Computer Security
[EN] securityvulns.ru no-pyccku


Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
updated since 01.05.2011
Published:11.05.2011
Source:
SecurityVulns ID:11633
Type:client
Threat Level:
9/10
Description:Multiple memory corruptions, uninitialized pointer dereferences, information leakage, code execution.
Affected:MOZILLA : SeaMonkey 2.0
 MOZILLA : Firefox 3.5
 MOZILLA : Firefox 3.6
 MOZILLA : Thunderbird 3.1
 MOZILLA : Firefox 4.0
CVE:CVE-2011-1202 (The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.)
 CVE-2011-0081 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.17 and 4.x before 4.0.1, and Thunderbird 3.1.x before 3.1.10, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2011-0080 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2011-0079 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x before 4.0.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to gfx/layers/d3d10/ReadbackManagerD3D10.cpp and unknown other vectors.)
 CVE-2011-0078 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0077.)
 CVE-2011-0077 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0078.)
 CVE-2011-0076 (Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, on Mac OS X allows remote attackers to bypass intended access restrictions via unknown vectors.)
 CVE-2011-0075 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0077, and CVE-2011-0078.)
 CVE-2011-0074 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078.)
 CVE-2011-0073 (Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly use nsTreeRange data structures, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer.")
 CVE-2011-0072 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078.)
 CVE-2011-0071 (Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL.)
 CVE-2011-0070 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069.)
 CVE-2011-0069 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0070.)
 CVE-2011-0068
 CVE-2011-0067 (Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls.)
 CVE-2011-0066 (Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mObserverList.)
 CVE-2011-0065 (Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel.)
Original documentdocumentZDI, ZDI-11-158: Mozilla Firefox OBJECT mChannel Remote Code Execution Vulnerability (11.05.2011)
 documentZDI, ZDI-11-159: Mozilla Firefox OBJECT mObserverList Remote Code Execution Vulnerability (11.05.2011)
 documentZDI, ZDI-11-157: Mozilla Firefox nsTreeRange Dangling Pointer Remote Code Execution Vulnerability (10.05.2011)
 documentMOZILLA, Mozilla Foundation Security Advisory 2011-18 (01.05.2011)
 documentMOZILLA, Mozilla Foundation Security Advisory 2011-17 (01.05.2011)
 documentMOZILLA, Mozilla Foundation Security Advisory 2011-16 (01.05.2011)
 documentMOZILLA, Mozilla Foundation Security Advisory 2011-15 (01.05.2011)
 documentMOZILLA, Mozilla Foundation Security Advisory 2011-14 (01.05.2011)
 documentMOZILLA, Mozilla Foundation Security Advisory 2011-13 (01.05.2011)
 documentMOZILLA, Mozilla Foundation Security Advisory 2011-12 (01.05.2011)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:11.05.2011
Source:
SecurityVulns ID:11662
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:POMMO : poMMo 16.1
 CALENDARIX : Calendarix 0.8
 OMFAX : KeyFax 3.2
 APACHE : Struts 2.2
CVE:CVE-2011-1772 (Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) an action name, (2) the action attribute of an s:submit element, or (3) the method attribute of an s:submit element.)
Original documentdocumentmarian.ventuneac_(at)_gmail.com, Apache Struts 2 Multiple Reflected XSS in XWork error pages (11.05.2011)
 documentProCheckUp Research, PR10-17 Various XSS and information disclosure flaws within KeyFax response management system (11.05.2011)
 documentPatrick Webster, OSI Security: Civica Spydus Library Management System (LMS) - Cross-Site Scripting Vulnerability (11.05.2011)
 documentHigh-Tech Bridge Security Research, HTB22975: SQL injection in Calendarix (11.05.2011)
 documentHigh-Tech Bridge Security Research, HTB22974: Multiple XSS in Calendarix (11.05.2011)
 documentHigh-Tech Bridge Security Research, HTB22977: XSRF (CSRF) in poMMo (11.05.2011)
 documentHigh-Tech Bridge Security Research, HTB22976: Multiple XSS (Cross Site Scripting) vulnerabilities in poMMo (11.05.2011)

Opera DoS
Published:11.05.2011
Source:
SecurityVulns ID:11663
Type:client
Threat Level:
4/10
Description:NULL pointer dereference on oversized SIZE parameter in SELECT tag.
Affected:OPERA : Opera 10.60
CVE:CVE-2011-1824 (The VEGAOpBitmap::AddLine function in Opera before 10.61 does not properly initialize memory during processing of the SIZE attribute of a SELECT element, which allows remote attackers to trigger an invalid memory write operation, and consequently cause a denial of service (application crash) or possibly execute arbitrary code, via a large integer attribute value.)
Original documentdocumentAdvisories Toucan-System, TSSA-2011-02 - Opera : SELECT SIZE Arbitrary null write (11.05.2011)

Sybase M-Business Anywhere multiple security vulnerabilities
Published:11.05.2011
Source:
SecurityVulns ID:11664
Type:remote
Threat Level:
7/10
Description:Buffer overflows during web access authentication (TCP/80, TCP/443), buffer overflow on SOAP request processing (TCP/8093, TCP/8094).
Original documentdocumentZDI, ZDI-11-154: Sybase M-Business Anywhere agSoap.exe password Tag Remote Code Execution Vulnerability (11.05.2011)
 documentZDI, ZDI-11-155: Sybase M-Business Anywhere Server agd.exe encodeUsername Remote Code Execution Vulnerability (11.05.2011)
 documentZDI, ZDI-11-156: Sybase M-Business Anywhere agd.exe username Parameter Remote Code Execution Vulnerability (11.05.2011)

HP Intelligent Management Center multiple security vulnerabilities
Published:11.05.2011
Source:
SecurityVulns ID:11665
Type:remote
Threat Level:
7/10
Description:Multiple vulnerabilities in different components lead to remote code execution.
CVE:CVE-2011-1854 (Use-after-free vulnerability in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long syslog packet, related to an exception handler.)
 CVE-2011-1853 (tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a (1) large or (2) invalid opcode field, related to a function pointer table.)
 CVE-2011-1852 (Multiple stack-based buffer overflows in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allow remote attackers to execute arbitrary code via crafted packet content accompanying a (1) DATA or (2) ERROR opcode.)
 CVE-2011-1851 (Stack-based buffer overflow in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long mode field.)
 CVE-2011-1850 (Stack-based buffer overflow in the logging functionality in dbman.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via vectors related to a received action.)
 CVE-2011-1849 (tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to create or overwrite files, and subsequently execute arbitrary code, via a crafted WRQ request.)
 CVE-2011-1848 (Stack-based buffer overflow in img.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a crafted length field in a packet.)
Original documentdocumentZDI, ZDI-11-163: HP 3COM/H3C Intelligent Management Center tftpserver mode Remote Code Execution Vulnerability (11.05.2011)
 documentZDI, ZDI-11-166: HP 3COM/H3C Intelligent Management Center imcsyslogdm Remote Code Execution Vulnerability (11.05.2011)
 documentZDI, ZDI-11-165: HP 3COM/H3C Intelligent Management Center tftpserver opcode_table Remote Code Execution Vulnerability (11.05.2011)
 documentZDI, ZDI-11-162: HP 3COM/H3C Intelligent Management Center dbman sprintf Remote Code Execution Vulnerability (11.05.2011)
 documentZDI, ZDI-11-161: HP 3COM/H3C Intelligent Management Center tftpserver WRQ Remote Code Execution Vulnerability (11.05.2011)
 documentZDI, ZDI-11-160: HP 3COM/H3C Intelligent Management Center img Remote Code Execution Vulnerability (11.05.2011)
 documentZDI, ZDI-11-164: HP 3COM/H3C Intelligent Management Center tftpserver DATA/ERROR Remote Code Execution Vulnerability (11.05.2011)
 documentHP, [security bulletin] HPSBGN02680 SSRT100361 rev.1 - HP Intelligent Management Center (IMC), Remote Execution of Arbitrary Code (11.05.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod