Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопаности в Adobe Acrobat и Reader
дополнено с 17 января 2010 г.
Опубликовано:15 марта 2010 г.
Источник:
SecurityVulns ID:10516
Тип:клиент
Уровень опасности:
8/10
Описание:Выполнение кода, повреждения памяти, переполнения буфера, DoS, целочисленные переполнения при разборе PDF.
Затронутые продукты:ADOBE : Reader 8.1
 ADOBE : Acrobat 8.1
 ADOBE : Reader 9.2
 ADOBE : Acrobat 9.2
 ADOBE : Acrobat 9.3
 ADOBE : Reader 9.3
CVE:CVE-2010-0188 (Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2009-4324 (Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.)
 CVE-2009-3959 (Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document.)
 CVE-2009-3958 (Multiple stack-based buffer overflows in the NOS Microsystems getPlus Helper ActiveX control before 1.6.2.49 in gp.ocx in the Download Manager in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow remote attackers to execute arbitrary code via unspecified initialization parameters.)
 CVE-2009-3957 (Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors.)
 CVE-2009-3956 (The default configuration of Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, does not enable the Enhanced Security feature, which has unspecified impact and attack vectors, related to a "script injection vulnerability," as demonstrated by Acrobat Forms Data Format (FDF) behavior that allows cross-site scripting (XSS) by user-assisted remote attackers.)
 CVE-2009-3955 (Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption.)
 CVE-2009-3954 (The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a "DLL-loading vulnerability.")
 CVE-2009-3953 (The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994.)
Оригинальный текстdocumentvillys777_(at)_gmail.com, CVE-2010-0188 Exploit Code (15.03.2010)
 documentIDEFENSE, iDefense Security Advisory 01.12.10: Adobe Reader and Acrobat JpxDecode Memory Corruption Vulnerability (17.01.2010)
 documentVUPEN Security Research, VUPEN Security Research - Adobe Acrobat and Reader U3D Integer Overflow Vulnerability (17.01.2010)
 documentADOBE, Security updates available for Adobe Reader and Acrobat (17.01.2010)
 documentCERT, US-CERT Technical Cyber Security Alert TA10-013A -- Adobe Reader and Acrobat Vulnerabilities (17.01.2010)
Файлы:Adobe PDF LibTiff Integer Overflow Code Execution

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
дополнено с 15 марта 2010 г.
Опубликовано:15 марта 2010 г.
Источник:
SecurityVulns ID:10690
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:EGROUPWARE : Egroupware 1.4
 PHPFUSION : PHP-Fusion 6.01
 DRUPAL : Drupal 6.6
 PHPMYADMIN : phpMyAdmin 3.3
 PHPFUSION : PHP-Fusion 7.0
 CLANPORTAL : Clanportal 1.5
 DESKTOPONNET : DesktopOnNet 3
 DIRECTADMIN : DirectAdmin 1.35
 MOINMOIN : MoinMoin 1.9
 ANANTASOFT : Ananta Gazelle 1.0
CVE:CVE-2010-0717 (The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors.)
 CVE-2010-0669 (MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitize user profiles, which has unspecified impact and attack vectors.)
 CVE-2010-0668 (Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured.)
Оригинальный текстdocumentfaghani_(at)_nsec.ir, Pars CMS SQL Injection Vulnerability (15.03.2010)
 documentfaghani_(at)_nsec.ir, Zigurrat CMS SQL Injection Vulnerability (15.03.2010)
 documentadmin_(at)_bugreport.ir, Ananta Gazelle SQL Injection Vulnerability (15.03.2010)
 documentDEBIAN, [SECURITY] [DSA 2016-1] New drupal6 packages fix several vulnerabilities (15.03.2010)
 documentDEBIAN, [XSS] I found a xss in phpmyadmin 3.3.0 when we create new database in interface! (15.03.2010)
 documentDEBIAN, [SECURITY] [DSA 2013-1] New egroupware packages fix several vulnerabilities (15.03.2010)
 documentDEBIAN, [SECURITY] [DSA 2014-1] New moin packages fix several vulnerabilities (15.03.2010)
 documentInj3ct0r.com, DirectAdmin <= v1.35.1 XSS vuln. (15.03.2010)
 documentInj3ct0r.com, deV!L`z Clanportal 1.5.2 Remote File Include Vulnerability (15.03.2010)
 documentInj3ct0r.com, DesktopOnNet 3 Beta9 Local File Include Vulnerability (15.03.2010)
 documentInj3ct0r.com, PHP-Fusion-AP-7.00.2-Rus (search.php) disclosure ways (15.03.2010)
 documentInj3ct0r.com, PHP-Fusion <= 6.01.15.4 (downloads.php) SQL Injection Vulnerability (15.03.2010)
 documentInj3ct0r.com, PHP-fusion-6-01-18 (members.php) disclosure ways (15.03.2010)
 documentMustLive, Vulnerabilities in VXDate for Joomla (15.03.2010)

Многочисленыне уязвимости безопасности в Skype
Опубликовано:15 марта 2010 г.
Источник:
SecurityVulns ID:10691
Тип:клиент
Уровень опасности:
7/10
Описание:Выполнение кода и несанкционированный доступ к файлам при обработке URI.
Затронутые продукты:SKYPE : Skype 4.1
Оригинальный текстdocumentPaul Craig, Skype URI Handler Input Validation (15.03.2010)
 documentZDI, ZDI-10-027: Skype Protocol Handler datapath Argument Injection Remote Code Execution Vulnerability (15.03.2010)
 documentZDI, ZDI-10-028: Skype URI Processing Arbitrary XML File Deletion Vulnerability (15.03.2010)

Многочисленные уязвимости безопасности в SUPERAntiSpyware / SuperADBlocker
Опубликовано:15 марта 2010 г.
Источник:
SecurityVulns ID:10693
Тип:локальная
Уровень опасности:
5/10
Описание:Многочисленные DoS условия, утечка информации, повышение привилегий, повреждения памяти.
Затронутые продукты:SUPERANTISPYWARE : SUPERAntiSpyware 4.34
 SUPERADBLOCKER : SuperAdBlocker 4.6
Оригинальный текстdocumentLuka Milkovic, Multiple vulnerabilities in SUPERAntiSpyware and Super Ad Blocker (15.03.2010)

Многочисленные уязвимости безопасности в WebKit / Apple Safari / Google Chrome
дополнено с 15 марта 2010 г.
Опубликовано:17 марта 2010 г.
Источник:
SecurityVulns ID:10692
Тип:библиотека
Уровень опасности:
7/10
Описание:Использование памяти после освобождения, целочисленное переполнение, перехват событий ввода пользователя.
Затронутые продукты:APPLE : Safari 4.0
 GOOGLE : Chrome 3.0
CVE:CVE-2010-0050 (Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.)
 CVE-2010-0040 (Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow.)
Оригинальный текстdocumentZDI, ZDI-10-030: Apple WebKit CSS run-in Attribute Rendering Remote Code Execution Vulnerability (17.03.2010)
 documentZDI, ZDI-10-031: Apple Webkit Blink Event Dangling Pointer Remote Code Execution Vulnerability (17.03.2010)
 documentMichal Zalewski, ...because you can't get enough of clickjacking (16.03.2010)
 documentZDI, ZDI-10-029: Apple WebKit innerHTML element Substitution Remote Code Execution Vulnerability (16.03.2010)
 documentVUPEN Security Research, VUPEN Security Research - Apple Safari ColorSync Profile Integer Overflow Vulnerability (15.03.2010)
 documentIDEFENSE, iDefense Security Advisory 03.11.10: Multiple Vendor WebKit HTML Element Use After Free Vulnerability (15.03.2010)
Файлы:Browsers focus hijack demonstration

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород