Computer Security
[EN] securityvulns.ru no-pyccku


Adobe Flash Player multiple security vulnerabilities
updated since 11.11.2011
Published:26.12.2011
Source:
SecurityVulns ID:12035
Type:client
Threat Level:
9/10
Description:Multiple memory corruptions, buffer overflows, crossite data access.
Affected:ADOBE : Flash Player 11.0
 ADOBE : AIR 3.0
CVE:CVE-2011-2460 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2459.)
 CVE-2011-2459 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.)
 CVE-2011-2458 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site.)
 CVE-2011-2457 (Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2456 (Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.)
 CVE-2011-2455 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2459, and CVE-2011-2460.)
 CVE-2011-2454 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.)
 CVE-2011-2453 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.)
 CVE-2011-2452 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.)
 CVE-2011-2451 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.)
 CVE-2011-2450 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.)
 CVE-2011-2445 (Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.)
Original documentdocumentVUPEN Security Research, VUPEN Security Research - Adobe Flash Player "SAlign" Memory Corruption Vulnerability (CVE-2011-2459) (26.12.2011)
Files:Security update available for Adobe Flash Player

Asterisk SIP processing security vulnerabilities
updated since 11.12.2011
Published:26.12.2011
Source:
SecurityVulns ID:12079
Type:remote
Threat Level:
5/10
Description:DoS, information leakage.
Affected:DIGIUM : Asterisk 1.4
 ASTERISK : Asterisk 1.6
 ASTERISK : Asterisk 1.8
Original documentdocumentBen Williams, Exploit for Asterisk Security Advisory AST-2011-013 (26.12.2011)
 documentASTERISK, AST-2011-014: Remote crash possibility with SIP and the "automon" feature enabled (11.12.2011)
 documentASTERISK, AST-2011-013: Possible remote enumeration of SIP endpoints with differing NAT settings (11.12.2011)
Files:SIP Username Enumerator for Asterisk (UDP) Security Advisory AST-2011-013, CVE-2011-4597

Microsoft Windows multiple security vulnerabilities
updated since 15.12.2011
Published:26.12.2011
Source:
SecurityVulns ID:12090
Type:client
Threat Level:
9/10
Description:Buffer overflow on TTF fonts parsing, OLE objects memory corruption, CSRSS and kernel privilege escalations, ActiveX code execution.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
 MICROSOFT : Windows 2008 Server_
CVE:CVE-2011-3408 (Csrsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process device-event messages from low-integrity processes to high-integrity processes, which allows local users to gain privileges via a crafted application, aka "CSRSS Local Privilege Elevation Vulnerability.")
 CVE-2011-3402 (Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page, as exploited in the wild in November 2011 by Duqu, aka "TrueType Font Parsing Vulnerability.")
 CVE-2011-3400 (Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 do not properly handle OLE objects in memory, which allows remote attackers to execute arbitrary code via a crafted object in a file, aka "OLE Property Vulnerability.")
 CVE-2011-3397 (The Microsoft Time component in DATIME.DLL in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted web site that leverages an unspecified "binary behavior" in Internet Explorer, aka "Microsoft Time Remote Code Execution Vulnerability.")
 CVE-2011-2018 (The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, and Windows 7 Gold and SP1 does not properly initialize objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Exception Handler Vulnerability.")
Original documentdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Windows Time Behaviour Remote Use-after-free Vulnerability (MS11-090) (26.12.2011)
 documentVUPEN Security Research, VUPEN Security Research - Microsoft Windows "datime.dll" Remote Code Execution Vulnerability (MS11-090) (26.12.2011)
Files:Microsoft Security Bulletin MS11-087 - Critical Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417)
 Microsoft Security Bulletin MS11-093 - Important Vulnerability in OLE Could Allow Remote Code Execution (2624667)
 Microsoft Security Bulletin MS11-097 - Important Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2620712)
 Microsoft Security Bulletin MS11-098 - Important Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2633171)
 Microsoft Security Bulletin MS11-090 - Critical Cumulative Security Update of ActiveX Kill Bits (2618451)

Microsoft Internet Explorer multiple security vulnerabilities
updated since 15.12.2011
Published:26.12.2011
Source:
SecurityVulns ID:12091
Type:client
Threat Level:
6/10
Description:Information leakage, insecure library loading.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
 MICROSOFT : Windows 7
CVE:CVE-2011-3404 (Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to control rendering of the HTTP response body, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Content-Disposition Information Disclosure Vulnerability.")
 CVE-2011-2019 (Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability.")
 CVE-2011-1992 (The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability.")
Original documentdocumentVUPEN Security Research, VUPEN Security Research - Microsoft Windows Media Player DVR-MS Buffer Overflow Vulnerability (MS11-092) (26.12.2011)
Files:Microsoft Security Bulletin MS11-099 - Important Cumulative Security Update for Internet Explorer (2618444)

tor buffer overflows
Published:26.12.2011
Source:
SecurityVulns ID:12108
Type:remote
Threat Level:
5/10
Description:Heap buffer overflow on SOCKS request parsing.
Affected:TOR : tor 0.2
CVE:CVE-2011-2778 (Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS connection to SocksPort or (2) leveraging a SOCKS proxy configuration.)

Google Crome for Androind certificate information spoofing
Published:26.12.2011
Source:
SecurityVulns ID:12109
Type:client
Threat Level:
4/10
Description:It's possible to spoof certificate information by using IFRAME.
Affected:GOOGLE : Android 2.3
Original documentdocumentMustLive, Certificate Spoofing in Google Chrome for Android (26.12.2011)

libarchive library buffer overflow
Published:26.12.2011
Source:
SecurityVulns ID:12110
Type:library
Threat Level:
5/10
Description:Buffer overflow on ISO 9660 image parsing.
CVE:CVE-2011-1778 (Buffer overflow in libarchive through 2.8.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TAR archive.)
Original documentdocumentMANDRIVA, [ MDVSA-2011:191 ] libarchive (26.12.2011)

IBM TS3100 / IBM TS3200 tape libraries authentication bypass
Published:26.12.2011
Source:
SecurityVulns ID:12111
Type:remote
Threat Level:
5/10
Description:Authentication bypass in Web interface.
CVE:CVE-2011-1372 (The Web User Interface on the IBM TS3100 and TS3200 tape libraries with firmware before A.60 allows remote attackers to bypass authentication and obtain administrative access via unspecified vectors.)
Original documentdocumentTrustwave Advisories, TWSL2011-018: Authentication Bypass Vulnerability in IBM TS3100/TS3200 Web User Interface (26.12.2011)

Unbound DNS resolver DoS conditions
Published:26.12.2011
Source:
SecurityVulns ID:12112
Type:remote
Threat Level:
5/10
Description:Different denial of service conditions
Affected:UNBOUND : unbound 1.4
CVE:CVE-2011-4869 (validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records, a different vulnerability than CVE-2011-4528.)
 CVE-2011-4528 (Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2370-1] unbound security update (26.12.2011)

pfSense invalid certificates issue
Published:26.12.2011
Source:
SecurityVulns ID:12113
Type:library
Threat Level:
5/10
Description:All certificates are issued with CA:true flag.
Affected:PFSENSE : pfSense 2.0
CVE:CVE-2011-4197 (etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 creates each X.509 certificate with a true value for the CA basic constraint, which allows remote attackers to create sub-certificates for arbitrary subjects by leveraging the private key.)
Original documentdocumentFlorent Daigniere, [MATTA-2011-001] pfSense x509 Insecure Certificate Creation (26.12.2011)

WellinTech KingView buffer overflow
Published:26.12.2011
Source:
SecurityVulns ID:12114
Type:remote
Threat Level:
5/10
Description:Buffer overflow on TCP/777 request parsing.
CVE:CVE-2011-4536 (Heap-based buffer overflow in nettransdll.dll in HistorySvr.exe (aka HistoryServer.exe) in WellinTech KingView 6.53 and 65.30.2010.18018 allows remote attackers to execute arbitrary code via a crafted op-code 3 packet.)
Original documentdocumentZDI, ZDI-11-351 : WellinTech KingView HistoryServer.exe Opcode 3 Parsing Remote Code Execution Vulnerability (26.12.2011)

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Published:26.12.2011
Source:
SecurityVulns ID:12117
Type:remote
Threat Level:
5/10
Description:PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
Affected:PHPMYADMIN : phpMyAdmin 3.4
 TIKI : Tiki Wiki CMS Groupware 8.2
 EPESIBIM : epesi BIM 1.2
 OBM : obm 2.4
 PHPSHOP : PHPShop CMS Free 3.4
 MEDIAWIKI : mediawiki 1.16
 DTC : dtc 0.34
 BOOKINGCALENDAR : PHP Booking Calendar 10e
 SASHA : SASHA 0.2
 APPRAIN : appRain CMF 0.1
 NOVELL : Sentinel Log Manager 1.2
CVE:CVE-2011-4782 (Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter.)
 CVE-2011-4551 (Cross-site scripting (XSS) vulnerability in tiki-cookie-jar.php in TikiWiki CMS/Groupware before 8.2 and LTS before 6.5 allows remote attackers to inject arbitrary web script or HTML via arbitrary parameters.)
 CVE-2011-4361 (MediaWiki before 1.17.1 does not check for read permission before handling action=ajax requests, which allows remote attackers to obtain sensitive information by (1) leveraging the SpecialUpload::ajaxGetExistsWarning function, or by (2) leveraging an extension, as demonstrated by the CategoryTree, ExtTab, and InlineEditor extensions.)
 CVE-2011-4360 (MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter.)
 CVE-2011-3199 (Multiple cross-site scripting (XSS) vulnerabilities in Domain Technologie Control (DTC) before 0.34.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) message body of a support ticket or unspecified vectors to the (2) DNS and (3) MX form, as demonstrated by the "Domain root TXT record:" field.)
 CVE-2011-3198 (Domain Technologie Control (DTC) before 0.34.1 includes a password in the -b command line argument to htpasswd, which might allow local users to read the password by listing the process and its arguments.)
 CVE-2011-3197 (SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domain_info.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272 has been assigned for the vps_note parameter to dtcadmin/logPushlet.php vector.)
 CVE-2011-3196 (The setup script in Domain Technologie Control (DTC) before 0.34.1 uses world-readable permissions for /etc/apache2/apache2.conf, which allows local users to obtain the dtcdaemons MySQL password by reading the file.)
 CVE-2011-3195 (shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in mailing list tunable options.)
 CVE-2011-1587 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html located before a ? (question mark) in a query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1578.)
 CVE-2011-1580 (The transwiki import functionality in MediaWiki before 1.16.3 does not properly check privileges, which allows remote authenticated users to perform imports from any wgImportSources wiki via a crafted POST request.)
 CVE-2011-1579 (The checkCss function in includes/Sanitizer.php in the wikitext parser in MediaWiki before 1.16.3 does not properly validate Cascading Style Sheets (CSS) token sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive information by using the \2f\2a and \2a\2f hex strings to surround CSS comments.)
 CVE-2011-1578 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html at the end of the query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character.)
Original documentdocumentAndrea Fabrizi, Novell Sentinel Log Manager <=1.2.0.1 Path Traversal (26.12.2011)
 documentVulnerability Lab, appRain CMF v0.1.5 - Multiple Web Vulnerabilities (26.12.2011)
 documenttom, SASHA v0.2.0 Mutiple XSS (26.12.2011)
 documenttom, PHP Booking Calendar 10e XSS (26.12.2011)
 documentDEBIAN, [SECURITY] [DSA 2365-1] dtc security update (26.12.2011)
 documentDEBIAN, [SECURITY] [DSA 2366-1] mediawiki security update (26.12.2011)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in PHPShop CMS Free (26.12.2011)
 documentsecurity_(at)_infoserve.de, Tiki Wiki CMS Groupware Stored Cross-Site-Scripting (26.12.2011)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in epesi BIM (26.12.2011)
 documentTrustwave Advisories, TWSL2011-019: Cross-Site Scripting Vulnerability in phpMyAdmin (26.12.2011)
 documentn0b0d13s_(at)_gmail.com, Tiki Wiki CMS Groupware <= 8.2 (snarf_ajax.php) Remote PHP Code Injection (26.12.2011)

WhatsApp messenging protocol multiple security vulnerabilities
Published:26.12.2011
Source:
SecurityVulns ID:12118
Type:remote
Threat Level:
5/10
Description:Unauthroized user status change, registration bypass, cleartext data transmission.
Original documentdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20111219-1 :: Multiple vulnerabilities in WhatsApp (26.12.2011)

Enterasys NetSight buffer overflow
Published:26.12.2011
Source:
SecurityVulns ID:12119
Type:remote
Threat Level:
6/10
Description:nssyslogd buffer overflow on UDP/514 packet parsing.
Original documentdocumentZDI, ZDI-11-350 : Enterasys NetSight nssyslogd PRI Remote Code Execution Vulnerability (26.12.2011)

lighthttpd security vulnerabilities
updated since 26.12.2011
Published:02.01.2012
Source:
SecurityVulns ID:12116
Type:remote
Threat Level:
4/10
Description:DoS on base64 parsing.
Affected:LIGHTTPD : lighttpd 1.4
CVE:CVE-2011-4362 (Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index.)
 CVE-2011-3389 (The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.)
Original documentdocumentpi3_(at)_itsec.pl, Lighttpd Proof of Concept code for CVE-2011-4362 (02.01.2012)
 documentDEBIAN, [SECURITY] [DSA 2368-1] lighttpd security update (26.12.2011)
Files:Primitive Lighttpd Proof of Concept code for CVE-2011-4362 vulnerability

HP Managed Printing Administration multiple security vulnerabilities
updated since 26.12.2011
Published:09.01.2012
Source:
SecurityVulns ID:12115
Type:remote
Threat Level:
6/10
Description:Buffer overflows, unauthorized files access, directory raversal.
CVE:CVE-2011-4169 (Unspecified vulnerability in HP Managed Printing Administration before 2.6.4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors.)
 CVE-2011-4168 (Directory traversal vulnerability in hpmpa/jobDelivery/Default.asp in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.)
 CVE-2011-4167 (Stack-based buffer overflow in MPAUploader.dll in HP Managed Printing Administration before 2.6.4 allows remote attackers to execute arbitrary code via a long filename parameter in an uploadfile action to Default.asp.)
 CVE-2011-4166 (Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.)
Original documentdocumentHP, [security bulletin] HPSBPI02732 SSRT100435 rev.1 - HP Managed Printing Administration, Remote Execution of Arbitrary Code and Other Vulnerabilities (09.01.2012)
 documentZDI, ZDI-12-001 : HP Managed Printing Administration img_id Multiple Vulnerabilities (09.01.2012)
 documentZDI, ZDI-11-354 : HP Managed Printing Administration jobDelivery Multiple Vulnerabilities (26.12.2011)
 documentZDI, ZDI-11-353 : HP Managed Printing Administration MPAUploader.dll Remote Code Execution Vulnerability (26.12.2011)
 documentZDI, ZDI-11-352 : HP Managed Printing Administration jobAcct Multiple Vulnerabilities (26.12.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod