Информационная безопасность
[RU] switch to English


Проблемы с шифрованием в Miranda IM
дополнено с 18 марта 2010 г.
Опубликовано:7 апреля 2010 г.
Источник:
SecurityVulns ID:10695
Тип:m-i-t-m
Уровень опасности:
5/10
Описание:При определенных условиях не используется TLS для соединения с сервером Jabber, несмотря на установки.
Затронутые продукты:MIRANDA : Miranda IM 0.8
Оригинальный текстdocumentJan Schejbal, Miranda IM silent TLS failure (18.03.2010)
Файлы:Miranda IM TLS MitM Proof of Concept

Многочисленные уязвимости безопасности в Oracle Sun Java
дополнено с 31 марта 2010 г.
Опубликовано:7 апреля 2010 г.
Источник:
SecurityVulns ID:10737
Тип:библиотека
Уровень опасности:
9/10
Описание:Переполнение буфера при разборе Soundbank, переполнения буфера при разборе изображений и архивов. Многочисленные повышения привилегий и выполнение кода.
Затронутые продукты:SUN : JDK 1.6
 SUN : JRE 1.6
 ORACLE : JRE 6
 ORACLE : JDK 6
CVE:CVE-2010-0848 (Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2010-0847 (Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image.)
 CVE-2010-0845 (Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2010-0844 (Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is for improper parsing of a crafted MIDI stream when creating a MixerSequencer object, which causes a pointer to be corrupted and allows a NULL byte to be written to arbitrary memory.)
 CVE-2010-0842 (Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer object, related to the GM_Song structure.)
 CVE-2010-0841 (Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contains subsample dimensions with large values, related to JPEGImageReader and "stepX".)
 CVE-2010-0840 (Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability.")
 CVE-2010-0838 (Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module in the JVM.)
 CVE-2010-0837 (Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2010-0095 (Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2010-0094 (Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is due to missing privilege checks during deserialization of RMIConnectionImpl objects, which allows remote attackers to call system-level Java functions via the ClassLoader of a constructor that is being deserialized.)
 CVE-2010-0093 (Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2010-0092 (Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2010-0091 (Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors.)
 CVE-2010-0088 (Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2010-0085 (Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2010-0084 (Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors.)
 CVE-2010-0082 (Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.)
Оригинальный текстdocumentUBUNTU, [USN-923-1] OpenJDK vulnerabilities (07.04.2010)
 documentZDI, ZDI-10-057: Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability (06.04.2010)
 documentZDI, ZDI-10-059: Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability (06.04.2010)
 documentZDI, ZDI-10-055: Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability (06.04.2010)
 documentZDI, ZDI-10-052: Sun Java Runtime Environment XNewPtr Remote Code Execution Vulnerability (06.04.2010)
 documentZDI, ZDI-10-051: Sun Java Runtime RMIConnectionImpl Privileged Context Remote Code Execution Vulnerability (06.04.2010)
 documentZDI, ZDI-10-061: Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability (06.04.2010)
 documentZDI, ZDI-10-060: Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability (06.04.2010)
 documentZDI, ZDI-10-054: Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability (06.04.2010)
 documentZDI, ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability (05.04.2010)
 documentZDI, ZDI-10-053: Sun Java Runtime Environment MIDI File metaEvent Remote Code Execution Vulnerability (05.04.2010)
 documentVUPEN Security Research, VUPEN Security Research - Sun Java JDK/JRE Unpack200 Buffer Overflow Vulnerability (05.04.2010)
 documentVUPEN Security Research, VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Pointer Vulnerability (05.04.2010)
 documentVUPEN Security Research, VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability (05.04.2010)
 documentSECUNIA, Secunia Research: Sun Java JDK/JRE Soundbank Resource Parsing Buffer Overflow (31.03.2010)
 documentSECUNIA, Secunia Research: Sun Java JDK/JRE Soundbank Resource Name Buffer Overflow (31.03.2010)
 documentIDEFENSE, iDefense Security Advisory 03.30.10: Oracle Java Runtime Environment Image FIle Buffer Overflow Vulnerability (31.03.2010)

DoS против kadmind в MIT Kerberos 5
Опубликовано:7 апреля 2010 г.
Источник:
SecurityVulns ID:10747
Тип:удаленная
Уровень опасности:
5/10
Описание:Уязвимость use-after-free при генерации сообщения об ошибке.
Затронутые продукты:MIT : krb 1.5
 MIT : krb 1.6
CVE:CVE-2010-0629 (Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number.)
Оригинальный текстdocumentMIT, MITKRB5-SA-2010-003 [CVE-2010-0629] denial of service in kadmind in older krb5 releases (07.04.2010)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:7 апреля 2010 г.
Источник:
SecurityVulns ID:10748
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:MAHARA : mahara 1.2
 CA : XOsoft 12.0
 CA : XOsoft 12.5
 NEXTGEN : NextGEN Gallery 1.5
CVE:CVE-2010-1223 (Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote attackers to execute arbitrary code via (1) a malformed request to the ws_man/xosoapapi.asmx SOAP endpoint or (2) a long string to the entry_point.aspx service.)
 CVE-2010-1222 (CA XOsoft r12.5 does not properly perform authentication, which allows remote attackers to obtain potentially sensitive information via a SOAP request.)
 CVE-2010-1221 (CA XOsoft r12.0 and r12.5 does not properly perform authentication, which allows remote attackers to enumerate usernames via a SOAP request.)
 CVE-2010-1186 (Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter.)
 CVE-2010-0400 (SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username.)
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2010-0323: XSS Vulnerability in NextGEN Gallery Wordpress Plugin (07.04.2010)
 documentZDI, ZDI-10-065: CA XOsoft xosoapapi.asmx Multiple Remote Code Execution Vulnerabilities (07.04.2010)
 documentZDI, ZDI-10-066: CA XOsoft Control Service entry_point.aspx Remote Code Execution Vulnerability (07.04.2010)
 documentCA, CA20100406-01: Security Notice for CA XOsoft (07.04.2010)
 documentDEBIAN, [SECURITY] [DSA 2030-1] New mahara packages fix sql injection (07.04.2010)
 documentMustLive, New vulnerabilities in CMS SiteLogic (07.04.2010)
 documentInj3ct0r.com, MKPortal lenta module XSS Vulnerability (07.04.2010)

Многочисленные уязвимости безопасности в Apple Mac OS X
дополнено с 7 апреля 2010 г.
Опубликовано:19 апреля 2010 г.
Источник:
SecurityVulns ID:10746
Тип:удаленная
Уровень опасности:
7/10
Описание:Выполнение кода при разборе файлов Internet Enabled Disk Image. Многочисленне уязвимости в ImageIO.
CVE:CVE-2010-0505 (Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 (JPEG2000) image, related to incorrect calculation and the CGImageReadGetBytesAtOffset function.)
 CVE-2010-0497 (Disk Images in Apple Mac OS X before 10.6.3 does not provide the expected warning for an unsafe file type in an internet enabled disk image, which makes it easier for user-assisted remote attackers to execute arbitrary code via a package file type.)
Оригинальный текстdocumentZDI, ZDI-10-076: Apple Preview libFontParser SpecialEncoding Remote Code Execution Vulnerability (19.04.2010)
 documentZDI, ZDI-10-039: Apple OS X Internet Enabled Disk Image Remote Code Execution Vulnerability (07.04.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород