Computer Security
[EN] securityvulns.ru no-pyccku


libexif / exif multiple security vulnerabilities
updated since 16.07.2012
Published:23.07.2012
Source:
SecurityVulns ID:12479
Type:library
Threat Level:
6/10
Description:Buffer overflows, integer overflows, DoS conditions.
CVE:CVE-2012-2845 (Integer overflow in the jpeg_data_load_data function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain potentially sensitive information via a crafted JPEG file.)
 CVE-2012-2841 (Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow.)
 CVE-2012-2840 (Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.)
 CVE-2012-2837 (The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (divide-by-zero error) via an image with crafted EXIF tags that are not properly handled during the formatting of EXIF maker note tags.)
 CVE-2012-2836 (The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.)
 CVE-2012-2814 (Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.)
 CVE-2012-2813 (The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.)
 CVE-2012-2812 (The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.)
Original documentdocumentLIBEXIF, libexif project security advisory July 12, 2012 (23.07.2012)
 documentMANDRIVA, [ MDVSA-2012:106 ] libexif (16.07.2012)

HP StorageWorks code execution
Published:23.07.2012
Source:
SecurityVulns ID:12484
Type:remote
Threat Level:
8/10
Description:Few vulnerabilities in File Migration Agent TCP/9111 service
Original documentdocumentZDI, ZDI-12-127 : (0Day) HP StorageWorks File Migration Agent RsaFTP.dll Remote Code Execution Vulnerability (23.07.2012)
 documentHP, ZDI-12-126 : (0 day) HP StorageWorks File Migration Agent RsaCIFS.dll Remote Code Execution Vulnerability (23.07.2012)

nsd DNS server DoS
Published:23.07.2012
Source:
SecurityVulns ID:12485
Type:remote
Threat Level:
5/10
Description:NULL pointer dereference on malformed DNS packet processing.
Affected:NSD : nsd 3.2
CVE:CVE-2012-2978 (query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x before 3.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via a crafted DNS packet.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2515-1] nsd3 security update (23.07.2012)

DomsHttpd DoS
Published:23.07.2012
Source:
SecurityVulns ID:12486
Type:remote
Threat Level:
5/10
Description:Crash on Referer: header processing.
Affected:DOMSHTTPD : DomsHttpd 1.0
Original documentdocumentpereira_(at)_secbiz.de, DomsHttpd 1.0 <= Remote Denial Of Service (23.07.2012)

HP AssetManager crossite scripting
Published:23.07.2012
Source:
SecurityVulns ID:12487
Type:remote
Threat Level:
5/10
Description:Multiple crossite scripting possibilities.
Affected:HP : AssetManager 5.22
 HP : AssetManager 9.30
CVE:CVE-2012-2021 (Multiple cross-site scripting (XSS) vulnerabilities in HP AssetManager 5.20, 5.21, 5.22, and 9.30 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.)
Original documentdocumentHP, [security bulletin] HPSBGN02787 SSRT100876 rev.1 - HP AssetManager, Remote Cross Site Scripting (XSS) and Unauthorized Data Modification (23.07.2012)

Google Chrome DLL spoofing
Published:23.07.2012
Source:
SecurityVulns ID:12488
Type:client
Threat Level:
5/10
Description:Unsafe metro_driver.dll loading.
Affected:GOOGLE : Chrome 19.0
CVE:CVE-2012-2764 (Untrusted search path vulnerability in Google Chrome before 20.0.1132.43 on Windows might allow local users to gain privileges via a Trojan horse Metro DLL in the current working directory.)
Original documentdocumentmoshez_(at)_comsecglobal.com, Google Chrome 19 metro_driver.dll mishandling (23.07.2012)

Metasploit pcap_log symbolic links vulnerability
Published:23.07.2012
Source:
SecurityVulns ID:12489
Type:local
Threat Level:
5/10
Description:Symbolic links vulnerability on temporary file creation.
Original documentdocument0a29 40, 0A29-12-2 :Metasploit 'pcap_log' plugin privilege escalation vulnerability (23.07.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod