Computer Security
[EN] securityvulns.ru no-pyccku


Computer Associates applications multiple security vulnerabilities
Published:08.08.2009
Source:
SecurityVulns ID:10122
Type:remote
Threat Level:
7/10
Description:Multiple vulnerabilities, inluding remote buffer overflow.
Affected:CA : Unicenter Asset Portfolio Management 11.3
 CA : Unicenter Desktop and Server Management 11.2
 CA : Unicenter Patch Management 11.2
CVE:CVE-2009-2026 (Stack-based buffer overflow in a token searching function in the dtscore library in Data Transport Services in CA Software Delivery r11.2 C1, C2, C3, and SP4; Unicenter Software Delivery 4.0 C3; CA Advantage Data Transport 3.0 C1; and CA IT Client Manager r12 allows remote attackers to execute arbitrary code via crafted data.)
 CVE-2008-1232 (Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method.)
Original documentdocumentCA, CA20090806-01: Security Notice for Data Transport Services (08.08.2009)
 documentEMC, ZDI-09-052: CA Unicenter Software Delivery dtscore.dll Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-052 August 7, 2009 -- Affected Vendors: Computer Associates -- Affected Products: Computer Associates Unicenter S (08.08.2009)
 documentZDI, ZDI-09-052: CA Unicenter Software Delivery dtscore.dll Stack Overflow Vulnerability (08.08.2009)

EMC Replication Manager code execution
Published:08.08.2009
Source:
SecurityVulns ID:10123
Type:remote
Threat Level:
7/10
Description:Application execution via XML-based service on TCP/6700.
Original documentdocumentZDI, ZDI-09-051: EMC Replication Manager Client Control Service Remove Code Execution Vulnerability (08.08.2009)

ASUS notebooks and motherboards privilege escalations
Published:08.08.2009
Source:
SecurityVulns ID:10124
Type:local
Threat Level:
2/10
Description:There are multiple possibilities for user with phisical memory access to execute code in high-pribileged SMM processor mode.
Original documentdocumentcore collapse, ASUS Eee PC and other series: BIOS SMM privilege escalation vulnerabilities (08.08.2009)

IBM AIX libc privilege escalation
Published:08.08.2009
Source:
SecurityVulns ID:10128
Type:local
Threat Level:
6/10
Description:It's possible to maniuplate files via _LIB_INIT_DBG and _LIB_INIT_DBG_FILE environment variables for suid applications.
Affected:IBM : AIX 5.3
Original documentdocumentIDEFENSE, iDefense Security Advisory 08.06.09: IBM AIX libC _LIB_INIT_DBG Arbitrary File Creation Vulnerability (08.08.2009)

Adobe Flash Player / AIR integer overflow
updated since 03.08.2009
Published:08.08.2009
Source:
SecurityVulns ID:10116
Type:client
Threat Level:
8/10
Description:Integer overflow in intrf_count field of instance_info structure
CVE:CVE-2009-1869 (Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.)
 CVE-2009-1868 (Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 08.07.09: Adobe Flash Player Invalid Loader Object Reference Vulnerability (08.08.2009)
 documentIDEFENSE, iDefense Security Advisory 08.06.09: Adobe Flash Player URL Parsing Heap Overflow Vulnerability (07.08.2009)
 documentRoee Hay, Advisory: Adobe Flash Player and AIR AVM2 intf_count Integer Overflow Remote Code Execution (CVE-2009-1869) (03.08.2009)

Memcached buffer overflow
Published:08.08.2009
Source:
SecurityVulns ID:10126
Type:library
Threat Level:
6/10
Description:Integer overflow leading to heap buffer overflows.
Affected:MEMCACHED : memcached 1.2
CVE:CVE-2009-2415 (Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1853-1] New memcached packages fix arbitrary code execution (08.08.2009)

fetchmail certificate spoofing
Published:08.08.2009
Source:
SecurityVulns ID:10125
Type:m-i-t-m
Threat Level:
5/10
Description:It's possible to spoof certificate name with NULL byte in prefix.
Affected:FETCHMAIL : fetchmail 6.3
CVE:CVE-2009-2666 (socket.c in fetchmail before 6.3.11 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.)
Original documentdocumentMatthias Andree, fetchmail security announcement fetchmail-SA-2009-01 (CVE-2009-2666) (08.08.2009)
 documentDEBIAN, [SECURITY] [DSA 1852-1] New fetchmail packages fix SSL certificate verification weakness (08.08.2009)

Subversion / APR multiple buffer overflows
Published:08.08.2009
Source:
SecurityVulns ID:10127
Type:library
Threat Level:
7/10
Description:Multiple integer overflows in libsvn_delta library.
Affected:APACHE : Subversion 1.5
 SUBVERSION : Subversion 1.6
 APR : apr 0.9
 APR : apr 1.3
CVE:CVE-2009-2412 (Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information.)
 CVE-2009-2411 (Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412.)
Original documentdocumentMatt Lewis, Subversion heap overflow (08.08.2009)

Sun Java multiple security vulnerabilities
Published:08.08.2009
Source:
SecurityVulns ID:10129
Type:library
Threat Level:
9/10
Description:Integer overflow on JAR-files unpacking. Integer overflow on JPEG parsing.
Original documentdocumentZDI, ZDI-09-049: Sun Java Pack200 Decoding Inner Class Count Integer Overflow Vulnerability (08.08.2009)
 documentZDI, ZDI-09-050: Sun Java Web Start JPEG Header Parsing Integer Overflow Vulnerability (08.08.2009)
 documentIDEFENSE, iDefense Security Advisory 08.06.09: Sun Java Runtime Environment (JRE) Pack200 Decompression Integer Overflow Vulnerability (08.08.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod