Информационная безопасность
[RU] switch to English


Межсайтовый скриптинг в redcloth
Опубликовано:23 марта 2015 г.
Источник:
SecurityVulns ID:14347
Тип:библиотека
Уровень опасности:
5/10
Описание:Межсайтовый сркиптинг при конвертации в HTML.
Затронутые продукты:RUBY : RedCloth 4.2
CVE:CVE-2012-6684 (Cross-site scripting (XSS) vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3168-1] ruby-redcloth security update (23.03.2015)

Выход за пределы ограниченной среды в Google Android
Опубликовано:23 марта 2015 г.
Источник:
SecurityVulns ID:14348
Тип:библиотека
Уровень опасности:
5/10
Описание:Выход за пределы ограниченной среды Java в Google App Engine.
Оригинальный текстdocumentSecurity Explorations, [SE-2014-02] Google App Engine Java security sandbox bypasses (details) (23.03.2015)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:23 марта 2015 г.
Источник:
SecurityVulns ID:14346
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:WEBID : WeBid 1.1
 SYMPA : sympa 6.1
 ATUTOR : ATutor LCMS 2.2
 WORDPRESS : Media Cleaner 2.2
 TCLIB : tcllib 1.16
 REQUESTTRACKER : Request Tracker 4.2
 TANGOBB : TangoBB 1.5
 DRUPAL : Kony EMM 1.2
 TYPO3 : typo3 4.3
 WORDPRESS : ADPlugg 1.1
 ZOHO : Manage Engine AD Audit Manager Plus 6270
 PROJECTSEND : ProjectSend 561
 BETSTER : Betster 1.0
 WORDPRESS : Google Analytics by Yoast 5.3
 UPB : Ultimate PHP Board 2.2
 S9Y : Serendipity 2.0
 WORDPRESS : WPML 3.1
 MOVABLETYPE : MovableType 5.1
 OCPORTAL : ocPortal 9.0
 ENANOCMS : EnanoCMS 1.1
 HELPDEZK : HelpDezk 1.0
 ALKACON : OpenCms 9.5
 WORDPRESS : Huge IT Slider 2.6
 WOLTLAB : Community Gallery 2.0
CVE:CVE-2015-2275 (Cross-site scripting (XSS) vulnerability in WoltLab Community Gallery 2.0 before 2014-12-26 allows remote attackers to inject arbitrary web script or HTML via the parameters[data][7][title] parameter in a saveImageData action to index.php/AJAXProxy.)
 CVE-2015-2062
 CVE-2015-1592 (Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and possibly execute arbitrary code via unspecified vectors.)
 CVE-2015-1464 (RT (aka Request Tracker) before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to hijack sessions via an RSS feed URL.)
 CVE-2015-1306 (The newsletter posting area in the web interface in Sympa 6.0.x before 6.0.10 and 6.1.x before 6.1.24 allows remote attackers to read arbitrary files via unspecified vectors.)
 CVE-2015-1238 (Skia, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.)
 CVE-2015-1231 (Multiple unspecified vulnerabilities in Google Chrome before 41.0.2272.76 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.)
 CVE-2015-1230 (The getHiddenProperty function in bindings/core/v8/V8EventListenerList.h in Blink, as used in Google Chrome before 41.0.2272.76, has a name conflict with the AudioContext class, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that adds an AudioContext event listener and triggers "type confusion.")
 CVE-2015-1229 (net/http/proxy_client_socket.cc in Google Chrome before 41.0.2272.76 does not properly handle a 407 (aka Proxy Authentication Required) HTTP status code accompanied by a Set-Cookie header, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response.)
 CVE-2015-1228 (The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted Cascading Style Sheets (CSS) token sequence.)
 CVE-2015-1227 (The DragImage::create function in platform/DragImage.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not initialize memory for image drawing, which allows remote attackers to have an unspecified impact by triggering a failed image decoding, as demonstrated by an image for which the default orientation cannot be used.)
 CVE-2015-1224 (The VpxVideoDecoder::VpxDecode function in media/filters/vpx_video_decoder.cc in the vpxdecoder implementation in Google Chrome before 41.0.2272.76 does not ensure that alpha-plane dimensions are identical to image dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted VPx video data.)
 CVE-2015-1223 (Multiple use-after-free vulnerabilities in core/html/HTMLInputElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger extraneous change events, as demonstrated by events for invalid input or input to read-only fields, related to the initializeTypeInParsing and updateType functions.)
 CVE-2015-1222 (Multiple use-after-free vulnerabilities in the ServiceWorkerScriptCacheMap implementation in content/browser/service_worker/service_worker_script_cache_map.cc in Google Chrome before 41.0.2272.76 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a ServiceWorkerContextWrapper::DeleteAndStartOver call, related to the NotifyStartedCaching and NotifyFinishedCaching functions.)
 CVE-2015-1221 (Use-after-free vulnerability in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect ordering of operations in the Web SQL Database thread relative to Blink's main thread, related to the shutdown function in web/WebKit.cpp.)
 CVE-2015-1220 (Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted frame size in a GIF image.)
 CVE-2015-1219 (Integer overflow in the SkMallocPixelRef::NewAllocate function in core/SkMallocPixelRef.cpp in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted allocation of a large amount of memory during WebGL rendering.)
 CVE-2015-1218 (Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a SCRIPT element to different documents, related to (1) the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp and (2) the SVGScriptElement::didMoveToNewDocument function in core/svg/SVGScriptElement.cpp.)
 CVE-2015-1217 (The V8LazyEventListener::prepareListenerObject function in bindings/core/v8/V8LazyEventListener.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, does not properly compile listeners, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion.")
 CVE-2015-1216 (Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a frame detachment.)
 CVE-2015-1215 (The filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation.)
 CVE-2015-1214 (Integer overflow in the SkAutoSTArray implementation in include/core/SkTemplates.h in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a reset action with a large count value, leading to an out-of-bounds write operation.)
 CVE-2015-1213 (The SkBitmap::ReadRawPixels function in core/SkBitmap.cpp in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation.)
 CVE-2015-1165 (RT (aka Request Tracker) 3.8.8 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to obtain sensitive RSS feed URLs and ticket data via unspecified vectors.)
 CVE-2015-1026 (Multiple cross-site scripting (XSS) vulnerabilities in ZOHO ManageEngine ADManager Plus before 6.2 Build 6270 allow remote attackers to inject arbitrary web script or HTML via the (1) technicianSearchText parameter to the Help Desk Technician page or (2) rolesSearchText parameter to the Help Desk Roles.)
 CVE-2014-9472 (The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted email.)
 CVE-2014-9057 (SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5.2.11, and 6.x before 6.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.)
 CVE-2014-8487 (Kony Management (aka Enterprise Mobile Management or EMM) 1.2 and earlier allows remote authenticated users to read (1) arbitrary messages via the messageId parameter to selfservice/managedevice/getMessageBody or (2) requests via the requestId parameter to selfservice/devicemgmt/getDeviceInfoTab.htm.)
 CVE-2013-2184 (Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_state parameter.)
Оригинальный текстdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20150227-0 :: Multiple vulnerabilities in Loxone Smart Home (23.03.2015)
 documentkingkaustubh_(at)_me.com, Stored XSS Vulnerability in ADPlugg Wordpress Plugin (23.03.2015)
 documentDEBIAN, [SECURITY] [DSA 3164-1] typo3-src security update (23.03.2015)
 documentmichael.hendrickx_(at)_helpag.com, CVE-2014-8487: Kony EMM insecurity Direct Object Reference (23.03.2015)
 documentiedb.team_(at)_gmail.com, N.E.T. E-Commerce Group Cross Site Scripting Vulnerability (23.03.2015)
 documentdennis.veninga_(at)_gmail.com, EnanoCMS 1.1.8pl1 XSS Vulnerability (23.03.2015)
 documentdennis.veninga_(at)_gmail.com, TangoBB 1.5.0-A3 XSS Vulnerability (23.03.2015)
 documentVulnerability Lab, Data Source: Scopus CMS - SQL Injection Web Vulnerability (23.03.2015)
 documentDEBIAN, [SECURITY] [DSA 3176-1] request-tracker4 security update (23.03.2015)
 documentdennis.veninga_(at)_gmail.com, [SECURITY] [DSA 3176-1] request-tracker4 security update (23.03.2015)
 documentdennis.veninga_(at)_gmail.com, HelpDezk 1.0.1 Multiple Vulnerabilities (23.03.2015)
 documentBen Fuhrmannek, Cross-Site-Scripting (XSS) in tcllib's html::textarea (23.03.2015)
 documentiletisim_(at)_ismailsaygili.com.tr, Wordpress Media Cleaner Plugin - XSS Vulnerability (23.03.2015)
 documentedricteo_(at)_outlook.sg, [CVE-2015-1583] ATutor LCMS - CSRF Vulnerability in Version 2.2 (23.03.2015)
 documentMANDRIVA, [ MDVSA-2015:051 ] sympa (23.03.2015)
 documentprathan.ptr_(at)_gmail.com, WeBid 1.1.1 Unrestricted File Upload Exploit (23.03.2015)
 documentkingkaustubh_(at)_me.com, Stored XSS Vulnerability in Google Analytics by Yoast Wordpress Plugin (23.03.2015)
 documentprathan.ptr_(at)_gmail.com, Betster (PHP Betoffice) Authentication Bypass and SQL Injection (23.03.2015)
 documentdennis.veninga_(at)_gmail.com, ocPortal 9.0.16 Multiply XSS Vulnerabilities (23.03.2015)
 documentitas.team_(at)_itas.vn, ProjectSend r561 - SQL injection vulnerability (23.03.2015)
 documentharish.ramadoss_(at)_helpag.com, Reflected cross-site scripting(XSS) Vulnerability in Manage Engine AD Audit Manager Plus Admin Panel(Build 6270) (23.03.2015)
 documentUBUNTU, [USN-2521-1] Oxide vulnerabilities (23.03.2015)
 documentitas.team_(at)_itas.vn, Community Gallery - Srored Corss-Site Scripting vulnerability (23.03.2015)
 documentHigh-Tech Bridge Security Research, SQL Injection in Huge IT Slider WordPress Plugin (23.03.2015)
 documentDEBIAN, [SECURITY] [DSA 3183-1] movabletype-opensource security update (23.03.2015)
 documentJouko Pynnonen, WPML WordPress plug-in SQL injection etc. (23.03.2015)
 documentRehan Ahmed, Alkacon OpenCms 9.5.1 Multiple XSS Vulnerabilities (23.03.2015)
 documentedric_(at)_smarterbitbybit.com, Serendipity CMS - XSS Vulnerability in Version 2.0 (23.03.2015)
 documentJouko Pynnonen, Google Analytics by Yoast stored XSS (23.03.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород