Computer Security
[EN] securityvulns.ru no-pyccku


Apple QuickTime multiple security vulnerabilities
updated since 10.09.2008
Published:16.09.2008
Source:
SecurityVulns ID:9281
Type:client
Threat Level:
7/10
Description:Integer overflow on PICT parsing, memory corruptions on STSZ, MDAT and H.264 parsing. Buffer overflows on AVC1 and Panorama PDAT parsing.
Affected:APPLE : QuickTime Player 7.4
 APPLE : QuickTime 7.4
CVE:CVE-2008-3635 (Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspecified third-party Indeo v3.2 (aka IV32) codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.)
 CVE-2008-3627 (Apple QuickTime before 7.5.5 does not properly handle (1) MDAT atoms in MP4 video files within QuickTimeH264.qtx, (2) MDAT atoms in mov video files within QuickTimeH264.scalar, and (3) AVC1 atoms in an unknown media type within an unspecified component, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a crafted, H.264 encoded movie file.)
 CVE-2008-3627 (Apple QuickTime before 7.5.5 does not properly handle (1) MDAT atoms in MP4 video files within QuickTimeH264.qtx, (2) MDAT atoms in mov video files within QuickTimeH264.scalar, and (3) AVC1 atoms in an unknown media type within an unspecified component, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a crafted, H.264 encoded movie file.)
 CVE-2008-3626 (The CallComponentFunctionWithStorage function in Apple QuickTime before 7.5.5 does not properly handle a large entry in the sample_size_table in STSZ atoms, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file.)
 CVE-2008-3625 (Stack-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a QuickTime Virtual Reality (QTVR) movie file with crafted (1) maxTilt, (2) minFieldOfView, and (3) maxFieldOfView elements in panorama track PDAT atoms.)
 CVE-2008-3615 (ir50_32.qtx in an unspecified third-party Indeo v5 codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, accesses uninitialized memory, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.)
 CVE-2008-3614 (Integer overflow in Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image, which triggers heap corruption.)
Original documentdocumentNGSSoftware Insight Security Research Advisory (NISR), Critical Vulnerability in Apple Quicktime’s Indeo Codec (16.09.2008)
 documentZDI, ZDI-08-057: Apple QuickTime IV32 Codec Parsing Stack Overflow Vulnerability (12.09.2008)
 documentZDI, ZDI-08-060: Apple QuickTime AVC1 Atom Parsing Heap Overflow Vulnerability (10.09.2008)
 documentZDI, ZDI-08-059: Apple QuickTime STSZ Atom Parsing Heap Corruption Vulnerability (10.09.2008)
 documentZDI, ZDI-08-058: Apple QuickTime Panorama PDAT Atom Parsing Buffer Overflow Vulnerability (10.09.2008)
 documentZDI, ZDI-08-062: Apple QuickTime MDAT Frame Parsing Memory Corruption Vulnerability (10.09.2008)
 documentZDI, ZDI-08-061: Apple QuickTime Player H.264 Parsing Heap Corruption Vulnerability (10.09.2008)
 documentIDEFENSE, iDefense Security Advisory 09.09.08: Apple QuickTime PICT Integer Overflow Vulnerability (10.09.2008)

Baidu Hi instant messenger integer overflow
updated since 14.09.2008
Published:16.09.2008
Source:
SecurityVulns ID:9287
Type:remote
Threat Level:
5/10
Description:Integer overflow on encrypted message decyphering causes buffer overflow.
Original documentdocumentLi Gen, Baidu Hi IM client software DoS bug, div zero make client crash (16.09.2008)
 documentLi Gen, Baidu Hi IM software parsing plaintext stack overflow (14.09.2008)

Nokia e90 phone Wi-Fi DoS
updated since 14.09.2008
Published:16.09.2008
Source:
SecurityVulns ID:9288
Type:remote
Threat Level:
5/10
Description:Device crash on malformed Wi-Fi frame.
Affected:NOKIA : Nokia E90
Original documentdocumentwins.mallow_(at)_gmail.com, Re: Fwd: Nokia e90 (Probably, and other devices with s60v3) Crashes (16.09.2008)
 documentwins mallow, Fwd: Nokia e90 (Probably, and other devices with s60v3) Crashes (14.09.2008)

Unreal game engine multiple security vulnerabilities
updated since 15.09.2008
Published:16.09.2008
Source:
SecurityVulns ID:9289
Type:remote
Threat Level:
5/10
Description:Server integer overflow, client format string vulnerability.
Affected:UNREAL : Unreal Tournament 2003
 UNREAL : Unreal Tournament 3 1.3
 FUELOFWAR : Fuel of War 1.1
Original documentdocumentaluigi_(at)_autistici.or, Failed assertion in the Unreal engine (16.09.2008)
 documentLuigi Auriemma, Clients format strings in the Unreal engine (15.09.2008)
 documentLuigi Auriemma, Server termination in the Unreal engine 3 (15.09.2008)
Files:Exploits server termination in Unreal engine 3
 Unreal engine test server
 Exploits Client format string in Unreal engine

Microsoft Windows DoS
Published:16.09.2008
Source:
SecurityVulns ID:9293
Type:remote
Threat Level:
5/10
Description:Uninitialized memory reference on WRITE_ANDX SMB request handling.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
Original documentdocumentj.v.vallejo_(at)_gmail.com, Microsoft Windows WRITE_ANDX SMB command handling Kernel DoS (16.09.2008)

Landesk QIP Server buffer overflow
Published:16.09.2008
Source:
SecurityVulns ID:9294
Type:remote
Threat Level:
6/10
Description:Buffer overflow on TCP/12175 packet parsing.
CVE:CVE-2008-2468 (Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) in LANDesk Management Suite, Security Suite, and Server Manager 8.8 and earlier allow remote attackers to execute arbitrary code via a crafted heal request, related to the StringToMap and StringSize arguments.)
Original documentdocumentDVLabs, TPTI-08-06: Landesk QIP Server Service Heal Packet Buffer Overflow (16.09.2008)

InstallShield Update Services server spoofing
Published:16.09.2008
Source:
SecurityVulns ID:9295
Type:m-i-t-m
Threat Level:
4/10
Description:Server's identity is not checked during update rules download.
CVE:CVE-2008-1093
Original documentdocumentBrian Dowling, InstallShield Update Agent - Downloads and executes "Rule Scripts" insecurely. (16.09.2008)

Airtel ADSL modems backdoor
Published:16.09.2008
Source:
SecurityVulns ID:9296
Type:remote
Threat Level:
5/10
Description:Undocumented accounts 'user' and 'support'.
Original documentdocumentshr_(at)_birmiwal.net, Security flaw in Airtel DSL modems (16.09.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod