Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Adobe Shockwave Player
дополнено с 17 июня 2011 г.
Опубликовано:19 июня 2011 г.
Источник:
SecurityVulns ID:11741
Тип:удаленная
Уровень опасности:
8/10
Описание:Многочисленные повреждения памяти, переполнения буфера, выполнение кода.
Затронутые продукты:ADOBE : Shockwave Player 11.5
CVE:CVE-2011-2129
 CVE-2011-2127 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2128.)
 CVE-2011-2126 (Buffer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2125 (Buffer overflow in Dirapix.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2124 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2127, and CVE-2011-2128.)
 CVE-2011-2123 (Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code via a crafted subrecord in a DEMX chunk, which triggers a heap-based buffer overflow.)
 CVE-2011-2122 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to rcsL substructures, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2119.)
 CVE-2011-2121 (Integer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2120 (Integer overflow in the CursorAsset x32 component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2119 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2122.)
 CVE-2011-2118 (The FLV ASSET Xtra component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to an "input validation vulnerability.")
 CVE-2011-2117 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128.)
 CVE-2011-2116 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2111 and CVE-2011-2115.)
 CVE-2011-2115 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116.)
 CVE-2011-2114 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2117, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128.)
 CVE-2011-2113 (Multiple buffer overflows in the Shockwave3DAsset component in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2112 (Multiple buffer overflows in IML32.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2111 (IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2115 and CVE-2011-2116.)
 CVE-2011-2109 (Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2108 (Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to a "design flaw.")
 CVE-2011-0335 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-2119, and CVE-2011-2122.)
 CVE-2011-0320 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.)
 CVE-2011-0319 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.)
 CVE-2011-0318 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.)
 CVE-2011-0317 (Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.)
Оригинальный текстdocumentsignaladvisory_(at)_gmail.com, [BGA - SignalSEC Advisory]:Adobe Shockwave Player Remote Code Execution (19.06.2011)
 documentIDEFENSE, iDefense Security Advisory 06.14.11: Adobe Shockwave Cursor Asset tSAC Chunk Integer Overflow Vulnerability (19.06.2011)
 documentIDEFENSE, iDefense SecurityiDefense Security Advisory 06.14.11: Adobe Shockwave Font Asset Heap Overflow Vulnerabilityr Signedness Vulnerability (19.06.2011)
 documentIDEFENSE, iDefense Security Advisory 06.14.11: Adobe Shockwave Lingo Script Opcodes Integer Signedness Vulnerability (19.06.2011)
 documentZDI, ZDI-11-200: Adobe Shockwave AudioMixer Structure Parsing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-205: Adobe Shockwave Missing Lctx Chunk Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-206: Adobe Shockwave GIF Decompression Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-211: Adobe Shockwave Shockwave 3d Asset.x32 DEMX Chunk 0xFFFFFF49 Field Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-221: Adobe Shockwave Shockwave 3d Asset.x32 DEMX 0xFFFFFF45 Field Parsing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, TPTI-11-07: Adobe Shockwave iml32.dll CSWV Chunk Parsing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-204: Adobe Shockwave TextXtra Text Element Parsing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-207: Adobe Shockwave tSAC Chunk String Termination Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-210: Adobe Shockwave rcsL Chunk Parsing Misallocation Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, TPTI-11-08: Adobe Shockwave iml32.dll DEMX Chunk GIF Parsing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, TPTI-11-11: Adobe Shockwave Lnam Chunk Parsing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-209: Adobe Shockwave rcsL Substructure Parsing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-212: Adobe Shockwave KEY* Chunk Invalid Size Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-213: Adobe Shockwave rcsL Trusted Offset Chunk Processing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-214: Adobe Shockwave CASt Chunk Parsing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-220: Adobe Shockwave Director File rcsL Chunk Multiple Opcode Parsing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-201: Adobe Shockwave Cursor Structure Parsing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-202: Adobe Shockwave rcsL String Parsing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-208: Adobe Shockwave rcsL Parsing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, TPTI-11-10: Adobe Shockwave dirapi.dll rcsL Chunk Parsing Remote Code Execution Vulnerability (19.06.2011)
 documentIDEFENSE, iDefense Security Advisory 06.14.11: Adobe Shockwave 3D Asset DEMX Integer Overflow Vulnerability (19.06.2011)
 document , ZDI-11-222: Adobe Shockwave Shockwave 3d Asset.x32 DEMX Chunk Substructure Count Remote Code Execution Vulnerability (17.06.2011)
 documentZDI, ZDI-11-203: Adobe Shockwave xtcL Chunk Parsing Integer Overflow Remote Code Execution Vulnerability (17.06.2011)
 documentZDI, ZDI-11-216: Adobe Shockwave rcsL Chunk 16-bit Field Parsing Remote Code Execution Vulnerability (17.06.2011)
 documentZDI, ZDI-11-217: Adobe Shockwave Font Structure Parsing Remote Code Execution Vulnerability (17.06.2011)
 documentZDI, ZDI-11-215: Adobe Shockwave DEMX Chunk Multiple Field Parsing Remote Code Execution Vulnerability (17.06.2011)
Файлы:Security update available for Adobe Shockwave Player

Многочисленные уязвимости безопасности в Adobe Reader / Acrobat
дополнено с 17 июня 2011 г.
Опубликовано:19 июня 2011 г.
Источник:
SecurityVulns ID:11740
Тип:клиент
Уровень опасности:
7/10
Описание:Переполнения буфера, повреждение памяти, выполнение кода, сприптинг между документами.
Затронутые продукты:ADOBE : Reader 10.0
 ADOBE : Acrobat 10.0
CVE:CVE-2011-2106 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.)
 CVE-2011-2105 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted font data.)
 CVE-2011-2104 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.)
 CVE-2011-2103 (Adobe Reader and Acrobat 8.x before 8.3 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.)
 CVE-2011-2102 (Unspecified vulnerability in Adobe Reader and Acrobat before 10.1 on Windows and Mac OS X allows attackers to bypass intended access restrictions via unknown vectors.)
 CVE-2011-2101 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X do not properly restrict script, which allows attackers to execute arbitrary code via a crafted document, related to a "cross document script execution vulnerability.")
 CVE-2011-2100 (Untrusted search path vulnerability in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory.)
 CVE-2011-2099 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2098.)
 CVE-2011-2098 (Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2099.)
 CVE-2011-2097 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2095.)
 CVE-2011-2096 (Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2095 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2097.)
 CVE-2011-2094 (Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2095 and CVE-2011-2097.)
Оригинальный текстdocumentZDI, ZDI-11-218: Adobe Acrobat Reader tesselate.x3d Multimedia Playing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-219: Adobe Acrobat Reader 3difr.x3d Multimedia Playing Remote Code Execution Vulnerability (19.06.2011)
Файлы:Security updates available for Adobe Reader and Acrobat

DoS против Microsoft Hyper-V
дополнено с 15 июня 2011 г.
Опубликовано:19 июня 2011 г.
Источник:
SecurityVulns ID:11734
Тип:локальная
Уровень опасности:
5/10
Описание:Отказ при обработке команд VMBus
Затронутые продукты:MICROSOFT : Windows 2008 Server
CVE:CVE-2011-1872 (Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 allows guest OS users to cause a denial of service (host OS infinite loop) via malformed machine instructions in a VMBus packet, aka "VMBus Persistent DoS Vulnerability.")
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2011-0203 - MS HyperV Persistent DoS Vulnerability (19.06.2011)
Файлы:Microsoft Security Bulletin MS11-047 - Important Vulnerability in Hyper-V Could Allow Denial of Service (2525835)

Многочисленные уязвимости безопасности Microsoft Windows
дополнено с 15 июня 2011 г.
Опубликовано:19 июня 2011 г.
Источник:
SecurityVulns ID:11730
Тип:клиент
Уровень опасности:
8/10
Описание:Переполнение буфера при разборе файлов WMF. Неинициализированные указатели при разборе OTF. Повреждения памяти в DFS. Повреждения памяти в SMB клиенте и сервере. Повышение привилегий через afd.sys
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2011-1873 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate pointers during the parsing of OpenType (aka OTF) fonts, which allows remote attackers to execute arbitrary code via a crafted font file, aka "Win32k OTF Validation Vulnerability.")
 CVE-2011-1869 (The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote DFS servers to cause a denial of service (system hang) via a crafted referral response, aka "DFS Referral Response Vulnerability.")
 CVE-2011-1868 (The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate fields in DFS responses, which allows remote DFS servers to execute arbitrary code via a crafted response, aka "DFS Memory Corruption Vulnerability.")
 CVE-2011-1268 (The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Response Parsing Vulnerability.")
 CVE-2011-1267 (The SMB server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 request, aka "SMB Request Parsing Vulnerability.")
 CVE-2011-1249 (The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability.")
 CVE-2011-0658 (Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted WMF file, aka "OLE Automation Underflow Vulnerability.")
Оригинальный текстdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Windows OLE Automation Integer Underflow Vulnerability (MS11-038) (19.06.2011)
Файлы:Microsoft Security Bulletin MS11-038 - Critical Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490)
 Microsoft Security Bulletin MS11-041 - Critical Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2525694)
 Microsoft Security Bulletin MS11-042 - Critical Vulnerabilities in Distributed File System Could Allow Remote Code Execution (2535512)
 Microsoft Security Bulletin MS11-043 - Critical Vulnerability in SMB Client Could Allow Remote Code Execution (2536276)
 Microsoft Security Bulletin MS11-046 - Important Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2503665)
 Microsoft Security Bulletin MS11-048 - Important Vulnerability in SMB Server Could Allow Denial of Service (2536275)

Многочисленные уязвимости безопасности в Oracle Java
дополнено с 10 июня 2011 г.
Опубликовано:19 июня 2011 г.
Источник:
SecurityVulns ID:11721
Тип:библиотека
Уровень опасности:
9/10
Описание:Многочисленные целочисленные переполнения при разборе профилей ICC. Переход по неинициализированному указателю в Windows. Выполнение шел-команд в Java Web Start.
Затронутые продукты:ORACLE : Jre 6.0
 ORACLE : JDK 6.0
CVE:CVE-2011-0863 (Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.)
 CVE-2011-0862 (Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.)
 CVE-2011-0817 (Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.)
Оригинальный текстdocumentZDI, TPTI-11-06: Oracle Java ICC Profile rcs2 Tag Parsing Remote Code Execution Vulnerability (19.06.2011)
 documentZDI, ZDI-11-199: Oracle Java Soundbank Decompression Remote Code Execution Vulnerability (19.06.2011)
 documentZacheusz Siedlecki, Java HotSpot Cryptographic Provider signature verification vulnerability (11.06.2011)
 documentZDI, ZDI-11-182: Oracle Java IE Browser Plugin Corrupted Window Procedure Hook Remote Code Execution Vulnerability (10.06.2011)
 documentZDI, ZDI-11-183: Oracle Java ICC Profile MultiLanguage 'mluc' Tag Parsing Remote Code Execution Vulnerability (10.06.2011)
 documentZDI, ZDI-11-184: Oracle Java ICC Profile Sequence Description 'pseq' Tag Parsing Remote Code Execution Vulnerability (10.06.2011)
 documentZDI, ZDI-11-185: Oracle Java ICC Profile 'bfd ' Tag Parsing Remote Code Execution Vulnerability (10.06.2011)
 documentZDI, ZDI-11-188: Oracle Java ICC Profile ncl2 Count Tag Parsing Remote Code Execution Vulnerability (10.06.2011)
 documentZDI, ZDI-11-191: Oracle Java ICC Screening Tag Parsing Remote Code Execution Vulnerability (10.06.2011)
 documentZDI, ZDI-11-192: Oracle Java Web Start Command Argument Injection Remote Code Execution Vulnerability (10.06.2011)
 documentZDI, ZDI-11-190: Oracle Java ICC Profile 'crdi' Tag Parsing Remote Code Execution Vulnerability (10.06.2011)
 documentZDI, ZDI-11-186: Oracle Java ICC Profile Multi-Language 'curv' Tag Parsing Remote Code Execution Vulnerability (10.06.2011)
 documentZDI, ZDI-11-189: Oracle Java ICC Profile ncl2 DevCoords Tag Parsing Remote Code Execution Vulnerability (10.06.2011)
 documentZDI, ZDI-11-187: Oracle Java ICC Profile clrt Tag Parsing Remote Code Execution Vulnerability (10.06.2011)
 documentVUPEN Security Research, VUPEN Security Research - Oracle Java ICC Profile "bfd" Tag Integer Overflow Code Execution Vulnerability (10.06.2011)
 documentVUPEN Security Research, VUPEN Security Research - Oracle Java ICC Profile "clrt" Tag Integer Overflow Code Execution Vulnerability (10.06.2011)
 documentVUPEN Security Research, VUPEN Security Research - Oracle Java ICC Profile "ncl2" Tag Integer Overflow Code Execution Vulnerability (10.06.2011)
 documentVUPEN Security Research, VUPEN Security Research - Oracle Java ICC Profile "pseq" Tag Integer Overflow Code Execution Vulnerability (10.06.2011)
 documentVUPEN Security Research, VUPEN Security Research - Oracle Java ICC Profile "scrn" Tag Integer Overflow Code Execution Vulnerability (10.06.2011)
 documentVUPEN Security Research, VUPEN Security Research - Oracle Java ICC Profile "mluc" Tag Integer Overflow Code Execution Vulnerability (10.06.2011)

Уязвимости безопасности в libvirt
Опубликовано:19 июня 2011 г.
Источник:
SecurityVulns ID:11743
Тип:библиотека
Уровень опасности:
6/10
Описание:DoS, однобайтовое переполнение буфера.
Затронутые продукты:LIBVIRT : libvirt 0.9
CVE:CVE-2011-2178 (The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users to read arbitrary files on the host OS. NOTE: this vulnerability exists because of a CVE-2010-2238 regression.)
 CVE-2011-1486 (libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service (crash) by causing multiple threads to report errors at the same time.)
Оригинальный текстdocumentUBUNTU, [USN-1152-1] libvirt vulnerabilities (19.06.2011)

Межсайтовая подмена запросов в IBM WebSphere
Опубликовано:19 июня 2011 г.
Источник:
SecurityVulns ID:11745
Тип:удаленная
Уровень опасности:
5/10
Описание:Межсайтовая подмена запросов в консоли администрирования.
Затронутые продукты:IBM : WebSphere 7.0
CVE:CVE-2010-3271 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Integrated Solutions Console (aka administrative console) in IBM WebSphere Application Server (WAS) 7.0.0.13 and earlier allow remote attackers to hijack the authentication of administrators for requests that disable certain security options via an Edit action to console/adminSecurityDetail.do followed by a save action to console/syncworkspace.do.)
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2010-1021: IBM WebSphere Application Server Cross-Site Request Forgery (19.06.2011)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
дополнено с 17 июня 2011 г.
Опубликовано:19 июня 2011 г.
Источник:
SecurityVulns ID:11739
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:MYBLOGGIE : myBloggie 2.1
 E107 : e107 0.7
 JFREE : JFreeChart 1.0
 FREESIMPLESOFT : Free Simple CMS 1.0
 NAGIOS : nagios 3.2
 REDMINE : redmine 1.0
 MINIBLOG : miniblog 1.0
 NETWORK13 : N-13 News 4.0
 LCINGA : lcinga 1.4
 EQDKP : EQDKP Plus 0.6
 MOVABLETYPE : movabletype 4.3
CVE:CVE-2011-2179 (Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in (1) Nagios 3.2.3 and (2) Icinga before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the expand parameter, as demonstrated by an (a) command action or a (b) hosts action.)
 CVE-2011-1523 (Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the layer parameter.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2261-1] redmine security update (19.06.2011)
 documentDEBIAN, [SECURITY] [DSA 2263-1] movabletype-opensource security update (19.06.2011)
 documentinfo_(at)_robinverton.de, myBloggie 2.1.6 SQL-Injection, Advanced INSERT INTO Injection technique (19.06.2011)
 documentPatrick Webster, JFreeChart - Path Disclosure vulnerability (19.06.2011)
 documentiPower N/A, EQDKP plus Cross Site Scripting and Bypass file extension (19.06.2011)
 documentDEBIAN, [SECURITY] [DSA 2262-1] moodle security update (19.06.2011)
 documentHigh-Tech Bridge Security Research, HTB23010: Multiple XSS & Local File Inclusion in Free Simple CMS (17.06.2011)
 documentHigh-Tech Bridge Security Research, HTB23008: Multiple XSS & CSRF (Cross-Site Request Forgery) in miniblog (17.06.2011)
 documentHigh-Tech Bridge Security Research, HTB23005: Multiple XSS in N-13 News (17.06.2011)
 documentHigh-Tech Bridge Security Research, HTB23004: Multiple Vulnerabilities in e107 (17.06.2011)
 documentHigh-Tech Bridge Security Research, HTB23012: Gogago YouTube Video Converter ActiveX Control "Download()" Buffer Overflow Vulnerability (17.06.2011)

Повреждение памяти в libxml2
дополнено с 19 июня 2011 г.
Опубликовано:16 октября 2011 г.
Источник:
SecurityVulns ID:11744
Тип:библиотека
Уровень опасности:
5/10
Описание: Различные уязвимости относящиеся к обработке XPath
Затронутые продукты:LIBXML : libxml 2.7
CVE:CVE-2011-2834 (Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.)
 CVE-2011-2821 (Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.)
 CVE-2011-1944 (Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.)
Оригинальный текстdocumentUBUNTU, [USN-1153-1] libxml2 vulnerability (19.06.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород