Next Page >>
internet
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
Internet Explorer Dynamic OBJECT tag and URLMON sniffing vulnerabilities
1. *Advisory Information*
Title: Internet Explorer Dynamic OBJECT tag and URLMON sniffing
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
Internet Explorer Security Zone restrictions bypass
1. *Advisory Information*
Title: Internet Explorer Security Zone restrictions bypass
Hash: SHA1
~ Core Security Technologies - CoreLabs Advisory
~ http://www.coresecurity.com/corelabs/
Internet Explorer Zone Elevation Restrictions Bypass and Security Zone
Restrictions Bypass
*Advisory Information*
*Vulnerability Description*
AOL Instant Messenger ("AIM", http://www.aim.com) is an instant messaging
application that allows its users to communicate in real time via text,
voice, and video over the Internet. It is maintained by AOL LLC. AIM Pro
is AOL's business-oriented version of AIM targeted for professional use
with an emphasis on "business-grade" security and integration with email
client and other productivity applications
(http://aimpro.premiumservices.aol.com/) AIM Lite, as defined in its
website (http://x.aim.com/laim/), is a reference application used to test
*Vulnerability Description*
AOL Instant Messenger ("AIM", http://www.aim.com) is an instant messaging
application that allows its users to communicate in real time via text,
voice, and video over the Internet. It is maintained by AOL LLC. AIM Pro
is AOL's business-oriented version of AIM targeted for professional use
with an emphasis on "business-grade" security and integration with email
client and other productivity applications
(http://aimpro.premiumservices.aol.com/) AIM Lite, as defined in its
website (http://x.aim.com/laim/), is a reference application used to test
http://labs.idefense.com/intelligence/vulnerabilities/
Dec 09, 2008
I. BACKGROUND
Internet Explorer is a graphical web browser developed by Microsoft
Corp. that has been included with Microsoft Windows since 1995. For
more information about Internet Explorer, please the visit following
website: http://www.microsoft.com/ie/
II. DESCRIPTION
------------------------------------------------------------------------
Tested version
------------------------------------------------------------------------
This issue was tested on Akamai Download Manager version 2.2.4.8 using
Windows XP SP3 running Internet Explorer 6, 7 & 8 and Windows Vista
running Internet Explorer 8.
------------------------------------------------------------------------
Fix
------------------------------------------------------------------------
CA20090818-02: Security Notice for CA Internet Security Suite
Issued: August 18, 2009
CA's technical support is alerting customers to a security risk with
CA Internet Security Suite. A vulnerability exists that can allow a
local attacker to cause a denial of service. CA has issued updates
to address the vulnerability.
The vulnerability, CVE-2009-0682, is due to insufficient verification
Debasis Mohanty wrote:
> No offence intended but if you take a little more effort of validating your
> work before posting publicly then you can save yourself from embarrassment.
>
> I don't see anything in the script that can bypass zone security and run
> successfully from internet zone. I am sure you have tested it locally and
> drawn conclusion that the script can execute from internet zone. To test the
> script from internet zone, you need to upload it to a webserver and try
> accessing via browser.
>
> Any VB/Java script will run from local security with a charm but if you can
application needs to run.
At launch, the URL or UNC path from which the application is deployed is
evaluated by the runtime. Using the deployment path, the application is
associated with one of the following security zones; Local Machine,
Intranet, Internet, Trusted Sites or Restricted Sites. Based on this
zone, the runtime grants the application a default set of permissions.
Through the application manifest, the application can request its own
permissions. If these permissions are equal or less than the granted
permissions (based on security zone), then the application is allowed to
run. If elevation of permissions is required, a security warning dialog
Vulnerable software:
* 3D EQSecure Professional Edition 4.2
* avast! Internet Security 5.0.462
* AVG Internet Security 9.0.791
* Avira Premium Security Suite 10.0.0.536
* BitDefender Total Security 2010 13.0.20.347
* Blink Professional 4.6.1
* CA Internet Security Suite Plus 2010 6.0.0.272
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: CDS Internet Streamer: Web Server Directory
Traversal Vulnerability
Advisory ID: cisco-sa-20100721-spcdn
http://www.cisco.com/warp/public/707/cisco-sa-20100721-spcdn.shtml
----------------------------------------------------------------------
(PT-2009-05) Positive Technologies Security Advisory
CA Internet Security Suite Denial of Service Vulnerability
----------------------------------------------------------------------
---[ Affected Software ]
Neat PoC. However, this requires the users to have configured IE to run
Active-X content. On my test machines, I was prompted by the Browser
before the code ran. Surprisingly, CSA never stopped it.
I tested this on:
Internet Explorer 7 on Windows XP 32-bit w/ Cisco Security Agent
v5.0.0.176
Internet Explorer 7 on Vista 32-bit (no CSA)
Thanks,
http://labs.idefense.com/intelligence/vulnerabilities/
Feb 12, 2008
I. BACKGROUND
Internet Explorer is a graphical web browser developed by Microsoft
Corp. that has been included with Microsoft Windows since 1995. For
more information about Internet Explorer, visit following URL.
http://www.microsoft.com/ie/
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco Content Delivery System Internet
Streamer: Web Server Vulnerability
Advisory ID: cisco-sa-20110525-spcdn
Revision 1.0
#######################################################################
Vulnerability 1: Internet Explorer Select Element Remote Code Execution
#######################################################################
Original advisory:
http://ifsec.blogspot.com/2011/10/internet-explorer-select-element-remote.html
I. OVERVIEW
There is a vulnerability in Internet Explorer which enables execution
Call for Papers: The 7th International Conference for Internet
Technology and Secured Transactions (ICITST-2012)
Apologies for cross-postings.
Kindly email this call for papers to your colleagues,
faculty members and postgraduate students.
CALL FOR PAPERS
--------------------------------------------------
From: "MustLive" <mustlive@websecurity.com.ua>
Sent: Monday, May 31, 2010 9:33 PM
To: "Susan Bradley" <sbradcpa@pacbell.net>
Cc: <bugtraq@securityfocus.com>
Subject: Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome and
Opera
> Hello Susan and other readers, who replied to my previous advisory.
>
> Earlier I've already answered Vladimir, now I'd answer Susan and soon I'd
ignore to fix the holes (especially DoS holes, which were only fixed few
times by Google and one time by Microsoft, and not in IE, but in Outlook,
and 99% of cases were completely ignored). Taking that into account last
year I decided from 2010 never inform browser vendors about DoS holes in
their browsers. And this time it was an exclusion (just one). In any case
due to full disclosure the Internet community will be knowing about the
vulnerabilities in browsers which I found and will be knowing the real state
of security of browsers. It was another leitmotif of my advisory.
So this time I informed browser developers and users about these issues. And
did I receive any thanks from Susan (especially taking into account that I
> ignore to fix the holes (especially DoS holes, which were only fixed few
> times by Google and one time by Microsoft, and not in IE, but in Outlook,
> and 99% of cases were completely ignored). Taking that into account last
> year I decided from 2010 never inform browser vendors about DoS holes in
> their browsers. And this time it was an exclusion (just one). In any case
> due to full disclosure the Internet community will be knowing about the
> vulnerabilities in browsers which I found and will be knowing the real
> state
> of security of browsers. It was another leitmotif of my advisory.
>
> So this time I informed browser developers and users about these
http://labs.idefense.com/intelligence/vulnerabilities/
Dec 11, 2007
I. BACKGROUND
Internet Explorer is a graphical web browser developed by Microsoft
Corp. and included as part of Microsoft Windows since 1995. The
setExpression method is commonly used to assign a JavaScript expression
to a CSS or DHTML object within a web page. For more information, visit
the following URLs.
Severity:
High (Code Execution)
Systems Affected:
Internet Explorer 6 SP1 - Windows 2000 SP4
Internet Explorer 6 SP1 - Windows XP SP1
Internet Explorer 6 SP2 - Windows XP SP2
Internet Explorer 6 SP1 - Windows Server 2003 SP1
Internet Explorer 6 SP2 - Windows Server 2003 SP2
ASPR #2011-01-11-1: Remote Binary Planting in Multiple F-Secure Products
=======================================================================
Document ID: ASPR #2011-01-11-1-PUB
Vendor: F-Secure Corp. (http://www.f-secure.com)
Target: F-Secure Internet Security 2010 and 2011
F-Secure Anti-Virus 2010 and 2011
(and multiple other F-Secure products)
Impact: Remote execution of arbitrary code
Severity: Very high
Status: Official patch available, workarounds available
I want to warn you about security vulnerabilities in different browsers.
With this advisory I'm continue my series of vulnerabilities in browsers,
which belong to group of DoS via protocol handlers.
-----------------------------
Advisory: DoS vulnerabilities in Firefox, Internet Explorer, Chrome and
Opera
-----------------------------
URL: http://websecurity.com.ua/4248/
-----------------------------
Affected products: Mozilla Firefox, Internet Explorer 6, Internet Explorer
CISA, CISSP, ITIL
CEH Instructor, ECSP Instructor, CSSLP, OPSA, OPST
OWASP Spain Chapter Leader
vaguilera@isecauditors.com
Internet Security Auditors
www.isecauditors.com
c. Santander, 101. Edif. A. 2º
E-08030 Barcelona (Spain)
Tel: +34 93 305 13 18
Due to advantages of JS exploit for these vulnerabilities over non-JS
exploit, I wrote JavaScript exploits for these advisories and I'd write for
future advisories (but I'd be reminding about possibility of attacking
without JS). But soon I'll present one exploit also in "pure-iframe" version
(without JS) for Internet Explorer and other applications - in case when
small amount of iframes lead to crash.
> Thank you. Now if you could wait for patches before disclosing I'd be
> even happier.
BLUE MOON SECURITY ADVISORY 2009-04
===================================
:Title: Remote Denial of Service in Internet Explorer
:Severity: Moderate
:Reporter: Blue Moon Consulting
:Products: Internet Explorer 7 and 8
:Fixed in: --
Hash: SHA256
Hello, folks,
The United Kingdom's Centre for the Protection of National Infrastructure
has just released the document "Security Assessment of the Internet
Protocol", on which I have had the pleasure to work during the last year or
so.
The motivation to produce this document is explained in the Preface of the
document as follows:
No offence intended but if you take a little more effort of validating your
work before posting publicly then you can save yourself from embarrassment.
I don't see anything in the script that can bypass zone security and run
successfully from internet zone. I am sure you have tested it locally and
drawn conclusion that the script can execute from internet zone. To test the
script from internet zone, you need to upload it to a webserver and try
accessing via browser.
Any VB/Java script will run from local security with a charm but if you can
Next Page>>
|
