Computer Security
[EN] securityvulns.ru no-pyccku


libpng DoS
Published:18.02.2014
Source:
SecurityVulns ID:13570
Type:library
Threat Level:
5/10
Description:NULL pointer dereferences.
CVE:CVE-2013-6954 (The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:035 ] libpng (18.02.2014)

Chromium / Google Chrome multiple security vulnerabilities
Published:18.02.2014
Source:
SecurityVulns ID:13571
Type:client
Threat Level:
8/10
Description:Multiple memory corruptions, use-after-free and information leaks.
Affected:GOOGLE : Chrome 32.0
CVE:CVE-2013-6650 (The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors that trigger incorrect handling of "popular pages.")
 CVE-2013-6649 (Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG image.)
 CVE-2013-6646 (Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the shutting down of a worker process.)
 CVE-2013-6645 (Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/web_contents/web_contents_view_aura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving certain print-preview and tab-switch actions that interact with a speech input element.)
 CVE-2013-6644 (Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors.)
 CVE-2013-6643 (The OneClickSigninBubbleView::WindowClosing function in browser/ui/views/sync/one_click_signin_bubble_view.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows attackers to trigger a sync with an arbitrary Google account by leveraging improper handling of the closing of an untrusted signin confirm dialog.)
 CVE-2013-6641 (Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of the past names map of a FORM element.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2862-1] chromium-browser security update (18.02.2014)

Cisco Linksys unauthorized access
Published:18.02.2014
Source:
SecurityVulns ID:13573
Type:remote
Threat Level:
6/10
Description:TCP/8083 web administration is accessible without authentication in some cases.
Affected:CISCO : Linksys EA2700
 CISCO : Linksys EA3500
 CISCO : Linksys EA4200
 CISCO : Linksys EA4500
Original documentdocumentkyle Lovett, Full Disclosure - Linksys EA2700, EA3500, E4200 and EA4500 - Authentication Bypass to Administrative Console (18.02.2014)

socat buffer overflow
Published:18.02.2014
Source:
SecurityVulns ID:13574
Type:local
Threat Level:
3/10
Description:Buffer overflow on command line arguments parsing.
Affected:SOCAT : socat 2.0
CVE:CVE-2014-0019 (Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:033 ] socat (18.02.2014)

flite symbolic links vulnerability
Published:18.02.2014
Source:
SecurityVulns ID:13575
Type:local
Threat Level:
5/10
Description:Symlink vulnerability on temporary file creation.
Affected:FLITE : flite 1.4
CVE:CVE-2014-0027 (The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:032 ] flite (18.02.2014)

file utility / libmagic / PHP DoS
updated since 18.02.2014
Published:04.05.2014
Source:
SecurityVulns ID:13572
Type:library
Threat Level:
5/10
Description:Infinite recursion on some file types detection, buffer overread, CPU exhaustion.
Affected:FILE : file 5.11
CVE:CVE-2014-2270 (softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.)
 CVE-2014-1943 (Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.)
 CVE-2013-7345 (The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters.)
Original documentdocumentSLACKWARE, [slackware-security] php (SSA:2014-111-02) (04.05.2014)
 documentDEBIAN, [SECURITY] [DSA 2873-1] file security update (13.03.2014)
 documentDEBIAN, [SECURITY] [DSA 2861-1] file security update (18.02.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod