Computer Security
[EN] securityvulns.ru no-pyccku


Privoxy information leakage
Published:13.03.2013
Source:
SecurityVulns ID:12946
Type:client
Threat Level:
6/10
Description:Proxy-Authenticate and Proxy-Authorization headers are not filtered, making it possible to hijack authentication information.
CVE:CVE-2013-2503 (Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code.)
Original documentdocumentcontact_(at)_c22.cc, Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503 (13.03.2013)

Microsoft Silverlight code execution
Published:13.03.2013
Source:
SecurityVulns ID:12948
Type:library
Threat Level:
6/10
Description:Memory corruption.
Affected:MICROSOFT : Silverlight 5
CVE:CVE-2013-0074 (Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability.")
Files:Microsoft Security Bulletin MS13-022 - Critical Vulnerability in Silverlight Could Allow Remote Code Execution (2814124)

Microsoft Visio Viewer memory corruption
Published:13.03.2013
Source:
SecurityVulns ID:12949
Type:local
Threat Level:
5/10
Description:Memory corruption on Visio files prasing.
Affected:MICROSOFT : Visio Viewer 2010
CVE:CVE-2013-0079 (Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability.")
Files:Microsoft Security Bulletin MS13-023 - Critical Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2801261)

Microsoft Sharepoint multiple security vulnerabilities
Published:13.03.2013
Source:
SecurityVulns ID:12950
Type:remote
Threat Level:
8/10
Description:Buffer oveflows, directory traversal, crossite scripting, code execution.
Affected:MICROSOFT : SharePoint Server 2010
 MICROSOFT : SharePoint Foundation 2010
CVE:CVE-2013-0085 (Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a denial of service (W3WP process crash and site outage) via a crafted URL, aka "Buffer Overflow Vulnerability.")
 CVE-2013-0084 (Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "SharePoint Directory Traversal Vulnerability.")
 CVE-2013-0083 (Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command execution, aka "SharePoint XSS Vulnerability.")
 CVE-2013-0080 (Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability.")
Files:Microsoft Security Bulletin MS13-024 - Critical Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2780176)

Microsoft OneNote information leakage
Published:13.03.2013
Source:
SecurityVulns ID:12951
Type:client
Threat Level:
5/10
Description:Information leakage on OneNote files parsing.
Affected:MICROSOFT : OneNote 2010
CVE:CVE-2013-0086 (Microsoft OneNote 2010 SP1 does not properly determine buffer sizes during memory allocation, which allows remote attackers to obtain sensitive information via a crafted OneNote file, aka "Buffer Size Validation Vulnerability.")
Files:Microsoft Security Bulletin MS13-025 - Important Vulnerability in Microsoft OneNote Could Allow Information Disclosure (2816264)

Microsoft Outlook for Mac information leakage
Published:13.03.2013
Source:
SecurityVulns ID:12952
Type:client
Threat Level:
4/10
Description:External content is requested during message parsing.
Affected:MICROSOFT : Office 2008 for Mac
 MICROSOFT : Office 2011 for Mac
CVE:CVE-2013-0095 (Outlook in Microsoft Office for Mac 2008 before 12.3.6 and Office for Mac 2011 before 14.3.2 allows remote attackers to trigger access to a remote URL and consequently confirm the rendering of an HTML e-mail message by including unspecified HTML5 elements and leveraging the installation of a WebKit browser on the victim's machine, aka "Unintended Content Loading Vulnerability.")

Microsoft Windows USB devices privilege escalation
updated since 13.03.2013
Published:19.03.2013
Source:
SecurityVulns ID:12953
Type:local
Threat Level:
4/10
Description:Few different vulnerabilities on USB device plugging with ability of code execution.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
 MICROSOFT : Windows 8
 MICROSOFT : Windows 2012 Server
CVE:CVE-2013-1287 (The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1285 and CVE-2013-1286.)
 CVE-2013-1286 (The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1285 and CVE-2013-1287.)
 CVE-2013-1285 (The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1286 and CVE-2013-1287.)
Original documentdocumentNCC Group Research, NGS00440 Patch Notification: Windows USB RNDIS driver kernel pool overflow (19.03.2013)
Files:Microsoft Security Bulletin MS13-027 - Important Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2807986)

Microsoft Internet Explorer multiple security vulnerabilities
updated since 13.03.2013
Published:24.03.2013
Source:
SecurityVulns ID:12947
Type:client
Threat Level:
7/10
Description:Multiple use-after-free vulnerabilities.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
 MICROSOFT : Windows 8
 MICROSOFT : Windows 2012 Server
CVE:CVE-2013-1288 (Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CTreeNode Use After Free Vulnerability.")
 CVE-2013-0094 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer removeChild Use After Free Vulnerability.")
 CVE-2013-0093 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer onBeforeCopy Use After Free Vulnerability.")
 CVE-2013-0092 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer GetMarkupPtr Use After Free Vulnerability.")
 CVE-2013-0091 (Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CElement Use After Free Vulnerability.")
 CVE-2013-0090 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability.")
 CVE-2013-0089 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkupBehaviorContext Use After Free Vulnerability.")
 CVE-2013-0088 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer saveHistory Use After Free Vulnerability.")
 CVE-2013-0087 (Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer OnResize Use After Free Vulnerability.")
Original documentdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnMove" Use-after-free (MS13-021 / CVE-2013-0087) (24.03.2013)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnResize" Use-after-free (MS13-021 / CVE-2013-0087) (24.03.2013)
Files:Microsoft Security Bulletin MS13-021 - Critical Cumulative Security Update for Internet Explorer (2809289)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod