Next Page >>
reported
to a privilege escalation, denial of service or information leak. The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2010-2524
David Howells reported an issue in the Common Internet File System (CIFS).
Local users could cause arbitrary CIFS shares to be mounted by introducing
malicious redirects.
CVE-2010-3875
Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to
sensitive kernel memory.
CVE-2011-0695
Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can
exploit a race condition to cause a denial of service (kernel panic).
CVE-2011-0711
Dan Rosenberg reported an issue in the XFS filesystem. Local users may
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been reported in Mozilla Firefox,
Thunderbird, SeaMonkey and XULRunner, some of which may allow
user-assisted execution of arbitrary code.
Background
==========
*Other workarounds (un-official)*
Workaround #1: Users running AIM on Microsoft Windows XP SP2 or Windows
Server 2003 SP1 may implement Microsoft's "Internet Explorer Local Machine
Zone Lockdown" recommendations to mitigate risk. This will not fix the
reported bugs but will reduce the risk of exploitation significantly.
To enable Local Machine Zone Lockdown for your AIM client, go to the
following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft \Internet
Explorer\Main\FeatureControl\FEATURE_LocalMachine_Lockdown
*Other workarounds (un-official)*
Workaround #1: Users running AIM on Microsoft Windows XP SP2 or Windows
Server 2003 SP1 may implement Microsoft's "Internet Explorer Local Machine
Zone Lockdown" recommendations to mitigate risk. This will not fix the
reported bugs but will reduce the risk of exploitation significantly.
To enable Local Machine Zone Lockdown for your AIM client, go to the
following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft \Internet
Explorer\Main\FeatureControl\FEATURE_LocalMachine_Lockdown
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been reported in Mozilla Firefox,
Thunderbird, SeaMonkey and XULRunner, some of which may allow
user-assisted execution of arbitrary code.
Background
==========
to a privilege escalation, denial of service or information leak. The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2010-0435
Gleb Napatov reported an issue in the KVM subsystem that allows virtual
machines to cause a denial of service of the host machine by executing mov
to/from DR instructions.
CVE-2010-3699
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2009-4537
Fabian Yamaguchi reported a missing check for Ethernet frames larger
than the MTU in the r8169 driver. This may allow users on the local
network to crash a system, resulting in a denial of service.
CVE-2010-0727
8.2. *Memory Corruption related to Graphic Description [MSRC case 9562]*
Core Security Technologies reported a second bug in Excel which resulted
non exploitable. In its investigation, MSRC has analyzed BIFF5++, BIFF4,
and BIFF2 file formats for exploitability of this vulnerability. MSRC
has been unable to reproduce it in such a way that an exploitable
condition occurs.
Leader, WASC Web Hacking Incidents Database Project
WHID 2007-71: Hacker uses Social Security numbers from Ohio court site
======================================================================
Reported: 22 December 2007, Occurred: 22 December 2007
Classifications:
* Attack Method: Credential/Session Prediction
* Country: USA
Leader, WASC Web Hacking Incidents Database Project
WHID 2007-71: Hacker uses Social Security numbers from Ohio court site
======================================================================
Reported: 22 December 2007, Occurred: 22 December 2007
Classifications:
* Attack Method: Credential/Session Prediction
* Country: USA
> Leader, WASC Web Hacking Incidents Database Project
>
>
> WHID 2007-71: Hacker uses Social Security numbers from Ohio court site
> ======================================================================
> Reported: 22 December 2007, Occurred: 22 December 2007
>
> Classifications:
>
> * Attack Method: Credential/Session Prediction
> * Country: USA
Leader, WASC Web Hacking Incidents Database Project
WHID 2007-71: Hacker uses Social Security numbers from Ohio court site
======================================================================
Reported: 22 December 2007, Occurred: 22 December 2007
Classifications:
* Attack Method: Credential/Session Prediction
* Country: USA
Problem Description:
Security issues were identified and fixed in firefox:
Security researcher regenrecht reported (via TippingPoint's Zero Day
Initiative) a potential reuse of a deleted image frame in Firefox 3.6's
handling of multipart/x-mixed-replace images. Although no exploit was
shown, re-use of freed memory has led to exploitable vulnerabilities
in the past (CVE-2010-0164).
Problem Description:
Security issues were identified and fixed in firefox:
Security researcher regenrecht reported (via TippingPoint's Zero Day
Initiative) a potential reuse of a deleted image frame in Firefox 3.6's
handling of multipart/x-mixed-replace images. Although no exploit was
shown, re-use of freed memory has led to exploitable vulnerabilities
in the past (CVE-2010-0164).
Vulnerabilities and Exposures project identifies the following
problems:
CVE-2008-3528
Eugene Teo reported a local DoS issue in the ext2 and ext3
filesystems. Local users who have been granted the privileges
necessary to mount a filesystem would be able to craft a corrupted
filesystem that causes the kernel to output error messages in an
infinite loop.
Vulnerabilities and Exposures project identifies the following
problems:
CVE-2008-3527
Tavis Ormandy reported a local DoS and potential privilege
escalation in the Virtual Dynamic Shared Objects (vDSO)
implementation.
CVE-2008-3528
2008/03/11 Apple Inc. acknowledges the PoCs, but has issues
reproducing some of the vulnerabilities.
2008/03/12 n.runs AG sends more reliable PoCs along with detailed
reproduction steps.
2008/03/24 Apple Inc. sends a status report regarding the
vulnerabilities reported by n.runs AG
2008/03/30 n.runs AG thanks Apple Inc. for the status update and
apologises for not being more responsive during the
CanSecWest time-frame.
2008/03/31 Apple Inc. sends a second status update and provides a
link to where the credits will appear
Problem Description:
Security issues were identified and fixed in firefox 3.0.x:
Security researcher Alin Rad Pop of Secunia Research reported a
heap-based buffer overflow in Mozilla's string to floating point
number conversion routines. Using this vulnerability an attacker
could craft some malicious JavaScript code containing a very long
string to be converted to a floating point number which would result
in improper memory allocation and the execution of an arbitrary memory
Problem Description:
Security issues were identified and fixed in firefox 3.0.x:
Security researcher Alin Rad Pop of Secunia Research reported a
heap-based buffer overflow in Mozilla's string to floating point
number conversion routines. Using this vulnerability an attacker
could craft some malicious JavaScript code containing a very long
string to be converted to a floating point number which would result
in improper memory allocation and the execution of an arbitrary memory
-------------------------------------------------------------------
Description
===========
Multiple vulnerabilities have been reported in Adobe Flash Player:
* lakehu of Tencent Security Center reported an unspecified memory
corruption vulnerability (CVE-2009-1862).
* Mike Wroe reported an unspecified vulnerability, related to
1 app-text/acroread < 8.1.6 >= 8.1.6
Description
===========
Multiple vulnerabilities have been reported in Adobe Reader:
* Alin Rad Pop of Secunia Research reported a heap-based buffer
overflow in the JBIG2 filter (CVE-2009-0198).
* Mark Dowd of the IBM Internet Security Systems X-Force and Nicolas
Problem Description:
Security issues were identified and fixed in firefox:
Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that
the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are
vulnerable to XSS attacks due to some characters being converted to
angle brackets when displayed by the rendering engine. Sites using
these character encodings would thus be potentially vulnerable to
script injection attacks if their script filtering code fails to
Problem Description:
Security issues were identified and fixed in firefox:
Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that
the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are
vulnerable to XSS attacks due to some characters being converted to
angle brackets when displayed by the rendering engine. Sites using
these character encodings would thus be potentially vulnerable to
script injection attacks if their script filtering code fails to
Problem Description:
Security issues were identified and fixed in firefox:
Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that
the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are
vulnerable to XSS attacks due to some characters being converted to
angle brackets when displayed by the rendering engine. Sites using
these character encodings would thus be potentially vulnerable to
script injection attacks if their script filtering code fails to
Problem Description:
Security issues were identified and fixed in firefox 3.5.x:
Security researcher Alin Rad Pop of Secunia Research reported a
heap-based buffer overflow in Mozilla's string to floating point
number conversion routines. Using this vulnerability an attacker
could craft some malicious JavaScript code containing a very long
string to be converted to a floating point number which would result
in improper memory allocation and the execution of an arbitrary memory
Vulnerabilities and Exposures project identifies the following
problems:
CVE-2008-4307
Bryn M. Reeves reported a denial of service in the NFS filesystem.
Local users can trigger a kernel BUG() due to a race condition in
the do_setlk function.
CVE-2008-5079
* Daniel Soeder discovered that a long codebase attribute string in a
JNLP file will overflow a stack variable when launched by Java
WebStart (CVE-2007-3655).
* Multiple vulnerabilities (CVE-2007-2435, CVE-2007-2788,
CVE-2007-2789) that were previously reported as GLSA 200705-23 and
GLSA 200706-08 also affect 1.4 and 1.6 SLOTs, which was not mentioned
in the initial revision of said GLSAs.
* The Zero Day Initiative, TippingPoint and John Heasman reported
multiple buffer overflows and unspecified vulnerabilities in Java Web
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2006-5823
LMH reported a potential local DoS which could be exploited by a malicious
user with the privileges to mount and read a corrupted cramfs filesystem.
CVE-2006-6054
LMH reported a potential local DoS which could be exploited by a malicious
to a denial of service or privilege escalation. The Common Vulnerabilities and
Exposures project identifies the following problems:
CVE-2011-2183
Andrea Righi reported an issue in KSM, a memory-saving de-duplication
feature. By exploiting a race with exiting tasks, local users can cause
a kernel oops, resulting in a denial of service.
CVE-2011-2213
Next Page>>
|
