Computer Security
[EN] securityvulns.ru no-pyccku


Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:23.12.2009
Source:
SecurityVulns ID:10489
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:KAYAKO : Kayako SupportSuite 3.60
 CETERA : Cetera eCommerce 14.0
 JPGRAPH : JpGraph 3.0
Original documentdocumentMartin Barbella, XSS Vulnerability in JpGraph 3.0.6 (23.12.2009)
 documentMustLive, Vulnerabilities in Cetera CMS (23.12.2009)
 documenthuan huan, Kayako SupportSuite version 3.60.04 (23.12.2009)

kvm virtualization multiple security vulnerabilities
Published:23.12.2009
Source:
SecurityVulns ID:10490
Type:local
Threat Level:
5/10
Description:Privilege escalation, DoS.
Affected:KVM : kvm 72
CVE:CVE-2009-4031 (The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel before 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to cause a denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support.)
 CVE-2009-3722 (The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted application.)
 CVE-2009-3638 (Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.31.4 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function.)
Original documentdocumentDEBIAN, [SECURITY] [DSA-1962-1] New kvm packages fix several vulnerabilities (23.12.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod