Computer Security
[EN] securityvulns.ru no-pyccku


Mozilla Firefox / Thunderbird / SeaMonkey multiple security vulnerabilities
updated since 01.06.2007
Published:05.06.2007
Source:
SecurityVulns ID:7761
Type:client
Threat Level:
8/10
Description:Multiple DoS conditions, addEventListener method crossite scripting. Multiple heap oberflows, integer overflows, etc.
Affected:MOZILLA : Thunderbird 1.5
 MOZILLA : Firefox 1.5
 MOZILLA : Seamonkey 1.0
 MOZILLA : Firefox 2.0
 MOZILLA : Thunderbird 2.0
 MOZILLA : SeaMonkey 1.1
 ICEAPE : iceape 1.0
 XULRUNNER : xulrunner 1.8
 ICEWEASEL : iceweasel 2.0
CVE:CVE-2007-2871 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: this issue can be leveraged for phishing and other attacks.)
 CVE-2007-2870 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to bypass the same-origin policy and conduct cross-site scripting (XSS) and other attacks by using the addEventListener method to add an event listener for a site, which is executed in the context of that site.)
 CVE-2007-2869 (The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service (persistent temporary CPU consumption) via a large number of characters in a submitted form.)
 CVE-2007-2868 (Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger memory corruption.)
 CVE-2007-2867 (Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) via vectors related to dangling pointers, heap corruption, signed/unsigned, and other issues.)
 CVE-2007-1562 (The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.)
 CVE-2007-1558 (The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail, and (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2.)
 CVE-2007-1362 (Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to cause a denial of service via (1) a large cookie path parameter, which triggers memory consumption, or (2) an internal delimiter within cookie path or name values, which could trigger a misinterpretation of cookie data, aka "Path Abuse in Cookies.")
Original documentdocumentThor Larholm, Unpatched input validation flaw in Firefox 2.0.0.4 (05.06.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-17 (01.06.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-16 (01.06.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-15 (01.06.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-14 (01.06.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-13 (01.06.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-12 (01.06.2007)
 documentMOZILLA, Mozilla Foundation Security Advisory 2007-11 (01.06.2007)
 documentCERT, US-CERT Technical Cyber Security Alert TA07-151A -- Mozilla Updates for Multiple Vulnerabilities (01.06.2007)

Symantec VERITAS Storage Foundation multiple security vulnerabilities
updated since 03.06.2007
Published:05.06.2007
Source:
SecurityVulns ID:7770
Type:remote
Threat Level:
7/10
Description:DoS via resource consumption against TCP/8199 administrative service. VxSchedService.exe (TCP/4888) scheduler service authentication bypass and code execution.
Affected:SYMANTEC : VERITAS Storage Foundation 4.3
CVE:CVE-2007-2279 (The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create (1) PreScript or (2) PostScript registry values under Veritas\VxSvc\CurrentVersion\Schedules specifying future command execution.)
 CVE-2007-1593 (The administrative service in Symantec Veritas Volume Replicator (VVR) for Windows 3.1 through 4.3, and VVR for Unix 3.5 through 5.0, in Symantec Storage Foundation products allows remote attackers to cause a denial of service (memory consumption and service crash) via a crafted packet to the service port (8199/tcp) that triggers a request for more memory than available, which causes the service to write to an invalid pointer.)
Original documentdocument3COM, TPTI-07-08: Symantec Veritas Storage Foundation Scheduler Service Authentication Bypass Vulnerability (05.06.2007)
 documentSYMANTEC, SYM07-009,Symantec Storage Foundation for Windows Volume Manager: Authentication Bypass and Potential Code Execution in Scheduler Service (05.06.2007)
 documentIDEFENSE, iDefense Security Advisory 06.01.07: Symantec VERITAS Storage Foundation Administration Service DoS Vulnerability (03.06.2007)

ClamAV antivirus DoS
Published:05.06.2007
Source:
SecurityVulns ID:7780
Type:remote
Threat Level:
6/10
Description:Resources exhaustion on OLE2 documents parsing.
Affected:CLAMAV : ClamAV 0.90
CVE:CVE-2007-2650 (The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file.)
Original documentdocumentMANDRIVA, [ MDKSA-2007:115 ] - Updated clamav packages fix vulnerabilities (05.06.2007)

Macrovision FLEXnet ActiveX buffer overflow
Published:05.06.2007
Source:
SecurityVulns ID:7781
Type:client
Threat Level:
6/10
Description:Buffer overflow in boisweb.dll.
Affected:MACROVISION : FLEXnet Connect 6
CVE:CVE-2007-2419 (Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328.)
Original documentdocument3COM, TPTI-07-09: Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability (05.06.2007)

Centennial Symantec Discovery buffer overflow
Published:05.06.2007
Source:
SecurityVulns ID:7782
Type:remote
Threat Level:
5/10
Description:XferWan.exe stack buffer overflow.
Affected:CENTENNIAL : Symantec Discovery 6.5
CVE:CVE-2007-2514 (Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation duplicate of CVE-2007-1173.)
Original documentdocument3COM, TPTI-07-10: Centennial Software XferWan.exe Stack Overflow Vulnerability (05.06.2007)

screen password protection bypass
Published:05.06.2007
Source:
SecurityVulns ID:7783
Type:local
Threat Level:
5/10
Description:Some key sequences allow access to locked console.
Affected:SCREEN : screen 4.0
Original documentdocumentPaul Melson, Re: [Full-disclosure] screen 4.0.3 local Authentication Bypass (05.06.2007)
 documentrembrandt_(at)_jpberlin.de, [Full-disclosure] screen 4.0.3 local Authentication Bypass (05.06.2007)

libexif library integer overflow
updated since 05.06.2007
Published:13.06.2007
Source:
SecurityVulns ID:7779
Type:library
Threat Level:
5/10
Description:Integer overflow on EXIF data parsing.
Affected:LIBEXIF : libexif 0.6
CVE:CVE-2007-2645 (Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 06.13.07: Multiple Vendor libexif Integer Overflow Heap Corruption Vulnerability (13.06.2007)
 documentRPATH, rPSA-2007-0115-1 libexif (05.06.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod