Computer Security
[EN] securityvulns.ru no-pyccku


Google Chrome DoS
Published:25.08.2009
Source:
SecurityVulns ID:10174
Type:remote
Threat Level:
4/10
Description:Hang on chromehtml: URL handling.
Affected:GOOGLE : Chrome 1.0
Original documentdocumentMustLive, DoS vulnerability in Google Chrome (25.08.2009)

PHP DoS
Published:25.08.2009
Source:
SecurityVulns ID:10176
Type:library
Threat Level:
5/10
Description:Crash on JPEG Exif data parsing.
Affected:PHP : PHP 5.2
CVE:CVE-2009-2687 (The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353.)
Original documentdocumentUBUNTU, [USN-824-1] PHP vulnerability (25.08.2009)

Linux kernel multiple security vulnerabilities
Published:25.08.2009
Source:
SecurityVulns ID:10177
Type:local
Threat Level:
5/10
Description:Multiple DoS conditions, information leaks.
CVE:CVE-2009-2849 (The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 might allow local users to cause a denial of service (NULL pointer dereference) via vectors related to "suspend_* sysfs attributes" and the (1) suspend_lo_store or (2) suspend_hi_store functions. NOTE: this is only a vulnerability when sysfs is writable by an attacker.)
 CVE-2009-2848 (The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.)
 CVE-2009-2847 (The do_sigaltstack function in kernel/signal.c in Linux kernel 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive information from the kernel stack via the sigaltstack function.)
 CVE-2009-2846 (The eisa_eeprom_read function in the parisc isa-eeprom component (drivers/parisc/eisa_eeprom.c) in the Linux kernel before 2.6.31-rc6 allows local users to access restricted memory via a negative ppos argument, which bypasses a check that assumes that ppos is positive and causes an out-of-bounds read in the readb function.)
 CVE-2009-2698 (The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1872-1] New Linux 2.6.18 packages fix several vulnerabilities (25.08.2009)

Avast Antivirus buffer overflow
Published:25.08.2009
Source:
SecurityVulns ID:10179
Type:local
Threat Level:
5/10
Description:Buffer overflow in File System Filter driver.
Original documentdocuments.leberre_(at)_sysdream.com, Local Kernel Buffer Overflow vulnerability in Avast! (25.08.2009)

WM Downloader buffer overflow
Published:25.08.2009
Source:
SecurityVulns ID:10182
Type:local
Threat Level:
5/10
Description:Buffer overflows on different playlist formats parsing.
Original documentdocumentthe_3dit0r_(at)_yahoo.com, WM Downloader (.Smi/ .Ram/ .pls/ .smil/ .wax/ .wpl File) Local Buffer Overflow Exploit (25.08.2009)
Files:WM Downloader (.Smi/ .Ram/ .pls/ .smil/ .wax/ .wpl File) Local Buffer Overflow Exploit

Cisco CS-MARS information leak
Published:25.08.2009
Source:
SecurityVulns ID:10178
Type:remote
Threat Level:
5/10
Description:User's password may be stored in server logs.
Original documentdocumentryan.wessels_(at)_kohler.com, Clear Text Storage of Password in CS-MARS v6.0.4 and Earlier (25.08.2009)

libneon certificate spoofing
Published:25.08.2009
Source:
SecurityVulns ID:10183
Type:library
Threat Level:
5/10
Description:Invalid NULL character processing in CN field.
CVE:CVE-2009-2474 (neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.)
 CVE-2009-2473 (neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.)
Original documentdocumentMANDRIVA, [ MDVSA-2009:221 ] libneon0.27 (25.08.2009)

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:25.08.2009
Source:
SecurityVulns ID:10180
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:CUTEFLOW : Cuteflow 2.10
 RADVISION : Scopia 5.7
Original documentdocumentf.bianchino_(at)_gmail.com, Radvision's Scopia Cross Site Scripting Vulnerabilities (25.08.2009)
 documenthever_(at)_hever.com.br, Cuteflow Version 2.10.3 "edituser.php" Security Bypass Vulnerability (25.08.2009)
 documentgamr-14_(at)_hotmail.com, Infinity <= v2.X.X (Local File Disclosure/Auth Bypass) Vulnerabilities (25.08.2009)

libvorbis multiple security vulnerabilities
updated since 04.06.2008
Published:25.08.2009
Source:
SecurityVulns ID:9045
Type:library
Threat Level:
6/10
Description:Multiple integer overflows and denial of service.
Affected:LIBVORBIS : libvorbis 1.1
CVE:CVE-2009-2663 (libvorbis before r16182, as used in Mozilla Firefox before 3.0.13 and 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg file.)
 CVE-2008-1423
 CVE-2008-1420
 CVE-2008-1419
Original documentdocumentUBUNTU, [USN-825-1] libvorbis vulnerability (25.08.2009)
 documentDEBIAN, [SECURITY] [DSA 1591-1] New libvorbis packages fix several vulnerabilities (04.06.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod