Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в FreeType
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12220
Тип:библиотека
Уровень опасности:
6/10
Описание:Различные уязвимости при обработке файлов шрифтов.
Затронутые продукты:FREETYPE : FreeType 2.4
CVE:CVE-2012-1144 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.)
 CVE-2012-1142 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.)
 CVE-2012-1136 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field.)
 CVE-2012-1134 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.)
 CVE-2012-1133 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2428-1] freetype security update (09.03.2012)

Уязвимости безопасности в Holdem Manager
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12221
Тип:удаленная
Уровень опасности:
5/10
Описание:Многочисленные повреждения памяти.
Затронутые продукты:HOLDEM : Holdem Manager 1.11
Оригинальный текстdocumentMichal Bucko, Eleytt Research ER-03-2012 (09.03.2012)

Утечка информации в libVTE (gnome-terminal, xfce4-terminal, terminator, etc)
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12222
Тип:локальная
Уровень опасности:
3/10
Описание:Содержимое буфера экрана записывается во временный файл.
Затронутые продукты:LIBVTE : libVTE 0.21
Оригинальный текстdocumentMark Krenz, gnome-terminal, xfce4-terminal, terminator and others write scrollback buffer to disk (09.03.2012)

Уязвимости безопасности в imagemagic
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12223
Тип:библиотека
Уровень опасности:
6/10
Описание:Повреждения памяти и DoS-условия при разборе данных EXIF.
Затронутые продукты:IMAGEMAGIC : imagemagic 6.7
CVE:CVE-2012-0247 (ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image.)
 CVE-2012-0247 (ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2427-1] imagemagick security update (09.03.2012)

Переполнение буфера в RSA SecurID Software Token Converter
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12224
Тип:удаленная
Уровень опасности:
5/10
Затронутые продукты:EMC : RSA SecurID Software Token Converter 2.6.
CVE:CVE-2012-0397 (Buffer overflow in EMC RSA SecurID Software Token Converter before 2.6.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.)
Оригинальный текстdocumentEMC, ESA-2012-013: RSA SecurID(r) Software Token Converter buffer overflow vulnerability (09.03.2012)

Переполнение буфера в plib / TORCS
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12225
Тип:библиотека
Уровень опасности:
5/10
Описание:Переполнение буфера при обработке сообщений об ошибке.
Затронутые продукты:PLIB : plib 1.8
 TORCS : TORCS 1.3
CVE:CVE-2011-4620 (Buffer overflow in the ulSetError function in util/ulError.cxx in PLIB 1.8.5, as used in TORCS 1.3.1 and other products, allows user-assisted remote attackers to execute arbitrary code via vectors involving a long error message, as demonstrated by a crafted acc file for TORCS. NOTE: some of these details are obtained from third party information.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2425-1] plib security update (09.03.2012)

Обход ограничений через модуль Perl XML::Atom
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12226
Тип:библиотека
Уровень опасности:
5/10
Описание:Можно получить доступ на чтение к ограниченным ресурсам.
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2424-1] libxml-atom-perl security update (09.03.2012)

Чтение за пределами выделенной памяти в libxslt
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12227
Тип:библиотека
Уровень опасности:
5/10
Затронутые продукты:GOOGLE : Chrome 17.0
CVE:CVE-2011-3970 (libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2012:028 ] libxslt (09.03.2012)

DoS против Cisco TelePresence Video Communication Server
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12229
Тип:удаленная
Уровень опасности:
5/10
Описание:Отказ при разборе запроса SIP.
Затронутые продукты:CISCO : TelePresence Video Communication Server X7.0
CVE:CVE-2012-0331 (Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP packet, as demonstrated by a SIP INVITE message from a Tandberg device, aka Bug ID CSCtq73319.)
 CVE-2012-0330 (Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a malformed SIP message, aka Bug ID CSCtr20426.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Cisco TelePresence Video Communication Server Session Initiation Protocol Denial of Service Vulnerabilities (09.03.2012)

Уязвимости безопасности в Cisco Unity Connection
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12230
Тип:удаленная
Уровень опасности:
6/10
Описание:Повышение привилегий, отказ при обработке TCP-пакетов.
Затронутые продукты:CISCO : Unity Connection 7.1
 CISCO : Unity Connection 8.0
 CISCO : Unity Connection 8.5
 CISCO : Unity Connection 8.6
CVE:CVE-2012-0367 (Cisco Unity Connection before 7.1.5b(Su5), 8.0 and 8.5 before 8.5.1(Su3), and 8.6 before 8.6.2 allows remote attackers to cause a denial of service (services crash) via a series of crafted TCP segments, aka Bug ID CSCtq67899.)
 CVE-2012-0366 (Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unity Connection (09.03.2012)

Многочисленные уязвимости безопасности в Cisco Wireless LAN Controller
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12231
Тип:удаленная
Уровень опасности:
6/10
Описание:Многочисленные DoS-условия, несанкционированный доступ.
Затронутые продукты:CISCO : Cisco Wireless LAN Controller 7.0
 CISCO : Cisco Wireless LAN Controller 7.1
 CISCO : Cisco Wireless LAN Controller 7.2
CVE:CVE-2012-0371 (Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709.)
 CVE-2012-0370 (Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435.)
 CVE-2012-0369 (Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (device reload) via a sequence of IPv6 packets, aka Bug ID CSCtt07949.)
 CVE-2012-0368 (The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows remote attackers to cause a denial of service (device crash) via a malformed URL in an HTTP request, aka Bug ID CSCts81997.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers (09.03.2012)

SQL-инъекция в Cisco Unified Communications Manager
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12232
Тип:удаленная
Уровень опасности:
6/10
Описание:Инъекция SQL и DoS при разборе SCCP.
Затронутые продукты:CISCO : Unified Communications Manager 7.1
 CISCO : Unified Communications Manager 8.0
 CISCO : Unified Communications Manager 8.5
 CISCO : Unified Communications Manager 8.6
 CISCO : Cisco Business Edition 3000
 CISCO : Cisco Business Edition 5000
 CISCO : Cisco Business Edition 6000
CVE:CVE-2011-4487 (SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allows remote attackers to execute arbitrary SQL commands via a crafted SCCP registration, aka Bug ID CSCtu73538.)
 CVE-2011-4486 (Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allow remote attackers to cause a denial of service (device reload) via a crafted SCCP registration, aka Bug ID CSCtu73538.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities (09.03.2012)

DoS против Cisco Cius
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12233
Тип:удаленная
Уровень опасности:
5/10
Описание:Отказ при обработке сетевого траффика.
Затронутые продукты:CISCO : Cius 9.2
CVE:CVE-2012-0359 (The Cisco Cius with software before 9.2(1) SR2 allows remote attackers to cause a denial of service (device crash or hang) via malformed network traffic, aka Bug ID CSCto71445.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Cisco Cius Denial of Service Vulnerability (09.03.2012)

Уязвимости PostgreSQL
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12234
Тип:библиотека
Уровень опасности:
5/10
Описание:Повышение привилегий через триггеры, инъекция SQL при перезагрузке pg_dump.
Затронутые продукты:POSTGRES : PostgreSQL 9.0
CVE:CVE-2012-0867 (PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.)
 CVE-2012-0866 (CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.)
 CVE-2012-0866 (CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2012:026 ] postgresql (09.03.2012)

DoS против Samba
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12235
Тип:удаленная
Уровень опасности:
5/10
Описание:Бесконечная рекурсия при обработке запроса Batched.
Затронутые продукты:SAMBA : Samba 3.3
CVE:CVE-2012-0870 (Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a Batched (aka AndX) request that triggers infinite recursion.)
Оригинальный текстdocument[email protected], NGS00120 Patch Notification: BlackBerry PlayBook Samba Remote Code Execution (09.03.2012)
 document[email protected], NGS00237 Patch Notification: Samba Andx request Remote Code Execution (09.03.2012)
 documentMANDRIVA, [ MDVSA-2012:025 ] samba (09.03.2012)

Уязвимости безопасности в libvpx
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12236
Тип:библиотека
Уровень опасности:
5/10
Описание:Несколько DoS-условий.
Затронутые продукты:LIBVPX : libvpx 0.9
CVE:CVE-2012-0823 (VP8 Codec SDK (libvpx) before 1.0.0 "Duclair" allows remote attackers to cause a denial of service (application crash) via (1) unspecified "corrupt input" or (2) by "starting decoding from a P-frame," which triggers an out-of-bounds read, related to "the clamping of motion vectors in SPLITMV blocks".)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2012:023-1 ] libvpx (09.03.2012)

Уязвимости безопасности в Puppet
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12237
Тип:локальная
Уровень опасности:
5/10
Описание:Различные возможности повышения привилегий.
CVE:CVE-2012-1054 (Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local users to gain privileges via a symlink attack on .k5login.)
 CVE-2012-1053 (The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors relate to (1) the change_user not dropping supplementary groups in certain conditions, (2) changes to the eguid without associated changes to the egid, or (3) the addition of the real gid to supplementary groups.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2419-1] puppet security update (09.03.2012)

Многочисленные уязвимости безопасности в Apple iPhone
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12239
Тип:удаленная
Уровень опасности:
7/10
Описание:Утечка информации, обход защиты, выход из ограниченной среды.
Затронутые продукты:APPLE : iPhone OS 5.1
CVE:CVE-2012-0646 (Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.)
 CVE-2012-0645 (Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary recipient.)
 CVE-2012-0644 (Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture.)
 CVE-2012-0643 (The kernel in Apple iOS before 5.1 does not properly handle debug system calls, which allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a crafted program.)
 CVE-2012-0642 (Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via a crafted catalog file in an HFS disk image.)
 CVE-2012-0641 (CFNetwork in Apple iOS before 5.1 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL, a different vulnerability than CVE-2011-3447.)
 CVE-2012-0585 (The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass intended privacy settings and insert history entries via JavaScript code that calls the (1) pushState or (2) replaceState method.)
 CVE-2011-3453 (Integer overflow in libresolv in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via crafted DNS data.)
Оригинальный текстdocumentAPPLE, APPLE-SA-2012-03-07-2 iOS 5.1 Software Update (09.03.2012)

Целочисленное переполнение в Apple TV
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12240
Тип:клиент
Уровень опасности:
6/10
Описание:Целочисленное переполнение в libresolve
Затронутые продукты:APPLE : Apple TV 4.4
CVE:CVE-2011-3453 (Integer overflow in libresolv in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via crafted DNS data.)
Оригинальный текстdocumentAPPLE, APPLE-SA-2012-03-07-3 Apple TV 5.0 (09.03.2012)

Многочисленные уязвимости в Apple WebKit (iTunes, iPhone, Safari, Google Chrome)
дополнено с 9 марта 2012 г.
Опубликовано:27 августа 2012 г.
Источник:
SecurityVulns ID:12238
Тип:клиент
Уровень опасности:
8/10
Описание:Более 70 различных уязвимостей связанных с повреждением памяти, межсайтовый скриптинг, утечка информации.
Затронутые продукты:APPLE : iTunes 10.5
 GOOGLE : Chrome 15.0
 APPLE : iPhone OS 5.1
CVE:CVE-2012-0648 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.)
 CVE-2012-0640 (WebKit in Apple Safari before 5.1.4 does not properly implement "From third parties and advertisers" cookie blocking, which makes it easier for remote web servers to track users via a cookie.)
 CVE-2012-0639 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.)
 CVE-2012-0638 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.)
 CVE-2012-0637 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.)
 CVE-2012-0636 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.)
 CVE-2012-0635 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0634 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.)
 CVE-2012-0633 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0632 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0631 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0630 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0629 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0628 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0627 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0626 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0625 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0624 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0623 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0622 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0621 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0620 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0619 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0618 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0617 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0616 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0615 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0614 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0613 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0612 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0611 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0610 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0609 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0608 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0607 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0606 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0605 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0604 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0603 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0602 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0601 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0600 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0599 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0598 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0597 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0596 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0595 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0594 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0593 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0592 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0591 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2012-0590 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a drag-and-drop operation.)
 CVE-2012-0589 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0588.)
 CVE-2012-0588 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0589.)
 CVE-2012-0588 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0589.)
 CVE-2012-0587 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589.)
 CVE-2012-0587 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589.)
 CVE-2012-0586 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0587, CVE-2012-0588, and CVE-2012-0589.)
 CVE-2012-0586 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0587, CVE-2012-0588, and CVE-2012-0589.)
 CVE-2011-3909 (The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors.)
 CVE-2011-3908 (Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.)
 CVE-2011-3897 (Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing.)
 CVE-2011-3888 (Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in.)
 CVE-2011-3887 (Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote attackers to bypass intended access restrictions and read cookies via unspecified vectors.)
 CVE-2011-3885 (Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data.)
 CVE-2011-3881 (Google Chrome before 15.0.874.102 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.)
 CVE-2011-3881 (Google Chrome before 15.0.874.102 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.)
 CVE-2011-2877 (Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale font.")
 CVE-2011-2873 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2011-2872 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2011-2871 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2011-2870 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2011-2869 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2011-2868 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2011-2867 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2011-2866 (WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.)
 CVE-2011-2860 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles.)
 CVE-2011-2857 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller.)
 CVE-2011-2855 (Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node.")
 CVE-2011-2854 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing.")
 CVE-2011-2847 (Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.)
 CVE-2011-2846 (Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling.)
 CVE-2011-2833 (WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.)
 CVE-2011-2825 (Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts.)
Оригинальный текстdocumentZDI, ZDI-12-147 : WebKit ContentEditable swapInNode Use-After-Free Remote Code Execution Vulnerability (27.08.2012)
 documentdavid.kurz_(at)_majorsecurity.net, [MajorSecurity-SA-2012-014]Apple Safari on iOS 5.1 - Adressbar spoofing vulnerability (26.03.2012)
 documentAPPLE, APPLE-SA-2012-03-07-1 iTunes 10.6 (09.03.2012)

Повреждение памяти в file
дополнено с 9 марта 2012 г.
Опубликовано:3 сентября 2014 г.
Источник:
SecurityVulns ID:12228
Тип:локальная
Уровень опасности:
4/10
Описание:Повреждения памяти при анализе формата CDF
Затронутые продукты:FILE : file 5.04
CVE:CVE-2014-3587 (Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571.)
 CVE-2012-1571 (file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2014:167 ] file (03.09.2014)
 documentDEBIAN, [SECURITY] [DSA 2422-1] file security update (09.03.2012)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород