Computer Security
[EN] securityvulns.ru no-pyccku


Apple QuickTime multiple security vulnerabilities
Published:09.11.2012
Source:
SecurityVulns ID:12704
Type:client
Threat Level:
7/10
Description:Multiple memory corruptions on different file formats and server responses parsing and in ActiveX components.
Affected:APPLE : QuickTime 7.7
CVE:CVE-2012-3758 (Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted transform attribute in a text3GTrack element in a QuickTime TeXML file.)
 CVE-2012-3757 (Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file.)
 CVE-2012-3756 (Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted rnet box in an MP4 movie file.)
 CVE-2012-3755 (Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Targa image.)
 CVE-2012-3754 (Use-after-free vulnerability in the Clear method in the ActiveX control in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.)
 CVE-2012-3753 (Buffer overflow in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIME type.)
 CVE-2012-3752 (Multiple buffer overflows in Apple QuickTime before 7.7.3 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted style element in a QuickTime TeXML file.)
 CVE-2012-3751 (Use-after-free vulnerability in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with a crafted _qtactivex_ parameter in an OBJECT element.)
 CVE-2011-1374 (Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted REGION record in a PICT file.)
Original documentdocumentAPPLE, APPLE-SA-2012-11-07-1 QuickTime 7.7.3 (09.11.2012)

IcedTea-Web memory corruption
Published:09.11.2012
Source:
SecurityVulns ID:12705
Type:client
Threat Level:
5/10
Affected:ICEDTEA : icedtea-web 1.3
CVE:CVE-2012-4540 (Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, and 1.3.x before 1.3.1 allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a "triggering event attached to applet.")
Original documentdocumentUBUNTU, [USN-1625-1] Icedtea-Web vulnerability (09.11.2012)

Glance unauthorized images deletion
Published:09.11.2012
Source:
SecurityVulns ID:12706
Type:library
Threat Level:
5/10
Description:Insufficient access control validation.
Affected:OPENSTACK : glance 2012.2
CVE:CVE-2012-4573 (The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482.)
Original documentdocumentUBUNTU, [USN-1626-1] Glance vulnerability (09.11.2012)

Cisco Secure Access Control System authentication bypass
Published:09.11.2012
Source:
SecurityVulns ID:12707
Type:remote
Threat Level:
7/10
Description:Insufficient password check if TACACS+ authentication is used with LDAP.
Affected:CISCO : Secure ACS 5.3
 CISCO : Secure ACS 5.2
CVE:CVE-2012-5424 (Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and 5.3 before 5.3 Patch 7, when a certain configuration involving TACACS+ and LDAP is used, does not properly validate passwords, which allows remote attackers to bypass authentication by sending a valid username and a crafted password string, aka Bug ID CSCuc65634.)
Files:Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability
 Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability

Cisco Nexus 1000V protection bypass
Published:09.11.2012
Source:
SecurityVulns ID:12708
Type:remote
Threat Level:
4/10
Description:Under some conditions devices with invalid licenses and disabled protection do not display valid status.
Affected:CISCO : Cisco Nexus 1000V
Files:Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:09.11.2012
Source:
SecurityVulns ID:12709
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:AWCM : AWCM 2.2
 WORDPRESS : AJAX Post Search 1.1
 CMSMADESIMPLE : CMS Made Simple 1.11
CVE:CVE-2012-5450 (Cross-site request forgery (CSRF) vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) 1.11.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deld parameter.)
 CVE-2012-2438 (ar web content manager (AWCM) 2.2 does not restrict the number of comment records that can be submitted through HTTP requests, which allows remote attackers to cause a denial of service (disk consumption) via the coment parameter to (1) show_video.php or (2) topic.php.)
 CVE-2012-2437 (cookie_gen.php in ar web content manager (AWCM) 2.2 does not require authentication, which allows remote attackers to generate arbitrary cookies via the name parameter in conjunction with the content parameter.)
Original documentdocumentsonpostman_(at)_gmail.com, Vulnerability Report on AWCM 2.2 (09.11.2012)
 documentHigh-Tech Bridge Security Research, Cross-Site Request Forgery (CSRF) in CMS Made Simple (09.11.2012)
 documentmarcelavbx_(at)_gmail.com, Sql injection in AJAX post Search wordpress plugin (09.11.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod