Информационная безопасность
[RU] switch to English


Целочисленное переполнение в gzip
Опубликовано:21 января 2010 г.
Источник:
SecurityVulns ID:10544
Тип:библиотека
Уровень опасности:
7/10
Описание:Целочисленное переполнение при декомпресии LZW.
Затронутые продукты:gzip : gzip 1.3
CVE:CVE-2010-0001 (Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2010:019 ] gzip (21.01.2010)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:21 января 2010 г.
Источник:
SecurityVulns ID:10545
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:VPASP : VP-ASP Shopping Cart 6.50
Оригинальный текстdocumentkw3rln_(at)_ratati.org, vBulletin nulled (validator.php) files/directories disclosure (21.01.2010)
 documentCodeScan Labs, Insufficient User Input Validation in VP-ASP 6.50 Demo Code (21.01.2010)
 documentinfo_(at)_securitylab.ir, eWebeditor Directory Traversal Vulnerability (21.01.2010)

Переполнение буфера в Cisco CiscoWorks Internetwork Performance Monitor
Опубликовано:21 января 2010 г.
Источник:
SecurityVulns ID:10547
Тип:удаленная
Уровень опасности:
6/10
Описание:Переполнение буфера при обработке запроса CORBA GIOP.
Затронутые продукты:CISCO : CiscoWorks IPM 2.6
CVE:CVE-2010-0138 (Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlier on Windows, as distributed in CiscoWorks LAN Management Solution (LMS), allows remote attackers to execute arbitrary code via a malformed getProcessName CORBA General Inter-ORB Protocol (GIOP) request, related to a "third-party component," aka Bug ID CSCsv62350.)
Оригинальный текстdocumentZDI, ZDI-10-004: Cisco CiscoWorks IPM GIOP getProcessName Remote Code Execution Vulnerability (21.01.2010)
 documentCISCO, Cisco Security Advisory: CiscoWorks Internetwork Performance Monitor CORBA GIOP Overflow Vulnerability (21.01.2010)

Целочисленные переполнения в Adobe Shockwave Player
дополнено с 20 января 2010 г.
Опубликовано:21 января 2010 г.
Источник:
SecurityVulns ID:10535
Тип:клиент
Уровень опасности:
7/10
Описание:Целочисленные переполнение и переполнения буфера при обработке Shockwave.
Затронутые продукты:ADOBE : Shockwave Player 11.5
CVE:CVE-2009-4003 (Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via (1) an unspecified block type in a Shockwave file, leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via (2) an unspecified 3D block in a Shockwave file, leading to memory corruption; or (3) a crafted 3D model in a Shockwave file, leading to heap memory corruption.)
 CVE-2009-4002 (Heap-based buffer overflow in Adobe Shockwave Player before 11.5.6.606 allows remote attackers to execute arbitrary code via a crafted 3D model in a Shockwave file.)
Оригинальный текстdocumentSECUNIA, Secunia Research: Adobe Shockwave Player 3D Model Buffer Overflow (21.01.2010)
 documentSECUNIA, Secunia Research: Adobe Shockwave Player Integer Overflow Vulnerability (20.01.2010)

Выполнение кода в HP Power Manager
дополнено с 5 ноября 2009 г.
Опубликовано:21 января 2010 г.
Источник:
SecurityVulns ID:10370
Тип:удаленная
Уровень опасности:
5/10
Описание:Переполнение буфера в процессе авторизации через веб-форму. Переполнение буфера в /goform/formExportDataLogs, обратный путь в каталогах.
Затронутые продукты:HP : HP Power Manager 4.2
CVE:CVE-2009-4000 (Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.)
 CVE-2009-3999 (Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.)
 CVE-2009-2685 (Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable.)
Оригинальный текстdocumentSECUNIA, Secunia Research: HP Power Manager "formExportDataLogs" Directory Traversal (21.01.2010)
 documentSECUNIA, Secunia Research: HP Power Manager "formExportDataLogs" Buffer Overflow (20.01.2010)
 documentHP, [security bulletin] HPSBMA02485 SSRT090252 rev.1 - HP Power Manager, Remote Execution of Arbitrary Code (20.01.2010)
 documentHP, [security bulletin] HPSBMA02474 SSRT090107 rev.2 - HP Power Manager, Remote Execution of Arbitrary Code (20.01.2010)
 documentZDI, ZDI-09-081: Hewlett-Packard Power Manager Administration Web Server Stack Overflow Vulnerability (08.11.2009)
 documentHP, [security bulletin] HPSBMA02474 SSRT090107 rev.1 - HP Power Manager, Remote Execution of Arbitrary Code (05.11.2009)

Многочисленные уязвимости безопасности в RealNetworks RealPlayer
дополнено с 21 января 2010 г.
Опубликовано:2 февраля 2010 г.
Источник:
SecurityVulns ID:10548
Тип:клиент
Уровень опасности:
6/10
Описание:Повреждения памяти, переполнения буфера на различных кодеках и форматах данных.
Затронутые продукты:REAL : RealPlayer 10.0
 REAL : RealPlayer 11.0
CVE:CVE-2009-4257 (Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths.)
 CVE-2009-4248 (Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request.)
 CVE-2009-4246 (Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values.)
 CVE-2009-4245 (Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp.)
 CVE-2009-4244 (Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation.)
 CVE-2009-4243 (RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow.")
 CVE-2009-4242 (Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation.)
 CVE-2009-4241 (Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption.)
Оригинальный текстdocumentIDEFENSE, iDefense Security Advisory 02.01.10: RealNetworks RealPlayer CMediumBlockAllocator Integer Overflow Vulnerability (02.02.2010)
 documentIDEFENSE, iDefense Security Advisory 02.01.10: Real Networks RealPlayer Compressed GIF Handling Integer Overflow (02.02.2010)
 documentIDEFENSE, iDefense Security Advisory 02.01.10: RealNetworks RealPlayer 11 HTTP Chunked Encoding Integer Overflow Vulnerability (02.02.2010)
 documentZDI, ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability (21.01.2010)
 documentZDI, ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability (21.01.2010)
 documentZDI, ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability (21.01.2010)
 documentZDI, ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability (21.01.2010)
 documentZDI, ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability (21.01.2010)

Многочисленные уязвимости безопасности в SAP Web AS
дополнено с 21 января 2010 г.
Опубликовано:22 февраля 2010 г.
Источник:
SecurityVulns ID:10546
Тип:локальная
Уровень опасности:
5/10
Описание:Выполнение кода через Internet Communication Framework, утечка информации, межсайтовый скриптинг, обратный путь в каталогах.
Затронутые продукты:SAP : NetWeaver 6.40
 SAP : NetWeaver 7.00
 SAP : NetWeaver 7.01
Оригинальный текстdocumentOnapsis Research Labs, [Onapsis Security Advisory 2010-002] SAP J2EE Engine MDB Path Traversal (22.02.2010)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2010-003] SAP WebDynpro Runtime XSS/CSS Injection (22.02.2010)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2010-004] SAP J2EE Authentication Phishing Vector (22.02.2010)
 documentOnapsis Research Labs, [Onapsis Security Advisory 2010-001] SAP WebAS Integrated ITS Remote Command Execution (21.01.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород