Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Internet Explorer multiple security vulnerabilities
updated since 11.04.2012
Published:19.04.2012
Source:
SecurityVulns ID:12319
Type:client
Threat Level:
8/10
Description:Multple vulnerabilities allow remote code execution.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2012-0172 (Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code Execution Vulnerability.")
 CVE-2012-0171 (Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability.")
 CVE-2012-0170 (Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnReadyStateChange Remote Code Execution Vulnerability.")
 CVE-2012-0169 (Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "JScript9 Remote Code Execution Vulnerability.")
 CVE-2012-0168 (Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document that is not properly handled during a "Print table of links" print operation, aka "Print Feature Remote Code Execution Vulnerability.")
Original documentdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Internet Explorer VML Remote Code Execution (MS12-023 / CVE-2012-0172) (19.04.2012)
Files:Microsoft Security Bulletin MS12-023 - Critical Cumulative Security Update for Internet Explorer (2675157)

HP OpenVMS DoS
Published:19.04.2012
Source:
SecurityVulns ID:12323
Type:local
Threat Level:
5/10
Affected:HP : OpenVMS 7.3
 HP : OpenVMS 8.3
 HP : OpenVMS 8.4
CVE:CVE-2012-0134 (Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, 8.3 and 8.4 on the Alpha and IA64 platforms, and 8.3-1h1 on the IA64 platform allows local users to cause a denial of service via unknown vectors.)
Original documentdocumentHP, [security bulletin] HPSBOV02765 SSRT100828 rev.1 - HP OpenVMS, local Denial of Service (DoS) (19.04.2012)

Squid / McAfee Web Gateway URL filtering bypass
Published:19.04.2012
Source:
SecurityVulns ID:12324
Type:remote
Threat Level:
4/10
Description:Server trusts to Host: header in CONNECT request.
Affected:SQUID : squid 3.1
 MCAFEE : McAfee Web Gateway 7.0
CVE:CVE-2012-2213 (** DISPUTED ** Squid 3.1.9 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher is unable to provide a squid.conf file for a vulnerable system, and the observed behavior is consistent with a squid.conf file that was (perhaps inadvertently) designed to allow access based on a "req_header Host" acl regex that matches www.uol.com.br.)
 CVE-2012-2212 (** DISPUTED ** McAfee Web Gateway 7.0 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher did not provide configuration details for the vulnerable system, and the observed behavior might be consistent with a configuration that was (perhaps inadvertently) designed to allow access based on Host HTTP headers.)
Original documentdocumentGabriel Menezes Nunes, Squid URL Filtering Bypass (19.04.2012)
 documentGabriel Menezes Nunes, McAfee Web Gateway URL Filtering Bypass (19.04.2012)

Adobe Acrobat / Reader multiple security vulnerabilities
Published:19.04.2012
Source:
SecurityVulns ID:12325
Type:client
Threat Level:
7/10
Description:Memory corruptions, integer overflow, code execution.
Affected:ADOBE : Reader 10.1
 ADOBE : Acrobat 10.1
 ADOBE : Reader 9.5
CVE:CVE-2012-0777 (The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.)
 CVE-2012-0776 (The installer in Adobe Reader 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors.)
 CVE-2012-0775 (The JavaScript implementation in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.)
 CVE-2012-0774 (Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code via a crafted TrueType font.)
Original documentdocumentACROS Security, ACROS Blog: Adobe Reader X (10.1.2) msiexec.exe Planting (19.04.2012)
 documentADOBE, Security updates available for Adobe Reader and Acrobat (19.04.2012)

SQLAlchemy SQL injection
Published:19.04.2012
Source:
SecurityVulns ID:12326
Type:library
Threat Level:
5/10
Description:SQL request data is not checked
Affected:SQLALCHEMY : SQLAlchemy 0.6
CVE:CVE-2012-0805 (Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function.)
Original documentdocumentMANDRIVA, [ MDVSA-2012:059 ] python-sqlalchemy (19.04.2012)

gajim jabber client multiple security vulnerabilities
Published:19.04.2012
Source:
SecurityVulns ID:12327
Type:remote
Threat Level:
6/10
Description:Unescaped shell characters, symbolic links vulnerability, SQL injections.
Affected:GAJIM : gajim 0.15
CVE:CVE-2012-2093 (src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function.)
 CVE-2012-2086 (SQL injection vulnerability in the get_last_conversation_lines function in common/logger.py in Gajim before 0.15 allows remote attackers to execute arbitrary SQL commands via the jig parameter.)
 CVE-2012-1987 (Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys to (1) cause a denial of service (memory consumption) via a REST request to a stream that triggers a thread block, as demonstrated using CVE-2012-1986 and /dev/random; or (2) cause a denial of service (filesystem consumption) via crafted REST requests that use "a marshaled form of a Puppet::FileBucket::File object" to write to arbitrary file locations.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2453-1] gajim security update (19.04.2012)

Samba array index overflow
Published:19.04.2012
Source:
SecurityVulns ID:12328
Type:remote
Threat Level:
9/10
Description:Array index overflow on RPC request processing.
CVE:CVE-2012-1182 (The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.)

Microsoft SQL Server privilege escalation
Published:19.04.2012
Source:
SecurityVulns ID:12329
Type:local
Threat Level:
4/10
Description:Privilege escalation via RESTORE DATABASE
Affected:MICROSOFT : SQL Server 2005
 MICROSOFT : SQL Server 2008
Original documentdocumentSHATTER, TeamSHATTER Security Advisory: Privilege escalation via internal sql injection in RESTORE DATABASE command (19.04.2012)

RealNetworks Helix Server security vulnerabilities
Published:19.04.2012
Source:
SecurityVulns ID:12330
Type:client
Threat Level:
6/10
Description:Information leakage, SNMP DoS.
Affected:REAL : Helix Server 14.2
CVE:CVE-2012-1923 (RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain sensitive information by reading a database.)
Original documentdocumentSECUNIA, Secunia Research: Helix Server SNMP Master Agent Service Two Denial of Service Vulnerabilities (19.04.2012)
 documentSECUNIA, Secunia Research: RealNetworks Helix Server Credentials Disclosure Security Issue (19.04.2012)

Adobe Flash Player security vulnerabilities
updated since 20.03.2012
Published:19.04.2012
Source:
SecurityVulns ID:12276
Type:client
Threat Level:
7/10
Description:Few memory corruptions.
Affected:ADOBE : Flash Player 11.1
CVE:CVE-2012-0769 (Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors.)
 CVE-2012-0768 (The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.)
Original documentdocumentFermin J. Serna, CVE-2012-0769, the case of the perfect info leak (19.04.2012)
 documentADOBE, Security update available for Adobe Flash Player (20.03.2012)
 documentVUPEN Security Research, VUPEN Security Research - Adobe Flash Player "Matrix3D" Remote Memory Corruption (CVE-2012-0768) (20.03.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod