Computer Security
[EN] securityvulns.ru no-pyccku


poppler library multiple security vulnerabilities
Published:02.04.2013
Source:
SecurityVulns ID:12979
Type:library
Threat Level:
6/10
Description:Multiple vulnerabilities on PDF parsing.
Affected:POPPLER : poppler 0.20
CVE:CVE-2013-1790 (poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function.)
 CVE-2013-1789 (splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransformMask, (2) Splash::blitMask, and (3) Splash::scaleMaskYuXu functions.)
 CVE-2013-1788 (poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc.)
Original documentdocumentUBUNTU, [USN-1785-1] poppler vulnerabilities (02.04.2013)

Virtual Access Monitor SQL injection
Published:02.04.2013
Source:
SecurityVulns ID:12981
Type:remote
Threat Level:
6/10
Description:Few different SQL injections
Affected:VIRTUALACCESS : Virtual Access Monitor 3.10
Original documentdocumentNCC Group Research, NGS00248 Patch Notification: Virtual Access Monitor Multiple SQL Injection Vulnerabilities (02.04.2013)

Linux kernel multiple security vulnerabilities
updated since 02.04.2013
Published:15.04.2013
Source:
SecurityVulns ID:12978
Type:library
Threat Level:
5/10
Description:DoS, protection bypass, nVidia drivers buffer overflow, information leakage.
Affected:LINUX : kernel 3.8
CVE:CVE-2013-2548 (The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.)
 CVE-2013-2547 (The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.)
 CVE-2013-2546 (The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability.)
 CVE-2013-1792 (Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that trigger keyring operations in simultaneous threads.)
 CVE-2013-1792 (Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that trigger keyring operations in simultaneous threads.)
 CVE-2013-1767 (Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option.)
 CVE-2013-1767 (Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option.)
 CVE-2013-0914 (The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call.)
 CVE-2013-0914 (The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call.)
 CVE-2013-0131 (Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 310.44, and 313.x before 313.30 for the X Window System on UNIX, when NoScanout mode is enabled, allows remote authenticated users to execute arbitrary code via a large ARGB cursor.)
Original documentdocumentUBUNTU, [USN-1793-1] Linux kernel vulnerabilities (15.04.2013)
 documentUBUNTU, [USN-1799-1] NVIDIA graphics drivers vulnerability (15.04.2013)
 documentUBUNTU, [USN-1787-1] Linux kernel vulnerabilities (02.04.2013)

libxslt DoS
updated since 02.04.2013
Published:19.01.2014
Source:
SecurityVulns ID:12980
Type:library
Threat Level:
5/10
Description:Crash on XSLT documents parsing.
Affected:LIBXSLT : libxslt 1.1
CVE:CVE-2013-4520 (xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type. NOTE: this issue is due to an incomplete fix for CVE-2012-2825.)
 CVE-2012-6139 (libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c.)
 CVE-2012-2825 (The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:006 ] libxslt (19.01.2014)
 documentUBUNTU, [USN-1784-1] libxslt vulnerability (02.04.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod