Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:5 сентября 2011 г.
Источник:
SecurityVulns ID:11890
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:LEDGERSMB : LedgerSMB 1.2
 SQLLEDGER : SQL-Ledger 2.8
 WORDPRESS : Wordpress redirection pugin 2.2
 FREEHELPDESK : Help Request System 1.1
Оригинальный текстdocumentChris Travers, Full disclosure for SA45649, SQL Injection in LedgerSMB and SQL-Ledger (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Pc Web Agency (prodotto.php?id) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Mediagrafic (prodotto.asp?id) (records.asp?id_p) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, CWM (dettaglio-prodotto.asp?id) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Dexanet Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Sana Net (viewnews.php?id) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Sana Net (viewpages.php?id) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Fulci (prodotto.php?id) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Olonet (prodotto.php?idproduct) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, Studio Linea (prodotto.php?id) Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, ITTWeb Remote SQL injection Vulnerability (05.09.2011)
 documentEhsan_Hp200_(at)_hotmail.com, ph5gruppo (prodotto.php?id) Remote SQL injection Vulnerability (05.09.2011)
 documentnoreply_(at)_ptsecurity.ru, [PT-2011-19] SQL injection vulnerability in Help Request System (05.09.2011)
 documentHigh-Tech Bridge Security Research, XSS in Redirection wordpress plugin (05.09.2011)

Уязвимости безопасности в ActiveX BroadWin WebAccess Client
Опубликовано:5 сентября 2011 г.
Источник:
SecurityVulns ID:11891
Тип:клиент
Уровень опасности:
5/10
Описание:Ошибка форматной строки, повреждение памяти.
Затронутые продукты:BROADWIN : BroadWin WebAccess Client 7.0
Оригинальный текстdocumentLuigi Auriemma, Vulnerabilities in BroadWin WebAccess Client 1.0.0.10 (05.09.2011)
Файлы:BroadWin WebAccess Client bwocxrun.ocx PoC

Переполнения буфера в KnFTPd FTP Server
Опубликовано:5 сентября 2011 г.
Источник:
SecurityVulns ID:11892
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнения буффера во многих командах FTP.
Затронутые продукты:KNFTP : KnFTPd 1.0
Оригинальный текстdocumentliuqx_(at)_nipc.org.cn, KnFTPd v1.0.0 Multiple Command Remote Buffer Overflow (05.09.2011)
Файлы:KnFTPd FTP Server v1.0.0 Multiple Command Remote Buffer Overflow Exploit

Многочисленные уязвимости безопасности в Apple QuickTime
дополнено с 5 августа 2011 г.
Опубликовано:5 сентября 2011 г.
Источник:
SecurityVulns ID:11834
Тип:удаленная
Уровень опасности:
7/10
Описание:Повреждения памяти при разборе PICT, JPEG2000, WAV, JPEG, GIF и различных видео-форматов, межсайтовый скриптинг.
Затронутые продукты:QUICKTIME : QuickTime 7.6
CVE:CVE-2011-0258 (Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image description associated with an mp4v tag in a movie file.)
 CVE-2011-0257 (Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PnSize opcode in a PICT file that triggers a stack-based buffer overflow.)
 CVE-2011-0256 (Integer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted track run atoms in a QuickTime movie file.)
 CVE-2011-0252 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STTS atoms in a QuickTime movie file.)
 CVE-2011-0251 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSZ atoms in a QuickTime movie file.)
 CVE-2011-0250 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSS atoms in a QuickTime movie file.)
 CVE-2011-0249 (Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSC atoms in a QuickTime movie file.)
 CVE-2011-0248 (Stack-based buffer overflow in the QuickTime ActiveX control in Apple QuickTime before 7.7 on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTL file.)
 CVE-2011-0247 (Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie.)
 CVE-2011-0246 (Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.)
 CVE-2011-0245 (Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pict file.)
 CVE-2011-0213 (Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG file.)
 CVE-2011-0211 (Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.)
 CVE-2011-0210 (QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file.)
 CVE-2011-0209 (Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file.)
 CVE-2011-0187 (The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via vectors involving a cross-site redirect.)
 CVE-2011-0186 (QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image.)
Оригинальный текстdocumentZDI, ZDI-11-277: Apple QuickTime 3g2 'mp4v' atom size Remote Code Execution Vulnerability (05.09.2011)
 documentZDI, ZDI-11-259: Apple QuickTime STSZ atom Parsing Remote Code Execution Vulnerability (17.08.2011)
 documentZDI, ZDI-11-258: Apple QuickTime STSC atom Parsing Remote Code Execution Vulnerability (17.08.2011)
 documentZDI, ZDI-11-257: Apple QuickTime Player H.264 Slice Header Remote Code Execution Vulnerability (17.08.2011)
 documentZDI, ZDI-11-256: Apple QuickTime Media Link src Parameter Remote Code Execution Vulnerability (17.08.2011)
 documentZDI, ZDI-11-255: Apple QuickTime Player H.264 Reference Picture List Remote Code Execution Vulnerability (17.08.2011)
 documentZDI, ZDI-11-254: Apple QuickTime 'trun' atom sampleCount Integer Overflow Remote Code Execution Vulnerability (17.08.2011)
 documentZDI, ZDI-11-252: Apple QuickTime PICT Image PnSize Opcode Remote Code Execution Vulnerability (17.08.2011)
 documentZDI, ZDI-11-251: Apple QuickTime STSS atom Parsing Remote Code Execution Vulnerability (10.08.2011)
 documentZDI, ZDI-11-250: Apple QuickTime STTS atom Remote Code Execution Vulnerability (10.08.2011)
 documentAPPLE, APPLE-SA-2011-08-03-1 QuickTime 7.7 (05.08.2011)
Файлы:About the security content of QuickTime 7.7

Выполнение кода в Symantec Veritas Backup Exec
Опубликовано:5 сентября 2011 г.
Источник:
SecurityVulns ID:11893
Тип:удаленная
Уровень опасности:
5/10
Описание:Возможно удаленное выполнение привилегированных команд.
Затронутые продукты:HP : HP-UX 11.11
 HP : HP-UX 11.23
 HP : HP-UX 11.31
 SYMANTEC : Backup Exec 11.0
 SYMANTEC : Backup Exec 12.5
 SYMANTEC : Backup Exec 13.0
CVE:CVE-2011-0546 (Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not validate identity information sent between the media server and the remote agent, which allows man-in-the-middle attackers to execute NDMP commands via unspecified vectors.)
Оригинальный текстdocumentHP, [security bulletin] HPSBUX02700 SSRT100506 rev.1 - HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code (05.09.2011)
Файлы:Security Advisories Relating to Symantec Products - Symantec Backup Exec Man-in-The-Middle

Многочисленные уязвимости в InduSoft WebStudio
дополнено с 5 сентября 2011 г.
Опубликовано:21 ноября 2011 г.
Источник:
SecurityVulns ID:11894
Тип:клиент
Уровень опасности:
5/10
Описание:Переполнения буфера в различных методах ActiveX.
Затронутые продукты:INDUSOFT : InduSoft Web Studio 7.0
CVE:CVE-2011-4052 (Stack-based buffer overflow in CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 allows remote attackers to execute arbitrary code via a crafted 0x15 (aka Remove File) operation for a file with a long name.)
 CVE-2011-4051 (CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control.)
 CVE-2011-0342 (Multiple buffer overflows in the InduSoft ISSymbol ActiveX control in ISSymbol.ocx 301.1104.601.0 in InduSoft Web Studio 7.0B2 hotfix 7.0.01.04 allow remote attackers to execute arbitrary code via a long parameter to the (1) Open, (2) Close, or (3) SetCurrentLanguage method.)
Оригинальный текстdocumentZDI, ZDI-11-329 : InduSoft WebStudio CEServer Operation 0x15 Remote Code Execution Vulnerability (21.11.2011)
 documentZDI, ZDI-11-330 : InduSoft WebStudio Unauthenticated Remote Operations Remote Code Execution Vulnerability (21.11.2011)
 documentSECUNIA, Secunia Research: InduSoft ISSymbol ActiveX Control Buffer Overflow Vulnerabilities (05.09.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород