Computer Security
[EN] securityvulns.ru no-pyccku


Web Services on Devices Application Programming Interface API memory corruption
Published:11.11.2009
Source:
SecurityVulns ID:10390
Type:library
Threat Level:
8/10
Description:Memory corruption on WSD (TCP/5357, TCP/5358, UDP/3702) network packet parsing.
Affected:MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-2512 (The Web Services on Devices API (WSDAPI) in Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly process the headers of WSD messages, which allows remote attackers to execute arbitrary code via a crafted (1) message or (2) response, aka "Web Services on Devices API Memory Corruption Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS09-063 - Critical Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565) (11.11.2009)
Files:Microsoft Security Bulletin MS09-063 - Critical Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565)

Microsoft Windows 2000 License Logging Server buffer overflow
Published:11.11.2009
Source:
SecurityVulns ID:10391
Type:remote
Threat Level:
6/10
Description:Buffer overflow on RPC call parsing.
Affected:MICROSOFT : Windows 2000 Server
CVE:CVE-2009-2523 (The License Logging Server (llssrv.exe) in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via an RPC message containing a string without a null terminator, which triggers a heap-based buffer overflow in the LlsrLicenseRequestW method, aka "License Logging Server Heap Overflow Vulnerability.")
Original documentdocumentDVLabs, TPTI-09-07: Microsoft Windows License Logging Service Heap Corruption Vulnerability (11.11.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-064 - Critical Vulnerability in License Logging Server Could Allow Remote Code Execution (974783) (11.11.2009)
Files:Microsoft Security Bulletin MS09-064 - Critical Vulnerability in License Logging Server Could Allow Remote Code Execution (974783)

Microsoft Windows GDI code execution
Published:11.11.2009
Source:
SecurityVulns ID:10392
Type:library
Threat Level:
8/10
Description:Memory corruption on EOT (Embedded Open Type) font parsing, privilege escalation, DoS.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-2514 (win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not correctly parse font code during construction of a directory-entry table, which allows remote attackers to execute arbitrary code via a crafted Embedded OpenType (EOT) font, aka "Win32k EOT Parsing Vulnerability.")
 CVE-2009-2513 (The Graphics Device Interface (GDI) in win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Insufficient Data Validation Vulnerability.")
 CVE-2009-1127 (win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not correctly validate an argument to an unspecified system call, which allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, aka "Win32k NULL Pointer Dereferencing Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS09-065 - Critical Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947) (11.11.2009)
Files:Microsoft Security Bulletin MS09-065 - Critical Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947)

Microsoft Active Directory DoS
Published:11.11.2009
Source:
SecurityVulns ID:10393
Type:remote
Threat Level:
5/10
Description:LSASS stack overflow (stack memory exhaustion).
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows 2008 Server
CVE:CVE-2009-1928 (Stack consumption vulnerability in the LDAP service in Active Directory on Microsoft Windows 2000 SP4, Server 2003 SP2, and Server 2008 Gold and SP2; Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2; and Active Directory Lightweight Directory Service (AD LDS) on Windows Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via a malformed (1) LDAP or (2) LDAPS request, aka "LSASS Recursive Stack Overflow Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS09-066 - Important Vulnerability in Active Directory Could Allow Denial of Service (973309) (11.11.2009)
Files:Microsoft Security Bulletin MS09-066 - Important Vulnerability in Active Directory Could Allow Denial of Service (973309)

Microsoft Word memory corruption
Published:11.11.2009
Source:
SecurityVulns ID:10395
Type:client
Threat Level:
7/10
Description:Memory corruption during Microsoft word file parsing.
Affected:MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2004 for Mac
 MICROSOFT : Office 2008 for Mac
CVE:CVE-2009-3135 (Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via a Word document with a malformed File Information Block (FIB) structure, aka "Microsoft Office Word File Information Memory Corruption Vulnerability.")
Original documentdocumentIDEFENSE, iDefense Security Advisory 11.10.09: Microsoft Word FIB Processing Stack Buffer Overflow Vulnerability (11.11.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-068 - Important Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307) (11.11.2009)
Files:Microsoft Security Bulletin MS09-068 - Important Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307)

Atheros based wireless access points DoS
Published:11.11.2009
Source:
SecurityVulns ID:10396
Type:remote
Threat Level:
5/10
Description:Memory corruption on frame parsing.
Affected:NETGEAR : Netgear WNDAP330
 ATHEROS : ATHEROS AR9160-BC1A
CVE:CVE-2009-0052 (The Atheros wireless driver, as used in Netgear WNDAP330 Wi-Fi access point with firmware 2.1.11 and other versions before 3.0.3 on the Atheros AR9160-BC1A chipset, and other products, allows remote authenticated users to cause a denial of service (device reboot or hang) and possibly execute arbitrary code via a truncated reserved management frame.)
Original documentdocumentLaurent Butti, Atheros Driver Reserved Frame Vulnerability (11.11.2009)

Marvell chipset wireless access points buffer overflow
Published:11.11.2009
Source:
SecurityVulns ID:10397
Type:remote
Threat Level:
5/10
Description:Buffer overflow on association request processing.
Affected:Marvell : MARVELL 88W8361P-BEM1
 CISCO : Linksys WAP4400N
CVE:CVE-2007-5475
Original documentdocumentLaurent Butti, Marvell Driver Multiple Information Element Overflows (11.11.2009)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:11.11.2009
Source:
SecurityVulns ID:10398
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:CUTENEWS : Cute News 1.4
 WORDPRESS : WP-Cumulus 1.20
Original documentdocumentMustLive, Vulnerabilities in WP-Cumulus for WordPress (11.11.2009)
 documentAndrew Horton, [MORNINGSTAR-2009-02] Multiple security issues in Cute News and UTF-8 Cute News (11.11.2009)

Microsoft Excel multiple security vulnerabilities
updated since 11.11.2009
Published:12.11.2009
Source:
SecurityVulns ID:10394
Type:client
Threat Level:
7/10
Description:Multiple memory corruptions.
Affected:MICROSOFT : Office XP
 MICROSOFT : Office 2003
 MICROSOFT : Office 2004 for Mac
 MICROSOFT : Office 2007
 MICROSOFT : Office 2008 for Mac
CVE:CVE-2009-3134 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a spreadsheet with a malformed record object, aka "Excel Field Sanitization Vulnerability.")
 CVE-2009-3133 (Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a spreadsheet containing a malformed object that triggers memory corruption, related to "loading Excel records," aka "Excel Document Parsing Memory Corruption Vulnerability.")
 CVE-2009-3132 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a spreadsheet containing a malformed formula, related to a "pointer corruption" issue, aka "Excel Index Parsing Vulnerability.")
 CVE-2009-3131 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a spreadsheet with a crafted formula embedded in a cell, aka "Excel Formula Parsing Memory Corruption Vulnerability.")
 CVE-2009-3130 (Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a spreadsheet containing a malformed Binary File Format (aka BIFF) record that triggers memory corruption, aka "Excel Document Parsing Heap Overflow Vulnerability.")
 CVE-2009-3129 (Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset, aka "Excel Featheader Record Memory Corruption Vulnerability.")
 CVE-2009-3128 (Microsoft Office Excel 2002 SP3 and 2003 SP3, and Office Excel Viewer 2003 SP3, does not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a spreadsheet with a malformed record object, aka "Excel SxView Memory Corruption Vulnerability.")
 CVE-2009-3127 (Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, and Office Excel Viewer 2003 SP3 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Cache Memory Corruption Vulnerability.")
Original documentdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Office Excel Code Execution Vulnerabilities (12.11.2009)
 documentZDI, ZDI-09-082: Microsoft Office Excel PivotTable Cache Record Parsing Memory Corruption Vulnerability (11.11.2009)
 documentZDI, ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability (11.11.2009)
 documentIDEFENSE, ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability (11.11.2009)
 documentIDEFENSE, iDefense Security Advisory 11.10.09: Microsoft Excel FEATHEADER Record Memory Corruption Vulnerability (11.11.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-067 - Important Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652) (11.11.2009)
Files:Microsoft Security Bulletin MS09-067 - Important Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652)

DXMSoft XM Easy Personal FTP Server DoS
updated since 11.11.2009
Published:25.11.2009
Source:
SecurityVulns ID:10399
Type:remote
Threat Level:
5/10
Description:Crash if LIST command is received before PASV or POST.
Affected:DXMSOFT : XM Easy Personal FTP Server 5.8
Original documentdocumentleinakesi_(at)_gmail.com, XM Easy Personal FTP Server Remote DoS Vulnerability (25.11.2009)
 documentzhangmc_(at)_mail.ustc.edu.cn, XM Easy Personal FTP Server 'APPE' and 'DELE' Command Remote Denial of Service Vulnerability (14.11.2009)
 documentzhangmc_(at)_mail.ustc.edu.cn, XM Easy Personal FTP Server 'LIST' Command Remote DoS Vulnerability (11.11.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod