Computer Security
[EN] securityvulns.ru no-pyccku


Ghsotscript / XPDF / CUPS pdftops buffer overflow
updated since 10.04.2009
Published:18.04.2009
Source:
SecurityVulns ID:9811
Type:remote
Threat Level:
6/10
Description:Buffer overflow on JBIG2 decoding.
Affected:KDE : KDE 3.5
 CUPS : cups 1.3
 XPDF : xpdf 3.02
 GHOSTSCRIPT : Ghostscript 8.64
CVE:CVE-2009-1183 (The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.)
 CVE-2009-1182 (Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.)
 CVE-2009-1181 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.)
 CVE-2009-1180 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.)
 CVE-2009-0800 (Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.)
 CVE-2009-0799 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.)
 CVE-2009-0196 (Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run length value.)
 CVE-2009-0166 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.)
 CVE-2009-0165 (Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn.")
 CVE-2009-0147 (Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.)
 CVE-2009-0146 (Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.)
Original documentdocumentSECUNIA, Secunia Research: Xpdf JBIG2 Symbol Dictionary Buffer Overflow Vulnerability (18.04.2009)
 documentSECUNIA, Secunia Research: CUPS pdftops JBIG2 Symbol Dictionary Buffer Overflow (18.04.2009)
 documentSECUNIA, Secunia Research: Ghostscript jbig2dec JBIG2 Processing Buffer Overflow (10.04.2009)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:18.04.2009
Source:
SecurityVulns ID:9852
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:MALLEOCMS : Malleo 1.2
 CLANTIGER : ClanTiger 1.1
 TINYBLOGR : Tiny Blogr 1.0
Original documentdocumentSalvatore "drosophila" Fresta, Tiny Blogr 1.0.0 rc4 Authentication Bypass (18.04.2009)
 documenty3nh4ck3r_(at)_gmail.com, CLAN TIGER CMS--(module custompage.php) BLIND SQL INJECTION--> (18.04.2009)
 documenty3nh4ck3r_(at)_gmail.com, CLAN TIGER CMS--MULTIPLE COOKIES HANDLING VULNERABILITIES--> (18.04.2009)
 documenty3nh4ck3r_(at)_gmail.com, CLAN TIGER CMS--AUTH BYPASS LOGIN FORM (SQL INJECTION)--> (18.04.2009)
 documentSalvatore "drosophila" Fresta, Malleo 1.2.3 Local File Inclusion Vulnerability (18.04.2009)

mpg123 signed-unsigned conversion vulnerability
Published:18.04.2009
Source:
SecurityVulns ID:9853
Type:local
Threat Level:
5/10
Description:Integer sign mismatch error on ID3 MP3 tags parsing.
Affected:MPG123 : mpg123 1.7
CVE:CVE-2009-1301 (Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some of these details are obtained from third party information.)
Original documentdocumentGENTOO, [ GLSA 200904-15 ] mpg123: User-assisted execution of arbitrary code (18.04.2009)

ejabberd crossite scripting
Published:18.04.2009
Source:
SecurityVulns ID:9854
Type:remote
Threat Level:
5/10
Description:Crossite scripting with server log.
Affected:EJABBERD : ejabberd 2.0
CVE:CVE-2009-0934 (Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to links and MUC logs.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1774-1] New ejabberd packages fix cross-site scripting (18.04.2009)

CUPS multipls security vulnerabilities
Published:18.04.2009
Source:
SecurityVulns ID:9855
Type:remote
Threat Level:
6/10
Description:Vulnerabilities on different formats data parsing.
Affected:CUPS : cups 1.3
CVE:CVE-2009-0166 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.)
 CVE-2009-0165 (Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn.")
 CVE-2009-0164 (The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks.)
 CVE-2009-0163 (Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow.)
 CVE-2009-0147 (Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.)
 CVE-2009-0146 (Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.)
Original documentdocumentRPATH, rPSA-2009-0061-1 cups (18.04.2009)

Blackberry Enterprise Server XSS
Published:18.04.2009
Source:
SecurityVulns ID:9856
Type:remote
Threat Level:
5/10
Description:Blackberries Mobile Data Service Connection Service XSS.
Affected:BLACKBERRY : Blackberry Enterprise Server 4.1
Original documentdocumentMailinglists, ERNW Security Advisory 01-2009: XSS in Blackberries Mobile Data Service Connection Service (18.04.2009)

poppler library multiple security vulnerabilities
Published:18.04.2009
Source:
SecurityVulns ID:9722
Type:library
Threat Level:
5/10
Description:Few vulnerabilities leading to denial of service.
Affected:POPPLER : Poppler 0.10
CVE:CVE-2009-1188 (Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.)
 CVE-2009-1187 (Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).)
 CVE-2009-1183 (The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.)
 CVE-2009-1182 (Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.)
 CVE-2009-1181 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.)
 CVE-2009-1180 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.)
 CVE-2009-1179 (Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.)
 CVE-2009-0800 (Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.)
 CVE-2009-0799 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.)
 CVE-2009-0756 (The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference.)
 CVE-2009-0755 (The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry.)
 CVE-2009-0166 (The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.)
 CVE-2009-0147 (Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.)
 CVE-2009-0146 (Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.)
Original documentdocumentMANDRIVA, [ MDVSA-2009:068-1 ] poppler (09.03.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod