Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Remote Desktop Connection Client ActiveX code execution
Published:12.04.2013
Source:
SecurityVulns ID:13003
Type:client
Threat Level:
7/10
Description:Use-after-free in ActiveX
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2013-1296 (The Remote Desktop ActiveX control in mstscax.dll in Microsoft Remote Desktop Connection Client 6.1 and 7.0 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a web page that triggers access to a deleted object, and allows remote RDP servers to execute arbitrary code via unspecified vectors that trigger access to a deleted object, aka "RDP ActiveX Control Remote Code Execution Vulnerability.")
Files:Microsoft Security Bulletin MS13-029 - Critical Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2828223)

Microsoft SharePoint weak permissions
Published:12.04.2013
Source:
SecurityVulns ID:13004
Type:remote
Threat Level:
6/10
Description:Weak documents access rights.
Affected:MICROSOFT : SharePoint Server 2013
CVE:CVE-2013-1290 (Microsoft SharePoint Server 2013, in certain configurations involving legacy My Sites, does not properly establish default access controls for a SharePoint list, which allows remote authenticated users to bypass intended restrictions on reading list items via a direct request for a list's location, aka "Incorrect Access Rights Information Disclosure Vulnerability.")
Files:Microsoft Security Bulletin MS13-030 - Important Vulnerability in SharePoint Could Allow Information Disclosure (2827663)

Microsoft Windows multiple security vulnerabilities
Published:12.04.2013
Source:
SecurityVulns ID:13005
Type:local
Threat Level:
7/10
Description:Multiple privilege escalations in kernel, CSRSS and drivers.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
 MICROSOFT : Windows 8
 MICROSOFT : Windows 2012 Server
 MICROSOFT : Windows RT
CVE:CVE-2013-1295 (The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "CSRSS Memory Corruption Vulnerability.")
 CVE-2013-1294 (Race condition in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Kernel Race Condition Vulnerability.")
 CVE-2013-1293 (The NTFS kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application that leverages improper handling of objects in memory, aka "NTFS NULL Pointer Dereference Vulnerability.")
 CVE-2013-1292 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Race Condition Vulnerability.")
 CVE-2013-1291 (win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 Gold and SP1, and Windows 8 allows local users to cause a denial of service (reboot) via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability" or "Win32k Font Parsing Vulnerability.")
 CVE-2013-1284 (Race condition in the kernel in Microsoft Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Kernel Race Condition Vulnerability.")
 CVE-2013-1283 (Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Race Condition Vulnerability.")
Files:Microsoft Security Bulletin MS13-031 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2813170)
 Microsoft Security Bulletin MS13-033 - Important Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation of Privilege (2820917)
 Microsoft Security Bulletin MS13-036 - Important Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege (2829996)

Microsoft Active Directory DoS
Published:12.04.2013
Source:
SecurityVulns ID:13006
Type:remote
Threat Level:
5/10
Description:Memory exhaustion.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
 MICROSOFT : Windows 8
 MICROSOFT : Windows 2012 Server
CVE:CVE-2013-1282 (The LDAP service in Microsoft Active Directory, Active Directory Application Mode (ADAM), Active Directory Lightweight Directory Service (AD LDS), and Active Directory Services allows remote attackers to cause a denial of service (memory consumption and service outage) via a crafted query, aka "Memory Consumption Vulnerability.")
Files:Microsoft Security Bulletin MS13-032 - Important Vulnerability in Active Directory Could Lead to Denial of Service (2830914)

Microsoft multiple applications crossite scripting
Published:12.04.2013
Source:
SecurityVulns ID:13008
Type:remote
Threat Level:
6/10
Description:Invalid characters sanitization.
Affected:MICROSOFT : InfoPath 2010
 MICROSOFT : SharePoint Server 2010
 MICROSOFT : SharePoint Foundation 2010
 MICROSOFT : Office Web Apps 2010
 MICROSOFT : Groove Server 2010
CVE:CVE-2013-1289 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1, Groove Server 2010 SP1, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted string, aka "HTML Sanitization Vulnerability.")
Files:Microsoft Security Bulletin MS13-035 - Important Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2821818)

Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.04.2013
Published:04.05.2013
Source:
SecurityVulns ID:13002
Type:client
Threat Level:
7/10
Description:Use-after-free vulnerabilities.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
 MICROSOFT : Windows 8
 MICROSOFT : Windows 2012 Server
CVE:CVE-2013-1304 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1303 and CVE-2013-1338.)
 CVE-2013-1303 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1304 and CVE-2013-1338.)
Original documentdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "Scroll" Use-after-free (MS13-028) (04.05.2013)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "CDisplayPointer" Use-after-free (MS13-028) (04.05.2013)
Files:Microsoft Security Bulletin MS13-028 - Critical Cumulative Security Update for Internet Explorer (2817183)

Microsoft Antimalware privilege escalation
updated since 12.04.2013
Published:06.05.2013
Source:
SecurityVulns ID:13007
Type:local
Threat Level:
6/10
Description:It's possible to execute code with local system rights.
Affected:MICROSOFT : Windows 8
 MICROSOFT : Windows RT
CVE:CVE-2013-0078 (The Microsoft Antimalware Client in Windows Defender on Windows 8 and Windows RT uses an incorrect pathname for MsMpEng.exe, which allows local users to gain privileges via a crafted application, aka "Microsoft Antimalware Improper Pathname Vulnerability.")
Original documentdocumentStefan Kanthak, Vulnerability in Microsoft Security Essentials <v4.2 (06.05.2013)
Files:Microsoft Security Bulletin MS13-034 - Important Vulnerability in Microsoft Antimalware Client Could Allow Elevation of Privilege (2823482)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod