Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft AntiXSS library crossite scripting
updated since 11.01.2012
Published:20.01.2012
Source:
SecurityVulns ID:12138
Type:library
Threat Level:
5/10
Description:Crossite scripting during HTML parsing.
Affected:MICROSOFT : AntiXSS 4.0
CVE:CVE-2012-0007 (The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0 does not properly evaluate characters after the detection of a Cascading Style Sheets (CSS) escaped character, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML input, aka "AntiXSS Library Bypass Vulnerability.")
Original documentdocumentadic_(at)_il.ibm.com, Microsoft Anti-XSS Library Bypass (MS12-007) (20.01.2012)
Files:Microsoft Security Bulletin MS12-007 - Important Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664)

Xpra memory disclosure
Published:20.01.2012
Source:
SecurityVulns ID:12146
Type:local
Threat Level:
4/10
Description:It's possible to access uninitialized memory chunks.
Affected:XPRA : Xpra 0.0
Original documentdocumentAntoine Martin, Xpra memory disclosure (20.01.2012)

Cisco TelePresence System Integrator / Cisco IP Video Phone E20 default account vulnereability
updated since 21.11.2011
Published:20.01.2012
Source:
SecurityVulns ID:12051
Type:remote
Threat Level:
6/10
Description:Default root account is enabled.
Affected:CISCO : Cisco E20
Original documentdocumentCISCO, Cisco Security Advisory: Cisco IP Video Phone E20 Default Root Account (20.01.2012)
 documentCISCO, Cisco Security Advisory: Cisco TelePresence System Integrator C Series and Cisco TelePresence EX Series Device Default Root Account Manufacturing Error (21.11.2011)

Cisco Digital Media Manager privilege escalation
Published:20.01.2012
Source:
SecurityVulns ID:12147
Type:local
Description:It's possible to access administration pages by URLs.
Affected:CISCO : Digital Media Manager 5.2
CVE:CVE-2012-0329 (Cisco Digital Media Manager 5.2.2 and earlier, and 5.2.3, allows remote authenticated users to execute arbitrary code via vectors involving a URL and an administrative resource, aka Bug ID CSCts63878.)
Original documentdocumentCISCO, Cisco Security Advisory: Cisco Digital Media Manager Privilege Escalation Vulnerability (20.01.2012)

perl security vulnerabilities
Published:20.01.2012
Source:
SecurityVulns ID:12148
Type:library
Threat Level:
5/10
Description:It's possible to inject eval expression into digest module constructor. Off-by-one overflow in decode_xs.
Affected:PERL : perl 5.15
CVE:CVE-2011-3597 (Eval injection in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor.)
 CVE-2011-2939 (Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based buffer overflow.)
Original documentdocumentMANDRIVA, [ MDVSA-2012:009 ] perl (20.01.2012)

Apache Tomcat security vulnerabilities
Published:20.01.2012
Source:
SecurityVulns ID:12149
Type:remote
Threat Level:
6/10
Description:DoS, information disclosure.
Affected:APACHE : Tomcat 6.0
 APACHE : Tomcat 7.0
CVE:CVE-2012-0022 (Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.)
 CVE-2011-3375 (Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.)
Original documentdocumentAPACHE, [SECURITY] CVE-2011-3375 Apache Tomcat Information disclosure (20.01.2012)

OpenSSL library multiple security vulnerabilities
Published:20.01.2012
Source:
SecurityVulns ID:12150
Type:library
Threat Level:
7/10
Description:Double free(), protection bypass, information leakages, DoS conditions.
Affected:OPENSSL : OpenSSL 1.0
CVE:CVE-2012-0050 (OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108.)
 CVE-2012-0027 (The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client.)
 CVE-2011-4619 (The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service via unspecified vectors.)
 CVE-2011-4576 (The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.)
 CVE-2011-4354 (crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts.)
 CVE-2011-4109 (Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check.)
 CVE-2011-4108 (The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack.)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod