Computer Security
[EN] securityvulns.ru no-pyccku


libpng integer overflow
Published:22.02.2012
Source:
SecurityVulns ID:12209
Type:library
Threat Level:
7/10
Description:Integer overflow on PNG parsing leads to heap buffer overflow.
Affected:libpng : libpng 1.2
 MOZILLA : Firefox 3.6
 MOZILLA : Thunderbird 3.1
 MOZILLA : SeaMonkey 2.7
 MOZILLA : Firefox 10.0
 MOZILLA : Thunderbird 10.0
 GOOGLE : Chrome 17.0
CVE:CVE-2011-3048 (The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow.)
 CVE-2011-3045 (Integer signedness error in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.)
 CVE-2011-3026 (Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.)
Original documentdocumentMOZILLA, Mozilla Foundation Security Advisory 2012-11 (22.02.2012)

Mercurycom MR804 router buffer overflow
Published:22.02.2012
Source:
SecurityVulns ID:12210
Type:remote
Threat Level:
4/10
Description:Buffer overflow on HTTP request headers parsgng.
Affected:MERCYRYCOM : Mercurycom MR804
Original documentdocumentdemonalex_(at)_163.com, Mercurycom MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerability (22.02.2012)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:22.02.2012
Source:
SecurityVulns ID:12211
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:CUBECART : CubeCart 3.0
 TESTLINK : TestLink 1.8
 WEBSITEBAKER : WebsiteBaker 2.8
 DOLPHIN : Dolphin 7.0
 FEX : fex 20111129-2
 OXWALL : OxWall 1.1
 PANDORA : Pandora FMS 4.0
 TESTLINK : TestLink 1.9
 VOXTRONIC : voxlog 3.7
 LEPTON : Lepton 1.1
 11IN1 : 11in1 1.2
CVE:CVE-2012-1000 (Multiple cross-site scripting (XSS) vulnerabilities in LEPTON 1.1.3 and other versions before 1.1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) message parameter to admins/login/forgot/index.php, or the (2) display_name or (3) email parameter to account/preferences.php.)
 CVE-2012-0999 (SQL injection vulnerability in modules/news/rss.php in LEPTON before 1.1.4 allows remote attackers to execute arbitrary SQL commands via the group_id parameter.)
 CVE-2012-0998 (Directory traversal vulnerability in account/preferences.php in LEPTON before 1.1.4 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the language parameter.)
 CVE-2012-0997 (Cross-site request forgery (CSRF) vulnerability in admin/index.php in 11in1 1.2.1 stable 12-31-2011 allows remote attackers to hijack the authentication of administrators for requests that add new topics via an addTopic action.)
 CVE-2012-0996 (Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote attackers to read arbitrary files via a .. (dot dot) in the class parameter to (1) index.php or (2) admin/index.php.)
 CVE-2012-0939 (Multiple SQL injection vulnerabilities in TestLink 1.8.5b and earlier allow remote authenticated users with the Requirement view permission to execute arbitrary SQL commands via the req_spec_id parameter to (1) reqSpecAnalyse.php, (2) reqSpecPrint.php, or (3) reqSpecView.php in requirements/. NOTE: some of these details are obtained from third party information.)
 CVE-2012-0938 (Multiple SQL injection vulnerabilities in TestLink 1.9.3, 1.8.5b, and earlier allow remote authenticated users with certain permissions to execute arbitrary SQL commands via the root_node parameter in the display_children function to (1) getrequirementnodes.php or (2) gettprojectnodes.php in lib/ajax/; the (3) cfield_id parameter in an edit action to lib/cfields/cfieldsEdit.php; the (4) id parameter in an edit action or (5) plan_id parameter in a create action to lib/plan/planMilestonesEdit.php; or the req_spec_id parameter to (6) reqImport.php or (7) in a create action to reqEdit.php in lib/requirements/. NOTE: some of these details are obtained from third party information.)
 CVE-2012-0873 (Multiple cross-site scripting (XSS) vulnerabilities in Boonex Dolphin before 7.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) explain parameter to explanation.php or the (2) photos_only, (3) online_only, or (4) mode parameters to viewFriends.php.)
 CVE-2012-0872 (Multiple cross-site scripting (XSS) vulnerabilities in OxWall 1.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) captchaField, (2) email, (3) form_name, (4) password, (5) realname, (6) repeatPassword, or (7) username parameters to Oxwall/join; (8) captcha, (9) email, (10) form_name, (11) from, or (12) subject parameters to Oxwall/contact; (13) tag parameter to Oxwall/blogs/browse-by-tag; or (14) PATH_INFO to Oxwall/photo/viewlist/tagged, (15) Oxwall/photo/viewlist, or (16) Oxwall/video/viewlist.)
Original documentdocumentHigh-Tech Bridge Security Research, Multiple vulnerabilities in 11in1 (22.02.2012)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in LEPTON (22.02.2012)
 documentSEC Consult Vulnerability Lab, SEC Consult SA-20120220-0 :: Multiple critical vulnerabilities in VOXTRONIC voxlog professional (22.02.2012)
 documentjnatal, SQL Injection Vulnerabilities in TestLink (22.02.2012)
 documentVulnerability Lab, Pandora FMS v4.0.1 - Local File Include Vulnerability + VD Session (22.02.2012)
 documentsschurtz_(at)_darksecurity.de, WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability (22.02.2012)
 documentYGN Ethical Hacker Group, CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability [Updated] (22.02.2012)
 documentYGN Ethical Hacker Group, Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities (22.02.2012)
 documentYGN Ethical Hacker Group, OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities (22.02.2012)
 documentmr xadal, CMS wizard Cross Site Scripting (22.02.2012)
 documentmuuratsalo experimental hack lab, F*EX 20111129-2 Cross Site Scripting Vulnerability (22.02.2012)

Skype memory corruption
Published:22.02.2012
Source:
SecurityVulns ID:12212
Type:client
Threat Level:
5/10
Description:Memory corruption on file transfer.
Affected:SKYPE : Skype 5.6
Original documentdocumentVulnerability Lab, Skype v5.6.59.x - Memory Corruption Vulnerability (22.02.2012)

PHP code execution
Published:22.02.2012
Source:
SecurityVulns ID:12213
Type:library
Threat Level:
5/10
Description:filter_globals structure is not cleaned under some conditions.
Affected:PHP : PHP 5.2
Original documentdocumentWorawit Wang, PHP 5.2.x Remote Code Execution Vulnerability (22.02.2012)

mumble weak permissions
Published:22.02.2012
Source:
SecurityVulns ID:12214
Type:local
Threat Level:
5/10
Description:Weak permissions for configuration files.
CVE:CVE-2012-0863 (Mumble 1.2.3 and earlier uses world-readable permissions for .local/share/data/Mumble/.mumble.sqlite files in home directories, which might allow local users to obtain a cleartext password and configuration data by reading a file.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2411-1] mumble security update (22.02.2012)

libvorbis library buffer overflow
Published:22.02.2012
Source:
SecurityVulns ID:12215
Type:library
Threat Level:
6/10
Description:Heap buffer overflow on ogg files parsing.
Affected:LIBVORBIS : libvorbis 1.3
CVE:CVE-2012-0444 (Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2412-1] libvorbis security update (22.02.2012)

ELBA multiple security vulnerabilities
Published:22.02.2012
Source:
SecurityVulns ID:12216
Type:remote
Threat Level:
5/10
Description:DoS, information leakage, SQL injection.
Affected:ELBA : ELBA 5.5
Original documentdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20120220-1 :: Multiple Vulnerabilities in ELBA5 (22.02.2012)

Cisco Nexus switches DoS
Published:22.02.2012
Source:
SecurityVulns ID:12217
Type:remote
Threat Level:
6/10
Description:Crash on IP filtering.
Affected:CISCO : Cisco Nexus 5000
 CISCO : Cisco Nexus 7000
 CISCO : Cisco Nexus 1000
CVE:CVE-2012-0352 (Cisco NX-OS 4.2.x before 4.2(1)SV1(5.1) on Nexus 1000v series switches; 4.x and 5.0.x before 5.0(2)N1(1) on Nexus 5000 series switches; and 4.2.x before 4.2.8, 5.0.x before 5.0.5, and 5.1.x before 5.1.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (netstack process crash and device reload) via a malformed IP packet, aka Bug IDs CSCti23447, CSCti49507, and CSCtj01991.)
Original documentdocumentCISCO, Cisco Security Advisory: Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability (22.02.2012)

Debian debdiff multiple security vulnerabilities
Published:22.02.2012
Source:
SecurityVulns ID:12218
Type:local
Threat Level:
5/10
Description:Information leakage, code execution.
Affected:DEBIAN : debdiff 2.11
CVE:CVE-2012-0212 (debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in the file name argument.)
 CVE-2012-0211 (debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via a crafted tarball file name in the top-level directory of an original (.orig) source tarball of a source package.)
 CVE-2012-0210 (debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a (1) .dsc or (2) .changes file.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2409-1] devscripts security update (22.02.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod