Информационная безопасность
[RU] switch to English


Переполнение буфера в Microsoft Windows Media Player
Опубликовано:13 октября 2009 г.
Источник:
SecurityVulns ID:10312
Тип:клиент
Уровень опасности:
6/10
Описание:Переполнение буфера при разборе файлов .ASF
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2009-2527 (Heap-based buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via (1) a crafted ASF file or (2) crafted streaming content, aka "WMP Heap Overflow Vulnerability.")
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS09-052 - Critical Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112) (13.10.2009)
Файлы:Microsoft Security Bulletin MS09-052 - Critical Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112)

DoS через LSA против Microsoft Windows
Опубликовано:13 октября 2009 г.
Источник:
SecurityVulns ID:10317
Тип:удаленная
Уровень опасности:
6/10
Описание:Отказ при разборе аутентификации NTLM
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2009-2524 (Integer underflow in the NTLM authentication feature in the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to cause a denial of service (reboot) via a malformed packet, aka "Local Security Authority Subsystem Service Integer Overflow Vulnerability.")
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS09-059 - Important Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467) (13.10.2009)
Файлы:Microsoft Security Bulletin MS09-059 - Important Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467)

Переполнение индекса массива в Microsoft Windows (включая Windows 7)
дополнено с 8 сентября 2009 г.
Опубликовано:13 октября 2009 г.
Источник:
SecurityVulns ID:10210
Тип:удаленная
Уровень опасности:
9/10
Описание:Отказ при разборе SMB-запроса NEGOTIATE PROTOCOL REQUEST протокола SMB2.
Затронутые продукты:MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS09-050 - Critical Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517) (13.10.2009)
 documentReversemode, Regarding Microsoft srv2.sys SMB2.0 NEGOTIATE BSOD (09.09.2009)
 documentlaurent gaffie, Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D. (08.09.2009)
Файлы:Exploits Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D.
 SMB SRV2.SYS Denial of Service PoC
 Microsoft Security Bulletin MS09-050 - Critical Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517)

Повышение привилегий в kvm
Опубликовано:13 октября 2009 г.
Источник:
SecurityVulns ID:10310
Тип:локальная
Уровень опасности:
5/10
Описание:kvm_emulate_hypercall не ограничивает гипервызовы из ring 0.
Затронутые продукты:LINUX : kernel 2.6
CVE:CVE-2009-3290 (The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions before 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (guest kernel crash) and read or write guest kernel memory via unspecified "random addresses.")
 CVE-2008-5714 (Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 1907-1] New kvm packages fix several vulnerabilities (13.10.2009)

Повреждение памяти в ActiveX Microsoft Windows Indexing Service
Опубликовано:13 октября 2009 г.
Источник:
SecurityVulns ID:10315
Тип:клиент
Уровень опасности:
7/10
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2009-2507 (A certain ActiveX control in the Indexing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly process URLs, which allows remote attackers to execute arbitrary programs via unspecified vectors that cause a "vulnerable binary" to load and run, aka "Memory Corruption in Indexing Service Vulnerability.")
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS09-057 - Important Vulnerability in Indexing Service Could Allow Remote Code Execution (969059) (13.10.2009)
Файлы:Microsoft Security Bulletin MS09-057 - Important Vulnerability in Indexing Service Could Allow Remote Code Execution (969059)

Многочисленные уязвимости в CA Anti-Virus
дополнено с 9 октября 2009 г.
Опубликовано:13 октября 2009 г.
Источник:
SecurityVulns ID:10305
Тип:удаленная
Уровень опасности:
6/10
Описание:Многочисленные уязвимости при разборе архивов RAR.
Затронутые продукты:CA : eTrust Intrusion Detection 3.0
 CA : CA Internet Security Suite 2007
 CA : ARCserve Backup 11.5
 CA : CA Internet Security Suite 2008
 CA : CA Protection Suites 3.1
 CA : CA Anti-Virus 7.1
 CA : CA Anti-Virus 8.1
 CA : CA Anti-Virus 2007
 CA : CA Anti-Virus 2008
 CA : CA Network and Systems Management 11.1
 CA : CA Anti-Virus 2009
 CA : CA Internet Security Suite 2009
 CA : CA Threat Manager 8.1
 CA : CA Secure Content Manager 8.0
 CA : ARCserve Backup 12.5
 CA : CA Common Services 11.1
CVE:CVE-2009-3588 (Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587.)
 CVE-2009-3587 (Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588.)
Оригинальный текстdocumentThierry Zoller, [G-SEC 46-2009] Computer Associates multiple products arbritary code execution (13.10.2009)
 documentCA, CA20091008-01: Security Notice for CA Anti-Virus Engine (09.10.2009)

Подмена сертификата в Microsoft CryptoAPI
Опубликовано:13 октября 2009 г.
Источник:
SecurityVulns ID:10314
Тип:библиотека
Уровень опасности:
6/10
Описание:Подмена имени сертификата с помощью нулевого байта.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2009-2511 (Integer overflow in the CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows man-in-the-middle attackers to spoof arbitrary SSL servers and other entities via an X.509 certificate that has a malformed ASN.1 Object Identifier (OID) and was issued by a legitimate Certification Authority, aka "Integer Overflow in X.509 Object Identifiers Vulnerability.")
 CVE-2009-2510 (The CryptoAPI component in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, as used by Internet Explorer and other applications, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, aka "Null Truncation in X.509 Common Name Vulnerability," a related issue to CVE-2009-2408.)
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS09-056 - Important Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571) (13.10.2009)
Файлы:Microsoft Security Bulletin MS09-056 - Important Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571)

Переполнение буфера в FTP-сервере IIS Microsoft Windows
дополнено с 31 августа 2009 г.
Опубликовано:13 октября 2009 г.
Источник:
SecurityVulns ID:10193
Тип:удаленная
Уровень опасности:
8/10
Описание:Переполнение буфера в команде NLST. Та же ошибка приводит к исчерпанию стековой памяти (переполнению стека) при отсутствии доступа на запись к каталогу.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS09-053 - Important Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254) (13.10.2009)
 documentKingcope Kingcope, Microsoft Internet Information Services 5.0/6.0 FTP SERVER DENIAL OF SERVICE ("Stack Exhaustion") (04.09.2009)
Файлы:IIS 5.0 FTPd / Remote r00t exploit
 Microsoft Internet Information Server ftpd zeroday
 Microsoft Security Bulletin MS09-053 - Important Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254)

Многочисленные уязвимости в библиотеке Microsoft Active Template Library (ATL)
дополнено с 29 июля 2009 г.
Опубликовано:13 октября 2009 г.
Источник:
SecurityVulns ID:10106
Тип:библиотека
Уровень опасности:
9/10
Описание:Повреждения памяти, утечка информации, проблема с инициализацией, приводящие к обходу проверки kill-bit.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-2495 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability.")
 CVE-2009-2493 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability.")
 CVE-2009-0901 (The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability.")
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS09-055 - Critical Cumulative Security Update of ActiveX Kill Bits (973525) (13.10.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-055 - Critical Cumulative Security Update of ActiveX Kill Bits (973525) (13.10.2009)
 documentIDEFENSE, iDefense Security Advisory 07.28.09: Multiple Vendor Microsoft ATL/MFC ActiveX Security Bypass Vulnerability (20.08.2009)
 documentIDEFENSE, iDefense Security Advisory 07.28.09: Multiple Vendor Microsoft ATL/MFC ActiveX Information Disclosure Vulnerability (20.08.2009)
 documentIDEFENSE, iDefense Security Advisory 08.11.09: Multiple Vendor Microsoft ATL/MFC ActiveX Type Confusion Vulnerability (20.08.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-037 - Critical Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908) (11.08.2009)
 documentCISCO, Cisco Security Advisory: Active Template Library (ATL) Vulnerability (29.07.2009)
 documentCERT, US-CERT Technical Cyber Security Alert TA09-209A -- Microsoft Windows, Internet Explorer, and Active Template Library (ATL) Vulnerabilities (29.07.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-035 - Moderate Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706) (29.07.2009)
Файлы:Microsoft Security Bulletin MS09-037 - Critical Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)
 Microsoft Security Bulletin MS09-060 - Critical Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (973965)
 Microsoft Security Bulletin MS09-035 - Moderate Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)
 Microsoft Security Bulletin MS09-055 - Critical Cumulative Security Update of ActiveX Kill Bits (973525)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:13 октября 2009 г.
Источник:
SecurityVulns ID:10307
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:DJANGO : python-django 1.1
 DEDECMS : DEDECMS 5.1
Оригинальный текстdocumentinfo_(at)_securitylab.ir, DEDECMS v5.1 Sql Injection Vulnerability (13.10.2009)
 documentDEBIAN, [SECURITY] [DSA 1905-1] New python-django packages fix denial of service (13.10.2009)

DoS против Palm Pre
Опубликовано:13 октября 2009 г.
Источник:
SecurityVulns ID:10309
Тип:клиент
Уровень опасности:
4/10
Описание:Отказ при разборе HTML.
Затронутые продукты:PALM : WebOS 1.1
Оригинальный текстdocumentpalmprehacker_(at)_gmail.com, Palm Pre WebOS version <= 1.1 Floating Point Exception (13.10.2009)

Многочисленные уязвимости безопасности в Microsoft Windows Media Runtime
дополнено с 13 октября 2009 г.
Опубликовано:14 октября 2009 г.
Источник:
SecurityVulns ID:10311
Тип:библиотека
Уровень опасности:
6/10
Описание:Переполнения буфера, повреждения памяти.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-2525 (Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via (1) a crafted media file or (2) crafted streaming content, aka "Windows Media Runtime Heap Corruption Vulnerability.")
 CVE-2009-0555 (Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability.")
Оригинальный текстdocumentifsecure_(at)_gmail.com, Windows Media Audio Voice remote code execution (14.10.2009)
 documentZDI, ZDI-09-069: Microsoft Windows Media Player Audio Voice Sample Rate Memory Corruption Vulnerability (14.10.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-051 - Critical Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682) (13.10.2009)
Файлы:Microsoft Security Bulletin MS09-051 - Critical Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)

Многочисленные уязвимости безопасности в Microsoft Internet Explorer
дополнено с 13 октября 2009 г.
Опубликовано:14 октября 2009 г.
Источник:
SecurityVulns ID:10313
Тип:клиент
Уровень опасности:
7/10
Описание:Многочисленные повреждения памяти.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2009-2531 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530.)
 CVE-2009-2530 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2531.)
 CVE-2009-2529 (Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability.")
 CVE-2009-1547 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability.")
Оригинальный текстdocumentZDI, ZDI-09-071: Microsoft Internet Explorer writing-mode Memory Corruption Vulnerability (14.10.2009)
 documentZDI, ZDI-09-070: Microsoft Internet Explorer Event Object Type Double-Free Vulnerability (14.10.2009)
 documentBerend-Jan Wever, MSIE Content-Encoding: deflate memory corruption vulnerability (14.10.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-054 - Critical Cumulative Security Update for Internet Explorer (974455) (13.10.2009)
Файлы:Microsoft Security Bulletin MS09-054 - Critical Cumulative Security Update for Internet Explorer (974455)

Многочисленные уязвимости в ядре Microsoft Windows
дополнено с 13 октября 2009 г.
Опубликовано:17 октября 2009 г.
Источник:
SecurityVulns ID:10316
Тип:локальная
Уровень опасности:
6/10
Описание:Целочисленное переполнение, обращение по нулевому адресу, ошибки обработчика исключительных ситуаций.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-2517 (The kernel in Microsoft Windows Server 2003 SP2 does not properly handle unspecified exceptions when an error condition occurs, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability.")
 CVE-2009-2516 (The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly validate data sent from user mode, which allows local users to gain privileges via a crafted PE .exe file that triggers a NULL pointer dereference during chain traversal, aka "Windows Kernel NULL Pointer Dereference Vulnerability.")
 CVE-2009-2515 (Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application that triggers an incorrect truncation of a 64-bit integer to a 32-bit integer, aka "Windows Kernel Integer Underflow Vulnerability.")
Оригинальный текстdocumentNsfocus Security Team, NSFOCUS SA2009-03 : Windows Kernel Malformed PE File Remote DoS Vulnerability (17.10.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-058 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486) (13.10.2009)
Файлы:Microsoft Security Bulletin MS09-058 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486)

Слабые разрешения в антивирусных продуктах Quick Heal
дополнено с 13 октября 2009 г.
Опубликовано:16 декабря 2009 г.
Источник:
SecurityVulns ID:10308
Тип:локальная
Уровень опасности:
5/10
Описание:Слабые разрешения на папку установки.
Затронутые продукты:QUICKHEAL : Quick Heal Antivirus 2009
 QUICKHEAL : Quick Heal Total Security 2009
 QUICKHEAL : Quick Heal Antivirus 2010
 QUICKHEAL : Quick Heal Total Security 2010
Оригинальный текстdocumentProtek Research Lab, {PRL} QuickHeal antivirus 2010 Local Privilege Escalation (16.12.2009)
 documentShineShadow, Quick Heal Local Privilege Escalation Vulnerability (13.10.2009)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород