Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
дополнено с 28 декабря 2010 г.
Опубликовано:27 декабря 2010 г.
Источник:
SecurityVulns ID:11324
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:WAGORA : W-Agora 4.2
 CRUXCMS : CruxCMS 3.0
 WORDPRESS : WordPress 3.0
 DJANGO : django 1.2
 MYBB : Mybb 1.6
 KAIBB : KaiBB 1.0
 OPENCLASSIFIEDS : OpenClassifieds 1.7
 PLIGG : Pligg 1.1
 DJANGO : Django 1.1
 ADMUNCHER : Ad Muncher 4.81
 COPPERMINE : Coppermine 1.5
CVE:CVE-2010-4257 (SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.)
Оригинальный текстdocumentnon customers, Pre Jobo .NET "Password" SQL Injection Vulnerability (29.12.2010)
 documentJanek Vind, [waraxe-2010-SA#079] - Reflected XSS in Coppermine 1.5.10 (29.12.2010)
 documentDEBIAN, YEKTAWEB CMS XSS Vulnerability (29.12.2010)
 documentDEBIAN, HotWeb Rentals "PageId" SQL Injection Vulnerability (29.12.2010)
 documentDEBIAN, [SECURITY] [DSA 2138-1] Security update for wordpress (29.12.2010)
 documentProCheckUp Research, PR10-14 Unauthenticated command execution within Mitel's AWC (Mitel Audio and Web Conferencing) (28.12.2010)
 documentMustLive, XSS уязвимость в Ad Muncher (28.12.2010)
 documentAdam Baldwin, Django admin list filter data extraction / leakage (28.12.2010)
 documentinfo_(at)_securitylab.ir, Sigma Portal Denial of Service Vulnerability (28.12.2010)
 documentinfo_(at)_securitylab.ir, Asan Portal (IdehPardaz) Multiple Vulnerabilities (28.12.2010)
 documentJanek Vind, [waraxe-2010-SA#078] - Multiple Vulnerabilities in CruxCMS 3.0.0 (28.12.2010)
 documentYGN Ethical Hacker Group, MyBB 1.6 <= SQL Injection Vulnerability (28.12.2010)
 documentmike_(at)_sitewat.ch, Pligg XSS and SQL Injection (28.12.2010)
 documentmike_(at)_sitewat.ch, Multiple Vulnerabilities in OpenClassifieds 1.7.0.3 (28.12.2010)
 documentMyDoom2009_(at)_gmail.com, Social Engine 4.x (Music Plugin) Arbitrary File Upload Vulnerability (28.12.2010)
 documentHigh-Tech Bridge Security Research, Path disclosure in KaiBB (28.12.2010)
 documentHigh-Tech Bridge Security Research, SQL injection in KaiBB (28.12.2010)
 documentHigh-Tech Bridge Security Research, SQL injection in KaiBB (28.12.2010)
 documentHigh-Tech Bridge Security Research, BBcode XSS in KaiBB (28.12.2010)
 documentMustLive, Многочисленные уязвимости в W-Agora (28.12.2010)
Файлы:Exploits Multiple Vulnerabilities in OpenClassifieds 1.7.0.3

Двойное освобождение памяти в libxml
Опубликовано:28 декабря 2010 г.
Источник:
SecurityVulns ID:11326
Тип:библиотека
Уровень опасности:
5/10
Описание:Двойное освобождение памяти при обработке Xpath.
Затронутые продукты:LIBXML : libxml 2.7
CVE:CVE-2010-4494 (Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2137-1] Security update for libxml2 (28.12.2010)

Многочисленные уязвимости безопасности в Microsoft Office
дополнено с 15 декабря 2010 г.
Опубликовано:28 декабря 2010 г.
Источник:
SecurityVulns ID:11307
Тип:клиент
Уровень опасности:
7/10
Описание:Многочисленные повреждения памяти в Publisher, многочисленные повреждения памяти в графических фильтрах.
Затронутые продукты:MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2007
 MICROSOFT : Works 9
 MICROSOFT : Office 2010
CVE:CVE-2010-3955 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 does not properly perform array indexing, which allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka "Array Indexing Memory Corruption Vulnerability.")
 CVE-2010-3954 (Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Publisher file, aka "Microsoft Publisher Memory Corruption Vulnerability.")
 CVE-2010-3952 (The FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted FlashPix image in an Office document, aka "FlashPix Image Converter Heap Corruption Vulnerability.")
 CVE-2010-3951 (Buffer overflow in the FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted FlashPix image in an Office document, aka "FlashPix Image Converter Buffer Overflow Vulnerability.")
 CVE-2010-3950 (The TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 does not properly convert data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image in an Office document, aka "TIFF Image Converter Memory Corruption Vulnerability.")
 CVE-2010-3949 (Buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF Image Converter Buffer Overflow Vulnerability.")
 CVE-2010-3947 (Heap-based buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF Image Converter Heap Overflow Vulnerability.")
 CVE-2010-3946 (Integer overflow in the PICT image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted PICT image in an Office document, aka "PICT Image Converter Integer Overflow Vulnerability.")
 CVE-2010-3945 (Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted CGM image in an Office document, aka "CGM Image Converter Buffer Overrun Vulnerability.")
 CVE-2010-2571 (Array index error in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher 97 file, aka "Memory Corruption Due To Invalid Index Into Array in Pubconv.dll Vulnerability.")
 CVE-2010-2570 (Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, 2007 SP2, and 2010 allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka "Heap Overrun in pubconv.dll Vulnerability.")
 CVE-2010-2569 (pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, and 2007 SP2 does not properly handle an unspecified size field in certain older file formats, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted Publisher file, aka "Size Value Heap Corruption in pubconv.dll Vulnerability.")
Оригинальный текстdocumentSECUNIA, Secunia Research: Microsoft Word LFO Parsing Double-Free Vulnerability (28.12.2010)
 documentSECUNIA, Secunia Research: Microsoft Office FlashPix Property Set Parsing Buffer Overflow (22.12.2010)
 documentSECUNIA, Secunia Research: Microsoft Office TIFF Image Converter Endian Conversion Vulnerability (21.12.2010)
 documentSECUNIA, Secunia Research: Microsoft Office Document Imaging Endian Conversion Vulnerability (21.12.2010)
 documentSECUNIA, Secunia Research: Microsoft Office FlashPix Tile Data Two Buffer Overflows (21.12.2010)
 documentSECUNIA, Secunia Research: Microsoft Office PICT Filter Integer Truncation Vulnerability (21.12.2010)
 documentSECUNIA, Secunia Research: Microsoft Office TIFF Image Converter Two Buffer Overflows (21.12.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Publisher Memory Corruption Vulnerability (VUPEN-SR-2010-041) (16.12.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Publisher Size Value Heap Corruption Vulnerability (VUPEN-SR-2010-200) (16.12.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Publisher Record Array Indexing Vulnerability (VUPEN-SR-2010-201) (16.12.2010)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Office Publisher "pubconv.dll" Array Indexing Vulnerability (VUPEN-SR-2010-206) (16.12.2010)
Файлы:Microsoft Security Bulletin MS10-103 - Important Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2292970)
 Microsoft Security Bulletin MS10-105 - Important Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095)

Утечка информации в агенте FlexVision
Опубликовано:28 декабря 2010 г.
Источник:
SecurityVulns ID:11327
Тип:удаленная
Уровень опасности:
5/10
Описание:Утечка информации через службу на порту TCP/3810.
Затронутые продукты:FLEXVISION : FlexVision Agent Listener 1.3
Оригинальный текстdocumentVictor Ribeiro Hora, Security Advisory - FlexVision Listener Vulnerability (28.12.2010)

Переполнение буфера в tor
дополнено с 28 декабря 2010 г.
Опубликовано:28 декабря 2010 г.
Источник:
SecurityVulns ID:11325
Тип:удаленная
Уровень опасности:
6/10
Описание:Переполнение буфера при разборе запроса.
Затронутые продукты:TOR : tor 0.2
CVE:CVE-2010-1676 (Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before 0.2.2.20-alpha allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA-2136-1] New tor packages fix potential code execution (28.12.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород