Computer Security
[EN] securityvulns.ru no-pyccku


PuTTY / WinSCP security vulnerabilities
updated since 05.08.2013
Published:14.08.2013
Source:
SecurityVulns ID:13233
Type:client
Threat Level:
7/10
Description:SSH handshake heap buffer overflow, protection bypass, information leakage.
Affected:PUTTY : PuTTY 0.62
 WINSCP : WinSCP 5.1
CVE:CVE-2013-4852 (Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.)
 CVE-2013-4208 (The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys.)
 CVE-2013-4207 (Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206.)
 CVE-2013-4206 (Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2736-1] putty security update (14.08.2013)
 documentGergely Eberhardt, PuTTY SSH handshake heap overflow (05.08.2013)

Microsoft Exchange Oracle libraries security vulnerabilities
Published:14.08.2013
Source:
SecurityVulns ID:13252
Type:remote
Threat Level:
7/10
Description:Outlook Web Access vulnerabilities because of vulnerable Oracle Outside In libraries.
Affected:MICROSOFT : Exchange 2007
 MICROSOFT : Exchange 2010
 MICROSOFT : Exchange 2013
CVE:CVE-2013-3781 (Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-3776.)
 CVE-2013-3776 (Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-3781.)
 CVE-2013-2393 (Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters.)
Files:Microsoft Security Bulletin MS13-061 - Critical Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2876063)

Microsoft Active Directory Federation Services information leakage
Published:14.08.2013
Source:
SecurityVulns ID:13253
Type:remote
Threat Level:
3/10
Description:It's possible to obtain service account information to cause account locking via unsuccessful logon attempts.
Affected:MICROSOFT : Active Directory Federation Services 2.1
CVE:CVE-2013-3185 (Microsoft Active Directory Federation Services (AD FS) 1.x through 2.1 on Windows Server 2003 R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 allows remote attackers to obtain sensitive information about the service account, and possibly conduct account-lockout attacks, by connecting to an endpoint, aka "AD FS Information Disclosure Vulnerability.")
Files:Microsoft Security Bulletin MS13-066 - Important Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (2873872)

Microsoft Internet Explorer multiple security vulnerabilities
updated since 14.08.2013
Published:09.09.2013
Source:
SecurityVulns ID:13250
Type:client
Threat Level:
8/10
Description:Protection bypass, crossite scripting, memory corruptions.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
 MICROSOFT : Windows 2012 Server
CVE:CVE-2013-3199 (Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability.")
 CVE-2013-3194 (Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability.")
 CVE-2013-3193 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3187 and CVE-2013-3191.)
 CVE-2013-3192 (Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encoding, aka "EUC-JP Character Encoding Vulnerability.")
 CVE-2013-3191 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3187 and CVE-2013-3193.)
 CVE-2013-3190 (Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability.")
 CVE-2013-3189 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3188.)
 CVE-2013-3188 (Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3189.)
 CVE-2013-3187 (Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3191 and CVE-2013-3193.)
 CVE-2013-3186 (The Protected Mode feature in Microsoft Internet Explorer 7 through 10 on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly implement the Integrity Access Level (aka IL) protection mechanism, which allows remote attackers to obtain medium-integrity privileges by leveraging access to a low-integrity process, aka "Process Integrity Level Assignment Vulnerability.")
 CVE-2013-3184 (Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability.")
Original documentdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Internet Explorer "ReplaceAdjacentText" Use-after-free (MS13-059) (09.09.2013)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Internet Explorer Protected Mode Sandbox Bypass (Pwn2Own 2013 / MS13-059) (09.09.2013)
Files:Microsoft Security Bulletin MS13-059 - Critical Cumulative Security Update for Internet Explorer (2862772)

Microsoft Windows multiple security vulnerabilities
updated since 14.08.2013
Published:09.09.2013
Source:
SecurityVulns ID:13251
Type:remote
Threat Level:
8/10
Description:Unicode Scripts Processor memory corruption, RPC privilege escalation, kernel protection bypass and memory corruptions, IPv6 and NAT DoS.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
 MICROSOFT : Windows 2012 Server
CVE:CVE-2013-3198 (The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3196 and CVE-2013-3197.)
 CVE-2013-3197 (The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3196 and CVE-2013-3198.)
 CVE-2013-3196 (The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3197 and CVE-2013-3198.)
 CVE-2013-3183 (The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly perform memory allocation for inbound ICMPv6 packets, which allows remote attackers to cause a denial of service (system hang) via crafted packets, aka "ICMPv6 Vulnerability.")
 CVE-2013-3182 (The Windows NAT Driver (aka winnat) service in Microsoft Windows Server 2012 does not properly validate memory addresses during the processing of ICMP packets, which allows remote attackers to cause a denial of service (memory corruption and system hang) via crafted packets, aka "Windows NAT Denial of Service Vulnerability.")
 CVE-2013-3181 (usp10.dll in the Unicode Scripts Processor in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "Uniscribe Font Parsing Engine Memory Corruption Vulnerability.")
 CVE-2013-3175 (Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a malformed asynchronous RPC request, aka "Remote Procedure Call Vulnerability.")
 CVE-2013-2556 (Unspecified vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 through SP1 allows attackers to bypass the ASLR protection mechanism via unknown vectors, as demonstrated against Adobe Flash Player by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "ASLR Security Feature Bypass Vulnerability.")
Original documentdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Windows "LdrHotPatchRoutine" Remote ASLR Bypass (Pwn2Own 2013 / MS13-063) (09.09.2013)
Files:Microsoft Security Bulletin MS13-060 - Critical Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (2850869)
 Microsoft Security Bulletin MS13-062 - Important Vulnerability in Remote Procedure Call Could Allow Elevation of Privilege (2849470)
 Microsoft Security Bulletin MS13-063 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2859537)
 Microsoft Security Bulletin MS13-064 - Important Vulnerability in Windows NAT Driver Could Allow Denial of Service (2849568)
 Microsoft Security Bulletin MS13-065 - Important Vulnerability in ICMPv6 could allow Denial of Service (2868623)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod