Computer Security
[EN] securityvulns.ru no-pyccku


OpenSC / PCSC-Lite library buffer overflow
updated since 19.01.2011
Published:24.01.2011
Source:
SecurityVulns ID:11364
Type:library
Threat Level:
6/10
Description:Buffer overflow on oversized smart card serial number.
Affected:OPENSC : OpenSC 0.11
 PCSCLITE : PCSC-Lite 1.5
CVE:CVE-2010-4531 (Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value.)
 CVE-2010-4530 (Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow.)
 CVE-2010-4523 (Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to (1) card-acos5.c, (2) card-atrust-acos.c, and (3) card-starcos.c.)
Original documentdocumentMANDRIVA, [ MDVSA-2011:015 ] pcsc-lite (24.01.2011)
 documentMANDRIVA, [ MDVSA-2011:014 ] ccid (24.01.2011)
 documentMANDRIVA, [ MDVSA-2011:011 ] opensc (19.01.2011)

Microsoft Fax Cover Page Editor double free vulnerability
Published:24.01.2011
Source:
SecurityVulns ID:11371
Type:local
Threat Level:
4/10
Description:Double free vulnerability on .cov files parsing.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
Original documentdocumentLuigi Auriemma, Code execution in Microsoft Fax Cover Page Editor (24.01.2011)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:24.01.2011
Source:
SecurityVulns ID:11372
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPCMS : phpcms 9
 RT : request-tracker 3.6
 AWSTATS : awstats 6.9
CVE:CVE-2011-0009 (Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4 uses the MD5 algorithm for password hashes, which makes it easier for context-dependent attackers to determine cleartext passwords via a brute-force attack on the database.)
 CVE-2010-4369 (Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecified impact via a crafted LoadPlugin directory.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2150-1] request-tracker3.6 security update (24.01.2011)
 documentUBUNTU, [USN-1047-1] AWStats vulnerability (24.01.2011)
 documenteidelweiss_(at)_windowslive.com, phpcms V9 BLind SQL Injection Vulnerability (24.01.2011)
 documentMustLive, Full path disclosure и SQL Injection уязвимости в MC Content Manager (24.01.2011)

RSA Key Manager SQL injection
Published:24.01.2011
Source:
SecurityVulns ID:11373
Type:library
Threat Level:
5/10
Description:It's possible to manipilate key cache.
Affected:EMC : RSA Key Manager Client 1.5
CVE:CVE-2010-1904 (SQL injection vulnerability in EMC RSA Key Manager Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data.)
Original documentdocumentEMC, ESA-2011-001: RSA, The Security Division of EMC, addresses RKM 1.5 C Client SQL Injection Vulnerability (24.01.2011)

Multiple browsers memory corruptions
Published:24.01.2011
Source:
SecurityVulns ID:11374
Type:remote
Threat Level:
5/10
Description:Memory corruption on URL handling
CVE:CVE-2010-2599 (Unspecified vulnerability in Research In Motion (RIM) BlackBerry Device Software before 6.0.0 allows remote attackers to cause a denial of service (browser hang) via a crafted web page.)
 CVE-2010-1752 (Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling.)
Original documentdocumentLaurent OUDOT at TEHTRI-Security, [TEHTRI-Security] CVE-2010-2599: Update your BlackBerry (24.01.2011)

HP Business Availability Center / Business Service Management crossite scripting
updated since 24.01.2011
Published:24.01.2011
Source:
SecurityVulns ID:11375
Type:remote
Threat Level:
5/10
Affected:HP : Business Availability Center 7.55
 HP : Business Availability Center 8.06
 HP : Business Service Management 9.01
CVE:CVE-2011-1856 (Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.06 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2011-0274 (Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 7.x through 7.55 and 8.x through 8.05, and Business Service Management (BSM) through 9.01, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Original documentdocumentHP, [security bulletin] HPSBMA02681 SSRT100493 rev.1 - HP Business Availability Center (BAC) Running on Windows and Solaris, Remote Cross Site Scripting (XSS) (17.05.2011)
 documentHP, [security bulletin] HPSBMA02622 SSRT100342 rev.1 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Cross Site Scripting (XSS) (24.01.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod