Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в библиотеке poppler
Опубликовано:2 апреля 2013 г.
Источник:
SecurityVulns ID:12979
Тип:библиотека
Уровень опасности:
6/10
Описание:Различные уязвимости при разборе PDF
Затронутые продукты:POPPLER : poppler 0.20
CVE:CVE-2013-1790 (poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function.)
 CVE-2013-1789 (splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransformMask, (2) Splash::blitMask, and (3) Splash::scaleMaskYuXu functions.)
 CVE-2013-1788 (poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc.)
Оригинальный текстdocumentUBUNTU, [USN-1785-1] poppler vulnerabilities (02.04.2013)

Инъекция SQL в Virtual Access Monitor
Опубликовано:2 апреля 2013 г.
Источник:
SecurityVulns ID:12981
Тип:удаленная
Уровень опасности:
6/10
Описание:Несколько различных инъекций SQL
Затронутые продукты:VIRTUALACCESS : Virtual Access Monitor 3.10
Оригинальный текстdocumentNCC Group Research, NGS00248 Patch Notification: Virtual Access Monitor Multiple SQL Injection Vulnerabilities (02.04.2013)

Многочисленные уязвимости безопасности в ядре Linux
дополнено с 2 апреля 2013 г.
Опубликовано:15 апреля 2013 г.
Источник:
SecurityVulns ID:12978
Тип:библиотека
Уровень опасности:
5/10
Описание:Обход защиты, DoS, переполнение буфера в драйверах nVidia, утечка информации.
Затронутые продукты:LINUX : kernel 3.8
CVE:CVE-2013-2548 (The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.)
 CVE-2013-2547 (The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.)
 CVE-2013-2546 (The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability.)
 CVE-2013-1792 (Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that trigger keyring operations in simultaneous threads.)
 CVE-2013-1792 (Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that trigger keyring operations in simultaneous threads.)
 CVE-2013-1767 (Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option.)
 CVE-2013-1767 (Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option.)
 CVE-2013-0914 (The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call.)
 CVE-2013-0914 (The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call.)
 CVE-2013-0131 (Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 310.44, and 313.x before 313.30 for the X Window System on UNIX, when NoScanout mode is enabled, allows remote authenticated users to execute arbitrary code via a large ARGB cursor.)
Оригинальный текстdocumentUBUNTU, [USN-1793-1] Linux kernel vulnerabilities (15.04.2013)
 documentUBUNTU, [USN-1799-1] NVIDIA graphics drivers vulnerability (15.04.2013)
 documentUBUNTU, [USN-1787-1] Linux kernel vulnerabilities (02.04.2013)

DoS против libxslt
дополнено с 2 апреля 2013 г.
Опубликовано:19 января 2014 г.
Источник:
SecurityVulns ID:12980
Тип:библиотека
Уровень опасности:
5/10
Описание:Отказ при разборе документов XSLT
Затронутые продукты:LIBXSLT : libxslt 1.1
CVE:CVE-2013-4520 (xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type. NOTE: this issue is due to an incomplete fix for CVE-2012-2825.)
 CVE-2012-6139 (libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c.)
 CVE-2012-2825 (The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2014:006 ] libxslt (19.01.2014)
 documentUBUNTU, [USN-1784-1] libxslt vulnerability (02.04.2013)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород