Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Apple Safari / Webkit
Опубликовано:5 июля 2015 г.
Источник:
SecurityVulns ID:14559
Тип:библиотека
Уровень опасности:
7/10
Описание:Многочисленные повреждения памяти.
Затронутые продукты:APPLE : Safari 8.0
 APPLE : iTunes 12.1
 APPLE : Safari 7.1
 APPLE : Safari 6.2
CVE:CVE-2015-3727 (WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site.)
 CVE-2015-3660 (Cross-site scripting (XSS) vulnerability in the PDF functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL in embedded PDF content.)
 CVE-2015-3659 (The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.)
 CVE-2015-3658 (The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site.)
Оригинальный текстdocumentAPPLE, APPLE-SA-2015-06-30-6 iTunes 12.2 (05.07.2015)
 documentAPPLE, APPLE-SA-2015-06-30-4 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 (05.07.2015)

Многочисленные уязвимости безопасности в Apple QuickTime
Опубликовано:5 июля 2015 г.
Источник:
SecurityVulns ID:14560
Тип:удаленная
Уровень опасности:
7/10
Описание:Многочисленные повреждения памяти при разборе различных форматов.
Затронутые продукты:APPLE : QuickTime 7.7
CVE:CVE-2015-3669 (QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3664 and CVE-2015-3665.)
 CVE-2015-3668 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, and CVE-2015-3667.)
 CVE-2015-3667 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, and CVE-2015-3668.)
 CVE-2015-3666 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3667, and CVE-2015-3668.)
 CVE-2015-3665 (QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3664 and CVE-2015-3669.)
 CVE-2015-3664 (QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3665 and CVE-2015-3669.)
 CVE-2015-3663 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668.)
 CVE-2015-3662 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668.)
 CVE-2015-3661 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668.)
Оригинальный текстdocumentAPPLE, APPLE-SA-2015-06-30-5 QuickTime 7.7.7 (05.07.2015)

Тайминг-атаки в libcrypto++
Опубликовано:5 июля 2015 г.
Источник:
SecurityVulns ID:14565
Тип:библиотека
Уровень опасности:
5/10
Описание:Тайминг-атаки на алгоритм Rabin-Williams.
Затронутые продукты:LIBRCYPT : libcrypto++ 5.6
CVE:CVE-2015-2141 (The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3296-1] libcrypto++ security update (05.07.2015)

Атака человек-по-средине против unattended-upgrades
Опубликовано:5 июля 2015 г.
Источник:
SecurityVulns ID:14566
Тип:m-i-t-m
Уровень опасности:
5/10
Описание:При определенных условиях возможна подмена содержимого пакетов.
Затронутые продукты:DEBIAN : unattended-upgrades 0.86
CVE:CVE-2015-1330 (unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3297-1] unattended-upgrades security update (05.07.2015)

Выполнение кода в маршрутизаторах ipTIME
дополнено с 19 апреля 2015 г.
Опубликовано:5 июля 2015 г.
Источник:
SecurityVulns ID:14404
Тип:удаленная
Уровень опасности:
5/10
Описание:Выполнение кода через Web-интерфейс.
Оригинальный текстdocumentPierre Kim, Exploit Code for ipTIME firmwares < 9.58 (root RCE against 127 router models) (05.07.2015)
 documentPierre Kim, 112 ipTIME Routers/WiFi APs/Modems/Firewalls models vulnerable with RCE with root privileges (19.04.2015)

Многочисленные уязвимости безопасности в Apple iOS
Опубликовано:5 июля 2015 г.
Источник:
SecurityVulns ID:14561
Тип:библиотека
Уровень опасности:
7/10
Описание:DoS, проблемы с доверием сертификатом, многочисленные повреждения памяти, раскрытие информации, слабая криптография, выполнение кода.
Затронутые продукты:APPLE : iOS 8.3
CVE:CVE-2015-4000 (The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.)
 CVE-2015-3728 (The WiFi Connectivity feature in Apple iOS before 8.4 allows remote Wi-Fi access points to trigger an automatic association, with an arbitrary security type, by operating with a recognized ESSID within an 802.11 network's coverage area.)
 CVE-2015-3727 (WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site.)
 CVE-2015-3726 (The Telephony subsystem in Apple iOS before 8.4 allows physically proximate attackers to execute arbitrary code via a crafted (1) SIM or (2) UIM card.)
 CVE-2015-3725 (MobileInstallation in Apple iOS before 8.4 does not ensure the uniqueness of Watch bundle IDs, which allows attackers to cause a denial of service (ID collision and Watch launch outage) via a crafted universal provisioning profile app.)
 CVE-2015-3724 (CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3723.)
 CVE-2015-3723 (CoreGraphics in Apple iOS before 8.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ICC profile in a PDF document, a different vulnerability than CVE-2015-3724.)
 CVE-2015-3722 (Application Store in Apple iOS before 8.4 does not ensure the uniqueness of bundle IDs, which allows attackers to cause a denial of service (ID collision and launch outage) via a crafted universal provisioning profile app.)
 CVE-2015-3721 (The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.)
 CVE-2015-3719 (TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694.)
 CVE-2015-3717 (Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.)
 CVE-2015-3710 (Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.)
 CVE-2015-3703 (ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image.)
 CVE-2015-3694 (FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3719.)
 CVE-2015-3690 (The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.)
 CVE-2015-3689 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3688.)
 CVE-2015-3688 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3689.)
 CVE-2015-3687 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3688, and CVE-2015-3689.)
 CVE-2015-3686 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689.)
 CVE-2015-3685 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689.)
 CVE-2015-3684 (The HTTPAuthentication implementation in CFNetwork in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL.)
 CVE-2015-3659 (The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.)
 CVE-2015-3658 (The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site.)
 CVE-2015-1157 (CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2) a WhatsApp message.)
 CVE-2015-1156 (The page-loading implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not properly handle the rel attribute in an A element, which allows remote attackers to bypass the Same Origin Policy for a link's target, and spoof the user interface, via a crafted web site.)
 CVE-2015-1155 (The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.)
 CVE-2015-1153 (WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1154.)
 CVE-2015-1152 (WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154.)
 CVE-2014-8130
 CVE-2014-8129
 CVE-2014-8128
 CVE-2014-8127
 CVE-2013-1741 (Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.)
Оригинальный текстdocumentAPPLE, APPLE-SA-2015-06-30-1 iOS 8.4 (05.07.2015)

Выполнение кода в EMC Isilon OneFS
Опубликовано:5 июля 2015 г.
Источник:
SecurityVulns ID:14563
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекция команд в интерфейсе веб-администрирования.
Затронутые продукты:EMC : Isilon OneFS 7.1
CVE:CVE-2015-4525 (The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x through 7.1.1.x before 7.1.1.5 and 7.2.0.x before 7.2.0.2 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors.)
Оригинальный текстdocumentEMC, ESA-2015-112: EMC Isilon OneFS Command Injection Vulnerability (05.07.2015)

Повышение привилегий в HP-UX
Опубликовано:5 июля 2015 г.
Источник:
SecurityVulns ID:14564
Тип:локальная
Уровень опасности:
5/10
Описание:Повышение привилегий в pppoec.
Затронутые продукты:HP : HP-UX 11iv3
CVE:CVE-2015-2126 (Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions.)
Оригинальный текстdocumentHP, [security bulletin] HPSBUX03359 rev.1 - HP-UX pppoec, local elevation of privilege (05.07.2015)

Выполнение кода в Apache Storm
Опубликовано:5 июля 2015 г.
Источник:
SecurityVulns ID:14568
Тип:удаленная
Уровень опасности:
6/10
Описание:Выполнение кода на веб-сервере.
Затронутые продукты:APACHE : Storm 0.10
CVE:CVE-2015-3188
Оригинальный текстdocumentAPACHE, [CVE-2015-3188] Apache Storm remote code execution vulnerability (05.07.2015)

Многочисленные уязвимости безопасности в Apple Mac OS X / EFI
Опубликовано:5 июля 2015 г.
Источник:
SecurityVulns ID:14562
Тип:библиотека
Уровень опасности:
8/10
Описание:Повышения привилегий, раскрытие информации, повреждения памяти, уязвимости библиотек.
Затронутые продукты:APPLE : MacOS X 10.10
CVE:CVE-2015-4000 (The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.)
 CVE-2015-3721 (The kernel in Apple iOS before 8.4 and OS X before 10.10.4 does not properly handle HFS parameters, which allows attackers to obtain sensitive memory-layout information via a crafted app.)
 CVE-2015-3720 (The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app.)
 CVE-2015-3719 (TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694.)
 CVE-2015-3718 (systemstatsd in the System Stats subsystem in Apple OS X before 10.10.4 does not properly interpret data types encountered in interprocess communication, which allows attackers to execute arbitrary code with systemstatsd privileges via a crafted app, related to a "type confusion" issue.)
 CVE-2015-3717 (Multiple buffer overflows in the printf functionality in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.)
 CVE-2015-3716 (Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library.)
 CVE-2015-3715 (The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch restrictions via a crafted library.)
 CVE-2015-3714 (Apple OS X before 10.10.4 does not properly consider custom resource rules during app signature verification, which allows attackers to bypass intended launch restrictions via a modified app.)
 CVE-2015-3713 (QuickTime in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted movie file.)
 CVE-2015-3712 (The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app.)
 CVE-2015-3711 (The NTFS implementation in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.)
 CVE-2015-3710 (Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.)
 CVE-2015-3709 (Race condition in kext tools in Apple OS X before 10.10.4 allows local users to bypass intended signature requirements for kernel extensions by leveraging improper pathname validation.)
 CVE-2015-3708 (kextd in kext tools in Apple OS X before 10.10.4 allows attackers to write to arbitrary files via a crafted app that conducts a symlink attack.)
 CVE-2015-3707 (The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.)
 CVE-2015-3706 (IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3705.)
 CVE-2015-3705 (IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3706.)
 CVE-2015-3704 (runner in Install.framework in the Install Framework Legacy subsystem in Apple OS X before 10.10.4 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged context via a crafted app.)
 CVE-2015-3703 (ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image.)
 CVE-2015-3702 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, and CVE-2015-3701.)
 CVE-2015-3701 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, and CVE-2015-3702.)
 CVE-2015-3700 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3701, and CVE-2015-3702.)
 CVE-2015-3699 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.)
 CVE-2015-3698 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.)
 CVE-2015-3697 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.)
 CVE-2015-3696 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.)
 CVE-2015-3695 (Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.)
 CVE-2015-3694 (FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3719.)
 CVE-2015-3693 (Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service (memory corruption), by triggering certain patterns of access to memory locations.)
 CVE-2015-3693 (Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service (memory corruption), by triggering certain patterns of access to memory locations.)
 CVE-2015-3692 (Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not enforce a locking protection mechanism upon being woken from sleep, which allows local users to conduct EFI flash attacks by leveraging root privileges.)
 CVE-2015-3692 (Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not enforce a locking protection mechanism upon being woken from sleep, which allows local users to conduct EFI flash attacks by leveraging root privileges.)
 CVE-2015-3691 (The Monitor Control Command Set kernel extension in the Display Drivers subsystem in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages control of a function pointer.)
 CVE-2015-3690 (The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.)
 CVE-2015-3689 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3688.)
 CVE-2015-3688 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3689.)
 CVE-2015-3687 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3688, and CVE-2015-3689.)
 CVE-2015-3686 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689.)
 CVE-2015-3685 (CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689.)
 CVE-2015-3684 (The HTTPAuthentication implementation in CFNetwork in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL.)
 CVE-2015-3683 (The Bluetooth HCI interface implementation in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.)
 CVE-2015-3682 (Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-2015-3681.)
 CVE-2015-3681 (Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3680, and CVE-2015-3682.)
 CVE-2015-3680 (Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3679, CVE-2015-3681, and CVE-2015-3682.)
 CVE-2015-3679 (Apple Type Services (ATS) in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3680, CVE-2015-3681, and CVE-2015-3682.)
 CVE-2015-3678 (AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands.)
 CVE-2015-3677 (The LZVN compression feature in AppleFSCompression in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app.)
 CVE-2015-3676 (AppleGraphicsControl in Apple OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information via a crafted app.)
 CVE-2015-3675 (The default configuration of the Apache HTTP Server on Apple OS X before 10.10.4 does not enable the mod_hfs_apple module, which allows remote attackers to bypass HTTP authentication via a crafted URL.)
 CVE-2015-3674 (afpserver in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.)
 CVE-2015-3673 (Admin Framework in Apple OS X before 10.10.4 does not properly restrict the location of writeconfig clients, which allows local users to obtain root privileges by moving and then modifying Directory Utility.)
 CVE-2015-3672 (Admin Framework in Apple OS X before 10.10.4 does not properly handle authentication errors, which allows local users to obtain admin privileges via unspecified vectors.)
 CVE-2015-3671 (Admin Framework in Apple OS X before 10.10.4 does not properly verify XPC entitlements, which allows local users to bypass authentication and obtain admin privileges via unspecified vectors.)
 CVE-2015-3668 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, and CVE-2015-3667.)
 CVE-2015-3667 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, and CVE-2015-3668.)
 CVE-2015-3666 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3667, and CVE-2015-3668.)
 CVE-2015-3663 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3662, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668.)
 CVE-2015-3662 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3661, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668.)
 CVE-2015-3661 (QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668.)
 CVE-2015-1799 (The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer.)
 CVE-2015-1798 (The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC.)
 CVE-2015-1157 (CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display truncation in the Notifications feature, as demonstrated by Arabic characters in (1) an SMS message or (2) a WhatsApp message.)
 CVE-2015-0293 (The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.)
 CVE-2015-0289 (The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an application that processes arbitrary PKCS#7 data and providing malformed data with ASN.1 encoding, related to crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c.)
 CVE-2015-0288 (The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key.)
 CVE-2015-0287 (The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse.)
 CVE-2015-0286 (The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature.)
 CVE-2015-0273 (Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier in (a) DateTimeZone data handled by the php_date_timezone_initialize_from_hash function or (b) DateTime data handled by the php_date_initialize_from_hash function.)
 CVE-2015-0235 (Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST.")
 CVE-2015-0209 (Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed Elliptic Curve (EC) private-key file that is improperly handled during import.)
 CVE-2014-8141
 CVE-2014-8140
 CVE-2014-8139
 CVE-2014-8130
 CVE-2014-8129
 CVE-2014-8128
 CVE-2014-8127
 CVE-2013-1741 (Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.)
Оригинальный текстdocumentAPPLE, APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005 (05.07.2015)
 documentAPPLE, APPLE-SA-2015-06-30-3 Mac EFI Security Update 2015-001 (05.07.2015)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
дополнено с 5 июля 2015 г.
Опубликовано:5 июля 2015 г.
Источник:
SecurityVulns ID:14567
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:PYJWT : pyjwt 0.2
 MANAGEENGINE : Asset Explorer 6.1
 NOVIUSOS : novius-os.5.0
 CACTI : cacti 0.8
 BLACKCATCMS : BlackCat CMS 1.1
 C2BOX : C2Box 4.0
 PIVOTX : PivotX 2.3
CVE:CVE-2015-5079
 CVE-2015-4460 (Cross-site request forgery (CSRF) vulnerability in SecuritySetting/UserSecurity/UserManagement.aspx in B.A.S C2Box before 4.0.0 (r19171) allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via certain vectors.)
 CVE-2015-4454 (SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php.)
 CVE-2015-4342 (SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id.)
 CVE-2015-3443 (Cross-site scripting (XSS) vulnerability in the basic dashboard in Thycotic Secret Server 8.6.x, 8.7.x, and 8.8.x before 8.8.000005 allows remote authenticated users to inject arbitrary web script or HTML via a password entry, which is not properly handled when toggling the password mask.)
 CVE-2015-2665 (Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Оригинальный текстdocumentMustLive, Multiple vulnerabilities in Vulcan theme for WordPress + WAF bypass (05.07.2015)
 documentDEBIAN, [SECURITY] [DSA 3295-1] cacti security update (05.07.2015)
 documentMarco Delai, CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004 (05.07.2015)
 documentapparitionsec_(at)_gmail.com, ManageEngine Asset Explorer v6.1 - Persistent Vulnerability (05.07.2015)
 documentapparitionsec_(at)_gmail.com, GeniXCMS XSS Vulnerabilities (05.07.2015)
 documentapparitionsec_(at)_gmail.com, mysql-lite-administrator XSS vulnerabilities (05.07.2015)
 documentDEBIAN, [SECURITY] [DSA 3293-1] pyjwt security update (05.07.2015)
 documentTim, Session Fixation, Reflected XSS, Code Execution in PivotX 2.3.10 (05.07.2015)
 documentwissam.bashour_(at)_helpag.com, CSRF Vulnerability in C2Box application CVE-2015-4460 (05.07.2015)
 documentotr_(at)_bockcay.de, CollabNet Subversion Edge Hook Script Privilege Escalation (05.07.2015)
 documentotr_(at)_bockcay.de, CollabNet Subversion Edge Password Hash Leak (05.07.2015)
 documentotr_(at)_bockcay.de, CollabNet Subversion Edge downloadHook local file inclusion (05.07.2015)
 documentotr_(at)_bockcay.de, CollabNet Subversion Edge show local file inclusion (05.07.2015)
 documentotr_(at)_bockcay.de, CollabNet Subversion Edge tail local file inclusion (05.07.2015)
 documentotr_(at)_bockcay.de, CollabNet Subversion Edge insecure password change (05.07.2015)
 documentotr_(at)_bockcay.de, CollabNet Subversion Edge missing brute force protection (05.07.2015)
 documentotr_(at)_bockcay.de, CollabNet Subversion Edge autocomplete on (05.07.2015)
 documentotr_(at)_bockcay.de, CollabNet Subversion Edge missing clickjacking protection (05.07.2015)
 documentotr_(at)_bockcay.de, CollabNet Subversion Edge weak password policy (05.07.2015)
 documentotr_(at)_bockcay.de, CollabNet Subversion Edge missing XSRF protection (05.07.2015)
 documentotr_(at)_bockcay.de, CollabNet Subversion Edge weak password storage mechanism (05.07.2015)
 documentotr_(at)_bockcay.de, CollabNet Subversion Edge missing single login restriction (05.07.2015)
 documentotr_(at)_bockcay.de, CollabNet Subversion Edge indes local file inclusion (05.07.2015)
 documentapparitionsec_(at)_gmail.com, novius-os.5.0.1 Persistent XSS, LFI & Open Redirect Vulnerabilities (05.07.2015)
 documentHigh-Tech Bridge Security Research, Path Traversal in BlackCat CMS (05.07.2015)

Многочисленные уязвимости безопасности в Polycom RealPresence Resource Manager
Опубликовано:5 июля 2015 г.
Источник:
SecurityVulns ID:14570
Тип:удаленная
Уровень опасности:
5/10
Описание:Раскрытие информации, повышение привилегий, обратный путь в каталогах.
Затронутые продукты:POLYCOM : RealPresence Resource Manager 8.3
CVE:CVE-2015-4685
 CVE-2015-4684
 CVE-2015-4683
 CVE-2015-4682
 CVE-2015-4681
Оригинальный текстdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20150626-0 :: Critical vulnerabilities in Polycom RealPresence Resource Manager (RPRM) allow surveillance on conferences (05.07.2015)

Подмена содержимого в Microsec e-Szigno / Netlock Mokka
Опубликовано:5 июля 2015 г.
Источник:
SecurityVulns ID:14569
Тип:локальная
Уровень опасности:
5/10
Описание:Подмена подписанного содержимого.
Затронутые продукты:NETLOCK : Mokka 2.7
 MICROSEC : e-Szigno 3.2
CVE:CVE-2015-3932
 CVE-2015-3931
Оригинальный текстdocumentImre RAD, CVE-2015-3931 Microsec e-Szigno, CVE-2015-3932 Netlock Mokka XSW vulnerability (05.07.2015)

Межсайтовый скриптинг в IBM Domino Web Server
Опубликовано:5 июля 2015 г.
Источник:
SecurityVulns ID:14571
Тип:удаленная
Уровень опасности:
5/10
Затронутые продукты:IBM : Domino 9.0
CVE:CVE-2015-1981 (Cross-site scripting (XSS) vulnerability in the web server in IBM Domino 8.5.x before 8.5.3 FP6 IF8 and 9.x before 9.0.1 FP4, when Webmail is enabled, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYH9WYPR5.)
Оригинальный текстdocumentMustLive, XSS vulnerability in IBM Domino (05.07.2015)
 documentMustLive, IBM Domino Web Server Cross-site Scripting Vulnerability (CVE-2015-1981) (05.07.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород