Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Cisco Video Surveillance Manager
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13222
Тип:удаленная
Уровень опасности:
6/10
Описание:Обратный путь в каталогах, обход аутентификации.
Затронутые продукты:CISCO : Video Surveillance Manager 7.0
CVE:CVE-2013-3431 (Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169.)
 CVE-2013-3430 (Cisco Video Surveillance Manager (VSM) before 7.0.0 allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv37288.)
 CVE-2013-3429 (Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 allow remote attackers to read system files via a crafted URL, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv37163.)
Файлы:Multiple Vulnerabilities in the Cisco Video Surveillance Manager

Уязвимости безопасности в камерах Foscam
дополнено с 11 марта 2013 г.
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:12941
Тип:удаленная
Уровень опасности:
5/10
Описание:Можно получить доступ к корневому разделу диска, CSRF
CVE:CVE-2013-2574
 CVE-2013-2560 (Directory traversal vulnerability in the web interface on Foscam devices with firmware before 11.37.2.49 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated by discovering (1) web credentials or (2) Wi-Fi credentials.)
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2013-0613 - FOSCAM IP-Cameras Improper Access Restrictions (29.07.2013)
 documentshekyan_(at)_gmail.com, [CVE-REQUEST] Multiple CSRF vulnerabilities on Foscam IP cameras web UI (15.04.2013)
 documentFrederic Basse, [CVE-REQUEST] Foscam <= 11.37.2.48 path traversal vulnerability (11.03.2013)

DoS против ISC bind
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13223
Тип:удаленная
Уровень опасности:
7/10
Описание:assert() при обработке запроса клиента.
Затронутые продукты:ISC : bind 9.9
CVE:CVE-2013-4854 (The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.)
Оригинальный текстdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-13:07.bind (29.07.2013)

Повышение привилегий через NFS в FreeBSD
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13224
Тип:удаленная
Уровень опасности:
6/10
Описание:При разрешенном анонимном доступе NFS возможен доступ с правами любого пользователя.
Затронутые продукты:FREEBSD : FreeBSD 8.3
 FREEBSD : FreeBSD 9.1
CVE:CVE-2013-4851 (The vfs_hang_addrlist function in sys/kern/vfs_export.c in the NFS server implementation in the kernel in FreeBSD 8.3 and 9.x through 9.1-RELEASE-p5 controls authorization for host/subnet export entries on the basis of group information sent by the client, which allows remote attackers to bypass file permissions on NFS filesystems via crafted requests.)
Оригинальный текстdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-13:08.nfsserver (29.07.2013)

Уязвимости безопасности в OpenAFS
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13225
Тип:локальная
Уровень опасности:
4/10
Описание:Слабый алгоритм шифрования.
Затронутые продукты:OPENAFS : OpenAFS 1.6
CVE:CVE-2013-4135 (The vos command in OpenAFS 1.6.x before 1.6.5, when using the -encrypt option, only enables integrity protection and sends data in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.)
 CVE-2013-4134 (OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2729-1] openafs security update (29.07.2013)

Многочисленные уязвимости в продуктах Barracuda Networks
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13226
Тип:удаленная
Уровень опасности:
5/10
Описание:Межсайтовый скриптинг в управлении веб-фильтром.
Затронутые продукты:BARRACUDA : Barracuda Load Balancer 4.2
 BARRACUDA : Barracuda Spam & Virus Firewall 5.1
 BARRACUDA : Barracuda Web Filter 6.0
 BARRACUDA : Barracuda Web Firewall 7.7
Оригинальный текстdocumentVulnerability Lab, Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities (29.07.2013)

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13227
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:XYMON : Xymon 4.3
 MAGNOLIA : Magnolia CMS 4.5
 JOOMLA : Googlemaps plugin for Joomla 3.2
 DUPLICATOR : Duplicator 0.4
 MAGNOLIA : Magnolia CMS 5.0
 APACHE : OFBiz 12.04
CVE:CVE-2013-4759 (Multiple cross-site scripting (XSS) vulnerabilities in the Magnolia Form module 1.x before 1.4.7 and 2.x before 2.0.2 for Magnolia CMS allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) fullname, or (3) email parameter to magnoliaPublic/demo-project/members-area/registration.html.)
 CVE-2013-4625 (Cross-site scripting (XSS) vulnerability in files/installer.cleanup.php in the Duplicator plugin before 0.4.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the package parameter.)
 CVE-2013-4160 (Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) cmsStageAllocLabV2ToV4curves, (2) cmsPipelineDup, (3) cmsAllocProfileSequenceDescription, (4) CurvesAlloc, and (5) cmsnamed.)
 CVE-2013-2250 (Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to execute arbitrary Unified Expression Language (UEL) functions via JUEL metacharacters in unspecified parameters, related to nested expressions.)
 CVE-2013-2137 (Cross-site scripting (XSS) vulnerability in the "View Log" screen in the Webtools application in Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Оригинальный текстdocumentUBUNTU, [USN-1911-1] Little CMS vulnerability (29.07.2013)
 documentAPACHE, [CVE-2013-2250] Apache OFBiz Nested expression evaluation allows remote users to execute arbitrary UEL functions in OFBiz (29.07.2013)
 documentAPACHE, [CVE-2013-2137] Apache OFBiz XSS vulnerability in the "View Log" screen of the Webtools application (29.07.2013)
 documentSp3ctrecore, Easy Blog by JM LLC - Multiple Vulnerabilities (29.07.2013)
 documentSp3ctrecore, Basic Forum by JM LLC - Multiple Vulnerabilities (29.07.2013)
 documentHenrik Stoerner, Xymon Systems and Network Monitor - remote file deletion vulnerability (29.07.2013)
 documentHigh-Tech Bridge Security Research, Cross-Site Scripting (XSS) in Magnolia CMS (29.07.2013)
 documentHigh-Tech Bridge Security Research, Cross-Site Scripting (XSS) in Duplicator WordPress Plugin (29.07.2013)
 documentMustLive, DoS and XSS vulnerabilities in Googlemaps plugin for Joomla (29.07.2013)

Уязвимости безопасности в Dell Kace
дополнено с 17 июля 2013 г.
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13193
Тип:удаленная
Уровень опасности:
4/10
Описание:Межсайтовый скриптинг и инъекция SQL в веб-администрировании.
Затронутые продукты:DELL : Kace 1000
Оригинальный текстdocumentVulnerability Lab, Dell Kace 1000 SMA 5.4.742 - SQL Injection Vulnerabilities (29.07.2013)
 documentVulnerability Lab, Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities (17.07.2013)

Переполнение буфера в SurgeFTP
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13228
Тип:удаленная
Уровень опасности:
6/10
Описание:Переполнение буфера в динамической памяти.
Затронутые продукты:SURGEFTP : SurgeFTP 23d2
CVE:CVE-2013-4742 (Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request.)
Оригинальный текстdocumentAnil Pazvant, SurgeFtp Server BufferOverflow Vulnerability (29.07.2013)

Переполнение буфера в XnView
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13229
Тип:локальная
Уровень опасности:
4/10
Описание:Переполнение буфера при разборе .PCT
Затронутые продукты:XNVIEW : XnView 2.03
CVE:CVE-2013-2577 (Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file.)
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2013-0705 - XnView Buffer Overflow Vulnerability (29.07.2013)

Переполнение буфера в Artweaver
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13230
Тип:локальная
Уровень опасности:
4/10
Описание:Переполнение буфера при разборе файлов .AWD
Затронутые продукты:ARTWEAVER : Artweaver 3.1
CVE:CVE-2013-2576 (Buffer overflow in Artweaver before 3.1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AWD file.)
Оригинальный текстdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2013-0701 - Artweaver Buffer Overflow Vulnerability (29.07.2013)

Утечка информации в EMC NetWorker
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13231
Тип:удаленная
Уровень опасности:
5/10
Описание:Можно получить сведения о конфигурации.
Затронутые продукты:EMC : NetWorker 7.6
 EMC : NetWorker 8.0
CVE:CVE-2013-0943 (EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin.)
Оригинальный текстdocumentEMC, ESA-2013-033: EMC NetWorker Information Disclosure Vulnerability (29.07.2013)

DoS против библиотеки Little CMS
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13232
Тип:библиотека
Уровень опасности:
5/10
Описание:Отказ при разборе файла.
Затронутые продукты:LCMS : Little CMS 2.4
CVE:CVE-2013-4160 (Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) cmsStageAllocLabV2ToV4curves, (2) cmsPipelineDup, (3) cmsAllocProfileSequenceDescription, (4) CurvesAlloc, and (5) cmsnamed.)
Оригинальный текстdocumentUBUNTU, [USN-1911-1] Little CMS vulnerability (29.07.2013)

Многочисленные уязвимости безопасности в Symantec Web Gateway
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13215
Тип:удаленная
Уровень опасности:
7/10
Описание:Межсайтовый скриптинг, выполнение кода, повышение привилегий, инъекция SQL, подмена запросов.
Затронутые продукты:SYMANTEC : Symantec Web Gateway 5.1
CVE:CVE-2013-4672 (The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.)
 CVE-2013-4671 (Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.)
 CVE-2013-4670 (Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2013-1617 (Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors.)
 CVE-2013-1616 (The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote attackers to execute arbitrary commands by injecting a command into an application script.)
Оригинальный текстdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20130726-0 :: Multiple vulnerabilities - Surveillance via Symantec Web Gateway (29.07.2013)

Уязвимости безопасности в Apache OpenOffice
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13216
Тип:клиент
Уровень опасности:
6/10
Описание:Несколько повреждений памяти.
Затронутые продукты:APACHE : OpenOffice 3.4
CVE:CVE-2013-4156 (Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.)
 CVE-2013-2189 (Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.)
Оригинальный текстdocumentAPACHE, CVE-2013-2189: OpenOffice DOC Memory Corruption Vulnerability (29.07.2013)
 documentAPACHE, CVE-2013-4156: OpenOffice DOCM Memory Corruption Vulnerability (29.07.2013)

Межсайтовый скриптинг в CA Service Desk Manager
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13217
Тип:удаленная
Уровень опасности:
5/10
Описание:Межсайтовый скриптинг в веб-интерфейсе.
Затронутые продукты:CA : CA Service Desk Manager 12.7
CVE:CVE-2013-2630 (Cross-site scripting (XSS) vulnerability in CA Service Desk Manager 12.5 through 12.7 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.)
Оригинальный текстdocumentCA, CA20130725-01: Security Notice for CA Service Desk Manager (29.07.2013)

Многочисленные уязвимости безопасности в HP Network Node Manager
дополнено с 19 июля 2013 г.
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13207
Тип:удаленная
Уровень опасности:
6/10
Описание:Несанкционированный доступ, выполнение кода, DoS.
Затронутые продукты:HP : Network Node Manager 9.2
CVE:CVE-2013-2351 (Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00, 9.1x, and 9.2x allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.)
 CVE-2012-3546 (org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI.)
 CVE-2011-4858 (Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.)
 CVE-2011-4605 (The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2.2, and BRMS Platform before 5.3.0 do not properly restrict write access, which allows remote attackers to add, delete, or modify items in a JNDI tree via unspecified vectors.)
 CVE-2011-2196 (jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as distributed in Red Hat JBoss Enterprise SOA Platform 4.3.0.CP05 and 5.1.0; JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3.0, 4.3.0.CP09, and 5.1.1; and JBoss Enterprise Web Platform 5.1.1, does not properly restrict use of Expression Language (EL) statements in FacesMessages during page exception handling, which allows remote attackers to execute arbitrary Java code via a crafted URL to an application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1484.)
 CVE-2011-1483 (wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterprise BRMS Platform 5.1.0; and JBoss Enterprise Web Platform 5.1.1 does not properly handle recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted request containing an XML document with a DOCTYPE declaration and a large number of nested entity references, a similar issue to CVE-2003-1564.)
 CVE-2010-1429 (Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.)
 CVE-2010-1428 (The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an unspecified request that uses a different method.)
 CVE-2010-0738 (The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.)
 CVE-2009-3554 (Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file.)
 CVE-2007-5333 (Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. NOTE: this issue exists because of an incomplete fix for CVE-2007-3385.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMU02894 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service (DoS), Unauthorized Access, Execution of Arbitrary Code (29.07.2013)
 documentHP, [security bulletin] HPSBMU02870 SSRT101012 rev.2 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access (19.07.2013)

DoS против squid
дополнено с 16 июля 2013 г.
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13190
Тип:удаленная
Уровень опасности:
7/10
Описание:Отказ на некорректном заголовке Host:
Затронутые продукты:SQUID : squid 3.3
CVE:CVE-2013-4115 (Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote attackers to cause a denial of service (memory corruption and server termination) via a long name in a DNS lookup request.)
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2013:199 ] squid (29.07.2013)
 documentHI-TECH ., Squid-3.3.5 DoS PoC (16.07.2013)

Многочисленные уязвимости безопасности в HP LoadRunner
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13218
Тип:удаленная
Уровень опасности:
7/10
Описание:DoS, выполнение кода.
Затронутые продукты:HP : LoadRunner 11.51
CVE:CVE-2013-4801 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1736.)
 CVE-2013-4800 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.)
 CVE-2013-4799 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1734.)
 CVE-2013-4798 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705.)
 CVE-2013-4797 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1690.)
 CVE-2013-2370 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1671.)
 CVE-2013-2369 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1670.)
 CVE-2013-2368 (Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to cause a denial of service via unknown vectors, aka ZDI-CAN-1669.)
Оригинальный текстdocumentHP, [security bulletin] HPSBGN02905 rev.1 - HP LoadRunner, Remote Code Execution and Denial of Service (DoS) (29.07.2013)

Межсайтовый скриптинг в HP Application Lifecycle Management
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13219
Тип:удаленная
Уровень опасности:
5/10
Описание:Межсайтовый скриптинг в HP Application Lifecycle Management Quality Center
Затронутые продукты:HP : Application Lifecycle Management 11.50
CVE:CVE-2013-4802 (Cross-site scripting (XSS) vulnerability in HP Application Lifecycle Management (ALM) Quality Center before 11.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka ZDI-CAN-1565.)
Оригинальный текстdocumentHP, [security bulletin] HPSBGN02906 rev.1 - HP Application Lifecycle Management Quality Center (ALM), Remote Cross Site Scripting (XSS) (29.07.2013)

Многочисленные уязвимости безопасности в Microsoft Windows
дополнено с 10 июля 2013 г.
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13160
Тип:библиотека
Уровень опасности:
9/10
Описание:Многочисленные ошибки в .Net и Silverlight, многочисленные уязвимости в компонентах ядра, повреждение памяти при разборе шрифтов TrueType в GDI+, повреждение памяти в DirectShow, повреждение памяти при разборе WMV, многочисленные повреждения памяти в Microsoft Internet Explorer, повышение привилегий через Windows Defender.
Затронутые продукты:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
 MICROSOFT : Windows 8
 MICROSOFT : Windows RT
 MICROSOFT : Windows 2012 Server
CVE:CVE-2013-3660 (The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does not properly initialize a pointer for the next object in a certain list, which allows local users to obtain write access to the PATHRECORD chain, and consequently gain privileges, by triggering excessive consumption of paged memory and then making many FlattenPath function calls, aka "Win32k Read AV Vulnerability.")
 CVE-2013-3178 (Microsoft Silverlight 5 before 5.1.20513.0 does not properly initialize arrays, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted Silverlight application, aka "Null Pointer Vulnerability.")
 CVE-2013-3174 (DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file, aka "DirectShow Arbitrary Memory Overwrite Vulnerability.")
 CVE-2013-3173 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Buffer Overwrite Vulnerability.")
 CVE-2013-3172 (Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to cause a denial of service (system hang) via a crafted application that leverages improper handling of objects in memory, aka "Win32k Buffer Overflow Vulnerability.")
 CVE-2013-3171 (The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages a partial-trust relationship, aka "Delegate Serialization Vulnerability.")
 CVE-2013-3167 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Information Disclosure Vulnerability.")
 CVE-2013-3166 (Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via vectors involving incorrect auto-selection of the Shift JIS encoding, leading to cross-domain scrolling events, aka "Shift JIS Character Encoding Vulnerability," a different vulnerability than CVE-2013-0015.)
 CVE-2013-3164 (Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability.")
 CVE-2013-3163 (Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3144 and CVE-2013-3151.)
 CVE-2013-3162 (Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3115.)
 CVE-2013-3161 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3143.)
 CVE-2013-3154 (The signature-update functionality in Windows Defender on Microsoft Windows 7 and Windows Server 2008 R2 relies on an incorrect pathname, which allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory, aka "Microsoft Windows 7 Defender Improper Pathname Vulnerability.")
 CVE-2013-3153 (Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3148.)
 CVE-2013-3152 (Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3146.)
 CVE-2013-3151 (Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3144 and CVE-2013-3163.)
 CVE-2013-3150 (Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3145.)
 CVE-2013-3149 (Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability.")
 CVE-2013-3148 (Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3153.)
 CVE-2013-3147 (Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability.")
 CVE-2013-3146 (Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3152.)
 CVE-2013-3145 (Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3150.)
 CVE-2013-3144 (Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3151 and CVE-2013-3163.)
 CVE-2013-3143 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3161.)
 CVE-2013-3134 (The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 on 64-bit platforms does not properly allocate arrays of structures, which allows remote attackers to execute arbitrary code via a crafted .NET Framework application that changes array data, aka "Array Allocation Vulnerability.")
 CVE-2013-3133 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "Anonymous Method Injection Vulnerability.")
 CVE-2013-3132 (Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "Delegate Reflection Bypass Vulnerability.")
 CVE-2013-3131 (Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, and Silverlight 5 before 5.1.20513.0, does not properly prevent changes to data in multidimensional arrays of structures, which allows remote attackers to execute arbitrary code via (1) a crafted .NET Framework application or (2) a crafted Silverlight application, aka "Array Access Violation Vulnerability.")
 CVE-2013-3129 (Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT; GDI+ in Office 2003 SP3, 2007 SP3, and 2010 SP1; GDI+ in Visual Studio .NET 2003 SP1; and GDI+ in Lync 2010, 2010 Attendee, 2013, and Basic 2013 allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka "TrueType Font Parsing Vulnerability.")
 CVE-2013-3129 (Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT; GDI+ in Office 2003 SP3, 2007 SP3, and 2010 SP1; GDI+ in Visual Studio .NET 2003 SP1; and GDI+ in Lync 2010, 2010 Attendee, 2013, and Basic 2013 allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka "TrueType Font Parsing Vulnerability.")
 CVE-2013-3129 (Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT; GDI+ in Office 2003 SP3, 2007 SP3, and 2010 SP1; GDI+ in Visual Studio .NET 2003 SP1; and GDI+ in Lync 2010, 2010 Attendee, 2013, and Basic 2013 allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka "TrueType Font Parsing Vulnerability.")
 CVE-2013-3127 (The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafted media file, aka "WMV Video Decoder Remote Code Execution Vulnerability.")
 CVE-2013-3115 (Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3162.)
 CVE-2013-1345 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Vulnerability.")
 CVE-2013-1340 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Dereference Vulnerability.")
 CVE-2013-1300 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Allocation Vulnerability.")
Оригинальный текстdocumentAndres Gomez Ramirez, DirectShow Arbitrary Memory Overwrite Vulnerability ms13-056 (29.07.2013)
Файлы:Microsoft Security Bulletin MS13-052 - Critical Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution (2861561)
 Microsoft Security Bulletin MS13-053 - Critical Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2850851)
 Microsoft Security Bulletin MS13-054 - Critical Vulnerability in GDI+ Could Allow Remote Code Execution (2848295)
 Microsoft Security Bulletin MS13-055 - Critical Cumulative Security Update for Internet Explorer (2846071)
 Microsoft Security Bulletin MS13-056 - Critical Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (2845187)
 Microsoft Security Bulletin MS13-057 - Critical Vulnerability in Windows Media Format Runtime Could Allow Remote Code Execution (2847883)
 Microsoft Security Bulletin MS13-058 - Important Vulnerability in Windows Defender Could Allow Elevation of Privilege (2847927)

Многочисленные уязвимости безопасности в Barracuda CudaTel
дополнено с 1 июля 2013 г.
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13143
Тип:удаленная
Уровень опасности:
5/10
Описание:Многочисленные уязвимости веб-интерфейса.
Затронутые продукты:BARRACUDA : CudaTel 2.6
Оригинальный текстdocumentVulnerability Lab, Barracuda CudaTel 2.6.02.040 - SQL Injection Vulnerability (29.07.2013)
 documentVulnerability Lab, Barracuda CudaTel 2.6.02.040 - Remote SQL Injection Vulnerability (29.07.2013)
 documentVulnerability Lab, Barracuda CudaTel 2.6.02.04 - Multiple Client Side Cross Site Vulnerabilities (Bug Bounty #17) (19.07.2013)
 documentVulnerability Lab, Barracuda CudaTel 2.6.02.040 - Client Side Cross Site Scripting Vulnerability (17.07.2013)
 documentVulnerability Lab, Barracuda CudaTel 2.6.02.04 - Multiple Web Vulnerabilities (01.07.2013)
 documentVulnerability Lab, Barracuda CudaTel 2.6.02.04 - Persistent Web Vulnerability (01.07.2013)

DoS против телевизоров Samsung
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13220
Тип:удаленная
Уровень опасности:
4/10
Описание:Отказ на длинном GET-запросе.
Затронутые продукты:SAMSUNG : Samsung PS50C7700
CVE:CVE-2013-4890 (The DMCRUIS/0.1 web server on the Samsung PS50C7700 TV allows remote attackers to cause a denial of service (daemon crash) via a long URI to TCP port 5600.)
Оригинальный текстdocumentmalik_(at)_itsecgames.com, Samsung TV - DoS vulnerability (29.07.2013)

Межсайтовый скриптинг в Juniper Secure Access
Опубликовано:29 июля 2013 г.
Источник:
SecurityVulns ID:13221
Тип:удаленная
Уровень опасности:
5/10
Описание:Межсайтовый скриптинг в SSLVPN.
Затронутые продукты:JUNIPER : Juniper Secure Access 7.3
CVE:CVE-2012-5460 (Cross-site scripting (XSS) vulnerability in the help page in Juniper Secure Access (SA) with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject arbitrary web script or HTML via the WWHSearchWordsText parameter.)
Оригинальный текстdocumentAnil Pazvant, Juniper Secure Access XSS Vulnerability (29.07.2013)

Многочисленные уязвимости безопасности в продуктах Oracle / Sun / MySQL / PeopleSoft
дополнено с 29 июля 2013 г.
Опубликовано:12 августа 2013 г.
Источник:
SecurityVulns ID:13214
Тип:удаленная
Уровень опасности:
8/10
Описание:89 различных фиксов в ежеквартальном обновлении.
Затронутые продукты:ORACLE : Solaris 8
 ORACLE : Solaris 9
 ORACLE : Solaris 10
 ORACLE : Oracle 10g
 ORACLE : Oracle E-Business Suite 11i
 ORACLE : Oracle 11g
 ORACLE : PeopleSoft Enterprise Portal 9.1
 ORACLE : Enterprise Manager Grid Control 11g
 ORACLE : Enterprise Manager Grid Control 10g
 ORACLE : Enterprise Manager Plugin for Database 12c
 ORACLE : Outside In Technology 8.4
 ORACLE : Oracle E-Business Suite 12i
 ORACLE : PeopleSoft HRMS 9.1
 ORACLE : PeopleSoft PeopleTools 8.53
 ORACLE : MySQL 5.6
 ORACLE : Oracle Access Manager 11.1
 ORACLE : Endeca Server 7.5
 ORACLE : Oracle HTTP Server 10.1
 ORACLE : JRockit 27.7
 ORACLE : JRockit 28.2
 ORACLE : Oracle WebCenter Content 11.1
 ORACLE : Hyperion BI 11.1
 ORACLE : Agile Collaboration Framework 9.3
 ORACLE : Agile PLM Framework 9.3
 ORACLE : Agile Product Framework 9.3
 ORACLE : iLearning 5.2
 ORACLE : iLearning 6.0
 ORACLE : Oracle Policy Automation 10.4
 ORACLE : Solaris 11.1
 ORACLE : Solaris Cluster 3.3
 ORACLE : Solaris Cluster 4.1
 ORACLE : SPARC Enterprise M
 ORACLE : Oracle Secure Global Desktop 4.7
CVE:CVE-2013-3825 (Unspecified vulnerability in the Oracle Agile Product Collaboration component in Oracle Supply Chain Products Suite 9.3.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Folders & Files Attachment.)
 CVE-2013-3824 (Unspecified vulnerability in the Oracle Agile Collaboration Framework component in Oracle Supply Chain Products Suite 9.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Manufacturing/Mfg Parts.)
 CVE-2013-3823 (Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.)
 CVE-2013-3822 (Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.1 allows remote attackers to affect integrity via unknown vectors related to Web Client (CS).)
 CVE-2013-3821 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality and availability via unknown vectors related to Integration Broker.)
 CVE-2013-3820 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect availability via unknown vectors related to Business Interlink.)
 CVE-2013-3819 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality and availability via unknown vectors related to Mobile Applications.)
 CVE-2013-3818 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect integrity via unknown vectors related to Portal.)
 CVE-2013-3816 (Unspecified vulnerability in the Oracle Policy Automation component in Oracle Industry Applications 10.2.0, 10.3.0, 10.3.1, 10.4.0, 10.4.1, and 10.4.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Determinations Engine.)
 CVE-2013-3813 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality and integrity via vectors related to Libraries/PAM-Unix.)
 CVE-2013-3812 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.)
 CVE-2013-3811 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3806.)
 CVE-2013-3810 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.)
 CVE-2013-3809 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.)
 CVE-2013-3808 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.)
 CVE-2013-3807 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.)
 CVE-2013-3806 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.)
 CVE-2013-3805 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.)
 CVE-2013-3804 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.)
 CVE-2013-3803 (Unspecified vulnerability in the Hyperion BI+ component in Oracle Hyperion 11.1.1.3, 11.1.1.4.107 and earlier, 11.1.2.1.129 and earlier, and 11.1.2.2.305 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Intelligence Service.)
 CVE-2013-3802 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.)
 CVE-2013-3801 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.)
 CVE-2013-3800 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Business Interlinks.)
 CVE-2013-3799 (Unspecified vulnerability in Oracle Solaris 10 and 11, when running on AMD64, allows local users to affect availability via unknown vectors related to Kernel.)
 CVE-2013-3798 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.)
 CVE-2013-3797 (Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown vectors related to Filesystem/DevFS.)
 CVE-2013-3796 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.)
 CVE-2013-3795 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.)
 CVE-2013-3794 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.)
 CVE-2013-3793 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.)
 CVE-2013-3791 (Unspecified vulnerability in Enterprise Manager (EM) Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to User Interface Framework.)
 CVE-2013-3790 (Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Privileged Account.)
 CVE-2013-3789 (Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2013-3788 (Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Supplier Management.)
 CVE-2013-3787 (Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Kernel.)
 CVE-2013-3786 (Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel.)
 CVE-2013-3784 (Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors Time and Labor.)
 CVE-2013-3783 (Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.)
 CVE-2013-3782 (Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 prior to 4.63 and 4.7 prior to 4.71 allows remote attackers to affect integrity via unknown vectors related to Web UI.)
 CVE-2013-3781 (Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-3776.)
 CVE-2013-3780 (Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Saved Search.)
 CVE-2013-3779 (Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization All 4.6 releases including 4.63 and 4.7 prior to 4.71 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web UI.)
 CVE-2013-3778 (Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Help.)
 CVE-2013-3777 (Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Signon.)
 CVE-2013-3776 (Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-3781.)
 CVE-2013-3775 (Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows remote attackers to affect integrity via unknown vectors related to Learner Pages.)
 CVE-2013-3774 (Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2013-3773 (Unspecified vulnerability in the SPARC Enterprise M Series Servers component in Oracle and Sun Systems Products Suite XCP 1114 and earlier allows remote attackers to affect availability via vectors related to XSCF Control Package (XCP).)
 CVE-2013-3772 (Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote attackers to affect integrity via unknown vectors related to Web Forms.)
 CVE-2013-3771 (Unspecified vulnerability in the Oracle executable component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-3760.)
 CVE-2013-3770 (Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Server.)
 CVE-2013-3769 (Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote attackers to affect integrity via unknown vectors related to Site Studio.)
 CVE-2013-3768 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect integrity via unknown vectors related to Rich Text Editor.)
 CVE-2013-3767 (Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite Access Gate 1.2.1 allows remote attackers to affect integrity via unknown vectors.)
 CVE-2013-3765 (Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown vectors related to Kernel/VM.)
 CVE-2013-3764 (Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2013-3763.)
 CVE-2013-3763 (Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2013-3764.)
 CVE-2013-3761 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products Portal 9.1 and PeopleTools 8.52 allows remote attackers to affect integrity via vectors related to PIA Core Technology.)
 CVE-2013-3760 (Unspecified vulnerability in the Oracle executable component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-3771.)
 CVE-2013-3759 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect integrity via vectors related to PIA Search Functionality.)
 CVE-2013-3758 (Unspecified vulnerability in the Enterprise Manager (EM) Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to Schema Management.)
 CVE-2013-3757 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect integrity and availability via vectors related to SMF/File Locking Services.)
 CVE-2013-3756 (Unspecified vulnerability in the Oracle Landed Cost Management component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Shipment Workbench.)
 CVE-2013-3755 (Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5.0, 11.1.1.7.0, and 11.1.2.0.0 allows remote attackers to affect integrity via vectors related to SSO Engine.)
 CVE-2013-3754 (Unspecified vulnerability in the Solaris Cluster component in Oracle and Sun Systems Products Suite 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to HA for TimesTen.)
 CVE-2013-3753 (Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect availability via vectors related to Kernel/STREAMS framework.)
 CVE-2013-3752 (Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect integrity via vectors related to Service Management Facility (SMF).)
 CVE-2013-3751 (Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.2.0.2 and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.)
 CVE-2013-3750 (Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel/VM)
 CVE-2013-3749 (Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Logging. NOTE: the previous information is from the July 2013 CPU. Oracle has not commented on claims from a third party that the issue is due to storage of credentials in the (1) FND_LOG_MESSAGES database table or (2) log files.)
 CVE-2013-3748 (Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect availability via vectors related to Driver/IDM (iSCSI Data Mover).)
 CVE-2013-3747 (Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Client System Analyzer.)
 CVE-2013-3746 (Unspecified vulnerability in the Solaris Cluster component in Oracle and Sun Systems Products Suite 3.2, 3.3, and 4 prior to 4.1 SRU 3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Zone Cluster Infrastructure.)
 CVE-2013-3745 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Libraries/Libc.)
 CVE-2013-2461 (Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a "Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm.")
 CVE-2013-1861 (MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.)
 CVE-2013-0398 (Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality via unknown vectors related to Utility/Remote Execution Server (in.rexecd).)
 CVE-2012-2687 (Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.)
 CVE-2011-3348 (The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malformed HTTP request.)
 CVE-2011-0419 (Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.)
 CVE-2010-2068 (mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.)
 CVE-2010-0434 (The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request.)
 CVE-2010-0425 (modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and "orphaned callback pointers.")
 CVE-2008-2364 (The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.)
 CVE-2007-6388 (Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2007-5000 (Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2007-3847 (The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read.)
 CVE-2006-5752 (Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified.)
 CVE-2005-3352 (Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.)
Оригинальный текстdocumentNCC Group Research, NGS00434 Technical Advisory: Oracle Hyperion 11 Directory Traversal (12.08.2013)
Файлы:Oracle Critical Patch Update Advisory - July 2013

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород