Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Mozilla Firefox / Thunderbird / Seamonkey
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13382
Тип:клиент
Уровень опасности:
8/10
Описание:Многочисленные повреждения памяти, подмена адресной строки, обход защиты.
Затронутые продукты:MOZILLA : Firefox 24
 MOZILLA : Firefox ESR 24
 MOZILLA : Thunderbird 24
 MOZILLA : Seamonkey 2.21
CVE:CVE-2013-5604 (The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents.)
 CVE-2013-5603 (Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates.)
 CVE-2013-5602 (The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies.)
 CVE-2013-5601 (Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors related to a memory allocation through the garbage collection (GC) API.)
 CVE-2013-5600 (Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors involving a blob: URL.)
 CVE-2013-5599 (Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event.)
 CVE-2013-5598 (PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object.)
 CVE-2013-5597 (Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache.)
 CVE-2013-5596 (The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com.)
 CVE-2013-5595 (The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page.)
 CVE-2013-5593 (The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element.)
 CVE-2013-5592 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2013-5591 (Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2013-5590 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2013-1739 (Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure.)
Файлы:Mozilla Foundation Security Advisory 2013-93
 Mozilla Foundation Security Advisory 2013-94
 Mozilla Foundation Security Advisory 2013-95
 Mozilla Foundation Security Advisory 2013-96
 Mozilla Foundation Security Advisory 2013-97
 Mozilla Foundation Security Advisory 2013-98
 Mozilla Foundation Security Advisory 2013-99
 Mozilla Foundation Security Advisory 2013-100
 Mozilla Foundation Security Advisory 2013-101
 Mozilla Foundation Security Advisory 2013-102

Обратный путь в каталогах клиента Tryton
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13383
Тип:клиент
Уровень опасности:
5/10
Описание:Обратный путь в каталогах при обработке имени файла, отданного сервером.
Затронутые продукты:TRYTON : tryton-client 2.2
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2791-1] tryton-client security update (05.11.2013)

Переполнение буфера в ядре Linux
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13384
Тип:локальная
Уровень опасности:
6/10
Описание:Переполнение буфера динамической памяти при работе с eCryptfs
Затронутые продукты:LINUX : kernel 2.6
Оригинальный текстdocumentgeinblues_(at)_gmail.com, XADV-2013003 Linux Kernel eCryptfs write_tag_3_packet Heap Buffer Overflow Vulnerability (05.11.2013)

Уязвимости безопасности в strongswan
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13386
Тип:удаленная
Уровень опасности:
6/10
Описание:DoS, обход авторизации.
Затронутые продукты:STRONGSWAN : strongSwan 5.1
CVE:CVE-2013-6075 (The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon crash) or (2) remote authenticated users to impersonate arbitrary users and bypass access restrictions via a crafted ID_DER_ASN1_DN ID, related to an "insufficient length check" during identity comparison.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2789-1] strongswan security update (05.11.2013)

Уязвимости безопасности в HP Application LifeCycle Management
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13387
Тип:удаленная
Уровень опасности:
5/10
Описание:Различные возможности выполнения кода.
Затронутые продукты:HP : HP Application LifeCycle Management 11
CVE:CVE-2013-4836 (Unspecified vulnerability in the GossipService SOAP Request implementation in the Synchronizer component before 1.4.2 in HP Application LifeCycle Management (ALM) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1759.)
 CVE-2013-4834 (Unspecified vulnerability in the client component in HP Application LifeCycle Management (ALM) before 11 p11 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1327.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMU02934 rev.1 - HP Application LifeCycle Management, GossipService SOAP Request, Remote Code Execution (05.11.2013)
 documentHP, [security bulletin] HPSBMU02932 rev.1 - HP Application LifeCycle Management, ALM client component, Remote Execution of Arbitrary Code (05.11.2013)

Выполнение кода в HP SiteScope
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13388
Тип:удаленная
Уровень опасности:
5/10
Описание:Выполнение кода через issueSiebelCmd SOAP.
Затронутые продукты:HP : SiteScope 11.21
CVE:CVE-2013-4835 (The APISiteScopeImpl SOAP service in HP SiteScope 10.1x and 11.x before 11.22 allows remote attackers to bypass authentication and execute arbitrary code via a direct request to the issueSiebelCmd method, aka ZDI-CAN-1765.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMU02933 rev.1 - HP SiteScope, issueSiebelCmd SOAP Request, Remote Code Execution (05.11.2013)

Выполнение кода в HP LoadRunner
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13389
Тип:удаленная
Уровень опасности:
5/10
Описание:Различные уязвимости в Virtual User Generator
Затронутые продукты:HP : LoadRunner 11.51
CVE:CVE-2013-4839 (Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1851.)
 CVE-2013-4838 (Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850.)
 CVE-2013-4837 (Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1832.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMU02935 rev.1 - HP LoadRunner Virtual User Generator, Remote Code Execution (05.11.2013)

DoS против HTTP-кэша Varnish
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13390
Тип:удаленная
Уровень опасности:
5/10
Описание:assert() на пустом запросе от клиента.
Затронутые продукты:VANISH : Vanish 3.0
CVE:CVE-2013-4484 (Varnish before 3.0.5 allows remote attackers to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI.)
Оригинальный текстdocumentPoul-Henning Kamp, [CVE-2013-4484] DoS vulnerability in Varnish HTTP cache (05.11.2013)

Межсайтовый скриптинг в маршрутизаторах Unicorn WB-3300NR
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13391
Тип:удаленная
Уровень опасности:
6/10
Описание:Межсайтовый скриптинг в веб интерфейсе.
Затронутые продукты:UNICORN : Unicorn WB-3300NR
Оригинальный текстdocumentjsibley1_(at)_gmail.com, Unicorn Router WB-3300NR CSRF (Factory Reset/DNS Change) (05.11.2013)

Утечка информации в EMC Unisphere for VMAX
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13392
Тип:локальная
Уровень опасности:
3/10
Описание:При определенных условиях в журнал попадает пароль в открытом виде.
Затронутые продукты:EMC : Unisphere for VMAX 1.6
CVE:CVE-2013-3287 (EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console.)
Оригинальный текстdocumentEMC, ESA-2013-074: EMC Unisphere for VMAX Information Disclosure Vulnerability (05.11.2013)

Timing атаки против SSH сервера Dropbear
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13393
Тип:удаленная
Уровень опасности:
4/10
Описание:Различные тайминги для существующего и несуществующего пользователя.
CVE:CVE-2013-4434 (Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discover valid usernames.)
 CVE-2013-4421 (The buf_decompress function in packet.c in Dropbear SSH Server before 2013.59 allows remote attackers to cause a denial of service (memory consumption) via a compressed packet that has a large size when it is decompressed.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2013:261 ] dropbear (05.11.2013)

Уязвимости безопасности в Google ICU
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13394
Тип:библиотека
Уровень опасности:
6/10
Описание:Кратковременные условия, повреждение памяти.
CVE:CVE-2013-2924 (Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30.0.1599.66 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.)
 CVE-2013-0900 (Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2013:258 ] icu (05.11.2013)

Утечка информации в Microsoft Silverlight
дополнено с 9 октября 2013 г.
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13337
Тип:библиотека
Уровень опасности:
5/10
Описание:Утечка содержимого памяти.
Затронутые продукты:MICROSOFT : Silverlight 5
CVE:CVE-2013-3896 (Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application, aka "Silverlight Vulnerability.")
 CVE-2013-0074 (Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability.")
Оригинальный текстdocumentbugtraq_(at)_packetstormsecurity.org, [PSA-2013-1022-1] Microsoft Silverlight Invalid Typecast / Memory Disclosure (05.11.2013)
Файлы:Microsoft Security Bulletin MS13-087 - Important Vulnerability in Silverlight Could Allow Information Disclosure (2890788)

Проблемы с PRNG в pycrypto
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13395
Тип:библиотека
Уровень опасности:
5/10
Описание:Предсказуемое состояние PRNG после форка.
Затронутые продукты:PYTHON : PyCrypto 2.6
CVE:CVE-2013-1445 (The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly reseed the pseudo-random number generator (PRNG) before allowing a child process to access it, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging a race condition in which a child process is created and accesses the PRNG within the same rate-limit period as another process.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2013:262 ] python-pycrypto (05.11.2013)

Бэкдор в камерах Stem Innovation IZON
Опубликовано:5 ноября 2013 г.
Источник:
SecurityVulns ID:13396
Тип:удаленная
Уровень опасности:
5/10
Описание:Встроенные неизменяемые учетные записи.
CVE:CVE-2013-6236
Оригинальный текстdocumentMark Stanislav, Stem Innovation ‘IZON’ Hard-coded Credentials (CVE-2013-6236) (05.11.2013)

Многочисленные уязвимости безопасности в HP Service Manager
дополнено с 5 ноября 2013 г.
Опубликовано:1 декабря 2013 г.
Источник:
SecurityVulns ID:13385
Тип:удаленная
Уровень опасности:
6/10
Описание:Выполнение кода, повышение привилегий, утечка информации, XSS.
Затронутые продукты:HP : HP Service Manager 9.32
CVE:CVE-2013-4844 (Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31, and 9.32, and ServiceCenter 6.2.8, allows remote attackers to execute arbitrary code via unknown vectors.)
 CVE-2013-4844 (Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31, and 9.32, and ServiceCenter 6.2.8, allows remote attackers to execute arbitrary code via unknown vectors.)
 CVE-2013-4833 (Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2013-4832 (HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors.)
 CVE-2013-4831 (HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.)
 CVE-2013-4830 (HP Service Manager 9.30 through 9.32 allows remote attackers to execute arbitrary code via an unspecified "injection" approach.)
Оригинальный текстdocumentHP, [security bulletin] HPSBGN02942 rev.1 - HP Service Manager and ServiceCenter, Remote Code Execution (01.12.2013)
 documentHP, [security bulletin] HPSBMU02931 rev.2 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) (05.11.2013)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород