Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Microsoft Windows Media Runtime
дополнено с 13 октября 2009 г.
Опубликовано:14 октября 2009 г.
Источник:
SecurityVulns ID:10311
Тип:библиотека
Уровень опасности:
6/10
Описание:Переполнения буфера, повреждения памяти.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-2525 (Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via (1) a crafted media file or (2) crafted streaming content, aka "Windows Media Runtime Heap Corruption Vulnerability.")
 CVE-2009-0555 (Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability.")
Оригинальный текстdocumentifsecure_(at)_gmail.com, Windows Media Audio Voice remote code execution (14.10.2009)
 documentZDI, ZDI-09-069: Microsoft Windows Media Player Audio Voice Sample Rate Memory Corruption Vulnerability (14.10.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-051 - Critical Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682) (13.10.2009)
Файлы:Microsoft Security Bulletin MS09-051 - Critical Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)

Многочисленные уязвимости безопасности в Microsoft Internet Explorer
дополнено с 13 октября 2009 г.
Опубликовано:14 октября 2009 г.
Источник:
SecurityVulns ID:10313
Тип:клиент
Уровень опасности:
7/10
Описание:Многочисленные повреждения памяти.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2009-2531 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2530.)
 CVE-2009-2530 (Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-2531.)
 CVE-2009-2529 (Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability.")
 CVE-2009-1547 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability.")
Оригинальный текстdocumentZDI, ZDI-09-071: Microsoft Internet Explorer writing-mode Memory Corruption Vulnerability (14.10.2009)
 documentZDI, ZDI-09-070: Microsoft Internet Explorer Event Object Type Double-Free Vulnerability (14.10.2009)
 documentBerend-Jan Wever, MSIE Content-Encoding: deflate memory corruption vulnerability (14.10.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-054 - Critical Cumulative Security Update for Internet Explorer (974455) (13.10.2009)
Файлы:Microsoft Security Bulletin MS09-054 - Critical Cumulative Security Update for Internet Explorer (974455)

Многочисленные уязвимости безопасности в Microsoft .Net
Опубликовано:14 октября 2009 г.
Источник:
SecurityVulns ID:10318
Тип:библиотека
Уровень опасности:
8/10
Описание:Многочисленные уязвимости позволяют выход из ограниченной среды.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2009-2497 (The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted Silverlight application, (3) a crafted ASP.NET application, or (4) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Vulnerability.")
 CVE-2009-0091 (Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Type Verification Vulnerability.")
 CVE-2009-0090 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft .NET Framework Pointer Verification Vulnerability.")
Оригинальный текстdocumentMICROSOFT, Microsoft Security Bulletin MS09-061 - Critical Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378) (14.10.2009)
Файлы:Microsoft Security Bulletin MS09-061 - Critical Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378)

Многочисленные уязвимости безопасности в Microsoft GDI+
Опубликовано:14 октября 2009 г.
Источник:
SecurityVulns ID:10319
Тип:библиотека
Уровень опасности:
8/10
Описание:Многочисленные уязвимости при разборе WMF, PNG, TIFF, BMP и др.
Затронутые продукты:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-3126 (Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Integer Overflow Vulnerability.")
 CVE-2009-2528 (GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability.")
 CVE-2009-2518 (Integer overflow in GDI+ in Microsoft Office XP SP3 allows remote attackers to execute arbitrary code via an Office document with a bitmap (aka BMP) image that triggers memory corruption, aka "Office BMP Integer Overflow Vulnerability.")
 CVE-2009-2504 (Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "GDI+ .NET API Vulnerability)
 CVE-2009-2503 (GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka "GDI+ TIFF Memory Corruption Vulnerability.")
 CVE-2009-2502 (Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka "GDI+ TIFF Buffer Overflow Vulnerability.")
 CVE-2009-2501 (Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Heap Overflow Vulnerability.")
 CVE-2009-2500 (Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka "GDI+ WMF Integer Overflow Vulnerability.")
Оригинальный текстdocumentSECUNIA, Secunia Research: Microsoft Office BMP Image Colour Handling Integer Overflow (14.10.2009)
 documentifsecure_(at)_gmail.com, Windows GDI+ TIFF memory corruption (14.10.2009)
 documentIDEFENSE, iDefense Security Advisory 10.13.09: Microsoft Office Drawing Format Shape Properties Memory Corruption Vulnerability (14.10.2009)
 documentIDEFENSE, iDefense Security Advisory 10.13.09: Microsoft Windows GDI+ TIFF File Parsing Buffer Overflow Vulnerability (14.10.2009)
 documentZDI, ZDI-09-072: Microsoft Windows GDI+ TIFF Parsing Code Execution Vulnerability (14.10.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-062 - Critical Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488) (14.10.2009)
Файлы:Microsoft Security Bulletin MS09-062 - Critical Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:14 октября 2009 г.
Источник:
SecurityVulns ID:10321
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:ACHIEVO : Achievo 1.3
 ECLIPSE : BIRT 2.2
 PENTAHO : Pentaho 1.7
CVE:CVE-2009-2734 (SQL injection vulnerability in the get_employee function in classweekreport.inc in Achievo before 1.4.0 allows remote attackers to execute arbitrary SQL commands via the userid parameter (aka user_id variable) to dispatch.php.)
 CVE-2009-2733 (Multiple cross-site scripting (XSS) vulnerabilities in Achievo before 1.4.0 allow remote attackers to inject arbitrary web script or HTML via (1) the scheduler title in the scheduler module, and the (2) atksearch[contractnumber], (3) atksearch_AE_customer[customer], (4) atksearchmode[contracttype], and possibly (5) atksearch[contractname] parameters to the Organization Contracts administration page, reachable through dispatch.php.)
Оригинальный текстdocumentMichele Orru, [AntiSnatchOr] Pentaho Bi-server multiple vulnerabilities (14.10.2009)
 documentMichele Orru, [AntiSnatchOr] Eclipse BIRT <= 2.2.1 Reflected XSS (14.10.2009)
 documentBonsai - Information Security, [BONSAI] XSS in Achievo - Customized XSS payload included (14.10.2009)
 documentBonsai - Information Security, [BONSAI] SQL Injection in Achievo (14.10.2009)

Многочисленные уязвимости безопасности в Samba
Опубликовано:14 октября 2009 г.
Источник:
SecurityVulns ID:10322
Тип:удаленная
Уровень опасности:
6/10
Описание:Локальный доступ к файлам, DoS, несанкционированный доступ.
Затронутые продукты:SAMBA : Samba 3.0
 SAMBA : Samba 3.2
 SAMBA : Samba 3.1
 SAMBA : Samba 3.3
 SAMBA : Samba 3.4
CVE:CVE-2009-2948 (mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option.)
 CVE-2009-2906 (smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.)
 CVE-2009-2813 (Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 1908-1] New samba packages fix several vulnerabilities (14.10.2009)

Многочисленные уязвимости в Adobe Acrobat / Reader
дополнено с 14 октября 2009 г.
Опубликовано:19 октября 2009 г.
Источник:
SecurityVulns ID:10320
Тип:удаленная
Уровень опасности:
8/10
Описание:Многочисленные повреждения памяти, переполнения индексов массива и т.п.
Затронутые продукты:ADOBE : Adobe Reader 8.1
 ADOBE : Adobe Reader 9.1
 ADOBE : Adobe Reader 7.1
CVE:CVE-2009-3459 (Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.)
 CVE-2009-3458 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998.)
 CVE-2009-2998 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-3458.)
 CVE-2009-2997 (Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.)
 CVE-2009-2991 (Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2, might allow remote attackers to execute arbitrary code via unknown vectors.)
 CVE-2009-2990 (Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors.)
 CVE-2009-2985 (Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2996.)
Оригинальный текстdocumentcocoruder, In-depth research on the recent PDF zero-day exploit (CVE-2009-3459) (19.10.2009)
 documentsecurity_(at)_nruns.com, n.runs-SA-2009.007 - Adobe Acrobat - Invalid pointer write could lead to arbitrary code execution (17.10.2009)
 documentVUPEN Security Research, VUPEN Security - Adobe Acrobat and Reader U3D Filter Code Execution Vulnerabilities (17.10.2009)
 documentIDEFENSE, iDefense Security Advisory 10.13.09: Adobe Acrobat and Reader Firefox Plugin Use After Free Vulnerability (14.10.2009)
 documentZDI, ZDI-09-073: Adobe Reader Compact Font Format Malformed Index Memory Corruption Vulnerability (14.10.2009)
 documentIDEFENSE, iDefense Security Advisory 10.13.09: Adobe Acrobat and Reader U3D File Invalid Array Index Vulnerability (14.10.2009)
 documentCERT, US-CERT Technical Cyber Security Alert TA09-286B -- Adobe Reader and Acrobat Vulnerabilities (14.10.2009)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород