Информационная безопасность
[RU] switch to English


Несанкционированный доступ через PHP
Опубликовано:6 марта 2009 г.
Источник:
SecurityVulns ID:9711
Тип:локальная
Уровень опасности:
5/10
Описание:Изменения mbstring.func_overload в .htaccess применяется ко всему сайту в целом.
Затронутые продукты:PHP : PHP 4.4
 PHP : PHP 5.1
CVE:CVE-2009-0754 (PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2009:066 ] php (06.03.2009)

Неинициализированные указатели в libpng
Опубликовано:6 марта 2009 г.
Источник:
SecurityVulns ID:9713
Тип:библиотека
Уровень опасности:
6/10
Описание:Обращение по неинициализированный указателю при разборе PNG.
CVE:CVE-2009-0040 (The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.)

Межсайтовый скриптинг с использованием унаследованной кодовой страницы во многих браузерах
дополнено с 25 февраля 2007 г.
Опубликовано:6 марта 2009 г.
Источник:
SecurityVulns ID:7304
Тип:клиент
Уровень опасности:
5/10
Описание:При отображении страницы в фрейме используется кодовая страница родительской страницы, что позволяет организовать атаку межсайтового скриптинга за счет выбора, например UTF-7, EUC-JP (SHIFT_JIS).
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MOZILLA : Firefox 1.5
 MOZILLA : Firefox 2.0
 MICROSOFT : Windows Vista
 MOZILLA : Firefox 3.0
 GOOGLE : Chrome 1.0
CVE:CVE-2007-1115 (The child frames in Opera 9 before 9.20 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.)
 CVE-2007-1114 (The child frames in Microsoft Internet Explorer 7 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.)
 CVE-2007-0996 (The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.)
Оригинальный текстdocumentMustLive, Firefox's Charset Remembering strikes back (06.03.2009)
 documentMustLive, Charset Remembering vulnerability в Mozilla Firefox (04.02.2009)
 documentMustLive, Charset Inheritance vulnerability in Internet Explorer 6 и Google Chrome (01.02.2009)
 documentStefan Esser, Advisory 03/2007: Multiple Browsers Cross Domain Charset Inheritance Vulnerability (25.02.2007)

Многочисленные уязвимости безопасности в Mozilla Firefox / Seamonkey / Thunderbird
дополнено с 6 марта 2009 г.
Опубликовано:1 апреля 2009 г.
Источник:
SecurityVulns ID:9712
Тип:удаленная
Уровень опасности:
7/10
Описание:Межсайтовый доступ через XML, многочисленные повреждения памяти.
Затронутые продукты:MOZILLA : Thunderbird 2.0
 MOZILLA : SeaMonkey 1.1
 MOZILLA : Firefox 3.0
CVE:CVE-2009-1169 (The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform.)
 CVE-2009-1044 (Unspecified vulnerability in Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.)
 CVE-2009-0777 (Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks.)
 CVE-2009-0776 (nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.)
 CVE-2009-0775 (Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection.)
 CVE-2009-0774 (The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.)
 CVE-2009-0773 (The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.)
 CVE-2009-0772 (The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.)
 CVE-2009-0771 (The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures.)
 CVE-2009-0040 (The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.)
Оригинальный текстdocumentZDI, ZDI-09-015: Mozilla Firefox XUL _moveToEdgeShift() Memory Corruption Vulnerability (01.04.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-12 (01.04.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-13 (01.04.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-11 (06.03.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-10 (06.03.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-09 (06.03.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-08 (06.03.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-07 (06.03.2009)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород