Next Page >>
malicious
From http://support.microsoft.com/kb/890830
======
Reporting component
The Malicious Software Removal Tool sends information to Microsoft if it detects malicious software or finds an error. The specific information that is sent to Microsoft consists of the following items: * The name of the malicious software that is detected
* The result of malicious software removal
* The operating system version
* The operating system locale
* The processor architecture
* The version number of the tool
Vulnerabilities via 'setup-config.php' page.
CVE: CVE-2011-4899
The WordPress 'setup-config.php' installation page allows users to install
WordPress in local or remote MySQL databases. This typically requires a user
to have valid MySQL credentials to complete. However, a malicious user can
host their own MySQL database server and can successfully complete the
WordPress installation without having valid credentials on the target system.
After the successful installation of WordPress, a malicious user can inject
malicious PHP code via the WordPress Themes editor. In addition, with control
In order for an attacker to exploit the vulnerability, the attacker
would need to lure the user that is logged on a Windows Guest
Operating System to click on the attacker's file on a network
share. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
In order for an attacker to exploit the vulnerability, the attacker
would need to lure the user that is logged on a Windows Guest
Operating System to click on the attacker's file on a network
share. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
the form of an installed program (e.g., Back Orifice), or could be a modification to an
existing program or hardware device.
According to an article on PC World: "The software vendor is giving law enforcers
access to a special tool that keeps tabs on botnets, using data compiled from the 450
million computer users who have installed the Malicious Software Removal tool that
ships with Windows."
Not a big deal until you keep reading: "Although Microsoft is reluctant to give out details
on its botnet buster - the company said that even revealing its name could give cyber
criminals a clue on how to thwart it"
the necessary changes.
Details follow:
Various flaws were discovered in the browser and JavaScript engine.
By tricking a user into opening a malicious web page, an attacker
could execute arbitrary code with the user's privileges.
(CVE-2008-0412, CVE-2008-0413)
Flaws were discovered in the file upload form control. A malicious
website could force arbitrary files from the user's computer to be
USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update
provides the corresponding updates for Ubuntu 9.04 and 9.10, along with
additional updates affecting Firefox 3.6.6.
Several flaws were discovered in the browser engine of Firefox. If a user
were tricked into viewing a malicious site, a remote attacker could use
this to crash the browser or possibly run arbitrary code as the user
invoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211,
CVE-2010-1212)
An integer overflow was discovered in how Firefox processed plugin
Xulrunner 1.9.2.
Original advisory details:
If was discovered that Firefox could be made to access freed memory. If a
user were tricked into viewing a malicious site, a remote attacker could
cause a denial of service or possibly execute arbitrary code with the
privileges of the user invoking the program. This issue only affected
Ubuntu 8.04 LTS. (CVE-2010-1121)
Several flaws were discovered in the browser engine of Firefox. If a
Summary
=======
A "binary planting" [1] vulnerability in Microsoft PowerPoint 2010 for
Windows allows local or remote (even Internet-based) attackers to deploy
and execute malicious code on Windows machines in the context of logged-on
users.
Product Coverage
================
Summary
=======
A "binary planting" [1] vulnerability in Microsoft Excel 2010 for Windows
allows local or remote (even Internet-based) attackers to deploy and
execute malicious code on Windows machines in the context of logged-on
users.
Product Coverage
================
Summary
=======
A "binary planting" [1] vulnerability in Microsoft Word 2010 for Windows
allows local or remote (even Internet-based) attackers to deploy and
execute malicious code on Windows machines in the context of logged-on
users.
Product Coverage
================
Summary
=======
A "binary planting" vulnerability in VMware Tools for Windows allows local
or remote (possibly Internet-based) attackers to deploy and execute
malicious code on virtual Windows machines in the context of logged-on
users.
Product Coverage
================
Analysis
========
Some URL argument in the WebLogic Server 10 Administration Console is
not properly sanitized against HTML injection, which allows the attacker
to introduce additional, malicious HTML to the server's response. The
most common type of HTML injection is injection of malicious client-side
script, commonly known as cross-site scripting.
In an actual attack the user would not be required to open URLs specified
by the attacker. Instead, a malicious web page visited by the logged-in
Instant Messaging software, AIM 6.1 (and 6.2 beta), AIM Pro and AIM Lite,
which expose workstations running the IM clients and their users to
several immediate high-risk attack vectors. To support rendering of HTML
content, the vulnerable IM clients use an embedded Internet Explorer
server control. Unfortunately they do not properly sanitize the
potentially malicious input content to be rendered and, as a result, an
attacker might provide malicious HTML content as part of an IM message to
directly exploit Internet Explorer bugs or to target IE‟s security
configuration weaknesses.
In particular this attack vector exposes workstations to:
Instant Messaging software, AIM 6.1 (and 6.2 beta), AIM Pro and AIM Lite,
which expose workstations running the IM clients and their users to
several immediate high-risk attack vectors. To support rendering of HTML
content, the vulnerable IM clients use an embedded Internet Explorer
server control. Unfortunately they do not properly sanitize the
potentially malicious input content to be rendered and, as a result, an
attacker might provide malicious HTML content as part of an IM message to
directly exploit Internet Explorer bugs or to target IE‟s security
configuration weaknesses.
In particular this attack vector exposes workstations to:
The cross-site scripting vulnerability and the SQL injection
vulnerability are triggered when a specially crafted value is entered
in the lang variable of either the admin or user logon pages. Attacks
against these vulnerabilities are conducted through the web interface
and use the http or https protocol. In the case of the cross-site
scripting vulnerability, the malicious value includes scripting code
enclosed by the <script> and </script> tags. In the case of the SQL
injection vulnerability, the value terminates the SQL call and completes
a call to the back-end database.
An attacker must be able to convince a user into following a specially
Summary
=======
A "binary planting" [1] vulnerability in Adobe Flash Player for Windows
allows local or remote (even Internet-based) attackers to deploy and
execute malicious code on Windows machines in the context of logged-on
users. Flash Player is one of the most widely installed applications in
the world.
Product Coverage
Summary
=======
A "binary planting" vulnerability in Apple iTunes for Windows allows local
or remote (even Internet-based) attackers to deploy and execute malicious
code on Windows machines in the context of logged-on users.
Product Coverage
================
Summary
=======
A "binary planting" [1] vulnerability in Windows Address Book and Windows
Contacts allows local or remote (even Internet-based) attackers to deploy
and execute malicious code on Windows machines in the context of logged-on
users.
Product Coverage
================
Summary
=======
A "binary planting" [1] vulnerability in Adobe Reader allows local or
remote (even Internet-based) attackers to deploy and execute malicious
code on Windows machines in the context of logged-on users.
Product Coverage
================
Summary
=======
A "binary planting" [1] vulnerability in Adobe Flash Player allows local
or remote (even Internet-based) attackers to deploy and execute malicious
code on Windows machines in the context of logged-on users.
Product Coverage
================
Summary
=======
A "binary planting" [1] vulnerability in Mozilla Thunderbird allows local
or remote (even Internet-based) attackers to deploy and execute malicious
code on Windows machines in the context of logged-on users.
Product Coverage
================
Summary
=======
A "binary planting" [1] vulnerability in Mozilla Firefox allows local
or remote (even Internet-based) attackers to deploy and execute malicious
code on Windows machines in the context of logged-on users.
Product Coverage
================
It should be noted that further research may shed light on how to attack the
files found under the sesn and revocation directories.
4 Impact
========
By exploiting this vulnerability a malicious, non-privileged application may
inject JavaScript code into the context of an arbitrary domain; therefore, this
vulnerability has the same implications as global XSS, albeit from an installed
application rather than another website. Furthermore, since the cache can be
read, web-pages accessed by the victim may be leaked to the attacker.
Analysis
========
Some URL argument in the WebLogic Server 10.3 Administration Console is
not properly sanitized against HTML injection, which allows the attacker
to introduce additional, malicious HTML to the server's response. The
most common type of HTML injection is injection of malicious client-side
script, commonly known as cross-site scripting.
In an actual attack the user would not be required to open URLs specified
by the attacker. Instead, a malicious web page visited by the logged-in
II. Impact
Email Notification System:
A remote attacker is able to construct a malicious email that will cause the Palm Pre WebOS to execute arbitrary HTML code if the notification system is enabled. Upon receiving a malicious email where the FROM field contains HTML code, the Palm Pre WebOS will issue a user a notification that an email has arrived and execute the HTML code of the attacker’s choice. This vulnerability does not require user interaction.
Calendar Application:
A remote attacker can create a malicious calendar event putting arbitrary HTML code inside the event/title field that can be executed without user interaction. To trigger this vulnerability, any of the following conditions can occur:
Privilege escalation
+-------------------
Vulnerabilities in this category enable unauthorized users to read
and modify device configuration. A malicious user must authenticate
as an existing user but does not need to have administrator
privileges or know administrator credentials to modify device
configuration. Both vulnerabilities can be exploited over either
transport protocol (HTTP or HTTPS).
Vulnerability Overview
- ----------------------
On March 27th, VSR identified a vulnerability in Java Web Start related
to the execution of privileged applications. This flaw could allow an
attacker to execute arbitrary code on a victim system if a user could be
convinced to visit a malicious web site.
Product Background
- ------------------
Java Web Start (JWS) applications are launched through specially
downloading a crafted .url file and a crafted HTML file, an attacker
could steal information from the user's cache. (CVE-2008-4582)
Georgi Guninski, Michal Zalewsk and Chris Evans discovered that the
same-origin check in Firefox could be bypassed. If a user were tricked
into opening a malicious website, an attacker could obtain private
information from data stored in the images, or discover information
about software on the user's computer. This issue only affects Firefox 2.
(CVE-2008-5012)
It was discovered that Firefox did not properly check if the Flash
the necessary changes.
Details follow:
Various flaws were discovered in the browser engine. By tricking
a user into opening a malicious web page, an attacker could cause
a denial of service via application crash, or possibly execute
arbitrary code with the privileges of the user invoking the
program. (CVE-2008-2798, CVE-2008-2799)
Several problems were discovered in the JavaScript engine. If a
Next Page>>
|
