Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Microsoft Windows
Опубликовано:13 октября 2010 г.
Источник:
SecurityVulns ID:11191
Тип:удаленная
Уровень опасности:
9/10
Описание:Многочисленные повышения привилегий через различные драйверы. Переполнение буфера в MFC. Повреждение памяти и целочисленные переполнения при разборе шрифтов EOT и OTF. Переполнение буфера в comctl32. Переполнение буфера в LPC. DoS через SChannel.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2010-3229 (The Secure Channel (aka SChannel) security package in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when IIS 7.x is used, does not properly process client certificates during SSL and TLS handshakes, which allows remote attackers to cause a denial of service (LSASS outage and reboot) via a crafted packet, aka "TLSv1 Denial of Service Vulnerability.")
 CVE-2010-3227 (Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class (MFC) Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows context-dependent attackers to execute arbitrary code via a long window title that this library attempts to create at the request of an application, as demonstrated by the Trident PowerZip 7.2 Build 4010 application, aka "Windows MFC Document Title Updating Buffer Overflow Vulnerability.")
 CVE-2010-3222 (Stack-based buffer overflow in the Remote Procedure Call Subsystem (RPCSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted LPC message that requests an LRPC connection from an LPC server to a client, aka "LPC Message Buffer Overrun Vulnerability.")
 CVE-2010-2746 (Heap-based buffer overflow in Comctl32.dll (aka the common control library) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when a third-party SVG viewer is used, allows remote attackers to execute arbitrary code via a crafted HTML document that triggers unspecified messages from this viewer, aka "Comctl32 Heap Overflow Vulnerability.")
 CVE-2010-2744 (The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly manage a window class, which allows local users to gain privileges via a crafted application, aka "Win32k Window Class Vulnerability.")
 CVE-2010-2743 (The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by the Stuxnet worm, aka "Win32k Keyboard Layout Vulnerability." NOTE: this might be a duplicate of CVE-2010-3888 or CVE-2010-3889.)
 CVE-2010-2741 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 performs an incorrect integer calculation during font processing, which allows local users to gain privileges via a crafted application, aka "OpenType Font Validation Vulnerability.")
 CVE-2010-2740 (The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly perform memory allocation during font parsing, which allows local users to gain privileges via a crafted application, aka "OpenType Font Parsing Vulnerability.")
 CVE-2010-2549 (Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service (system crash) by using a large number of calls to the NtUserCheckAccessForIntegrityLevel function to trigger a failure in the LockProcessByClientId function, leading to deletion of an in-use process object, aka "Win32k Reference Count Vulnerability.")
 CVE-2010-1883 (Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary code via a crafted table in an embedded font, aka "Embedded OpenType Font Integer Overflow Vulnerability.")
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, [CORE-2010-0624] MS OpenType CFF Parsing Vulnerability (13.10.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-085 - Important Vulnerability in SChannel Could Allow Denial of Service (2207566) (13.10.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-084 - Important Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937) (13.10.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-081 - Important Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011) (13.10.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-078 - Important Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986) (13.10.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-076 - Critical Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132) (13.10.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-074 - Moderate Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149) (13.10.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-073 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957) (13.10.2010)
Файлы:Microsoft Security Bulletin MS10-076 - Critical Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132)
 Microsoft Security Bulletin MS10-078 - Important Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986)
 Microsoft Security Bulletin MS10-085 - Important Vulnerability in SChannel Could Allow Denial of Service (2207566)
 Microsoft Security Bulletin MS10-084 - Important Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937)
 Microsoft Security Bulletin MS10-073 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)
 Microsoft Security Bulletin MS10-081 - Important Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011)
 Microsoft Security Bulletin MS10-074 - Moderate Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149)

Многочисленные уязвимости безопасности в Microsoft Internet Explorer
Опубликовано:13 октября 2010 г.
Источник:
SecurityVulns ID:11189
Тип:удаленная
Уровень опасности:
9/10
Описание:Многочисленные повреждения памяти, утечка информации.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2010-3331 (Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability.")
 CVE-2010-3330 (Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from a different (1) domain or (2) zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Cross-Domain Information Disclosure Vulnerability.")
 CVE-2010-3329 (mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Corruption Vulnerability.")
 CVE-2010-3328 (Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecified property of a stylesheet object, aka "Uninitialized Memory Corruption Vulnerability.")
 CVE-2010-3327 (The implementation of HTML content creation in Microsoft Internet Explorer 6 through 8 does not remove the Anchor element during pasting and editing, which might allow remote attackers to obtain sensitive deleted information by visiting a web page, aka "Anchor Element Information Disclosure Vulnerability.")
 CVE-2010-3326 (Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability.")
 CVE-2010-3325 (Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets (CSS) documents, which allows remote attackers to obtain sensitive information from a different (1) domain or (2) zone via a crafted web site, aka "CSS Special Character Information Disclosure Vulnerability.")
 CVE-2010-3324 (The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks via a crafted use of the Cascading Style Sheets (CSS) @import rule, aka "HTML Sanitization Vulnerability," a different vulnerability than CVE-2010-1257.)
 CVE-2010-3243 (Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "HTML Sanitization Vulnerability.")
 CVE-2010-0808 (Microsoft Internet Explorer 6 and 7 on Windows XP and Vista does not prevent script from simulating user interaction with the AutoComplete feature, which allows remote attackers to obtain sensitive form information via a crafted web site, aka "AutoComplete Information Disclosure Vulnerability.")
Оригинальный текстdocumentCHECKPOINT, Internet Explorer Uninitialized Memory Corruption Vulnerability - CVE-2010-3331 (13.10.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-071 - Critical Cumulative Security Update for Internet Explorer (2360131) (13.10.2010)
Файлы:Microsoft Security Bulletin MS10-071 - Critical Cumulative Security Update for Internet Explorer (2360131)

Межсайтовый скриптинг в SafeHTML Microsoft Sharepoint
Опубликовано:13 октября 2010 г.
Источник:
SecurityVulns ID:11190
Тип:удаленная
Уровень опасности:
6/10
Описание:Несколько возможностей межсайтового скриптинга.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2010-3324 (The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks via a crafted use of the Cascading Style Sheets (CSS) @import rule, aka "HTML Sanitization Vulnerability," a different vulnerability than CVE-2010-1257.)
 CVE-2010-3243 (Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "HTML Sanitization Vulnerability.")
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS10-072 - Important Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048) (13.10.2010)
Файлы:Microsoft Security Bulletin MS10-072 - Important Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)

Повреждение памяти в Media Player Network Sharing
Опубликовано:13 октября 2010 г.
Источник:
SecurityVulns ID:11192
Тип:удаленная
Уровень опасности:
6/10
Описание:Использование памяти после освобождения при разборе запроса RTSP.
Затронутые продукты:MICROSOFT : Windows Vista
 MICROSOFT : Windows 7
CVE:CVE-2010-3225 (Use-after-free vulnerability in the Media Player Network Sharing Service in Microsoft Windows Vista SP1 and SP2 and Windows 7 allows remote attackers to execute arbitrary code via a crafted Real Time Streaming Protocol (RTSP) packet, aka "RTSP Use After Free Vulnerability.")
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS10-075 - Critical Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679) (13.10.2010)
Файлы:Microsoft Security Bulletin MS10-075 - Critical Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679)

Повреждение памяти в компиляторе Microsoft .Net
Опубликовано:13 октября 2010 г.
Источник:
SecurityVulns ID:11193
Тип:клиент
Уровень опасности:
5/10
Описание:Повреждение памяти пр икомпиляции SMIL-кода на 64-битных архитектурах.
Затронутые продукты:MICROSOFT : .NET Framework 4.0
CVE:CVE-2010-3228 (The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms does not properly perform optimizations, which allows remote attackers to execute arbitrary code via a crafted .NET application that triggers memory corruption, aka ".NET Framework x64 JIT Compiler Vulnerability.")
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS10-077 - Critical Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841) Published: October 12, 2010 (13.10.2010)

Повреждение памяти в Windows Media Player
Опубликовано:13 октября 2010 г.
Источник:
SecurityVulns ID:11195
Тип:клиент
Уровень опасности:
5/10
Описание:Повреждение памяти при обновлении страницы с ActiveX.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2010-2745 (Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka "Windows Media Player Memory Corruption Vulnerability.")
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS10-082 - Important Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111) (13.10.2010)
Файлы:Microsoft Security Bulletin MS10-082 - Important Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111)

Выполнение кода в Microsoft Windows Wordpad / Windows Shell
Опубликовано:13 октября 2010 г.
Источник:
SecurityVulns ID:11196
Тип:клиент
Уровень опасности:
6/10
Описание:Выполнение кода через внедренный COM-объект.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2010-1263 (Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during instantiation, which allows remote attackers to execute arbitrary code via a crafted file, aka "COM Validation Vulnerability.")
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS10-083 - Important Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution (2405882) (13.10.2010)
Файлы:Microsoft Security Bulletin MS10-083 - Important Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution (2405882)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:13 октября 2010 г.
Источник:
SecurityVulns ID:11199
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:JOOMLA : Joomla 1.5
 APACHE : Subversion 1.5
 SUBVERSION : Subversion 1.6
 RONNYCMS : Ronny CMS 1.1
 PLUXML : PluXml 5.0
 COLALBTIVE : Collabtive 0.65
 JOOMLA : JS Calendar 1.5
CVE:CVE-2010-3315 (authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.)
Оригинальный текстdocumentSalvatore "drosophila" Fresta, JS Calendar 1.5.1 Joomla Component Multiple Remote Vulnerabilities (13.10.2010)
 documentYGN Ethical Hacker Group, Joomla! 1.5.20 <= Cross Site Scripting (XSS) Vulnerability (13.10.2010)
 documentadvisory_(at)_anatoliasecurity.com, Collabtive Multiple Vulnerabilities (13.10.2010)
 documentMANDRIVA, [ MDVSA-2010:199 ] subversion (13.10.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Ronny CMS (13.10.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Ronny CMS (13.10.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in PluXml (13.10.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in PluXml (13.10.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in PluXml (13.10.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in PluXml (13.10.2010)
 documentHigh-Tech Bridge Security Research, XSRF (CSRF) in Lara (13.10.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Ronny CMS (13.10.2010)

Многочисленные уязвимости безопасности в библиотеке poppler
Опубликовано:13 октября 2010 г.
Источник:
SecurityVulns ID:11200
Тип:библиотека
Уровень опасности:
6/10
Описание:Различные уязвимости при разборе PDF.
Затронутые продукты:POPPLER : poppler 0.8
CVE:CVE-2010-3704 (The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption.)
 CVE-2010-3702 (The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2116-1] New poppler packages fix several vulnerabilities (13.10.2010)

DoS против Wireshark
Опубликовано:13 октября 2010 г.
Источник:
SecurityVulns ID:11201
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнение стека при разборе ASN.1
Затронутые продукты:WIRESHARK : Wireshark 1.2
CVE:CVE-2010-3445 (Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2010:200 ] wireshark (13.10.2010)

Слабые разрешения в Microsoft Windows 2008 Shared Cluster Disks
Опубликовано:13 октября 2010 г.
Источник:
SecurityVulns ID:11197
Тип:локальная
Уровень опасности:
5/10
Описание:По-умолчанию на новых дисках дается разрешение Everyone:Full Control.
Затронутые продукты:MICROSOFT : Windows 2008 Server
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS10-086 - Moderate Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255) (13.10.2010)

Обратный путь в каталогах во многих FTP-клиентах
дополнено с 5 августа 2010 г.
Опубликовано:13 октября 2010 г.
Источник:
SecurityVulns ID:11029
Тип:локальная
Уровень опасности:
5/10
Описание:Возможна загрузка файла за пределами каталога, указанного пользователем.
Затронутые продукты:INTERNETSOFT : FTP Commander 8.02
 TURBOFTP : TurboFTP Client 6.0
 ELECTRASOFT : 32bit FTP Client 10.07
 FRIGATE : Frigate 3.36
 SMARTSOFT : SmartFTP 4.0
 IORUSH : FTP Rush 1.1
 FTPX : FTP Explorer 10.5
 SOFTX : SoftX FTP Client 3.3
 SITEDESIGNER : 3D FTP Client 9.0
 DESKSHARE : AutoFTP Manager 4.31
 FTPGETTER : FTPGetter 3.51
 FILTERFTP : FilterFTP 2.0
 FTPVOYAGER : FTP Voyager 15.2
 CROSSFTP : CrossFTP Pro 1.65
 ROBOFTP : Robo-FTP 3.7
 ANYCONNECT : AnyConnect 1.2
 FRESHWEBMASTER : FreshFTP 5.36
Оригинальный текстdocumentHigh-Tech Bridge Security Research, Directory Traversal Vulnerability in AnyConnect (13.10.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal Vulnerability in FreshFTP (13.10.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal Vulnerability in Robo-FTP (13.10.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal Vulnerability in CrossFTP Pro (13.10.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal Vulnerability in FTP Voyager (11.10.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal Vulnerability in FilterFTP (11.10.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal in AutoFTP Manager (23.08.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal in FTPGetter (23.08.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal in 3D FTP Client (23.08.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal in SoftX FTP Client (16.08.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal in FTP Explorer (08.08.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal in FTP Rush (08.08.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal in SmartFTP (08.08.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal in Frigate 3 built-in FTP client (08.08.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal Vulnerability in 32bit FTP Client (05.08.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal Vulnerability in FTP Commander Deluxe (05.08.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal Vulnerability in FTP Commander (05.08.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal Vulnerability in TurboFTP 6 Client (05.08.2010)
 documentHigh-Tech Bridge Security Research, Directory Traversal Vulnerability in FTP Commander Pro (05.08.2010)

Уязвимости безопасности в Microsoft Office
дополнено с 13 октября 2010 г.
Опубликовано:16 октября 2010 г.
Источник:
SecurityVulns ID:11194
Тип:клиент
Уровень опасности:
8/10
Описание:Многочисленные повреждения памяти, переполнения индексов массивов, буферов и т.д. в Microsoft Word и Excel.
Затронутые продукты:MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2004 for Mac
 MICROSOFT : Office 2007
 MICROSOFT : Office 2008 for Mac
 MICROSOFT : Office 2010
CVE:CVE-2010-3242 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Ghost Record Type Parsing Vulnerability.")
 CVE-2010-3241 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out-of-Bounds Memory Write in Parsing Vulnerability.")
 CVE-2010-3240 (Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Real Time Data Array Record Vulnerability.")
 CVE-2010-3239 (Microsoft Excel 2002 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Extra Out of Boundary Record Parsing Vulnerability.")
 CVE-2010-3238 (Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac, does not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Negative Future Function Vulnerability.")
 CVE-2010-3237 (Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Merge Cell Record Pointer Vulnerability.")
 CVE-2010-3236 (Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out Of Bounds Array Vulnerability.")
 CVE-2010-3235 (Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Biff Record Vulnerability.")
 CVE-2010-3234 (Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Substream Memory Corruption Vulnerability.")
 CVE-2010-3233 (Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted .wk3 (aka Lotus 1-2-3 workbook) file, aka "Lotus 1-2-3 Workbook Parsing Vulnerability.")
 CVE-2010-3232 (Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel File Format Parsing Vulnerability.")
 CVE-2010-3231 (Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel Record Parsing Memory Corruption Vulnerability.")
 CVE-2010-3230 (Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel document with crafted record information, aka "Excel Record Parsing Integer Overflow Vulnerability.")
 CVE-2010-3221 (Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word Viewer do not properly handle a malformed record during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Parsing Vulnerability.")
 CVE-2010-3220 (Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Parsing Vulnerability.")
 CVE-2010-3219 (Array index vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Parsing Vulnerability.")
 CVE-2010-3218 (Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via malformed records in a Word document, aka "Word Heap Overflow Vulnerability.")
 CVE-2010-3217 (Double free vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a Word document with crafted List Format Override (LFO) records, aka "Word Pointer Vulnerability.")
 CVE-2010-3216 (Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted Word document containing bookmarks that trigger use of an invalid pointer and memory corruption, aka "Word Bookmarks Vulnerability.")
 CVE-2010-3215 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle unspecified return values during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Return Value Vulnerability.")
 CVE-2010-3214 (Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Word Viewer; Office Web Apps; and Word Web App allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Stack Overflow Vulnerability.")
 CVE-2010-2750 (Array index error in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Vulnerability.")
 CVE-2010-2748 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly check an unspecified boundary during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Boundary Check Vulnerability.")
 CVE-2010-2747 (Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle an uninitialized pointer during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Uninitialized Pointer Vulnerability.")
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2010-0517 - Microsoft Office HtmlDlgHelper class memory corruption (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Word Bookmarks Invalid Pointer Vulnerability (CVE-2010-3216) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Word Document Array Indexing Vulnerability (CVE-2010-2750) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Word Return Value Handling Vulnerability (CVE-2010-3215) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel RealTimeData Array Indexing Vulnerability (CVE-2010-3240) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Word Document Invalid Pointer Vulnerability (CVE-2010-3217) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel Formula Substream Memory Corruption (CVE-2010-3234) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Word Document Stack Overflow Vulnerability (CVE-2010-3214) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Word Document Heap Overflow Vulnerability (CVE-2010-3218) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel Formula Record Dangling Pointer Vulnerability (CVE-2010-3235) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel Record Array Indexing Vulnerability (CVE-2010-3236) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Word BKF Objects Array Indexing Vulnerability (CVE-2010-3219) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel Extra PtgExtraArray Parsing Vulnerability (CVE-2010-3239) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel Formula Record Buffer Overflow Vulnerability (CVE-2010-3231) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Word LVL Structure Heap Overflow Vulnerability (CVE-2010-3220) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel Ghost Record Type Parsing Vulnerability (CVE-2010-3242) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Word Short Sign Memory Corruption Vulnerability (CVE-2010-3221) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel Negative Future Function Vulnerability (CVE-2010-3238) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel Out-of-Bounds Memory Write Vulnerability (CVE-2010-3241) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Word Uninitialized Pointer Vulnerability (CVE-2010-2747) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Word Document Buffer Overflow Vulnerability (CVE-2010-2748) (16.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel Merge Cell Record Invalid Pointer Vulnerability (CVE-2010-3237) (16.10.2010)
 documentSECUNIA, Secunia Research: Microsoft Excel Lotus 1-2-3 File Parsing Vulnerability (13.10.2010)
 documentSECUNIA, Secunia Research: Microsoft Excel Ghost Record Type Parsing Vulnerability (13.10.2010)
 documentSECUNIA, Secunia Research: Microsoft Excel Record Parsing Integer Overflow Vulnerability (13.10.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-080 - Important Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211) (13.10.2010)
 documentMICROSOFT, Microsoft Security Bulletin MS10-079 - Important Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194) (13.10.2010)
Файлы:Microsoft Security Bulletin MS10-079 - Important Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)
 Microsoft Security Bulletin MS10-080 - Important Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)

Многочисленные уязвимости безопасности в продуктах Oracle / Sun / Peoplesoft
дополнено с 13 октября 2010 г.
Опубликовано:18 июля 2011 г.
Источник:
SecurityVulns ID:11198
Тип:удаленная
Уровень опасности:
9/10
Описание:Ежеквартальное обновление закрывает почти 90 уязвимостей в различных продуктах.
Затронутые продукты:ORACLE : Primavera P6 Enterprise Project Portfolio Management 7.0
 ORACLE : PeopleSoft Enterprise PeopleTools 8.50
 ORACLE : Oracle Identity Management 10g
 ORACLE : Agile PLM, 9.3
 ORACLE : Oracle Transportation Management 5.5
 ORACLE : Oracle Transportation Management 6.0
 ORACLE : Oracle Transportation Management 6.1
 ORACLE : PeopleSoft Enterprise 8.9
 ORACLE : PeopleSoft Enterprise 9.0
 ORACLE : PeopleSoft Enterprise 9.1
 ORACLE : Siebel Core 7.7
 ORACLE : Siebel Core 7.8
 ORACLE : Siebel Core 8.0
 ORACLE : Siebel Core 8.1
 ORACLE : Primavera P6 Enterprise Project Portfolio Management 6.21
 ORACLE : Oracle VM 2.2
 ORACLE : Solaris 10
 ORACLE : Oracle 10g
 ORACLE : Oracle E-Business Suite Release 11i
 ORACLE : Oracle E-Business Suite Release 12
 ORACLE : Oracle 11g
 ORACLE : PeopleSoft Enterprise PeopleTools 8.49
 ORACLE : Oracle BI Publisher 10.1
CVE:CVE-2010-3585 (Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a third party researcher that this is related to the exposure of unspecified functions using XML-RPC.)
 CVE-2010-3584 (Unspecified vulnerability in the Oracle VM component in Oracle VM 2.2.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a third party researcher that this is related to the storage of passwords and password hashes in cleartext in files with insecure permissions.)
 CVE-2010-3583 (Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a third party researcher that this is related to the exposure of multiple unspecified functions through XML-RPC that allow execution of arbitrary OS commands.)
 CVE-2010-3582 (Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent.)
 CVE-2010-3581 (Unspecified vulnerability in the BPEL Console component in Oracle Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0 allows remote authenticated users to affect integrity via unknown vectors.)
 CVE-2010-3580 (Unspecified vulnerability in Oracle OpenSolaris allows local users to affect availability via unknown vectors related to Kernel/File System.)
 CVE-2010-3579 (Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun Java Communications Suite 7 components in Oracle Sun Products Suite 1.0 and 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail.)
 CVE-2010-3578 (Unspecified vulnerability in Oracle OpenSolaris allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Depot Server.)
 CVE-2010-3577 (Unspecified vulnerability in Oracle OpenSolaris allows remote attackers to affect confidentiality and integrity, related to Kernel/CIFS.)
 CVE-2010-3576 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect integrity and availability, related to the SCSI enclosure services device driver.)
 CVE-2010-3575 (Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 6.0, 6.2, 6.3, and 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Mail.)
 CVE-2010-3564 (Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue.)
 CVE-2010-3547 (Unspecified vulnerability in the PeopleSoft FMS ESA - EX component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3546 (Unspecified vulnerability in the Sun Java System Identity Manager component in Oracle Sun Products Suite 8.1 allows remote attackers to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3545 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration.)
 CVE-2010-3544 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect integrity and availability via unknown vectors related to Administration. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable source that this is cross-site request forgery (CSRF) that allows remote attackers to stop an instance via the management console.)
 CVE-2010-3542 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality, related to USB.)
 CVE-2010-3540 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to ZFS.)
 CVE-2010-3539 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - GL component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3538 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - GL component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3537 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - AM component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3536 (Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3535 (Unspecified vulnerability in the Directory Server Enterprise Edition component in Oracle Sun Products Suite 6.0, 6.1, 6.2, and 6.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Identity Synchronization for Windows.)
 CVE-2010-3534 (Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 6.21.3.0 and 7.0.1.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Project Management Module.)
 CVE-2010-3533 (Unspecified vulnerability in the PeopleSoft Enterprise SCM OM and CRM Order Capture component in Oracle PeopleSoft and JDEdwards Suite 8.9, 9.0, and 9.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3532 (Unspecified vulnerability in the PeopleSoft Enterprise CRM - Order Capture component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle #28 and 9.1 Bundle #4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3531 (Unspecified vulnerability in the PeopleSoft Enterprise FMS ESA - RM component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3530 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - HR component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle #13 and 9.1 Bundle #3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3529 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - Cash Management component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3528 (Unspecified vulnerability in the PeopleSoft Enterprise CRM - Common Components component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #41, 9.0 Bundle #28, and 9.1 Bundle #4 allows remote authenticated users to affect confidentiality via unknown vectors.)
 CVE-2010-3527 (Unspecified vulnerability in the PeopleSoft Enterprise FMS - AM component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 allows remote authenticated users to affect integrity and availability via unknown vectors.)
 CVE-2010-3526 (Unspecified vulnerability in the PeopleSoft Enterprise SCM - PO component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3525 (Unspecified vulnerability in the (1) PeopleSoft Enterprise FMS, (2) SCM, (3) EPM, (4) CRM, and (5) Campus Solutions components in Oracle PeopleSoft and JDEdwards Suite 8.9, 9.0, and 9.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3524 (Unspecified vulnerability in the PeopleSoft Enterprise SCM - Strategic Sourcing component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3523 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.49.28 and 8.50.12 allows remote attackers to affect integrity via unknown vectors.)
 CVE-2010-3522 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.49.28 and 8.50.12 allows remote authenticated users to affect confidentiality via unknown vectors.)
 CVE-2010-3521 (Unspecified vulnerability in the PeopleSoft Enterprise HCM ePay component in Oracle PeopleSoft and JDEdwards Suite 9.0 to Payroll Update 10-C and 9.1 to Payroll Update 10-C allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3520 (Unspecified vulnerability in the PeopleSoft Enterprise HCM - GP France component in Oracle PeopleSoft and JDEdwards Suite 8.81 SP1 Bundle #12, 8.9 GP Update 2010-E, 9.0 GP Update 2010-E, and 9.1 GP Update 2010-E allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3519 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.49.28 and 8.50.12 allows remote authenticated users to affect integrity via unknown vectors.)
 CVE-2010-3518 (Unspecified vulnerability in the PeopleSoft Enterprise HCM GP - Japan component in Oracle PeopleSoft and JDEdwards Suite 8.81 SP1 Bundle #13, 8.9 GP Update 2010-E, 9.0 GP Update 2010-E, and 9.1 GP Update 2010-E allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3517 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability, related to Kernel/X86.)
 CVE-2010-3516 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availability via unknown vectors related to InfiniBand.)
 CVE-2010-3515 (Unspecified vulnerability in the Solaris component in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect availability via unknown vectors related to Kernel/Disk Driver.)
 CVE-2010-3514 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 6.1 and 7.0 allows remote attackers to affect integrity via unknown vectors related to Web Container.)
 CVE-2010-3513 (Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect integrity and availability via unknown vectors related to Device Drivers.)
 CVE-2010-3512 (Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0u8 allows remote authenticated users to affect confidentiality, related to DAV (WebDAV).)
 CVE-2010-3511 (Unspecified vulnerability in Oracle OpenSolaris allows local users to affect integrity and availability via unknown vectors related to Tooltalk.)
 CVE-2010-3509 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scheduler.)
 CVE-2010-3508 (Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Zones.)
 CVE-2010-3507 (Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Live Upgrade.)
 CVE-2010-3506 (Unspecified vulnerability in the Oracle Explorer (Sun Explorer) component in Oracle Sun Products Suite 6.4 allows local users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-3504 (Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect integrity via unknown vectors.)
 CVE-2010-3503 (Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect confidentiality and integrity via unknown vectors related to su.)
 CVE-2010-3502 (Unspecified vulnerability in the Siebel Core component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3 allows remote authenticated users to affect confidentiality via unknown vectors.)
 CVE-2010-3501 (Unspecified vulnerability in the OID component in Oracle Fusion Middleware 10.1.2.3, 10.1.4.3, and 11.1.1.2.0 allows remote attackers to affect availability via unknown vectors.)
 CVE-2010-3500 (Unspecified vulnerability in the Siebel Core - Highly Interactive Client component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2010-2419 (Unspecified vulnerability in the Java Virtual Machine component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2010-2418 (Unspecified vulnerability in the Oracle Territory Management component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors.)
 CVE-2010-2417 (Unspecified vulnerability in the Agile PLM component in Oracle Supply Chain Products Suite 9.3.0.0 allows remote authenticated users to affect integrity via unknown vectors.)
 CVE-2010-2416 (Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors.)
 CVE-2010-2415 (Unspecified vulnerability in the Change Data Capture component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_CDC_PUBLISH.)
 CVE-2010-2414 (Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun Java Communications Suite 7 components in Oracle Sun Products Suite 1.0 and 7.0 allows remote attackers to affect confidentiality via unknown vectors.)
 CVE-2010-2413 (Unspecified vulnerability in the BI Publisher component in Oracle Fusion Middleware 10.1.3.3.2 and 10.1.3.4.1 allows remote attackers to affect integrity via unknown vectors.)
 CVE-2010-2412 (Unspecified vulnerability in the OLAP component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-2411 (Unspecified vulnerability in the Job Queue component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DBMS_IJOB.)
 CVE-2010-2410 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors.)
 CVE-2010-2409 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors.)
 CVE-2010-2408 (Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors.)
 CVE-2010-2407 (Unspecified vulnerability in the XDK component in Oracle Database Server 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect integrity via unknown vectors.)
 CVE-2010-2406 (Unspecified vulnerability in the Siebel Core - Highly Interactive Client component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3 allows remote authenticated users to affect confidentiality via unknown vectors.)
 CVE-2010-2405 (Unspecified vulnerability in the Siebel Core - Highly Interactive Client component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2010-2404 (Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote authenticated users to affect integrity via unknown vectors related to Account.)
 CVE-2010-2396 (Unspecified vulnerability in the Forms component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors.)
 CVE-2010-2395 (Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors.)
 CVE-2010-2391 (Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5 and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-2390 (Unspecified vulnerability in the Database Control component in EM Console in Oracle Database Server 10.1.0.5 and 10.2.0.3, Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3, and Enterprise Manager Grid Control allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2010-2390 (Unspecified vulnerability in the Database Control component in EM Console in Oracle Database Server 10.1.0.5 and 10.2.0.3, Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3, and Enterprise Manager Grid Control allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2010-2390 (Unspecified vulnerability in the Database Control component in EM Console in Oracle Database Server 10.1.0.5 and 10.2.0.3, Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3, and Enterprise Manager Grid Control allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2010-2389 (Unspecified vulnerability in the Perl component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5; and Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0; allows local users to affect integrity via unknown vectors related to Local Logon.)
 CVE-2010-2389 (Unspecified vulnerability in the Perl component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5; and Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0; allows local users to affect integrity via unknown vectors related to Local Logon.)
 CVE-2010-2388 (Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors.)
 CVE-2010-1321 (The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing.)
 CVE-2010-0395 (OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed.)
 CVE-2009-3555 (The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.)
 CVE-2009-3302 (filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw.")
 CVE-2009-3301 (Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document.)
 CVE-2009-2950 (Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression.)
 CVE-2009-2949 (Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.)
Оригинальный текстdocumentAditya K Sood, CVE-2010-2404 | Persistent Cross Site Scripting Vulnerability in Oracle I-Recruitment - E-Business Suite (18.07.2011)
 documentAditya K Sood, CVE-2010-2408 | Persistent Log Out Redirection Vulnerability in Oracle I-Recruitment OA.jsp (28.11.2010)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2010-008] Oracle Virtual Server Agent Arbitrary File Access (04.11.2010)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2010-010] Oracle Virtual Server Agent Local Privilege Escalation (04.11.2010)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2010-009] Oracle Virtual Server Agent Remote Command Execution (04.11.2010)
 documentDSecRG, [DSECRG-09-029] Oracle BI Publisher Enterprise 10 - Response Splitting (28.10.2010)
 documentDSecRG, [DSECRG-09-032] Oracle Application Server - Linked XSS vulnerability (28.10.2010)
 documentEarly Warning, Java Multiple Issues (24.10.2010)
 documentRoberto Suggi, Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass (24.10.2010)
 documentVUPEN Security Research, VUPEN Security Research - Oracle Products HTTP Request Remote Buffer Overflow Vulnerability (CVE-2010-2390) (16.10.2010)
 documentddivulnalert_(at)_ddifronline.com, DDIVRT-2009-28 Sun Solaris 10 rpc.cmsd Buffer Overflow and Denial of Service (CVE-2010-3509) (13.10.2010)
 documentBonsai - Information Security, Bonsai Information Security - Oracle Virtual Server Agent Command Injection (13.10.2010)
 documentORACLE, Oracle Critical Patch Update Advisory - October 2010 (13.10.2010)
Файлы:Oracle Critical Patch Update Advisory - October 2010

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород