Computer Security
[EN] securityvulns.ru no-pyccku


Proofpoint Protection Server crossite scripting
Published:03.05.2011
Source:
SecurityVulns ID:11645
Type:remote
Threat Level:
4/10
Description:Crossite scripting in web interface.
Affected:PROOFPOINT : Proofpoint Protection Server 5.5
Original documentdocumentlists_(at)_senseofsecurity.com, Proofpoint Protection Server Cross-Site Scripting Vulnerability - SOS-11-005 (03.05.2011)

Vino VNC server DoS
Published:03.05.2011
Source:
SecurityVulns ID:11646
Type:remote
Threat Level:
4/10
Description:Crash on client request processing.
CVE:CVE-2011-0905 (The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation.)
 CVE-2011-0904 (The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions.)
Original documentdocumentUBUNTU, [USN-1128-1] Vino vulnerabilities (03.05.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod