Next Page >>
applications
------------------------------------------------------------------------
Office arbitrary ClickOnce application execution vulnerability
------------------------------------------------------------------------
Yorick Koster, June 2010
------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
A logic flaw has been found in the way .NET grants permissions to
ClickOnce applications. Combined with relaxed security warnings when
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE
Application Control Engine Module and Cisco ACE 4710 Application
Control Engine
Advisory ID: cisco-sa-20100811-ace
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE
Application Control Engine Module and Cisco ACE 4710 Application
Control Engine
Document ID: 109450
Advisory ID: cisco-sa-20090225-ace
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Advisory Name: Multiple Cisco CSS / ACE Client Certificate and HTTP Header
Manipulation Vulnerabilities
Release Date: 2010-07-02
Application: Cisco Content Services Switch (CSS) / ACE Products
Versions: Cisco CSS 11500 - 08.20.1.01
Cisco ACE 4710 - Version A3(2.5) [build 3.0(0)A3(2.5)
(Other versions may be affected)
Severity: High (in specific configurations)
Author: George D. Gal <ggal (a) vsecurity . com>
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Advisory Name: WebLogic Plugin HTTP Injection via Encoded URLs
Release Date: 2010-07-13
Application: WebLogic Plugin
Versions: All known versions
Severity: High
Discovered by: Timothy D. Morgan < tmorgan (at) vsecurity {dot} com >
Contributors: George D. Gal < ggal {at} vsecurity (dot) com >
Vendor Status: Patch Released [4]
Multiple Vulnerabilities In .FLAC File Format and Various Media
Applications
Release Date:
November 15, 2007
Date Reported:
September 28, 2007 (Vendor Reporting Coordination Began With US-CERT)
Severity:
3. *Vulnerability Description*
Windows Virtual PC and Microsoft Virtual PC 2007 are system
virtualization desktop applications from Microsoft used to run one or
many virtual hosts on a single physical system. Windows 7 relies on
Virtual PC technology to implement the backward compatibility XP Mode
for legacy Windows applications. Using XP Mode, Windows 7 users can run
Windows applications on a virtualized Windows XP SP3 operating system
directly from the Windows 7 desktop but in doing so they may be
CVE Name: CVE-2008-1035 CVE-2008-2006 CVE-2008-2007
*Vulnerability Description*
iCal is a personal calendar application from Apple Inc. included on the
Mac OS X operating system. The calendar application can be used as a
stand-alone application or as a client-side component to calendar server
that lets users create and share multiple calendars and subscribe to
other user's calendars. Apple's iCal uses the iCalendar standard for its
calendar file format (which uses the '.ics' filename extension) [1] and
CVE Name: CVE-2008-1035 CVE-2008-2006 CVE-2008-2007
*Vulnerability Description*
iCal is a personal calendar application from Apple Inc. included on the
Mac OS X operating system. The calendar application can be used as a
stand-alone application or as a client-side component to calendar server
that lets users create and share multiple calendars and subscribe to
other user's calendars. Apple's iCal uses the iCalendar standard for its
calendar file format (which uses the '.ics' filename extension) [1] and
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://corelabs.coresecurity.com/
IBM WebSphere Application Server Cross-Site Request Forgery
1. *Advisory Information*
Title: IBM WebSphere Application Server Cross-Site Request Forgery
1 Background
============
Android applications are executed in a sandbox environment, to ensure that no
application can access sensitive information held by another, without adequate
privileges. For example, The Browser application holds sensitive information
such as cookies, cache and history, and this cannot be accessed by third-party
apps, while the Google Talk application stores contacts and conversations. An
android app may request specific privileges during its installation; if granted
by the user, the app's capabilities are extended.
requests.
Java Servlets provide a filter component which can dynamically intercept
requests and responses to transform information contained in the
requests or responses[1]. Servlet filters are often recommended as an
effective way to perform input validation in Java web applications due
to the centralized nature and little modifications required to the
application's code.
Open Web Application Security Project (OWASP) has developed Stinger,
which aims to provide a centralized input validation component which can
Version: SUPERAntiSpyware 4.34.1000 (18 Feb
2010) or older
Super Ad Blocker 4.6.1000 (not
updated since 2007, pre-release exists) or older
Platform: Windows XP and later
Components affected: Device drivers in both applications
Remote: No
Local: Yes
Vulnerability type: DoS, Privilege Escalation
APPENDIX: Advisories
====================================================
Advisory: “Cross-Site Scripting” in Avatar uploads in fluxBB
Application: fluxBB
Vulnerable Versions: 1.3-legacy and older 1.3 versions.
Reported By: Jacques Copeau
Note
***********
Hi,
We would like to invite you to the European OWASP Application Security
Conference! After successful OWASP Conferences in the United States (San
Jose), Europe (Milan), Asia (Taiwan) and Australia (Queensland), we are back
in Belgium: 5 tutorials and 2 conference tracks in the historic center of
Ghent on May 19-22 2008!
More details and registration on http://www.owasp.org/index.php/AppSecEU08
Last update: 2010-11-30
Topic: Multiple checksum handling vulnerabilities
CVE-2010-1324
* krb5 GSS-API applications may accept unkeyed checksums
* krb5 application services may accept unkeyed PAC checksums
* krb5 KDC may accept low-entropy KrbFastArmoredReq checksums
CVSSv2 Vector: AV:N/AC:M/Au:N/C:N/I:C/A:N/E:POC/RL:OF/RC:C
vulnerability results in an overflown integer that is used to allocate a
buffer on the heap. After the incorrect allocation, one or more
user-supplied buffers are copied in the new buffer, resulting in a
corruption of the heap.
By exploiting this vulnerability, it is possible for an application
running with Partial Trust permissions to to break from the CLR sandbox
and run arbitrary code with Full Trust permissions.
------------------------------------------------------------------------
Affected versions
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Application Extension Platform Privilege
Escalation Vulnerability
Advisory ID: cisco-sa-20100609-axp
Revision 1.0
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Advisory Name: Java Web Start File Inclusion via System Properties Override
Release Date: 2008-12-03
Application: Sun Java Runtime Environment / Java Web Start
Versions: See below
Severity: High
Author: Timothy D. Morgan <tmorgan {a} vsecurity.com>
Vendor Status: Patch Released [3]
CVE Candidate: CVE-2008-2086
=============================================================
Android Browser Cross-Application Scripting (CVE-2011-2357)
=============================================================
1) Background
--------------
Android applications are executed in a sandbox environment, to ensure that no
application can access sensitive information held by another, without adequate
privileges. For example, Android's browser application holds sensitive
information such as cookies, cache and history, and this cannot be accessed by
(sorry for the span and for receiving multiple copies of this)
Best regards,
2nd. OWASP Ibero-American Web-Applications Security conference 2010 (IBWAS’10)
ISCTE – Lisbon University Institute
25th – 26th November 2010
Lisboa, Portugal
http://www.ibwas.com
Trustwave's SpiderLabs Security Advisory TWSL2011-006:
IBM Web Application Firewall Bypass
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-006.txt
Published: 2011-06-21
Version: 1.0
Vendor: IBM
Product: IBM Web Application Firewall
Thanks,
David Byrne
Senior Security Consultant
Trustwave - SpiderLabs, Application Security
-----Original Message-----
From: Ivan Buetler [mailto:ivan.buetler@csnc.ch]
Short name:
iPhone Safari phone-auto-dial (vulnerability)
Vulnerability class:
application logic bug
Executive Summary:
A malicious website can initiate a phone call without the need of user
interaction. The destination phone number is chosen by the attacker.
>
>Short name:
> iPhone Safari phone-auto-dial (vulnerability)
>
>Vulnerability class:
> application logic bug
>
>Executive Summary:
> A malicious website can initiate a phone call without the need of user
> interaction. The destination phone number is chosen by the attacker.
>
>>
>> Short name:
>> iPhone Safari phone-auto-dial (vulnerability)
>>
>> Vulnerability class:
>> application logic bug
>>
>> Executive Summary:
>> A malicious website can initiate a phone call without the need of user
>> interaction. The destination phone number is chosen by the attacker.
>>
>>>
>>> Short name:
>>> iPhone Safari phone-auto-dial (vulnerability)
>>>
>>> Vulnerability class:
>>> application logic bug
>>>
>>> Executive Summary:
>>> A malicious website can initiate a phone call without the need of user
>>> interaction. The destination phone number is chosen by the attacker.
>>>
The following policy can be configured as a workaround to mitigate
this vulnerability. Complete the following steps to deploy this
policy for the Cisco Security Agent running on the Management Center
for Cisco Security Agent server.
Create a New Application Class
+-----------------------------
Step 1. Specify the name of the application class as 'CSA MC - all
applications but not its descendants'.
444
Introduction:
=============
The Barracuda Web Application Firewall provides superior protection against hackers’ attempts to exploit vulnerabilities
in Web sites or Web applications to steal data, cause denial of service or deface Web sites. By integrating application
delivery capabilities, the Barracuda Web Application Firewall is an affordable and comprehensive application firewall
that can secure Web applications, as well as increase their performance and availability.
Published: 2010-02-08 Version: 1.1
SpiderLabs has documented view state tampering
vulnerabilities in three products from separate vendors.
View states are used by some web application frameworks to
store the state of HTML GUI controls. View states are
typically stored in hidden client-side input fields,
although server-side storage is widely supported.
The affected vendors generally recommend that client-side
Next Page>>
|
