Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Mozilla Firefox / Thunderbird / Seamonkey
дополнено с 5 октября 2015 г.
Опубликовано:19 октября 2015 г.
Источник:
SecurityVulns ID:14705
Тип:библиотека
Уровень опасности:
9/10
Описание:Повреждения памяти, раскрытие информации, DoS, переполнения буфера, обход ограничений.
Затронутые продукты:MOZILLA : Firefox ESR 38.2
 MOZILLA : Firefox 40
CVE:CVE-2015-7184 (The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.)
 CVE-2015-7180 (The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.)
 CVE-2015-7179 (The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted (1) OpenGL or (2) WebGL content.)
 CVE-2015-7178 (The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted (1) OpenGL or (2) WebGL content.)
 CVE-2015-7177 (The InitTextures function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.)
 CVE-2015-7176 (The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via unknown vectors.)
 CVE-2015-7175 (The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow.")
 CVE-2015-7174 (The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow.")
 CVE-2015-4522 (The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors, related to an "overflow.")
 CVE-2015-4521 (The ConvertDialogOptions function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.)
 CVE-2015-4520 (Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* response header.)
 CVE-2015-4519 (Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect's target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element.)
 CVE-2015-4517 (NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.)
 CVE-2015-4516 (Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript code with chrome privileges, via a crafted web page that does not use ES5 APIs.)
 CVE-2015-4512 (gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering.)
 CVE-2015-4511 (Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via a crafted header in a WebM video.)
 CVE-2015-4510 (Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) by leveraging improper interaction between shared workers and the IndexedDB implementation.)
 CVE-2015-4509 (Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allows remote attackers to execute arbitrary code via crafted JavaScript code that modifies the URI table of a media element, aka ZDI-CAN-3176.)
 CVE-2015-4508 (Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relationship between address-bar URLs and web content via a crafted web site.)
 CVE-2015-4507 (The SavedStacks class in the JavaScript implementation in Mozilla Firefox before 41.0, when the Debugger API is enabled, allows remote attackers to cause a denial of service (getSlotRef assertion failure and application exit) or possibly execute arbitrary code via a crafted web site.)
 CVE-2015-4506 (Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file.)
 CVE-2015-4505 (updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service.)
 CVE-2015-4504 (The lut_inverse_interp16 function in the QCMS library in Mozilla Firefox before 41.0 allows remote attackers to obtain sensitive information or cause a denial of service (buffer over-read and application crash) via crafted attributes in the ICC 4 profile of an image.)
 CVE-2015-4503 (The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by reading packet data, as demonstrated by availability of this API in a Firefox OS application.)
 CVE-2015-4502 (js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site.)
 CVE-2015-4501 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2015-4500 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2015-4476 (Mozilla Firefox before 41.0 on Android allows user-assisted remote attackers to spoof address-bar attributes by leveraging lack of navigation after a paste of a URL with a nonstandard scheme, as demonstrated by spoofing an SSL attribute.)
Файлы:Mozilla Foundation Security Advisory 2015-108 Scripted proxies can access inner window
 Mozilla Foundation Security Advisory 2015-109 JavaScript immutable property enforcement can be bypassed
 Mozilla Foundation Security Advisory 2015-110 Dragging and dropping images exposes final URL after redirects
 Mozilla Foundation Security Advisory 2015-111 Errors in the handling of CORS preflight request headers
  Mozilla Foundation Security Advisory 2015-112 Vulnerabilities found through code inspection
  Mozilla Foundation Security Advisory 2015-113 Memory safety errors in libGLES in the ANGLE graphics library
  Mozilla Foundation Security Advisory 2015-114 Information disclosure via the High Resolution Time API
  Mozilla Foundation Security Advisory 2015-115 Cross-origin restriction bypass using Fetch
  Mozilla Foundation Security Advisory 2015-96 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
  Mozilla Foundation Security Advisory 2015-97 Memory leak in mozTCPSocket to servers
 Mozilla Foundation Security Advisory 2015-98 Out of bounds read in QCMS library with ICC V4 profile attributes
 Mozilla Foundation Security Advisory 2015-99 Site attribute spoofing on Android by pasting URL with unknown scheme
  Mozilla Foundation Security Advisory 2015-101 Buffer overflow in libvpx while parsing vp9 format video
 Mozilla Foundation Security Advisory 2015-102 Crash when using debugger with SavedStacks in JavaScript
  Mozilla Foundation Security Advisory 2015-103 URL spoofing in reader mode
 Mozilla Foundation Security Advisory 2015-104 Use-after-free with shared workers and IndexedDB
 Mozilla Foundation Security Advisory 2015-105 Buffer overflow while decoding WebM video
 Mozilla Foundation Security Advisory 2015-106 Use-after-free while manipulating HTML media content
 Mozilla Foundation Security Advisory 2015-107 Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems

Уязвимости безопасности в PostgreSQL
Опубликовано:19 октября 2015 г.
Источник:
SecurityVulns ID:14731
Тип:удаленная
Уровень опасности:
6/10
Описание:Раскрытие информации, DoS.
Затронутые продукты:POSTGRES : PostgreSQL 9.4
CVE:CVE-2015-5289 (Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.)
 CVE-2015-5288 (The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a "too-short" salt.)
Оригинальный текстdocumentUBUNTU, [USN-2772-1] PostgreSQL vulnerabilities (19.10.2015)

Уязвимости безопасности в LibreSSL
Опубликовано:19 октября 2015 г.
Источник:
SecurityVulns ID:14732
Тип:библиотека
Уровень опасности:
7/10
Описание:DoS, переполнение буфера.
CVE:CVE-2015-5334
 CVE-2015-5333
Оригинальный текстdocumentQualys Security Advisory, Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334) (19.10.2015)

Обход ограничений в Ubuntu Click
Опубликовано:19 октября 2015 г.
Источник:
SecurityVulns ID:14733
Тип:локальная
Уровень опасности:
4/10
Описание:Можно получить повышенные привилегии при установке пакета.
Оригинальный текстdocumentUBUNTU, [USN-2771-1] Click vulnerability (19.10.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород