Computer Security
[EN] securityvulns.ru no-pyccku


Mozilla Firefox / Thunderbird / Seamonkey buffer overflow
Published:01.11.2010
Source:
SecurityVulns ID:11217
Type:client
Threat Level:
9/10
Description:Buffer overflow on document.write and DOM insertion is used in-the-wile for hidden malware installation.
Affected:MOZILLA : SeaMonkey 2.0
 MOZILLA : Firefox 3.5
 MOZILLA : Firefox 3.6
 MOZILLA : Thunderbird 3.0
 MOZILLA : Thunderbird 3.1
CVE:CVE-2010-3765 (Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.)
Original documentdocumentMOZILLA, Mozilla Foundation Security Advisory 2010-73 (01.11.2010)

Teamspeak memory corruption
Published:01.11.2010
Source:
SecurityVulns ID:11219
Type:client
Threat Level:
6/10
Description:Memory corruption on voice packet parsing.
Affected:TEAMSPEAK : Teamspeak 2.0
Original documentdocumentHenri Lindberg, nSense-2010-002: Teamspeak 2 Windows client (01.11.2010)

CiscoWorks buffer overflow
Published:01.11.2010
Source:
SecurityVulns ID:11221
Type:remote
Description:TCP/443, TCP/1741 Web server buffer overflow.
Affected:CISCO : CiscoWorks 3.0
CVE:CVE-2010-3036 (Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.)
Original documentdocumentCISCO, Cisco Security Advisory: CiscoWorks Common Services Arbitrary Code Execution Vulnerability (01.11.2010)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:01.11.2010
Source:
SecurityVulns ID:11218
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:JOOMLA : Joomla 1.5
 FGSSTUDIO : WebManager-Pro 7.4
 VMWARE : Spring Security 3.0
 VMWARE : Spring Security 2.0
 SPRINGSOURCE : Acegi Security 1.0
CVE:CVE-2010-3700 (VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before 3.0.4, and Acegi Security 1.0.0 through 1.0.7, as used in IBM WebSphere Application Server (WAS) 6.1 and 7.0, allows remote attackers to bypass security constraints via a path parameter.)
Original documentdocuments2-security, CVE-2010-3700: Spring Security bypass of security constraints (01.11.2010)
 documentMustLive, XSS и SQL Injection уязвимости в CMS WebManager-Pro (01.11.2010)
 documentYGN Ethical Hacker Group, Joomla 1.5.21 | Potential SQL Injection Flaws (01.11.2010)

WinAmp buffer overflow
Published:01.11.2010
Source:
SecurityVulns ID:11220
Type:remote
Threat Level:
6/10
Description:Buffer overflow on VP6 video parsing.
Affected:WINAMP : Winamp 5.581
CVE:CVE-2010-1523 (Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in Winamp before 5.59 Beta build 3033 might allow remote attackers to execute arbitrary code via a crafted VP6 (1) video file or (2) video stream.)
Original documentdocumentSECUNIA, Secunia Research: Winamp VP6 Content Parsing Buffer Overflow Vulnerability (01.11.2010)

Adobe Shockwave multiple security vulnerabilities
updated since 01.11.2010
Published:02.11.2010
Source:
SecurityVulns ID:11222
Type:client
Threat Level:
8/10
Description:Multiple memory corruptions.
Affected:ADOBE : Shockwave Player 11.5
CVE:CVE-2010-4089 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file containing "duplicated LCSM entries in mmap record," a different vulnerability than CVE-2010-4087.)
 CVE-2010-4088 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file with "duplicated references to the same KEY* chunk," a different vulnerability than CVE-2010-2581, CVE-2010-4084, CVE-2010-4085, and CVE-2010-4086.)
 CVE-2010-4087 (IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file with a crafted mmap record containing an invalid length of a VSWV entry, a different vulnerability than CVE-2010-4089.)
 CVE-2010-4086 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Director (.dir) media file with an invalid element size, a different vulnerability than CVE-2010-2581, CVE-2010-2880, CVE-2010-4084, CVE-2010-4085, and CVE-2010-4088.)
 CVE-2010-2582 (Heap-based buffer overflow in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2010-2581 (dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-4084, CVE-2010-4085, CVE-2010-4086, and CVE-2010-4088.)
Original documentdocumentRodrigo Branco, Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4089 (02.11.2010)
 documentRodrigo Branco, Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4087 (02.11.2010)
 documentRodrigo Branco, Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4088 (02.11.2010)
 documentRodrigo Branco, Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4086 (02.11.2010)
 documentSECUNIA, Secunia Research: Adobe Shockwave Player "DEMX" Chunk Parsing Vulnerability (01.11.2010)
 documentSECUNIA, Secunia Research: Adobe Shockwave Player "pamm" Chunk Parsing Vulnerability (01.11.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod