Computer Security
[EN] securityvulns.ru no-pyccku


Apple QuickTime code execution
Published:02.09.2010
Source:
SecurityVulns ID:11109
Type:client
Threat Level:
7/10
Description:Memory corruption in ActiveX control.
Original documentdocumentZDI, ZDI-10-168: Apple QuickTime ActiveX _Marshaled_pUnk Remote Code Execution Vulnerability (02.09.2010)
 documentReversemode, [0day] Apple QuickTime "_Marshaled_pUnk" backdoor param arbitrary code execution (02.09.2010)

libwww-perl directory traversal
Published:02.09.2010
Source:
SecurityVulns ID:11110
Type:library
Threat Level:
6/10
Description:Directory traversal on file downloading in lwp-download.
Affected:PERL : libwww-perl 5.834
CVE:CVE-2010-2253 (lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to a URL with a crafted filename or (2) a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.)
Original documentdocumentsecurity_(at)_mandriva.com, [ MDVSA-2010:167 ] perl-libwww-perl (02.09.2010)

libgdiplus / Mono multiple integer overflows
Published:02.09.2010
Source:
SecurityVulns ID:11111
Type:library
Threat Level:
5/10
Description:Multiple integer overflows on BPM, JPEG, TIFF parsing.
Affected:LIBGDIPLUS : libgdiplus 2.6
CVE:CVE-2010-1526 (Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via (1) a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; (2) a crafted JPEG file, related to the gdip_load_jpeg_image_internal function in jpegcodec.c; or (3) a crafted BMP file, related to the gdip_read_bmp_image function in bmpcodec.c, leading to heap-based buffer overflows.)
Original documentdocumentMANDRIVA, [ MDVSA-2010:166 ] libgdiplus (02.09.2010)

bogofilter DoS
Published:02.09.2010
Source:
SecurityVulns ID:11112
Type:remote
Threat Level:
5/10
Description:Crash on message parsing.
Affected:BOGOFILTER : bogofilter 1.2
CVE:CVE-2010-2494 (Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to cause a denial of service (heap memory corruption and application crash) via an e-mail message with invalid base64 data that begins with an = (equals) character.)
Original documentdocumentUBUNTU, [USN-980-1] bogofilter vulnerability (02.09.2010)

OpenSSL library double free vulnerability
Published:02.09.2010
Source:
SecurityVulns ID:11113
Type:library
Threat Level:
5/10
Description:Double free() in ECDH code.
Affected:OPENSSL : OpenSSL 0.9
CVE:CVE-2010-2939 (Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted private key with an invalid prime. NOTE: some sources refer to this as a use-after-free issue.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2100-1] New openssl packages fix double free (02.09.2010)

libHX library buffer overflow
Published:02.09.2010
Source:
SecurityVulns ID:11114
Type:library
Threat Level:
5/10
Description:Hep buffer overflow in HX_split function.
Affected:HX : libHX 3.5
CVE:CVE-2010-2947 (Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a string that is inconsistent with the expected number of fields.)
Original documentdocumentMANDRIVA, [ MDVSA-2010:165 ] libHX (02.09.2010)

Apple WebKit / Safari DoS
Published:02.09.2010
Source:
SecurityVulns ID:11115
Type:client
Threat Level:
5/10
Description:Crash on SGV style parameters parsing.
Affected:APPLE : Safari 5.0
Original documentdocumentLostmon lords, {Lostmon - Groups} Safari for windows Invalid SGV text style Webkit.dll DoS (02.09.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod