Информационная безопасность
[RU] switch to English


Проблемы с политиками IPSec в Microsoft Windows
Опубликовано:12 августа 2008 г.
Источник:
SecurityVulns ID:9219
Тип:m-i-t-m
Уровень опасности:
5/10
Описание:При определенных условиях политики перестают работать после миграции из домена Windows 2003 в домен Windows 2008.
Затронутые продукты:MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2008-2246
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS08-047 – Important Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733) (12.08.2008)
Файлы:Microsoft Security Bulletin MS08-047 – Important Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733)

Повышение привилегий в Microsoft Windows
Опубликовано:12 августа 2008 г.
Источник:
SecurityVulns ID:9220
Тип:локальная
Уровень опасности:
6/10
Описание:Некорректная обработка событий позволяет выполнение кода в контексте системы.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2008-1457
 CVE-2008-1456
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS08-049 – Important Vulnerabilities in Event System Could Allow Remote Code Execution (950974) (12.08.2008)
Файлы:Microsoft Security Bulletin MS08-049 – Important Vulnerabilities in Event System Could Allow Remote Code Execution (950974)

Загрузка файлов через ActiveX Microsoft Access
дополнено с 9 июля 2008 г.
Опубликовано:12 августа 2008 г.
Источник:
SecurityVulns ID:9137
Тип:клиент
Уровень опасности:
7/10
Описание:ActiveX SnapShot Viewer позволяет загрузку файлов по произвольному пути.
Затронутые продукты:MICROSOFT : Office 2000
 MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2007
CVE:CVE-2008-2463 (The Microsoft Office Snapshot Viewer ActiveX control in snapview.ocx 10.0.5529.0, as distributed in the standalone Snapshot Viewer and Microsoft Office Access 2000 through 2003, allows remote attackers to download arbitrary files to a client machine via a crafted HTML document or e-mail message, probably involving use of the SnapshotPath and CompressedPath properties and the PrintSnapshot method. NOTE: this can be leveraged for code execution by writing to a Startup folder.)
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS08-041 – Critical Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617) (12.08.2008)
 documentCERT, US-CERT Technical Cyber Security Alert TA08-189A -- Microsoft Office Snapshot Viewer ActiveX Vulnerability (09.07.2008)
Файлы:Microsoft Security Advisory (955179) Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution
  Microsoft Security Bulletin MS08-041 – Critical Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution

Ежедневная сводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:12 августа 2008 г.
Источник:
SecurityVulns ID:9211
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:WORDPRESS : Contact Form ][ 2.0
 KAYAKO : Kayako SupportSuite 3.30
Оригинальный текстdocumenthadihadi_zedehal_2006_(at)_yahoo.com, K-Links Directory Blind SQL Injection Exploit (12.08.2008)
 documentr3d.w0rm_(at)_yahoo.com, Ovidentia Sql Injection (12.08.2008)
 documentJeiAr, Kayako SupportSuite < 3.30.00 Multiple Vulnerabilities (12.08.2008)
 documentMustLive, New vulnerabilities in Contact Form ][ for WordPress (12.08.2008)
Файлы:K-Links Directory Blind SQL Injection Exploit

Проблема символьных линков в UUDeview
Опубликовано:12 августа 2008 г.
Источник:
SecurityVulns ID:9212
Тип:локальная
Уровень опасности:
5/10
Описание:Небезопасное создание временных файлов.
CVE:CVE-2008-2266 (uulib/uunconc.c in UUDeview 0.5.20 allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression.)
Оригинальный текстdocumentGENTOO, [ GLSA 200808-11 ] UUDeview: Insecure temporary file creation (12.08.2008)

Переполнение буфера в коммутаторах Alcatel OmniSwitch
Опубликовано:12 августа 2008 г.
Источник:
SecurityVulns ID:9213
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнение буфера на длинном заголовке Cookie во встроенном web-сервере.
Затронутые продукты:ALCATEL : OmniSwitch OS7000
 ALCATEL : OmniSwitch OS6600
 ALCATEL : OmniSwitch OS6800
 ALCATEL : OmniSwitch OS6850
 ALCATEL : OmniSwitch OS9000
Оригинальный текстdocumentDeral Heiland, Layered Defense Research Advisory: Alcatel-Lucent OmniSwitch products, Stack Buffer Overflow (12.08.2008)

Ошибка форматной строки в snoop под Sun Solaris
Опубликовано:12 августа 2008 г.
Источник:
SecurityVulns ID:9214
Тип:удаленная
Уровень опасности:
5/10
Описание:Ошибка форматной строке при разборе трафика SMB.
Затронутые продукты:ORACLE : Solaris 8
 ORACLE : Solaris 9
 ORACLE : Solaris 10
CVE:CVE-2008-0965 (Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet.)
 CVE-2008-0964
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Stack Buffer Overflow Vulnerabilities (12.08.2008)
 documentIDEFENSE, iDefense Security Advisory 08.04.08: Solaris snoop SMB Decoding Multiple Format String Vulnerabilities (12.08.2008)

DoS против сервера IMAP hMailServer
Опубликовано:12 августа 2008 г.
Источник:
SecurityVulns ID:9215
Тип:удаленная
Уровень опасности:
5/10
Описание:Утечка памяти при выполнении комманд приводит к исчерпанию ресурсов.
Затронутые продукты:HMAILSERVER : hMAilServer 4.4
Оригинальный текстdocumentJoгo Antunes, [AJECT] hMailServer 4.4.1 DoS vulnerability (12.08.2008)

Многочисленные уязвимости безопасности в Microsoft Office / Word / Excel / Power Point
дополнено с 12 августа 2008 г.
Опубликовано:13 августа 2008 г.
Источник:
SecurityVulns ID:9216
Тип:клиент
Уровень опасности:
8/10
Описание:Многочисленные повреждения памяти, обход защиты.
Затронутые продукты:MICROSOFT : Office 2000
 MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2007
 MICROSOFT : Office SharePoint Server 2007
CVE:CVE-2008-3460 (WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG file, aka the "WPG Image File Heap Corruption Vulnerability.")
 CVE-2008-3021 (Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file with an invalid bits_per_pixel field, aka the "PICT Filter Parsing Vulnerability," a different vulnerability than CVE-2008-3018.)
 CVE-2008-3020 (Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability.")
 CVE-2008-3019 (Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of an Encapsulated PostScript (EPS) file, which allows remote attackers to execute arbitrary code via a crafted EPS file, aka the "Malformed EPS Filter Vulnerability.")
 CVE-2008-3018 (Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file, aka the "Malformed PICT Filter Vulnerability," a different vulnerability than CVE-2008-3021.)
 CVE-2008-3006 (Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 Gold and SP3; Office Excel Viewer; Office Compatibility Pack 2007 Gold and SP1; Office SharePoint Server 2007 Gold and SP1; and Office 2004 and 2008 for Mac do not properly parse Country record values when loading Excel files, which allows remote attackers to execute arbitrary code via a crafted Excel file, aka the "Excel Record Parsing Vulnerability.")
 CVE-2008-3005 (Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002 SP3, and Office 2004 and 2008 for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted array index for a FORMAT record, aka the "Excel Index Array Vulnerability.")
 CVE-2008-3004 (Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3; Office Excel Viewer 2003; and Office 2004 and 2008 for Mac do not properly validate index values for AxesSet records when loading Excel files, which allows remote attackers to execute arbitrary code via a crafted Excel file, aka the "Excel Indexing Validation Vulnerability.")
 CVE-2008-3003 (Microsoft Office Excel 2007 Gold and SP1 does not properly delete the PWD (password) string from connections.xml when a .xlsx file is configured not to save the remote data session password, which allows local users to obtain sensitive information and obtain access to a remote data source, aka the "Excel Credential Caching Vulnerability.")
 CVE-2008-2244
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft Excel FORMAT Record Invalid Array Index Vulnerability (13.08.2008)
 documentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability (13.08.2008)
 documentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability (13.08.2008)
 documentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability (13.08.2008)
 documentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft Office WPG Image File Heap Buffer Overflow Vulnerability (13.08.2008)
 documentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft Office BMP Input Filter Heap Overflow Vulnerability (13.08.2008)
 documentZDI, ZDI-08-048: Microsoft Excel COUNTRY Record Memory Corruption Vulnerability (13.08.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-051 – Critical Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785) Microsoft Security Bulletin MS08-051 – Critical (12.08.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-044 – Critical Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090) (12.08.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-043 – Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066) (12.08.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-042 – Important Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048) (12.08.2008)
Файлы:Microsoft Security Bulletin MS08-042 – Important Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048)
 Microsoft Security Bulletin MS08-044 – Critical Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090)
 Microsoft Security Bulletin MS08-051 – Critical Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785) Microsoft Security Bulletin MS08-051 – Critical

Повреждение памяти в системе управления цветами Microsoft Windows
дополнено с 12 августа 2008 г.
Опубликовано:13 августа 2008 г.
Источник:
SecurityVulns ID:9218
Тип:библиотека
Уровень опасности:
7/10
Описание:Повреждение памяти при обработке информации ICCM.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2008-2245 (Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted image file.)
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 08.12.08: Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability (13.08.2008)
 documentZDI, ZDI-08-049: Microsoft Windows Graphics Rendering Engine PICT Heap Corruption (13.08.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-046 – Critical Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954) (12.08.2008)
Файлы:Microsoft Security Bulletin MS08-046 – Critical Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution (952954)

Многочисленные уязвимости безопасности в Microsoft Internet Explorer
дополнено с 12 августа 2008 г.
Опубликовано:14 августа 2008 г.
Источник:
SecurityVulns ID:9217
Тип:удаленная
Уровень опасности:
8/10
Описание:Многочисленные повреждения памяти. Межсайтовый скриптинг через MHTML.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2008-2259
 CVE-2008-2258 (Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order" with "particular functions ... performed on" document objects, aka "HTML Objects Memory Corruption Vulnerability" or "Table Layout Memory Corruption Vulnerability," a different vulnerability than CVE-2008-2257.)
 CVE-2008-2257 (Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific order," aka "HTML Objects Memory Corruption Vulnerability" or "XHTML Rendering Memory Corruption Vulnerability," a different vulnerability than CVE-2008-2258.)
 CVE-2008-2256
 CVE-2008-2255
 CVE-2008-2254 (Microsoft Internet Explorer 6 and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, aka "HTML Object Memory Corruption Vulnerability.")
 CVE-2008-1448 (The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended access restrictions and read arbitrary files via an mhtml: URI in conjunction with a redirection, aka "URL Parsing Cross-Domain Information Disclosure Vulnerability.")
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass (14.08.2008)
 documentZDI, ZDI-08-050: Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability (13.08.2008)
 documentZDI, ZDI-08-051: Microsoft Internet Explorer Table Layout Memory Corruption Vulnerability (13.08.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-048 - Important Security Update for Outlook Express and Windows Mail (951066) (12.08.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-045 - Critical Cumulative Security Update for Internet Explorer (953838) (12.08.2008)
Файлы:Microsoft Security Bulletin MS08-045 - Critical Cumulative Security Update for Internet Explorer (953838)
 Microsoft Security Bulletin MS08-048 - Important Security Update for Outlook Express and Windows Mail (951066)

Несанкционированный доступ через ActiveX к Microsoft Messenger
дополнено с 12 августа 2008 г.
Опубликовано:15 августа 2008 г.
Источник:
SecurityVulns ID:9221
Тип:клиент
Уровень опасности:
6/10
Описание:ActiveX Messenger.UIAutomation.1 позволяет доступ ко всем возможностям приложения.
Затронутые продукты:MICROSOFT : Windows Messenger 4.7
CVE:CVE-2008-0082
Оригинальный текстdocumentcocoruder, Microsoft Windows Messenger Remote Illegal Access Vulnerability (15.08.2008)
 documentMICROSOFT, Microsoft Security Bulletin MS08-050 – Important Vulnerability in Windows Messenger Could Allow Information Disclosure (955702) (12.08.2008)
Файлы:Microsoft Security Bulletin MS08-050 – Important Vulnerability in Windows Messenger Could Allow Information Disclosure (955702)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород