Информационная безопасность
[RU] switch to English


DoS против DBus
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13124
Тип:локальная
Уровень опасности:
4/10
Описание:Отказ при обработке сообщения.
Затронутые продукты:DBUS : DBus 1.6
CVE:CVE-2013-2168 (The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message.)
Оригинальный текстdocumentUBUNTU, [USN-1874-1] DBus vulnerability (17.06.2013)

Многочисленные уязвимости безопасности в Wireshark
дополнено с 3 июня 2013 г.
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13095
Тип:удаленная
Уровень опасности:
5/10
Описание:Уязвимости в диссекторах GTPv2, ASN.1 BER, PPP CCP, DCP ETSI, MPEG DSM-CC, CAPWAP, HTTP, DCP ETSI и Websocket.
Затронутые продукты:WIRESHARK : Wireshark 1.8
CVE:CVE-2013-4083 (The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.)
 CVE-2013-4081 (The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet.)
 CVE-2013-4074 (The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.)
 CVE-2013-3562 (Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.)
 CVE-2013-3560 (The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.)
 CVE-2013-3559 (epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.)
 CVE-2013-3558 (The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.)
 CVE-2013-3557 (The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.)
 CVE-2013-3555 (epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2013:172 ] wireshark (17.06.2013)
 documentDEBIAN, [SECURITY] [DSA 2700-1] wireshark security update (03.06.2013)

DoS против Avira Antivir
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13125
Тип:библиотека
Уровень опасности:
5/10
Описание:Бесконечный цикл при сканировании PDF.
Затронутые продукты:AVIRA : AntiVir 8.2
Оригинальный текстdocumentLSE Leading Security Experts GmbH (Security Advisories), LSE Leading Security Experts GmbH - LSE-2013-06-13 - Avira AntiVir Engine (17.06.2013)

Многочисленные уязвимости безопасности в Apple Mac OS X
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13126
Тип:библиотека
Уровень опасности:
8/10
Описание:Утечка информации, повреждения памяти при разборе графических и видео форматов, повышение привилегий, уязвимости в различных библиотеках.
Затронутые продукты:APPLE : MacOS X 10.8
CVE:CVE-2013-1857 (The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded : (colon) characters in URLs, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted scheme name, as demonstrated by including a : sequence.)
 CVE-2013-1856 (The ActiveSupport::XmlMini_JDOM backend in lib/active_support/xml_mini/jdom.rb in the Active Support component in Ruby on Rails 3.0.x and 3.1.x before 3.1.12 and 3.2.x before 3.2.13, when JRuby is used, does not properly restrict the capabilities of the XML parser, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via vectors involving (1) an external DTD or (2) an external entity declaration in conjunction with an entity reference.)
 CVE-2013-1855 (The sanitize_css method in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle \n (newline) characters, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS) token sequences.)
 CVE-2013-1854 (The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attackers to cause a denial of service via crafted input to a where method.)
 CVE-2013-1024 (CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly initialize memory during the processing of text tracks, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.)
 CVE-2013-0990 (SMB in Apple Mac OS X before 10.8.4, when file sharing is enabled, allows remote authenticated users to create or modify files outside of a shared directory via unspecified vectors.)
 CVE-2013-0989 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP3 file.)
 CVE-2013-0988 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FPX file.)
 CVE-2013-0987 (Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QTIF file.)
 CVE-2013-0986 (Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted enof atoms in a movie file.)
 CVE-2013-0985 (Disk Management in Apple Mac OS X before 10.8.4 does not properly authenticate attempts to disable FileVault, which allows local users to cause a denial of service (loss of encryption functionality) via an unspecified command line.)
 CVE-2013-0984 (Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message.)
 CVE-2013-0983 (Stack consumption vulnerability in CoreAnimation in Apple Mac OS X before 10.8.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted text glyph in a URL encountered by Safari.)
 CVE-2013-0982 (The Private Browsing feature in CFNetwork in Apple Mac OS X before 10.8.4 does not prevent storage of permanent cookies upon exit from Safari, which might allow physically proximate attackers to bypass cookie-based authentication by leveraging an unattended workstation.)
 CVE-2013-0975 (Buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.8.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.)
 CVE-2013-0333 (lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication via crafted data that triggers unsafe decoding, a different vulnerability than CVE-2013-0156.)
 CVE-2013-0277 (ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML.)
 CVE-2013-0276 (ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request.)
 CVE-2013-0155 (Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2660 and CVE-2012-2694.)
 CVE-2012-5519 (CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface.)
 CVE-2012-4929 (The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack.)
Оригинальный текстdocumentAPPLE, APPLE-SA-2013-06-04-1 OS X Mountain Lion v10.8.4 and Security Update 2013-002 (17.06.2013)

Многочисленные уязвимости безопасности в WebKit / Apple Safari
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13127
Тип:клиент
Уровень опасности:
8/10
Описание:Многочисленные повреждения памяти и межсайтовый скриптинг.
Затронутые продукты:APPLE : Safari 6.0
CVE:CVE-2013-1023 (WebKit, as used in Apple Safari before 6.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2013-1009.)
 CVE-2013-1013 (XSS Auditor in WebKit in Apple Safari before 6.0.5 does not properly rewrite URLs, which allows remote attackers to trigger unintended form submissions via unspecified vectors.)
 CVE-2013-1012 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 6.0.5 allows remote attackers to inject arbitrary web script or HTML via vectors involving IFRAME elements.)
 CVE-2013-1011 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-1010 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-1009 (WebKit, as used in Apple Safari before 6.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2013-1023.)
 CVE-2013-1008 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-1007 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-1006 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-1005 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-1004 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-1003 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-1002 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-1001 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-1000 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-0999 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-0998 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-0997 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-0996 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-0995 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-0994 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-0993 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-0992 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-0991 (WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.)
 CVE-2013-0926 (Google Chrome before 26.0.1410.43 does not properly handle active content in an EMBED element during a copy-and-paste operation, which allows user-assisted remote attackers to have an unspecified impact via a crafted web site.)
 CVE-2013-0879 (Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.)
Оригинальный текстdocumentAPPLE, APPLE-SA-2013-06-04-2 Safari 6.0.5 (17.06.2013)

Обход защиты в telepathy-gabble
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13129
Тип:m-i-t-m
Уровень опасности:
5/10
Описание:Игнорируется флаг требования TLS в сети Jabber.
Затронутые продукты:TELEPATHY : telepathy-gabble 0.9
CVE:CVE-2013-1431 (The Wocky module in Telepathy Gabble before 0.16.6 and 0.17.x before 0.17.4, when connecting to a "legacy Jabber server," does not properly enforce the WockyConnector:tls-required flag, which allows remote attackers to bypass TLS verification and perform a man-in-the-middle attacks.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2702-1] telepathy-gabble security update (17.06.2013)

Многочисленные уязвимости безопасности в Chromium / Google Chrome
дополнено с 5 июня 2013 г.
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13112
Тип:клиент
Уровень опасности:
8/10
Описание:Использование памяти после освобождения, DoS, кратковременные условия, утечка информации, XSS.
Затронутые продукты:GOOGLE : Chrome 27.0
 CHROMIUM : Chromium 27.0
CVE:CVE-2013-2865 (Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.110 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.)
 CVE-2013-2863 (Google Chrome before 27.0.1453.110 does not properly handle SSL sockets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.)
 CVE-2013-2862 (Skia, as used in Google Chrome before 27.0.1453.110, does not properly handle GPU acceleration, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.)
 CVE-2013-2861 (Use-after-free vulnerability in the SVG implementation in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.)
 CVE-2013-2860 (Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving access to a database API by a worker process.)
 CVE-2013-2859 (Google Chrome before 27.0.1453.110 allows remote attackers to bypass the Same Origin Policy and trigger namespace pollution via unspecified vectors.)
 CVE-2013-2858 (Use-after-free vulnerability in the HTML5 Audio implementation in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.)
 CVE-2013-2857 (Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of images.)
 CVE-2013-2856 (Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input.)
 CVE-2013-2855 (The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.)
 CVE-2013-2849 (Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation.)
 CVE-2013-2848 (The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote attackers to obtain sensitive information via unspecified vectors.)
 CVE-2013-2847 (Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via unknown vectors.)
 CVE-2013-2846 (Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2840.)
 CVE-2013-2845 (The Web Audio implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.)
 CVE-2013-2844 (Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style resolution.)
 CVE-2013-2843 (Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of speech data.)
 CVE-2013-2842 (Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of widgets.)
 CVE-2013-2841 (Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of Pepper resources.)
 CVE-2013-2840 (Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2846.)
 CVE-2013-2839 (Google Chrome before 27.0.1453.93 does not properly perform a cast of an unspecified variable during handling of clipboard data, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors.)
 CVE-2013-2838 (Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.)
 CVE-2013-2837 (Use-after-free vulnerability in the SVG implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2706-1] chromium-browser security update (17.06.2013)
 documentDEBIAN, [SECURITY] [DSA 2695-1] chromium-browser security update (05.06.2013)

Уязвимости безопасности в Subversion
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13130
Тип:удаленная
Уровень опасности:
5/10
Описание:Несколько DoS условия.
Затронутые продукты:SUBVERSION : Subversion 1.6
CVE:CVE-2013-2112 (The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.)
 CVE-2013-1968 (Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2703-1] subversion security update (17.06.2013)

Переполнение буфера в PHP
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13131
Тип:библиотека
Уровень опасности:
7/10
Описание:Переполнение буфера в функции quoted_printable_encode()
Затронутые продукты:PHP : PHP 5.4
CVE:CVE-2013-2110 (Heap-based buffer overflow in the php_quot_print_encode function in ext/standard/quot_print.c in PHP before 5.3.26 and 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted argument to the quoted_printable_encode function.)
Оригинальный текстdocumentSLACKWARE, [slackware-security] php (SSA:2013-161-01) (17.06.2013)

Уязвимости безопасности в X-серверах и библиотеках
дополнено с 27 мая 2013 г.
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13089
Тип:библиотека
Уровень опасности:
7/10
Описание:Многочисленные целочисленные переполнения, переполнения буфера, повреждения памяти и т.п.
Затронутые продукты:LIBDMX : libdmx 1.1
 LIBXV : libxv 1.0
 LIBXVMC : libxvmc 1.0
 XORG : libxfixes 5.0
 XORG : libxrender 0.9
 XORG : mesa 8.0
 XORG : xserver-xorg-video-openchrome 0.2
 XORG : libxt 1.1
 XORG : libxcursor 1.1
 XORG : libxext 1.3
 XORG : libxi 1.6
 XORG : libxrandr 1.3
 XORG : libxp 1.0
 XORG : libxcb 1.8
 XORG : libfs 1.0
 XORG : libxres 1.0
 XORG : libxtst 1.2
 XORG : libxxf86dga 1.1
 XORG : libxinerama 1.1
 XORG : libxxf86vm 1.1
 LIBX11 : libx11 1.5
CVE:CVE-2013-2066 (Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function.)
 CVE-2013-2064 (Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.)
 CVE-2013-2063 (Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XRecordGetContext function.)
 CVE-2013-2062 (Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQueryScreens functions.)
 CVE-2013-2005 (X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEvents, (3) ReqTimedOut, (4) HandleNormal, and (5) HandleSelectionReplies functions.)
 CVE-2013-2004 (The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file.)
 CVE-2013-2003 (Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function.)
 CVE-2013-2002 (Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function.)
 CVE-2013-2001 (Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XF86VidModeGetGammaRamp function.)
 CVE-2013-2000 (Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XDGAQueryModes and (2) XDGASetMode functions.)
 CVE-2013-1999 (Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function.)
 CVE-2013-1998 (Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions.)
 CVE-2013-1997 (Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions.)
 CVE-2013-1996 (X.org libFS 1.0.4 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the FSOpenServer function.)
 CVE-2013-1995 (X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function.)
 CVE-2013-1994 (Multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro in openChrome 0.3.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) uniDRIOpenConnection and (2) uniDRIGetClientDriverName functions.)
 CVE-2013-1993 (Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XF86DRIOpenConnection and (2) XF86DRIGetClientDriverName functions.)
 CVE-2013-1992 (Multiple integer overflows in X.org libdmx 1.1.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) DMXGetScreenAttributes, (2) DMXGetWindowAttributes, and (3) DMXGetInputAttributes functions.)
 CVE-2013-1991 (Multiple integer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XDGAQueryModes and (2) XDGASetMode functions.)
 CVE-2013-1990 (Multiple integer overflows in X.org libXvMC 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvMCListSurfaceTypes and (2) XvMCListSubpictureTypes functions.)
 CVE-2013-1989 (Multiple integer overflows in X.org libXv 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvQueryPortAttributes, (2) XvListImageFormats, and (3) XvCreateImage function.)
 CVE-2013-1988 (Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XResQueryClients and (2) XResQueryClientResources functions.)
 CVE-2013-1987 (Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRenderQueryFilters, (2) XRenderQueryFormats, and (3) XRenderQueryPictIndexValues functions.)
 CVE-2013-1986 (Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRRQueryOutputProperty and (2) XRRQueryProviderProperty functions.)
 CVE-2013-1985 (Integer overflow in X.org libXinerama 1.1.2 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XineramaQueryScreens function.)
 CVE-2013-1984 (Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions.)
 CVE-2013-1983 (Integer overflow in X.org libXfixes 5.0 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XFixesGetCursorImage function.)
 CVE-2013-1982 (Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XcupGetReservedColormapEntries, (2) XcupStoreColors, (3) XdbeGetVisualInfo, (4) XeviGetVisualInfo, (5) XShapeGetRectangles, and (6) XSyncListSystemCounters functions.)
 CVE-2013-1981 (Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions.)
 CVE-2013-1872 (The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent attackers to cause a denial of service (reachable assertion and crash) and possibly execute arbitrary code via vectors involving 3d graphics that trigger an out-of-bounds array access, related to the fs_visitor::remove_dead_constants function. NOTE: this issue might be related to CVE-2013-0796.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2704-1] mesa security update (17.06.2013)
 documentDEBIAN, [SECURITY] [DSA 2693-1] libx11 security update (03.06.2013)
 documentDEBIAN, [SECURITY] [DSA 2675-2] libxvmc regression update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2692-1] libxxf86vm security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2691-1] libxinerama security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2690-1] libxxf86dga security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2689-1] libxtst security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2688-1] libxres security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2687-1] libfs security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2686-1] libxcb security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2685-1] libxp security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2684-1] libxrandr security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2683-1] libxi security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2682-1] libxext security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2681-1] libxcursor security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2680-1] libxt security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2679-1] xserver-xorg-video-openchrome security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2678-1] mesa security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2677-1] libxrender security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2676-1] libxfixes security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2675-1] libxvmc security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2674-1] libxv security update (27.05.2013)
 documentDEBIAN, [SECURITY] [DSA 2673-1] libdmx security update (27.05.2013)

Несанкционированный доступ к Ruckus ZoneDirector
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13132
Тип:удаленная
Уровень опасности:
5/10
Описание:Несанкционированный доступ при использовании внешнего протокола авторизации.
Затронутые продукты:RUCKUS : ZoneDirector 9.5
Оригинальный текстdocumentRuckus Product Security Team, RUCKUS ADVISORY ID 031813-2: User authentication bypass vulnerability in ZoneDirector administrative web interface (17.06.2013)

Переполнение буфера в Ubiquiti airCam
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13134
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнение буфера в RTSP-сервисе.
Затронутые продукты:UBIQUITI : airCam
CVE:CVE-2013-1606 (Buffer overflow in the ubnt-streamer RTSP service on the Ubiquiti UBNT AirCam with airVision firmware before 1.1.6 allows remote attackers to execute arbitrary code via a long rtsp: URI in a DESCRIBE request.)
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2013-0430 - Buffer overflow in Ubiquiti airCam RTSP service (17.06.2013)

Уязвимости безопасности в HP Service Manager / HP ServiceCenter
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13135
Тип:удаленная
Уровень опасности:
5/10
Описание:Межсайтовый скриптинг, утечка информации.
Затронутые продукты:HP : HP Service Manager 9.31
CVE:CVE-2013-2337 (Cross-site scripting (XSS) vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2013-2336 (HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to obtain sensitive information via unspecified vectors.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMU02884 rev.1 - HP Service Manager and HP ServiceCenter, Cross Site Scripting (XSS) and Disclosure of Information (17.06.2013)

Несанкционированный доступ к HP Integrated Lights-Out
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13136
Тип:удаленная
Уровень опасности:
5/10
Описание:Несанкционированный доступ при использовании SSO
Затронутые продукты:HP : Integrated Lights-Out 3
 HP : Integrated Lights-Out 4
CVE:CVE-2013-2338 (Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote attackers to execute arbitrary code via unknown vectors.)
Оригинальный текстdocumentHP, [security bulletin] HPSBHF02885 rev.1 - HP Integrated Lights-Out iLO3 and iLO4 using Single-Sign-On (SSO), Remote Unauthorized Access (17.06.2013)

DoS против pymongo
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13137
Тип:библиотека
Уровень опасности:
5/10
Описание:Обращение по нулевому указателю.
Затронутые продукты:PYTHON : pymongo 2.5
CVE:CVE-2013-2132 (bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef.")
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2705-1] pymongo security update (17.06.2013)

DoS против Mozilla Firefox / Microsoft Internet Explorer
Опубликовано:17 июня 2013 г.
Источник:
SecurityVulns ID:13138
Тип:клиент
Уровень опасности:
4/10
Описание:Подвисание или отказ через исчерпание ресурсов.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MOZILLA : Firefox 15.0
Оригинальный текстdocumentMustLive, DoS vulnerability in Mozilla Firefox and Microsoft Internet Explorer (17.06.2013)
 documentpereira_(at)_secbiz.de, Mozilla Firefox 14.01 Memory Exhaustion DoS Exploit (17.06.2013)

Многочисленные уязвимости безопасности в OpenStack
дополнено с 17 июня 2013 г.
Опубликовано:1 июля 2013 г.
Источник:
SecurityVulns ID:13128
Тип:библиотека
Уровень опасности:
6/10
Описание:Обход защиты и обход аутентификации в Keystone, DoS через Nova.
Затронутые продукты:OPENSTACK : Nova 2012.2
 OPENSTACK : KeyStone 2012.2
 OPENSTACK : Grizzly 2013.1
 OPENSTACK : Nova 2013.1
 OPENSTACK : OpenStack Object Storage 1.7
CVE:CVE-2013-4155 (OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE request with a timestamp that is older than expected.)
 CVE-2013-2161 (XML injection vulnerability in account/utils.py in OpenStack Swift Folsom, Grizzly, and Havana allows attackers to trigger invalid or spoofed Swift responses via an account name.)
 CVE-2013-2157 (OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password.)
 CVE-2013-2104 (python-keystoneclient before 0.2.4, as used in OpenStack Keystone (Folsom), does not properly check expiry for PKI tokens, which allows remote authenticated users to (1) retain use of a token after it has expired, or (2) use a revoked token once it expires.)
 CVE-2013-2096 (OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image allows local users to cause a denial of service (host file system disk consumption) by creating an image with a large virtual size that does not contain a large amount of data.)
 CVE-2013-2059 (OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token.)
 CVE-2012-4406 (OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object.)
 CVE-2012-4406 (OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object.)
Оригинальный текстdocumentUBUNTU, [USN-1887-1] OpenStack Swift vulnerabilities (01.07.2013)
 documentUBUNTU, [USN-1831-1] OpenStack Nova vulnerability (17.06.2013)
 documentUBUNTU, [USN-1830-1] OpenStack Keystone vulnerability (17.06.2013)
 documentUBUNTU, [USN-1875-1] OpenStack Keystone vulnerabilities (17.06.2013)

Обход защиты в устройствах Ruckus
дополнено с 17 июня 2013 г.
Опубликовано:1 декабря 2013 г.
Источник:
SecurityVulns ID:13133
Тип:удаленная
Уровень опасности:
6/10
Описание:Возможен релеинг ssh-соединений без аутентификации, обход аутентификации в Web, межсайтовый скриптинг
Затронутые продукты:RUCKUS : ZoneDirector 9.5
 RUCKUS : ZoneFlex 9.5
Оригинальный текстdocumentRUCKUS, RUCKUS ADVISORY ID 111113-2: Authenticated persistent cross site scripting vulnerability in guest pass provisioning web interface on ZoneDirector controllers (01.12.2013)
 documentRUCKUS, RUCKUS ADVISORY ID 111113-1: Authenticated code injection vulnerability in ZoneDirector administrative web interface (01.12.2013)
 documentRUCKUS, RUCKUS ADVISORY ID 10282013 - User authentication bypass vulnerability in Ruckus Access Point's administrative web interface (01.12.2013)
 documentRuckus Product Security Team, RUCKUS ADVISORY ID 031813-1: Unauthenticated TCP tunneling on Ruckus devices via SSH server process (17.06.2013)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород