Computer Security
[EN] securityvulns.ru no-pyccku


IBM Tivoli Storage Manager Client crossite scripting
Published:29.10.2007
Source:
SecurityVulns ID:8298
Type:remote
Threat Level:
5/10
Description:CAD Service log files crossite scripting.
Affected:IBM : Tivoli Storage Manager Client 5.3
 IBM : Tivoli Storage Manager Client 5.4
CVE:CVE-2007-4348
Original documentdocumentSECUNIA, Secunia Research: IBM Tivoli Storage Manager Client CAD Service Script Insertion (29.10.2007)

Sun Java JRE / JDK multiple security vulnerabilities
updated since 29.10.2007
Published:30.10.2007
Source:
SecurityVulns ID:8300
Type:library
Threat Level:
6/10
Description:Multiple sandbox restriction bypass vulnerabilities.
Affected:SUN : JDK 1.4
 ORACLE : JRE 1.4
 SUN : JRE 5.0
 ORACLE : JDK 5.0
CVE:CVE-2007-5274 (Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound connections via a multi-pin DNS rebinding attack dependent on the LiveConnect API, in which JavaScript download relies on DNS resolution by the browser, but JavaScript socket operations rely on separate DNS resolution by a Java Virtual Machine (JVM), a different issue than CVE-2007-5273. NOTE: this is similar to CVE-2007-5232.)
 CVE-2007-5273 (Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound connections via a multi-pin DNS rebinding attack in which the applet download relies on DNS resolution on the proxy server, but the applet's socket operations rely on DNS resolution on the local machine, a different issue than CVE-2007-5274. NOTE: this is similar to CVE-2007-5232.)
 CVE-2007-5240 (Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner by creating a window larger than the workstation screen.)
 CVE-2007-5239 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (2) applets, which allows user-assisted remote attackers to copy or rename arbitrary files when local users perform drag-and-drop operations from the untrusted application or applet window onto certain types of desktop applications.)
 CVE-2007-5238 (Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to obtain sensitive information (the Java Web Start cache location) via an untrusted application, aka "three vulnerabilities.")
 CVE-2007-5232 (Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when applet caching is enabled, allows remote attackers to violate the security model for an applet's outbound connections via a DNS rebinding attack.)
Original documentdocumentNGSSoftware Insight Security Research Advisory (NISR), Memory overwrites in JVM via malformed TrueType font (30.10.2007)
 documentNGSSoftware Insight Security Research Advisory (NISR), Untrusted Java applet can connect to localhost (30.10.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod