Computer Security
[EN] securityvulns.ru no-pyccku


Adobe Photoshop security vulnerabilities
updated since 09.05.2012
Published:14.05.2012
Source:
SecurityVulns ID:12361
Type:local
Threat Level:
4/10
Description:Memory corruptions on files processing.
Affected:ADOBE : Photoshop CS5.5
CVE:CVE-2012-2028 (Buffer overflow in Adobe Photoshop before CS6 allows remote attackers to execute arbitrary code via a crafted TIFF (aka .TIF) file.)
 CVE-2012-2027 (Use-after-free vulnerability in Adobe Photoshop before CS6 allows remote attackers to execute arbitrary code via a crafted TIFF (aka .TIF) file.)
Original documentdocumentrgod, Adobe Photoshop CS5.1 U3D.8BI Library Collada Asset Elements Stack Based Buffer Overflow Vulnerability (14.05.2012)
 documentvulnhunt_(at)_gmail.com, [CAL-2011-0073]CVE-2012-2028 Adobe Photoshop parsing TIF heap buffer overflow vulnerability (09.05.2012)
 documentalert7_(at)_gmail.com, [CAL-2011-0073]CVE-2012-2028 Adobe Photoshop parsing TIF heap buffer overflow vulnerability (09.05.2012)
Files:Security Bulletin for Adobe Photoshop

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:14.05.2012
Source:
SecurityVulns ID:12377
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:RAILS : rails 2.3
 CHEVRETO : Chevreto 1.91
 DRUPAL : Drupal 7.14
CVE:CVE-2012-2144 (Session fixation vulnerability in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie.)
 CVE-2012-2094 (Cross-site scripting (XSS) vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the guest console.)
 CVE-2012-1099 (Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_options_helper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain generation of OPTION elements within SELECT elements.)
Original documentdocumentUBUNTU, [USN-1439-1] Horizon vulnerabilities (14.05.2012)
 documentDEBIAN, [SECURITY] [DSA 2466-1] rails security update (14.05.2012)
 documentpereira_(at)_secbiz.de, Drupal 7.14 <= Full Path Disclosure Vulnerability (14.05.2012)
 documentchin4b0y, chevreto_XSS_file_existence_enum_vulns (14.05.2012)

Apache POI memory exhaustion
Published:14.05.2012
Source:
SecurityVulns ID:12378
Type:library
Threat Level:
5/10
Description:Memory exhaustion on Microsoft Word documents processing.
Affected:APACHE : POI 3.7
CVE:CVE-2012-0213 (The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2468-1] libjakarta-poi-java security update (14.05.2012)

SAP NetWeaver multiple security vulnerabilities
Published:14.05.2012
Source:
SecurityVulns ID:12379
Type:remote
Threat Level:
6/10
Description:Multiple vulnerabilities in Dispatcher service.
Affected:SAP : NetWeaver 7.0
CVE:CVE-2012-2514 (The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.)
 CVE-2012-2513 (The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.)
 CVE-2012-2512 (The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.)
 CVE-2012-2511 (The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.)
 CVE-2011-1517
 CVE-2011-1516 (The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in Apple Mac OS X 10.5.x through 10.7.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted application, as demonstrated by use of osascript to send Apple events to the launchd daemon, a related issue to CVE-2008-7303.)
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2012-0123 - SAP Netweaver Dispatcher Multiple Vulnerabilities (14.05.2012)

EMC Documentum Information Rights Management Server DoS
Published:14.05.2012
Source:
SecurityVulns ID:12380
Type:remote
Threat Level:
5/10
Description:Few different DoS conditions.
Affected:EMC : Documentum IRM Server 4.7
 EMC : Documentum IRM Server 5.0
CVE:CVE-2012-2277 (The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \n (line feed) characters in the Id fields of many "batch begin untethered" commands.)
 CVE-2012-2276 (The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via input data that (1) lacks FIPS fields or (2) has an invalid version number.)
Original documentdocumentEMC, ESA-2012-019: EMC Documentum Information Rights Management Multiple Vulnerabilities (14.05.2012)

Nova DoS
updated since 26.04.2012
Published:14.05.2012
Source:
SecurityVulns ID:12349
Type:local
Threat Level:
4/10
Description:Resources exhaustion via oversized username. Resources exhaustion by quota limitatations bypass.
Affected:NOVA : Nova 2011.3
CVE:CVE-2012-2101 (Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.)
 CVE-2012-1585 (OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.)
Original documentdocumentDEBIAN, [USN-1438-1] Nova vulnerability (14.05.2012)
 documentUBUNTU, [USN-1413-1] Nova vulnerability (26.04.2012)

libtasn1 / GnuTLS memory corruption
Published:14.05.2012
Source:
SecurityVulns ID:12381
Type:library
Threat Level:
6/10
Description:Memory corruption on some malformed values.
Affected:GNU : gnutls 3.0
 GNU : libtasn1 2.11
CVE:CVE-2012-1569 (The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure.)
Original documentdocumentUBUNTU, [USN-1436-1] Libtasn1 vulnerability (14.05.2012)

Linux kernel multiple security vulnerabilities
updated since 14.05.2012
Published:24.05.2012
Source:
SecurityVulns ID:12376
Type:local
Threat Level:
6/10
Description:DoS conditions, protection bypass, buffer overflow
Affected:LINUX : kernel 2.6
 LINUX : kernel 3.3
CVE:CVE-2012-2319 (Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020.)
 CVE-2012-2133 (Use-after-free vulnerability in the Linux kernel before 3.3.6, when huge pages are enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges by interacting with a hugetlbfs filesystem, as demonstrated by a umount operation that triggers improper handling of quota data.)
 CVE-2012-2123 (The cap_bprm_set_creds function in security/commoncap.c in the Linux kernel before 3.3.3 does not properly handle the use of file system capabilities (aka fcaps) for implementing a privileged executable file, which allows local users to bypass intended personality restrictions via a crafted application, as demonstrated by an attack that uses a parent process to disable ASLR.)
 CVE-2012-1601 (The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists.)
Original documentdocumentpi3_(at)_pi3.com.pl, The story of the Linux kernel 3.x... (24.05.2012)
 documentTimo Warns, [PRE-SA-2012-03] Linux kernel: Buffer overflow in HFS plus filesystem (24.05.2012)
 documentDEBIAN, [SECURITY] [DSA 2469-1] linux-2.6 security update (14.05.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod