Computer Security
[EN] securityvulns.ru no-pyccku


ClamAV antivirus multiple security vulnerabilities
Published:12.12.2010
Source:
SecurityVulns ID:11288
Type:library
Threat Level:
6/10
Description:Memory corruption on PDF and PE parsing.
Affected:CLAMAV : ClamAV 0.96
CVE:CVE-2010-4479 (Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka "bb #2380," a different vulnerability than CVE-2010-4260.)
 CVE-2010-4261 (Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.)
 CVE-2010-4260 (Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #2396.")
Original documentdocumentUBUNTU, [USN-1031-1] ClamAV vulnerabilities (12.12.2010)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:12.12.2010
Source:
SecurityVulns ID:11289
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:JOOMLA : Joomla 1.5
 CETERA : Cetera eCommerce 14.0
 HP : Palm webOS 1.4
 DIFERIOR : Diferior 8.03
 CMSCOUT : CMScout 2.09
 SLICKMSG : slickMsg 0.7
 LEXIPIXEL : BizDir 05.10
 PERL : CGI.pm 3.50
 PERL : CGI::Simple 1.112
 WWWTHREADS : WWWThreads 5.0
 SOLARISWINDS : Orion NPM 10.1
 NOVELL : Vibe 3
CVE:CVE-2010-4322 (Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog (aka What Are You Working On?) field.)
 CVE-2010-4109 (Cross-site scripting (XSS) vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file.)
Original documentdocumentHP, [security bulletin] HPSBMI02614 SSRT100344 rev.1 - HP webOS Contacts Application, Remote Execution of Arbitrary Code (12.12.2010)
 documentrobkraus_(at)_solutionary.com, Novell Vibe 3 BETA OnPrem Stored Cross-site Scripting Vulnerability (12.12.2010)
 documentJohn Blakley, Multiple XSS in Solarwinds Orion NPM 10.1 (12.12.2010)
 documentAliaksandr Hartsuyeu, www.eVuln.com : HTTP Response Splitting in WWWThreads (php version) (12.12.2010)
 documentAliaksandr Hartsuyeu, www.eVuln.com : Non-persistent XSS in WWWThreads (perl version) (12.12.2010)
 documentMANDRIVA, [ MDVSA-2010:250 ] perl-CGI-Simple (12.12.2010)
 documentAliaksandr Hartsuyeu, www.eVuln.com : Non-persistent XSS in BizDir (12.12.2010)
 documentAliaksandr Hartsuyeu, www.eVuln.com : Non-persistent XSS in slickMsg (12.12.2010)
 documentHigh-Tech Bridge Security Research, XSRF (CSRF) in CMScout (12.12.2010)
 documentHigh-Tech Bridge Security Research, XSS vulnerability in Diferior (12.12.2010)
 documentHigh-Tech Bridge Security Research, Cross Site Scripting vulnerability in Diferior (12.12.2010)
 documentMustLive, Новые уязвимости в Joomla (12.12.2010)
 documentMustLive, Новые уязвимости в Cetera eCommerce (12.12.2010)

PHP integer overflow
Published:12.12.2010
Source:
SecurityVulns ID:11291
Type:library
Threat Level:
6/10
Description:NumberFormatter::getSymbol integer overflow.
Affected:PHP : PHP 5.3
CVE:CVE-2010-4409 (Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument.)
Original documentdocumentMaksymilian Arciemowicz, PHP 5.3.3 NumberFormatter::getSymbol Integer Overflow (12.12.2010)

ManageEngine EventLog Analyzer vulnerabilities
Published:12.12.2010
Source:
SecurityVulns ID:11292
Type:remote
Threat Level:
5/10
Description:Crossite scripting, syslog DoS.
Affected:MANAGEENGINE : ManageEngine EventLog Analyzer 6.1
Original documentdocumentrobkraus_(at)_solutionary.com, ManageEngine EventLog Analyzer Multiple Cross-site Scripting (XSS) Vulnerabilities (12.12.2010)
 documentrobkraus_(at)_solutionary.com, ManageEngine EventLog Analyzer Syslog Remote Denial of Service Vulnerability (12.12.2010)

CA XOsoft buffer overflow
Published:12.12.2010
Source:
SecurityVulns ID:11293
Type:remote
Threat Level:
6/10
Description:Buffer overflow on SOAP request parsing.
Affected:CA : XOsoft 12.0
 CA : XOsoft 12.5
 CA : ARCserve Replication and High Availability 15.0
CVE:CVE-2010-3984 (Buffer overflow in mng_core_com.dll in CA XOsoft Replication r12.0 SP1 and r12.5 SP2 rollup, CA XOsoft High Availability r12.0 SP1 and r12.5 SP2 rollup, CA XOsoft Content Distribution r12.0 SP1 and r12.5 SP2 rollup, and CA ARCserve Replication and High Availability (RHA) r15.0 SP1 allows remote attackers to execute arbitrary code via a crafted create_session_bab operation in a SOAP request to xosoapapi.asmx.)
Original documentdocumentCA, CA20101209-01: Security Notice for CA XOsoft (12.12.2010)

HP-UX DoS
Published:12.12.2010
Source:
SecurityVulns ID:11294
Type:library
Threat Level:
5/10
Description:DoS against threaded applicatons.
Affected:HP : HP-UX 11.11
 HP : HP-UX 11.23
 HP : HP-UX 11.31
CVE:CVE-2010-4108 (HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors.)
Original documentdocumentHP, [security bulletin] HPSBUX02611 SSRT090201 rev.1 - HP-UX Running Threaded Processes, Remote Denial of Service (DoS) (12.12.2010)

Exim memory corruption and remote code execution
updated since 12.12.2010
Published:03.02.2011
Source:
SecurityVulns ID:11287
Type:remote
Threat Level:
9/10
Affected:EXIM : exim 4.69
 EXIM : exim 4.72
CVE:CVE-2011-0017 (The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.)
 CVE-2010-4345 (Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.)
 CVE-2010-4344 (Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.)
Original documentdocumentDEBIAN, [SECURITY] [DSA-2154-1] exim4 security update (03.02.2011)
 documentEXIM, Exim security issue in historical release (13.12.2010)
 documentDEBIAN, [SECURITY] [DSA-2131-1] New exim4 packages fix remote code execution (12.12.2010)

Apple QuickTime multiple security vulnerabilities
updated since 12.12.2010
Published:04.07.2011
Source:
SecurityVulns ID:11290
Type:remote
Threat Level:
8/10
Description:Memory corruptions on MPEG, Sorenson, AVI, JP2, FlashPix, GIF, PICT, QTVR and another video formats parsing.
Affected:QUICKTIME : QuickTime 7.6
CVE:CVE-2011-0209 (Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file.)
 CVE-2010-4009 (Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.)
 CVE-2010-3802 (Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted panorama atom in a QuickTime Virtual Reality (QTVR) movie file.)
 CVE-2010-3801 (Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted FlashPix file.)
 CVE-2010-3800 (Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file.)
 CVE-2010-3795 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of GIF image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.)
 CVE-2010-3794 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of FlashPix image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.)
 CVE-2010-3793 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Sorenson movie file.)
 CVE-2010-3792 (Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file.)
 CVE-2010-3791 (Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file.)
 CVE-2010-3790 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary.)
 CVE-2010-3789 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted AVI file.)
 CVE-2010-3788 (QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file.)
 CVE-2010-3787 (Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image.)
 CVE-2010-1508 (Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms.)
 CVE-2010-0530 (Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in the profile of a user account, which allows local users to obtain sensitive information by reading files in this directory.)
Original documentdocumentZDI, ZDI-11-229: Apple QuickTime RIFF fmt Chunk Parsing Remote Code Execution Vulnerability (04.07.2011)
 documentZDI, ZDI-11-231: Apple QuickTime Pict File Matrix Parsing Remote Code Execution Vulnerability (04.07.2011)
 documentZDI, ZDI-11-038: Apple Quicktime Sprite Transformation Remote Code Execution Vulnerability (04.02.2011)
 documentCHECKPOINT, Apple Quicktime Memory Corruption - CVE-2010-3801 (17.12.2010)
 documentIDEFENSE, iDefense Security Advisory 12.07.10: Apple QuickTime PICT Memory Corruption Vulnerability (12.12.2010)
 documentSECUNIA, Secunia Research: QuickTime Track Dimensions Buffer Overflow Vulnerability (12.12.2010)
 documentAPPLE, About the security content of QuickTime 7.6.9 (12.12.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod