Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:17 декабря 2009 г.
Источник:
SecurityVulns ID:10479
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:HORDE : Horde 3.3
 CETERACMS : Cetera CMS 2.9
 SITECORE : Sitecore Staging Module 5.4
 QUIXPLORER : QuiXplorer 2.4
Оригинальный текстdocumentISecAuditors Security Advisories, [ISecAuditors Security Advisories] QuiXplorer <=2.4.1beta Remote Code Execution vulnerability (17.12.2009)
 documentISecAuditors Security Advisories, [ISecAuditors Security Advisories] Horde 3.3.5 "PHP_SELF" Cross-Site Scripting vulnerability (17.12.2009)
 documentSEC Consult Vulnerability Lab, SEC Consult SA-20091217-0 :: Authentication bypass and file manipulation in Sitecore Staging Module (17.12.2009)
 documentMustLive, Vulnerabilities in Cetera CMS (17.12.2009)

Многочисленные уязвимости в Nullsoft WinAmp
Опубликовано:17 декабря 2009 г.
Источник:
SecurityVulns ID:10480
Тип:клиент
Уровень опасности:
7/10
Описание:Переполнения буфера и целочисленные переполнения при разборе файлов Oktalyzer, Ultratracker, Impulse Tracker, JPEG, PNG.
Затронутые продукты:NULLSOFT : Winamp 5.56
CVE:CVE-2009-3997 (Integer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57 might allow remote attackers to execute arbitrary code via an Oktalyzer file that triggers a heap-based buffer overflow.)
 CVE-2009-3996 (Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file.)
 CVE-2009-3995 (Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information.)
Оригинальный текстdocumentVUPEN Security Research, VUPEN Security Research - Winamp PNG and JPEG Data Integer Overflow Vulnerabilities (17.12.2009)
 documentSECUNIA, Secunia Research: Winamp Oktalyzer Parsing Integer Overflow Vulnerability (17.12.2009)
 documentSECUNIA, Secunia Research: Winamp Ultratracker File Parsing Buffer Overflow (17.12.2009)
 documentSECUNIA, Secunia Research: Winamp Impulse Tracker Sample Parsing Buffer Overflow (17.12.2009)
 documentSECUNIA, Secunia Research: Winamp Impulse Tracker Instrument Parsing Buffer Overflows (17.12.2009)

Многочисленные уязвимости безопасности в Mozilla Firefox
Опубликовано:17 декабря 2009 г.
Источник:
SecurityVulns ID:10481
Тип:клиент
Уровень опасности:
8/10
Описание:Многочисленные повреждения памяти при разборе HTML и медиа-форматов, атаки NTLM-релеинга, подмена адреса, повышение привилегий, утечка информации.
Затронутые продукты:MOZILLA : SeaMonkey 2.0
 MOZILLA : Firefox 3.0
 MOZILLA : Firefox 3.5
CVE:CVE-2009-3987 (The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, generates different exception messages depending on whether the referenced COM object is listed in the registry, which allows remote attackers to obtain potentially sensitive information about installed software by making multiple calls that specify the ProgID values of different COM objects.)
 CVE-2009-3986 (Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to execute arbitrary JavaScript with chrome privileges by leveraging a reference to a chrome window from a content window, related to the window.opener property.)
 CVE-2009-3985 (Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.)
 CVE-2009-3984 (Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body.)
 CVE-2009-3983 (Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.)
 CVE-2009-3982 (Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2009-3981 (Unspecified vulnerability in the browser engine in Mozilla Firefox before 3.0.16, SeaMonkey before 2.0.1, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2009-3980 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2009-3979 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2009-3389 (Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.)
 CVE-2009-3388 (liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before 2.0.1 might allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to "memory safety issues.")
Оригинальный текстdocumentMOZILLA, Mozilla Foundation Security Advisory 2009-70 (17.12.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-65 (17.12.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-66 (17.12.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-67 (17.12.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-68 (17.12.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-69 (17.12.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-71 (17.12.2009)

Межсайтовый скриптинг в VMWare vCenter / ESX / WebWorks Help
Опубликовано:17 декабря 2009 г.
Источник:
SecurityVulns ID:10482
Тип:удаленная
Уровень опасности:
5/10
Затронутые продукты:VMWARE : VMware Server 2.0
 VMWARE : VMware ESX 4.0
 VMWARE : vCenter 4.0
 VMWARE : VMWare Lab Manager 4.0
CVE:CVE-2009-3731 (Multiple cross-site scripting (XSS) vulnerabilities in WebWorks Help 2.0 through 5.0 in VMware vCenter 4.0 before Update 1 Build 208156; VMware Server 2.0.2; VMware ESX 4.0; VMware Lab Manager 2.x; VMware vCenter Lab Manager 3.x and 4.x before 4.0.1; VMware Stage Manager 1.x before 4.0.1; WebWorks Publisher 6.x through 8.x; WebWorks Publisher 2003; and WebWorks ePublisher 9.0.x through 9.3, 2008.1 through 2008.4, and 2009.x before 2009.3 allow remote attackers to inject arbitrary web script or HTML via (1) wwhelp_entry.html, reachable through index.html and wwhsec.htm, (2) wwhelp/wwhimpl/api.htm, (3) wwhelp/wwhimpl/common/html/frameset.htm, (4) wwhelp/wwhimpl/common/scripts/switch.js, or (5) the window.opener component in wwhelp/wwhimpl/common/html/bookmark.htm, related to (a) unspecified parameters and (b) messages used in topic links for the bookmarking functionality.)
Оригинальный текстdocumentVMWARE, VMSA-2009-0017 VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues (17.12.2009)

Обход защиты в Cisco ASA SSL VPN
Опубликовано:17 декабря 2009 г.
Источник:
SecurityVulns ID:10484
Тип:удаленная
Уровень опасности:
5/10
Описание:Возможно обойти фильтрацию по URL.
Затронутые продукты:CISCO : Cisco ASA 5500
Оригинальный текстdocumentISecAuditors Security Advisories, [ISecAuditors Security Advisories] Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass (17.12.2009)

Выполнение кода в HP OpenView Storage Data Protector
дополнено с 17 декабря 2009 г.
Опубликовано:21 декабря 2009 г.
Источник:
SecurityVulns ID:10483
Тип:удаленная
Уровень опасности:
6/10
Затронутые продукты:HP : OpenView Data Protector Application Recovery Manager 6.0
 HP : OpenView Data Protector Application Recovery Manager 5.50
CVE:CVE-2007-2281
 CVE-2007-2280
Оригинальный текстdocumentZDI, TPTI-09-15: HP OpenView Data Protector Cell Manager Heap Overflow Vulnerability (21.12.2009)
 documentZDI, ZDI-09-099: Hewlett-Packard OpenView Data Protector Backup Client Service Buffer Overflow Vulnerability (21.12.2009)
 documentHP, [security bulletin] HPSBMA02252 SSRT061258, SSRT061259 rev.1 - HP OpenView Storage Data Protector, Remote Arbitrary Code Execution (17.12.2009)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород