Computer Security
[EN] securityvulns.ru no-pyccku


Novell Privileged User Manager code execution
Published:22.07.2009
Source:
SecurityVulns ID:10088
Type:remote
Threat Level:
6/10
Description:It's possible to load dynamic libraries (including ones from network shares) by user's request.
Affected:NOVELL : Novell Privileged User Manager 2.2
Original documentdocumentZDI, ZDI-09-046: Novell Privileged User Manager Remote DLL Injection Vulnerability (22.07.2009)

Multiple Mozilla Firefox security vulnerabilities
Published:22.07.2009
Source:
SecurityVulns ID:10089
Type:client
Threat Level:
8/10
Description:Multiple memory corruptions, crossite access, integer overflows, buffer overflows.
Affected:MOZILLA : Firefox 3.5
CVE:CVE-2009-2477 (js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.)
 CVE-2009-2472 (Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross origin wrapper bypass.")
 CVE-2009-2471 (The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted call, related to XPCNativeWrapper.)
 CVE-2009-2469 (Mozilla Firefox before 3.0.12 does not properly handle an SVG element that has a property with a watch function and an __defineSetter__ function, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted document, related to a certain pointer misinterpretation.)
 CVE-2009-2467 (Mozilla Firefox before 3.0.12 and 3.5 before 3.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a Flash object, a slow script dialog, and the unloading of the Flash plugin, which triggers attempted use of a deleted object.)
 CVE-2009-2465 (Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving double frame construction, related to (1) nsHTMLContentSink.cpp, (2) nsXMLContentSink.cpp, and (3) nsPresShell.cpp, and the nsSubDocumentFrame::Reflow function.)
 CVE-2009-2464 (The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to loading multiple RDF files in a XUL tree element.)
 CVE-2009-2463 (Integer overflow in a base64 decoding function in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.)
 CVE-2009-2462 (The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition.)
 CVE-2009-1194 (Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox.)
Original documentdocumentMOZILLA, Mozilla Foundation Security Advisory 2009-40 (22.07.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-39 (22.07.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-37 (22.07.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-36 (22.07.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-35 (22.07.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-34 (22.07.2009)
 documentMOZILLA, Mozilla Foundation Security Advisory 2009-41 (22.07.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod