Информационная безопасность
[RU] switch to English


Уязвимости безопасности в Microsoft Office
Опубликовано:11 июля 2012 г.
Источник:
SecurityVulns ID:12465
Тип:клиент
Уровень опасности:
5/10
Описание:Небезопасная загрузка библиотек в VBA, слабые разрешения в Office for Mac.
Затронутые продукты:MICROSOFT : Office 2003
 MICROSOFT : Office 2007
 MICROSOFT : Office 2010
 MICROSOFT : Office 2011 for Mac
CVE:CVE-2012-1894 (Microsoft Office for Mac 2011 uses world-writable permissions for the "Applications/Microsoft Office 2011/" directory and certain other directories, which allows local users to gain privileges by placing a Trojan horse executable file in one of these directories, aka "Office for Mac Improper Folder Permissions Vulnerability.")
 CVE-2012-1854 (Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic for Applications SDK allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Visual Basic for Applications Insecure Library Loading Vulnerability," as exploited in the wild in July 2012.)
Файлы:Microsoft Security Bulletin MS12-046 - Important Vulnerability in Visual Basic for Applications Could Allow Remote Code Execution (2707960)
 Microsoft Security Bulletin MS12-051 - Important Vulnerability in Microsoft Office for Mac Could Allow Elevation of Privilege (2721015)

Многочисленные уязвимости безопасности в Microsoft Sharepoint
Опубликовано:11 июля 2012 г.
Источник:
SecurityVulns ID:12466
Тип:удаленная
Уровень опасности:
6/10
Описание:Межсайтовый скриптинг, перенаправление URL .
CVE:CVE-2012-1863 (Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a URL, aka "SharePoint Reflected List Parameter Vulnerability.")
 CVE-2012-1862 (Open redirect vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "SharePoint URL Redirection Vulnerability.")
 CVE-2012-1861 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a URL, aka "SharePoint Script in Username Vulnerability.")
 CVE-2012-1860 (Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 do not properly check permissions for search scopes, which allows remote authenticated users to obtain sensitive information or cause a denial of service (data modification) by changing a parameter in a search-scope URL, aka "SharePoint Search Scope Vulnerability.")
 CVE-2012-1859 (Cross-site scripting (XSS) vulnerability in scriptresx.ashx in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript elements in a URL, aka "XSS scriptresx.ashx Vulnerability.")
 CVE-2012-1858 (The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicator 2007 R2, and Lync 2010 and 2010 Attendee does not properly handle event attributes and script, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document, aka "HTML Sanitization Vulnerability.")
Файлы:Microsoft Security Bulletin MS12-050 - Important Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2695502)

Выполнение кода в libpurple / Pidgin
Опубликовано:11 июля 2012 г.
Источник:
SecurityVulns ID:12468
Тип:библиотека
Уровень опасности:
5/10
Описание:Выполнение кода в протоколе MXit.
Затронутые продукты:PIDGIN : Pidgin 2.10
CVE:CVE-2012-3374 (Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2509-1] pidgin security update (11.07.2012)

Уязвимости безопасности в Asterisk
Опубликовано:11 июля 2012 г.
Источник:
SecurityVulns ID:12469
Тип:удаленная
Уровень опасности:
5/10
Описание:Несколько DoS-условий.
Затронутые продукты:ASTERISK : Asterisk 1.8
 ASTERISK : Asterisk 10.3
CVE:CVE-2012-3812 (Double free vulnerability in apps/app_voicemail.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones allows remote authenticated users to cause a denial of service (daemon crash) by establishing multiple voicemail sessions and accessing both the Urgent mailbox and the INBOX mailbox.)
Оригинальный текстdocumentASTERISK, AST-2012-011: Remote crash vulnerability in voice mail application (11.07.2012)
 documentASTERISK, AST-2012-010: Possible resource leak on uncompleted re-invite transactions (11.07.2012)

Обход защиты в Checkpoint Arba
Опубликовано:11 июля 2012 г.
Источник:
SecurityVulns ID:12470
Тип:удаленная
Уровень опасности:
5/10
Описание:Возможно выйти из ограниченной среды.
Оригинальный текстdocumentkomarov_(at)_group-ib.ru, Checkpoint Abra - Vulnerabilities (11.07.2012)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:11 июля 2012 г.
Источник:
SecurityVulns ID:12471
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:APACHE : Hadoop 2.0
 APACHE : Sling 2.1
 BOOKNUX : BookNux 0.2
 FLOGR : Flogr 1.7
CVE:CVE-2012-3376 (DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have read access, and have other unspecified impacts.)
 CVE-2012-2138 (The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle before 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP request.)
Оригинальный текстdocumentBlack Hat, PHP NUKE ALL VERSION MULTI VULNERABILITY (11.07.2012)
 documentBlack Hat, NDTV Cross Site Scripting Vulnerabilitiy (11.07.2012)
 documentBlack Hat, Joomla Board All Version Sql Vulnerability (11.07.2012)
 documentBlack Hat, Arasism Remote Command Upload Vulnerability (11.07.2012)
 documentBlack Hat, Gharine Cross Site Scripting Vulnerabilitiy (11.07.2012)
 documentBlack Hat, Flogr V1.7 Xss Vulnerability (11.07.2012)
 documentBlack Hat, Behsamanco CMS Editor Vulnerability (11.07.2012)
 documentpereira_(at)_secbiz.de, BookNux 0.2 <= Multiple Vulnerabilities (11.07.2012)
 documentAPACHE, [SECURITY] CVE-2012-2138 Apache Sling denial of service vulnerability (11.07.2012)
 documentAaron T. Myers, [CVE-2012-3376] Apache Hadoop HDFS information disclosure vulnerability (11.07.2012)

Выполнение кода в HP Operations Agent
дополнено с 11 июля 2012 г.
Опубликовано:16 июля 2012 г.
Источник:
SecurityVulns ID:12467
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнение буфера в coda.exe при обработке HTTP GET запроса.
Затронутые продукты:HP : HP Operations Agent 11.03
CVE:CVE-2012-2020 (Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326.)
 CVE-2012-2019 (Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1325.)
Оригинальный текстdocumentZDI, ZDI-12-115 : HP OpenView Performance Agent coda.exe Opcode 0x8C Remote Code Execution Vulnerability (16.07.2012)
 documentZDI, ZDI-12-114 : HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability (16.07.2012)
 documentHP, [security bulletin] HPSBMU02796 SSRT100594 rev.1 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code (11.07.2012)

Многочисленные уязвимости безопасности в Microsoft Windows
дополнено с 11 июля 2012 г.
Опубликовано:26 августа 2012 г.
Источник:
SecurityVulns ID:12464
Тип:библиотека
Уровень опасности:
9/10
Описание:Повреждение памяти в Microsoft XML Services, повреждение памяти в ADO, уязвимости в драйверах ядра, внедрение команд в Windows Shell, уязвимости TLS
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2012-1893 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate callback parameters during creation of a hook procedure, which allows local users to gain privileges via a crafted application, aka "Win32k Incorrect Type Handling Vulnerability.")
 CVE-2012-1891 (Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 allows remote attackers to execute arbitrary code via crafted XML data that triggers access to an uninitialized object in memory, aka "ADO Cachesize Heap Overflow RCE Vulnerability.")
 CVE-2012-1890 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle keyboard-layout files, which allows local users to gain privileges via a crafted application, aka "Keyboard Layout Vulnerability.")
 CVE-2012-1889 (Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.)
 CVE-2012-1870 (The CBC mode in the TLS protocol, as used in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and other products, allows remote web servers to obtain plaintext data by triggering multiple requests to a third-party HTTPS server and sniffing the network during the resulting HTTPS session, aka "TLS Protocol Vulnerability.")
 CVE-2012-0175 (The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted name for a (1) file or (2) directory, aka "Command Injection Vulnerability.")
Оригинальный текстdocumentZDI, ZDI-12-158 : Microsoft Internet Explorer MSADO CacheSize Remote Code Execution Vulnerability (26.08.2012)
 documentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2011-1123 - Windows Kernel ReadLayoutFile Heap Overflow (18.07.2012)
Файлы:Microsoft Security Bulletin MS12-043 - Critical Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2722479)
 Microsoft Security Bulletin MS12-044 - Critical Cumulative Security Update for Internet Explorer (2719177)
 Microsoft Security Bulletin MS12-045 - Critical Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (2698365)
 Microsoft Security Bulletin MS12-047 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2718523)
 Microsoft Security Bulletin MS12-048 - Important Vulnerability in Windows Shell Could Allow Remote Code Execution (2691442)
 Microsoft Security Bulletin MS12-049 - Important Vulnerability in TLS Could Allow Information Disclosure (2655992)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород