 |
|
|
|
| Novatel MiFi WiFi access point multiple security vulnerabilities | | Published: |  | 17.01.2010 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 10523 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | Crossite scripting and crossite response forgery. |
| libthai integer overflow | | Published: | | 17.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10524 | | Type: | | library | | Level: | | 4/10 | | Description: | | Integer overflow on oversized strings. |
| Affected: |  | LIBTHAI : libthai 0.1 | | CVE: |  | CVE-2009-4012 (Multiple integer overflows in LibThai before 0.1.13 might allow context-dependent attackers to execute arbitrary code via long strings that trigger heap-based buffer overflows, related to (1) thbrk/thbrk.c and (2) thwbrk/thwbrk.c. NOTE: some of these details are obtained from third party information.) |
Gnome network-manager-applet unauthorized access
updated since 04.03.2009 | | Published: | | 17.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9709 | | Type: | | m-i-t-m | | Level: | | 5/10 | | Description: | | Unauthorized access to network connections through dbus, WPA certificate spoofing. |
| Affected: | | GNOME : network-manager-applet 0.6 | | CVE: | | CVE-2009-4145 (nm-connection-editor in NetworkManager (NM) 0.7.x exports connection objects over D-Bus upon actions in the connection editor GUI, which allows local users to obtain sensitive information by reading D-Bus signals, as demonstrated by using dbus-monitor to discover the password for the WiFi network.) | | | | CVE-2009-4144 (NetworkManager (NM) 0.7.2 does not ensure that the configured Certification Authority (CA) certificate file for a (1) WPA Enterprise or (2) 802.1x network remains present upon a connection attempt, which might allow remote attackers to obtain sensitive information or cause a denial of service (connectivity disruption) by spoofing the identity of a wireless network.) | | | | CVE-2009-0578 (network-manager-applet in Ubuntu 8.10 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors.) | | | | CVE-2009-0578 (network-manager-applet in Ubuntu 8.10 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors.) | | | | CVE-2009-0365 (The dbus request handler in (1) network-manager-applet and (2) NetworkManager in Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10 does not properly verify privileges, which allows local users to discover (a) network connection passwords and (b) pre-shared keys via unspecified queries.) | | | | CVE-2009-0365 (The dbus request handler in (1) network-manager-applet and (2) NetworkManager in Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10 does not properly verify privileges, which allows local users to discover (a) network connection passwords and (b) pre-shared keys via unspecified queries.) |
| Rockwell Automation Allen-Bradley MicroLogix products multiple security vulnerabilities | | Published: | | 17.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10515 | | Type: | | remote | | Level: | | 5/10 |
| TurboFTP Server FTP Server buffer overflow | | Published: | | 17.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10520 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Buffer overflow on DELE command. |
| Sendmail SSL certificate spoofing | | Published: | | 17.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10521 | | Type: | | m-i-t-m | | Level: | | 5/10 | | Description: | | It's possible to spoof SSL certificate by using NULL character in CN. |
| Affected: | | SENDMAIL : Sendmail 8.14 | | CVE: | | CVE-2009-4565 (sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.) |
| Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 17.01.2010 | | Source: | | | | SecurityVulns ID: | | 10522 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
| MIT Kerberos 5 integer overflows | | Published: | | 17.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10517 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Integer overflows on RC4 and AES decription. |
| Affected: | | MIT : krb5 1.6 | | | | MIT : krb5 1.7 | | CVE: | | CVE-2009-4212 (Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid.) |
| OpenSSL memory leak | | Published: | | 17.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10519 | | Type: | | library | | Level: | | 5/10 | | Description: | | It's possible to exploit memory leak to create denial of service conditions via resources exhaustion. |
| Affected: | | OPENSSL : OpenSSL 0.9 | | CVE: | | CVE-2009-4355 (Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678.) |
| HP Web Jetadmin multiple security vulnerabilities | | Published: | | 17.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10529 | | Type: | | remote | | Level: | | 4/10 | | Description: | | Crossite scripting, DoS. |
| Affected: | | HP : Web Jetadmin 10.2 | | CVE: | | CVE-2009-4182 (Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a remote SQL server is used, allow remote attackers to obtain access to data or cause a denial of service, possibly by leveraging authentication and encryption weaknesses on the SQL server.) |
| Mozilla Firefox Yoono extension code execution | | Published: | | 17.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10526 | | Type: | | client | | Level: | | 4/10 | | Description: | | It's possible to inject code via img tag events. |
| Google SketchUp memory corruption | | Published: | | 17.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10527 | | Type: | | local | | Level: | | 3/10 | | Description: | | Memory corruption on 3DS files parsing. |
| Affected: | | GOOGLE : SketchUp 7.1 | | CVE: | | CVE-2010-0280 (Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted structures in a 3DS file, probably related to mesh.c.) |
| bash terminal characters injection | | Published: | | 17.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10528 | | Type: | | local | | Level: | | 4/10 | | Description: | | It's possible to inject ESC-sequences into ls command output. |
| Affected: | | BASH : bash 3.2 | | CVE: | | CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-control-chars option in LS_OPTIONS, which allows local users to send escape sequences to terminal emulators, or hide the existence of a file, via a crafted filename.) |
| Adobe Flash Player memory corruption | | Published: | | 17.01.2010 | | Source: | | CERT | | SecurityVulns ID: | | 10518 | | Type: | | client | | Level: | | 6/10 | | Description: | | Memory corruption (use-after-free). |
OpenOffice NULL pointer dereference
updated since 17.01.2010 | | Published: | | 19.01.2010 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 10525 | | Type: | | local | | Level: | | 4/10 | | Description: | | NULL pointer dereference on CSV and SLK files parsing. |
Adobe Acrobat and Reader multiple security vulnerabilities
updated since 17.01.2010 | | Published: | | 15.03.2010 | | Source: | | CERT | | SecurityVulns ID: | | 10516 | | Type: | | client | | Level: | | 8/10 | | Description: | | Code executions, memory corruptions, buffer overflow, integer overflow, DoS on PDF parsing. |
| Affected: | | ADOBE : Reader 8.1 | | | | ADOBE : Acrobat 8.1 | | | | ADOBE : Reader 9.2 | | | | ADOBE : Acrobat 9.2 | | | | ADOBE : Acrobat 9.3 | | | | ADOBE : Reader 9.3 | | CVE: | | CVE-2010-0188 (Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.) | | | | CVE-2009-4324 (Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.) | | | | CVE-2009-3959 (Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document.) | | | | CVE-2009-3958 (Multiple stack-based buffer overflows in the NOS Microsystems getPlus Helper ActiveX control before 1.6.2.49 in gp.ocx in the Download Manager in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow remote attackers to execute arbitrary code via unspecified initialization parameters.) | | | | CVE-2009-3957 (Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors.) | | | | CVE-2009-3956 (The default configuration of Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, does not enable the Enhanced Security feature, which has unspecified impact and attack vectors, related to a "script injection vulnerability," as demonstrated by Acrobat Forms Data Format (FDF) behavior that allows cross-site scripting (XSS) by user-assisted remote attackers.) | | | | CVE-2009-3955 (Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption.) | | | | CVE-2009-3954 (The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a "DLL-loading vulnerability.") | | | | CVE-2009-3953 (The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994.) |
|
|
|
|
|
|
|
|
