Unix/Linux systems, allows remote attackers to trigger the opening of arbitrary local files via a crafted BMP file, which causes a denial of service (system hang) in certain cases such as /dev/tty, and has other unspecified impact.)
 CVE-2007-2788 (Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03, and 1.6.x before 1.6.0_01-b06, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file.)
 CVE-2007-2435 (Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to support for JNLP files.)
Оригинальный текстdocumentGENTOO, [ GLSA 200705-23 ] Sun JDK/JRE: Multiple vulnerabilities (01.06.2007)

Многочисленные уязвимости в PHP
Опубликовано:1 июня 2007 г.
Источник:
SecurityVulns ID:7764
Тип:библиотека
Уровень опасности:
6/10
Описание:Целочисленное переполнение в chunk_split() .
Затронутые продукты:PHP : PHP 4.4
 PHP : PHP 5.2
CVE:CVE-2007-2872 (Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.)
 CVE-2007-2756 (The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.)
 CVE-2007-1900 (CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression to ignore the subsequent part of the address string.)
 CVE-2007-1887 (Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.)
Оригинальный текстdocumentOPENPKG, [OpenPKG-SA-2007.020] OpenPKG Security Advisory (php) (01.06.2007)
 documentSEC Consult Vulnerability Lab, SEC Consult SA-20070601-0 :: PHP chunk_split() integer overflow (01.06.2007)

Проверка учетной записи в Microsoft Windows
Опубликовано:1 июня 2007 г.
Источник:
SecurityVulns ID:7766
Тип:удаленная
Уровень опасности:
4/10
Описание:Возможно обнаружить учетные записи пользователей, имеющих ограничения на часы доступа.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2003 Server
Оригинальный текстdocumentSumit Siddharth, [Full-disclosure] Microsoft Windows Active Directory Logon Hours User Enumeration Weakness (01.06.2007)

Переполнение буфера в locate из GNU findutils (buffer overflow)
Опубликовано:1 июня 2007 г.
Источник:
SecurityVulns ID:7763
Тип:удаленная
Описание:Переполнение буфера динамической памяти при разборе файла базы данных в старом формате.
Затронутые продукты:GNU : findutils 4.2
CVE:CVE-2007-2452 (Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pathname in a locate database that has the old format, a different vulnerability than CVE-2001-1036.)
Оригинальный текстdocumentGNU, GNU Findutils release 4.2.31 fixes CVE-2007-2452 (GNU locate heap buffer overrun) (01.06.2007)

Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
Опубликовано:1 июня 2007 г.
Источник:
SecurityVulns ID:7765
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, утечка информации и т.д.
Затронутые продукты:PHPREACTOR : phpreactor 1.2
 MYBLOGGIE : myBloggie 2.1
 SENDCARD : SendCard 3.3
 ZBLOG : Z-Blog 1.7
Оригинальный текстdocumentxx_hack_xx_2004_(at)_hotmail.com, Full Path Disclosure in SendCard (01.06.2007)
 documentpito pito, Prototype of an PHP application ===> RFI (01.06.2007)
 documentMC Iglo, static XSS / SQL-Injection in Omegasoft Insel (01.06.2007)
 documentpito pito, PBSite - PHP Bulletin Site | CMS ====> RFI (01.06.2007)
 documentpito pito, phpreactor <===1.2.7 remote file include (01.06.2007)
 documentRaeD Hasadya, Z-Blog 1.7 Authentication Bypass Database Download Vulnerability (01.06.2007)
 documentlaurent gaffie, PHP JackKnife [multiple vulnerabilities] (01.06.2007)
 documentls_(at)_calima.serapis.net, MyBloggie 2.1.6 SQL Injection (01.06.2007)

Многочисленные уязвимости в Mozilla Firefox / Thunderbird / SeaMonkey
дополнено с 1 июня 2007 г.
Опубликовано:5 июня 2007 г.
Источник:
SecurityVulns ID:7761
Тип:клиент
Уровень опасности:
8/10
Описание:Многочисленные DoS-условия, межсайтовый спритинг через addEventListener. Многочисленные переполнения динамической памяти, целочисленные переполнения и т.д.
Затронутые продукты:MOZILLA : Thunderbird 1.5
 MOZILLA : Firefox 1.5
 MOZILLA : Seamonkey 1.0
 MOZILLA : Firefox 2.0
 MOZILLA : Thunderbird 2.0
 MOZILLA : SeaMonkey 1.1
 ICEAPE : iceape 1.0
 XULRUNNER : xulrunner 1.8
 ICEWEASEL : iceweasel 2.0
CVE:CVE-2007-2871 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: this issue can be leveraged for phishing and other attacks.)
 CVE-2007-2870 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to bypass the same-origin policy and conduct cross-site scripting (XSS) and other attacks by using the addEventListener method to add an event listener for a site, which is executed in the context of that site.)
 CVE-2007-2869 (The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service (persistent temporary CPU consumption) via a large number of characters in a submitted form.)
 CVE-2007-2868 (Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corruption.)
 CVE-2007-2867 (Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) via vectors related to dangling pointers, heap corruption, signed/unsigned, and other issues.)
 CVE-2007-1562 (The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.)
 CVE-2007-1558 (The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail, and (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2.)
 CVE-2007-1362 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to cause a denial of service via (1) a large cookie path parameter, which triggers memory consumption, or (2) an internal delimiter within cookie path or name values, which could trigger a misinterpretation of cookie data, aka "Path Abuse in Cookies.")
Оригинальный текстdocumentThor Larholm, Unpatched input validation flaw in Firefox 2.0.0.4 (05.06.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-17 (01.06.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-16 (01.06.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-15 (01.06.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-14 (01.06.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-13 (01.06.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-12 (01.06.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-11 (01.06.2007)
 documentCERT, US-CERT Technical Cyber Security Alert TA07-151A -- Mozilla Updates for Multiple Vulnerabilities (01.06.2007)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород