Computer Security
[EN] securityvulns.ru no-pyccku


Mozilla Firefox / Thunderbird / Seamonkey use-after-free
Published:14.02.2012
Source:
SecurityVulns ID:12189
Type:client
Threat Level:
7/10
Description:nsXBLDocumentInfo::ReadPrototypeBindings use-after-free.
Affected:MOZILLA : SeaMonkey 2.7
 MOZILLA : Firefox 10.0
 MOZILLA : Thunderbird 10.0
CVE:CVE-2012-0452 (Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding.)
Files:Mozilla Foundation Security Advisory 2012-10

apr / aws libraries DoS
Published:14.02.2012
Source:
SecurityVulns ID:12190
Type:library
Threat Level:
6/10
Description:resources consumption because of collisions in a hash function.
Affected:APACHE : apr 1.4
 AWS : aws 2.10
 AWS : aws 2.11
CVE:CVE-2012-0840 (tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.)
Original documentdocumentThomas Quinot, AdaCore Security Advisory SA-2012-L119-003 Hash collisions in AWS (14.02.2012)

Yahoo! Messenger buffer overflow
Published:14.02.2012
Source:
SecurityVulns ID:12191
Type:remote
Threat Level:
6/10
Description:Buffer overflow on file transfer.
Affected:YAHOO : YIM 11.5
Original documentdocumentVulnerability Lab, Yahoo! Messenger v11.5 - Buffer Overflow Vulnerability (14.02.2012)

D-Link DIR-601 directory traversal
Published:14.02.2012
Source:
SecurityVulns ID:12192
Type:remote
Threat Level:
5/10
Description:TFTP server directory traversal.
Affected:DLINK : D-Link DIR-601
Original documentdocumentrobkraus_(at)_soutionary.com, D-Link DIR-601 TFTP Directory Traversal Vulnerability (14.02.2012)

TrendMicro DataArmor / DriveArmor multiple security vulnerabilities
updated since 14.02.2012
Published:02.12.2012
Source:
SecurityVulns ID:12193
Type:local
Threat Level:
6/10
Description:Restriction bypass, privilege escalation, encrypted data access.
Affected:TM : DataArmor 3.0
 TM : DriveArmor 3.0
Original documentdocumentNCC Group Research, NGS000193 Technical Advisory: DataArmor Full Disk Encryption Restricted Environment breakout (02.12.2012)
 document[email protected], NGS00193 Patch Notification: Trend Micro DataArmor and DriveArmor - Restricted Environment breakout, Privilege Escalation and Full Disk Decryption (14.02.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod