VARIoT IoT vulnerabilities database
| VAR-201111-0262 | CVE-2011-2458 | Adobe Flash Player and Adobe AIR Vulnerable to bypass cross-domain policy |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site.
An attacker can exploit this issue to bypass certain same-origin policy restrictions, which may aid in further attacks. The product enables viewing of applications, content and video across screens and browsers.
For more information:
SA46818
2) A double free error exists in the Theora decoder.
3) Some errors in the MKV and Vorbis media handlers can be exploited
to perform an out of bounds read.
7) A use-after-free error exists within certain editing
functionality.
8) The application fails to ask for permission when running some JRE7
applets.
SOLUTION:
Update to version 15.0.874.120.
PROVIDED AND/OR DISCOVERED BY:
8) Chris Evans, Google Chrome Security Team.
The vendor also credits:
2, 3, 5) Aki Helin, OUSPG.
4) Andrew Scherkus, Chromium development community.
6) Ken \x93strcpy\x94 Russell, Chromium development community.
7) pa_kt via ZDI. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201204-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Adobe Flash Player: Multiple vulnerabilities
Date: April 17, 2012
Bugs: #390149, #404101, #407023, #410005
ID: 201204-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities in Adobe Flash Player, the worst of which
might allow remote attackers to execute arbitrary code.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could entice a user to open a specially crafted SWF
file, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.228"
References
==========
[ 1 ] CVE-2011-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2445
[ 2 ] CVE-2011-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2450
[ 3 ] CVE-2011-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2451
[ 4 ] CVE-2011-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2452
[ 5 ] CVE-2011-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2453
[ 6 ] CVE-2011-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2454
[ 7 ] CVE-2011-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2455
[ 8 ] CVE-2011-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2456
[ 9 ] CVE-2011-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2457
[ 10 ] CVE-2011-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2458
[ 11 ] CVE-2011-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2459
[ 12 ] CVE-2011-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2460
[ 13 ] CVE-2012-0752
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0752
[ 14 ] CVE-2012-0753
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0753
[ 15 ] CVE-2012-0754
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0754
[ 16 ] CVE-2012-0755
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0755
[ 17 ] CVE-2012-0756
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0756
[ 18 ] CVE-2012-0767
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0767
[ 19 ] CVE-2012-0768
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0768
[ 20 ] CVE-2012-0769
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0769
[ 21 ] CVE-2012-0773
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0773
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201204-07.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
SC World Congress, New York, USA, 16 November 2011
Visit the Secunia booth (#203) and discover how you can improve your handling of third party programs:
http://secunia.com/resources/events/sc_2011/
----------------------------------------------------------------------
TITLE:
Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46818
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46818/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46818
RELEASE DATE:
2011-11-11
DISCUSS ADVISORY:
http://secunia.com/advisories/46818/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46818/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46818
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Adobe Flash Player,
which can be exploited by malicious people to bypass certain security
restrictions and compromise a user's system.
1) An unspecified error can be exploited to corrupt memory.
2) An unspecified error can be exploited to cause a heap-based buffer
overflow.
3) An unspecified error can be exploited to corrupt memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to corrupt memory.
7) An unspecified error can be exploited to corrupt memory.
8) An unspecified error can be exploited to cause a buffer overflow.
9) An unspecified error can be exploited to cause a stack-based
buffer overflow.
10) An unspecified error can be exploited to bypass the cross-domain
policy.
Note: This vulnerability affects users running Internet Explorer
only.
11) An unspecified error can be exploited to corrupt memory.
12) An unspecified error can be exploited to corrupt memory.
Successful exploitation of vulnerabilities #1 through #9, #11, and
#12 may allow execution of arbitrary code.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
1) Ivan Golenkov and Alexander Gostev, Kaspersky Lab
2-6, 9, 12) Tavis Ormandy, Google Security Team
7) Bo Qu, Palo Alto Networks
8) Ben Hawkes, Google Security Team
10) lakehu, Tencent Security Center
11) anonymous via iDefense Labs
ORIGINAL ADVISORY:
http://www.adobe.com/support/security/bulletins/apsb11-28.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. This fixes multiple
vulnerabilities, which can be exploited by malicious people to
conduct cross-site scripting attacks, gain knowledge of potentially
sensitive information, bypass certain security restrictions, and
compromise a user's system
| VAR-201111-0259 | CVE-2011-2455 | Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2459, and CVE-2011-2460. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2011:1445-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1445.html
Issue date: 2011-11-11
CVE Names: CVE-2011-2445 CVE-2011-2450 CVE-2011-2451
CVE-2011-2452 CVE-2011-2453 CVE-2011-2454
CVE-2011-2455 CVE-2011-2456 CVE-2011-2457
CVE-2011-2459 CVE-2011-2460
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed on the Adobe security page APSB11-28, listed
in the References section.
Multiple security flaws were found in the way flash-plugin displayed
certain SWF content. An attacker could use these flaws to create a
specially-crafted SWF file that would cause flash-plugin to crash or,
potentially, execute arbitrary code when the victim loaded a page
containing the specially-crafted SWF content.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
752983 - flash-plugin: mulitple code execution flaws (APSB11-28)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-10.3.183.11-1.el5.i386.rpm
x86_64:
flash-plugin-10.3.183.11-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-10.3.183.11-1.el5.i386.rpm
x86_64:
flash-plugin-10.3.183.11-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-10.3.183.11-1.el6.i686.rpm
x86_64:
flash-plugin-10.3.183.11-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-10.3.183.11-1.el6.i686.rpm
x86_64:
flash-plugin-10.3.183.11-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-10.3.183.11-1.el6.i686.rpm
x86_64:
flash-plugin-10.3.183.11-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-2445.html
https://www.redhat.com/security/data/cve/CVE-2011-2450.html
https://www.redhat.com/security/data/cve/CVE-2011-2451.html
https://www.redhat.com/security/data/cve/CVE-2011-2452.html
https://www.redhat.com/security/data/cve/CVE-2011-2453.html
https://www.redhat.com/security/data/cve/CVE-2011-2454.html
https://www.redhat.com/security/data/cve/CVE-2011-2455.html
https://www.redhat.com/security/data/cve/CVE-2011-2456.html
https://www.redhat.com/security/data/cve/CVE-2011-2457.html
https://www.redhat.com/security/data/cve/CVE-2011-2459.html
https://www.redhat.com/security/data/cve/CVE-2011-2460.html
https://access.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb11-28.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOvQ7YXlSAg2UNWIIRAnjKAJ9IBGUxIPb3wKrfMJ+365x1fi4VCgCfRQ3T
zthsykex3oM7jAzeyW7KUa0=
=VH9O
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
For more information:
SA46818
2) A double free error exists in the Theora decoder.
3) Some errors in the MKV and Vorbis media handlers can be exploited
to perform an out of bounds read.
7) A use-after-free error exists within certain editing
functionality.
8) The application fails to ask for permission when running some JRE7
applets.
SOLUTION:
Update to version 15.0.874.120.
PROVIDED AND/OR DISCOVERED BY:
8) Chris Evans, Google Chrome Security Team.
The vendor also credits:
2, 3, 5) Aki Helin, OUSPG.
4) Andrew Scherkus, Chromium development community.
6) Ken \x93strcpy\x94 Russell, Chromium development community.
7) pa_kt via ZDI.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Furthermore, a remote attacker may be able to bypass intended access
restrictions, bypass cross-domain policy, inject arbitrary web script,
or obtain sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.228"
References
==========
[ 1 ] CVE-2011-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2445
[ 2 ] CVE-2011-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2450
[ 3 ] CVE-2011-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2451
[ 4 ] CVE-2011-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2452
[ 5 ] CVE-2011-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2453
[ 6 ] CVE-2011-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2454
[ 7 ] CVE-2011-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2455
[ 8 ] CVE-2011-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2456
[ 9 ] CVE-2011-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2457
[ 10 ] CVE-2011-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2458
[ 11 ] CVE-2011-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2459
[ 12 ] CVE-2011-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2460
[ 13 ] CVE-2012-0752
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0752
[ 14 ] CVE-2012-0753
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0753
[ 15 ] CVE-2012-0754
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0754
[ 16 ] CVE-2012-0755
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0755
[ 17 ] CVE-2012-0756
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0756
[ 18 ] CVE-2012-0767
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0767
[ 19 ] CVE-2012-0768
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0768
[ 20 ] CVE-2012-0769
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0769
[ 21 ] CVE-2012-0773
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0773
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201204-07.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
SC World Congress, New York, USA, 16 November 2011
Visit the Secunia booth (#203) and discover how you can improve your handling of third party programs:
http://secunia.com/resources/events/sc_2011/
----------------------------------------------------------------------
TITLE:
Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46818
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46818/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46818
RELEASE DATE:
2011-11-11
DISCUSS ADVISORY:
http://secunia.com/advisories/46818/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46818/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46818
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Adobe Flash Player,
which can be exploited by malicious people to bypass certain security
restrictions and compromise a user's system.
1) An unspecified error can be exploited to corrupt memory.
2) An unspecified error can be exploited to cause a heap-based buffer
overflow.
3) An unspecified error can be exploited to corrupt memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to corrupt memory.
7) An unspecified error can be exploited to corrupt memory.
8) An unspecified error can be exploited to cause a buffer overflow.
9) An unspecified error can be exploited to cause a stack-based
buffer overflow.
10) An unspecified error can be exploited to bypass the cross-domain
policy.
Note: This vulnerability affects users running Internet Explorer
only.
11) An unspecified error can be exploited to corrupt memory.
12) An unspecified error can be exploited to corrupt memory.
Successful exploitation of vulnerabilities #1 through #9, #11, and
#12 may allow execution of arbitrary code.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
1) Ivan Golenkov and Alexander Gostev, Kaspersky Lab
2-6, 9, 12) Tavis Ormandy, Google Security Team
7) Bo Qu, Palo Alto Networks
8) Ben Hawkes, Google Security Team
10) lakehu, Tencent Security Center
11) anonymous via iDefense Labs
ORIGINAL ADVISORY:
http://www.adobe.com/support/security/bulletins/apsb11-28.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. This fixes multiple
vulnerabilities, which can be exploited by malicious people to
conduct cross-site scripting attacks, gain knowledge of potentially
sensitive information, bypass certain security restrictions, and
compromise a user's system
| VAR-201111-0264 | CVE-2011-2460 | Adobe Flash Player and Adobe AIR Service disruption in (DoS) Vulnerabilities |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2459. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2011:1445-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1445.html
Issue date: 2011-11-11
CVE Names: CVE-2011-2445 CVE-2011-2450 CVE-2011-2451
CVE-2011-2452 CVE-2011-2453 CVE-2011-2454
CVE-2011-2455 CVE-2011-2456 CVE-2011-2457
CVE-2011-2459 CVE-2011-2460
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed on the Adobe security page APSB11-28, listed
in the References section.
Multiple security flaws were found in the way flash-plugin displayed
certain SWF content. An attacker could use these flaws to create a
specially-crafted SWF file that would cause flash-plugin to crash or,
potentially, execute arbitrary code when the victim loaded a page
containing the specially-crafted SWF content.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
752983 - flash-plugin: mulitple code execution flaws (APSB11-28)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-10.3.183.11-1.el5.i386.rpm
x86_64:
flash-plugin-10.3.183.11-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-10.3.183.11-1.el5.i386.rpm
x86_64:
flash-plugin-10.3.183.11-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-10.3.183.11-1.el6.i686.rpm
x86_64:
flash-plugin-10.3.183.11-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-10.3.183.11-1.el6.i686.rpm
x86_64:
flash-plugin-10.3.183.11-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-10.3.183.11-1.el6.i686.rpm
x86_64:
flash-plugin-10.3.183.11-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-2445.html
https://www.redhat.com/security/data/cve/CVE-2011-2450.html
https://www.redhat.com/security/data/cve/CVE-2011-2451.html
https://www.redhat.com/security/data/cve/CVE-2011-2452.html
https://www.redhat.com/security/data/cve/CVE-2011-2453.html
https://www.redhat.com/security/data/cve/CVE-2011-2454.html
https://www.redhat.com/security/data/cve/CVE-2011-2455.html
https://www.redhat.com/security/data/cve/CVE-2011-2456.html
https://www.redhat.com/security/data/cve/CVE-2011-2457.html
https://www.redhat.com/security/data/cve/CVE-2011-2459.html
https://www.redhat.com/security/data/cve/CVE-2011-2460.html
https://access.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb11-28.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOvQ7YXlSAg2UNWIIRAnjKAJ9IBGUxIPb3wKrfMJ+365x1fi4VCgCfRQ3T
zthsykex3oM7jAzeyW7KUa0=
=VH9O
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
For more information:
SA46818
2) A double free error exists in the Theora decoder.
3) Some errors in the MKV and Vorbis media handlers can be exploited
to perform an out of bounds read.
7) A use-after-free error exists within certain editing
functionality.
8) The application fails to ask for permission when running some JRE7
applets.
SOLUTION:
Update to version 15.0.874.120.
PROVIDED AND/OR DISCOVERED BY:
8) Chris Evans, Google Chrome Security Team.
The vendor also credits:
2, 3, 5) Aki Helin, OUSPG.
4) Andrew Scherkus, Chromium development community.
6) Ken \x93strcpy\x94 Russell, Chromium development community.
7) pa_kt via ZDI.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Furthermore, a remote attacker may be able to bypass intended access
restrictions, bypass cross-domain policy, inject arbitrary web script,
or obtain sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.228"
References
==========
[ 1 ] CVE-2011-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2445
[ 2 ] CVE-2011-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2450
[ 3 ] CVE-2011-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2451
[ 4 ] CVE-2011-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2452
[ 5 ] CVE-2011-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2453
[ 6 ] CVE-2011-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2454
[ 7 ] CVE-2011-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2455
[ 8 ] CVE-2011-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2456
[ 9 ] CVE-2011-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2457
[ 10 ] CVE-2011-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2458
[ 11 ] CVE-2011-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2459
[ 12 ] CVE-2011-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2460
[ 13 ] CVE-2012-0752
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0752
[ 14 ] CVE-2012-0753
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0753
[ 15 ] CVE-2012-0754
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0754
[ 16 ] CVE-2012-0755
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0755
[ 17 ] CVE-2012-0756
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0756
[ 18 ] CVE-2012-0767
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0767
[ 19 ] CVE-2012-0768
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0768
[ 20 ] CVE-2012-0769
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0769
[ 21 ] CVE-2012-0773
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0773
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201204-07.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
SC World Congress, New York, USA, 16 November 2011
Visit the Secunia booth (#203) and discover how you can improve your handling of third party programs:
http://secunia.com/resources/events/sc_2011/
----------------------------------------------------------------------
TITLE:
Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46818
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46818/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46818
RELEASE DATE:
2011-11-11
DISCUSS ADVISORY:
http://secunia.com/advisories/46818/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46818/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46818
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Adobe Flash Player,
which can be exploited by malicious people to bypass certain security
restrictions and compromise a user's system.
1) An unspecified error can be exploited to corrupt memory.
2) An unspecified error can be exploited to cause a heap-based buffer
overflow.
3) An unspecified error can be exploited to corrupt memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to corrupt memory.
7) An unspecified error can be exploited to corrupt memory.
8) An unspecified error can be exploited to cause a buffer overflow.
9) An unspecified error can be exploited to cause a stack-based
buffer overflow.
10) An unspecified error can be exploited to bypass the cross-domain
policy.
Note: This vulnerability affects users running Internet Explorer
only.
11) An unspecified error can be exploited to corrupt memory.
12) An unspecified error can be exploited to corrupt memory.
Successful exploitation of vulnerabilities #1 through #9, #11, and
#12 may allow execution of arbitrary code.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
1) Ivan Golenkov and Alexander Gostev, Kaspersky Lab
2-6, 9, 12) Tavis Ormandy, Google Security Team
7) Bo Qu, Palo Alto Networks
8) Ben Hawkes, Google Security Team
10) lakehu, Tencent Security Center
11) anonymous via iDefense Labs
ORIGINAL ADVISORY:
http://www.adobe.com/support/security/bulletins/apsb11-28.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. This fixes multiple
vulnerabilities, which can be exploited by malicious people to
conduct cross-site scripting attacks, gain knowledge of potentially
sensitive information, bypass certain security restrictions, and
compromise a user's system
| VAR-201111-0256 | CVE-2011-2452 | Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2011:1445-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1445.html
Issue date: 2011-11-11
CVE Names: CVE-2011-2445 CVE-2011-2450 CVE-2011-2451
CVE-2011-2452 CVE-2011-2453 CVE-2011-2454
CVE-2011-2455 CVE-2011-2456 CVE-2011-2457
CVE-2011-2459 CVE-2011-2460
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed on the Adobe security page APSB11-28, listed
in the References section.
Multiple security flaws were found in the way flash-plugin displayed
certain SWF content. An attacker could use these flaws to create a
specially-crafted SWF file that would cause flash-plugin to crash or,
potentially, execute arbitrary code when the victim loaded a page
containing the specially-crafted SWF content.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
752983 - flash-plugin: mulitple code execution flaws (APSB11-28)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-10.3.183.11-1.el5.i386.rpm
x86_64:
flash-plugin-10.3.183.11-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-10.3.183.11-1.el5.i386.rpm
x86_64:
flash-plugin-10.3.183.11-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-10.3.183.11-1.el6.i686.rpm
x86_64:
flash-plugin-10.3.183.11-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-10.3.183.11-1.el6.i686.rpm
x86_64:
flash-plugin-10.3.183.11-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-10.3.183.11-1.el6.i686.rpm
x86_64:
flash-plugin-10.3.183.11-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-2445.html
https://www.redhat.com/security/data/cve/CVE-2011-2450.html
https://www.redhat.com/security/data/cve/CVE-2011-2451.html
https://www.redhat.com/security/data/cve/CVE-2011-2452.html
https://www.redhat.com/security/data/cve/CVE-2011-2453.html
https://www.redhat.com/security/data/cve/CVE-2011-2454.html
https://www.redhat.com/security/data/cve/CVE-2011-2455.html
https://www.redhat.com/security/data/cve/CVE-2011-2456.html
https://www.redhat.com/security/data/cve/CVE-2011-2457.html
https://www.redhat.com/security/data/cve/CVE-2011-2459.html
https://www.redhat.com/security/data/cve/CVE-2011-2460.html
https://access.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb11-28.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOvQ7YXlSAg2UNWIIRAnjKAJ9IBGUxIPb3wKrfMJ+365x1fi4VCgCfRQ3T
zthsykex3oM7jAzeyW7KUa0=
=VH9O
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
For more information:
SA46818
2) A double free error exists in the Theora decoder.
3) Some errors in the MKV and Vorbis media handlers can be exploited
to perform an out of bounds read.
7) A use-after-free error exists within certain editing
functionality.
8) The application fails to ask for permission when running some JRE7
applets.
SOLUTION:
Update to version 15.0.874.120.
PROVIDED AND/OR DISCOVERED BY:
8) Chris Evans, Google Chrome Security Team.
The vendor also credits:
2, 3, 5) Aki Helin, OUSPG.
4) Andrew Scherkus, Chromium development community.
6) Ken \x93strcpy\x94 Russell, Chromium development community.
7) pa_kt via ZDI.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Furthermore, a remote attacker may be able to bypass intended access
restrictions, bypass cross-domain policy, inject arbitrary web script,
or obtain sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.228"
References
==========
[ 1 ] CVE-2011-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2445
[ 2 ] CVE-2011-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2450
[ 3 ] CVE-2011-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2451
[ 4 ] CVE-2011-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2452
[ 5 ] CVE-2011-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2453
[ 6 ] CVE-2011-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2454
[ 7 ] CVE-2011-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2455
[ 8 ] CVE-2011-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2456
[ 9 ] CVE-2011-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2457
[ 10 ] CVE-2011-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2458
[ 11 ] CVE-2011-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2459
[ 12 ] CVE-2011-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2460
[ 13 ] CVE-2012-0752
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0752
[ 14 ] CVE-2012-0753
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0753
[ 15 ] CVE-2012-0754
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0754
[ 16 ] CVE-2012-0755
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0755
[ 17 ] CVE-2012-0756
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0756
[ 18 ] CVE-2012-0767
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0767
[ 19 ] CVE-2012-0768
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0768
[ 20 ] CVE-2012-0769
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0769
[ 21 ] CVE-2012-0773
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0773
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201204-07.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
SC World Congress, New York, USA, 16 November 2011
Visit the Secunia booth (#203) and discover how you can improve your handling of third party programs:
http://secunia.com/resources/events/sc_2011/
----------------------------------------------------------------------
TITLE:
Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46818
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46818/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46818
RELEASE DATE:
2011-11-11
DISCUSS ADVISORY:
http://secunia.com/advisories/46818/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46818/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46818
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Adobe Flash Player,
which can be exploited by malicious people to bypass certain security
restrictions and compromise a user's system.
1) An unspecified error can be exploited to corrupt memory.
2) An unspecified error can be exploited to cause a heap-based buffer
overflow.
3) An unspecified error can be exploited to corrupt memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to corrupt memory.
7) An unspecified error can be exploited to corrupt memory.
8) An unspecified error can be exploited to cause a buffer overflow.
9) An unspecified error can be exploited to cause a stack-based
buffer overflow.
10) An unspecified error can be exploited to bypass the cross-domain
policy.
Note: This vulnerability affects users running Internet Explorer
only.
11) An unspecified error can be exploited to corrupt memory.
12) An unspecified error can be exploited to corrupt memory.
Successful exploitation of vulnerabilities #1 through #9, #11, and
#12 may allow execution of arbitrary code.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
1) Ivan Golenkov and Alexander Gostev, Kaspersky Lab
2-6, 9, 12) Tavis Ormandy, Google Security Team
7) Bo Qu, Palo Alto Networks
8) Ben Hawkes, Google Security Team
10) lakehu, Tencent Security Center
11) anonymous via iDefense Labs
ORIGINAL ADVISORY:
http://www.adobe.com/support/security/bulletins/apsb11-28.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. This fixes multiple
vulnerabilities, which can be exploited by malicious people to
conduct cross-site scripting attacks, gain knowledge of potentially
sensitive information, bypass certain security restrictions, and
compromise a user's system
| VAR-201111-0258 | CVE-2011-2454 | Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2011:1445-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1445.html
Issue date: 2011-11-11
CVE Names: CVE-2011-2445 CVE-2011-2450 CVE-2011-2451
CVE-2011-2452 CVE-2011-2453 CVE-2011-2454
CVE-2011-2455 CVE-2011-2456 CVE-2011-2457
CVE-2011-2459 CVE-2011-2460
=====================================================================
1. Summary:
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
3. Description:
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in. These
vulnerabilities are detailed on the Adobe security page APSB11-28, listed
in the References section.
Multiple security flaws were found in the way flash-plugin displayed
certain SWF content. An attacker could use these flaws to create a
specially-crafted SWF file that would cause flash-plugin to crash or,
potentially, execute arbitrary code when the victim loaded a page
containing the specially-crafted SWF content.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
752983 - flash-plugin: mulitple code execution flaws (APSB11-28)
6. Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386:
flash-plugin-10.3.183.11-1.el5.i386.rpm
x86_64:
flash-plugin-10.3.183.11-1.el5.i386.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386:
flash-plugin-10.3.183.11-1.el5.i386.rpm
x86_64:
flash-plugin-10.3.183.11-1.el5.i386.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386:
flash-plugin-10.3.183.11-1.el6.i686.rpm
x86_64:
flash-plugin-10.3.183.11-1.el6.i686.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386:
flash-plugin-10.3.183.11-1.el6.i686.rpm
x86_64:
flash-plugin-10.3.183.11-1.el6.i686.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386:
flash-plugin-10.3.183.11-1.el6.i686.rpm
x86_64:
flash-plugin-10.3.183.11-1.el6.i686.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-2445.html
https://www.redhat.com/security/data/cve/CVE-2011-2450.html
https://www.redhat.com/security/data/cve/CVE-2011-2451.html
https://www.redhat.com/security/data/cve/CVE-2011-2452.html
https://www.redhat.com/security/data/cve/CVE-2011-2453.html
https://www.redhat.com/security/data/cve/CVE-2011-2454.html
https://www.redhat.com/security/data/cve/CVE-2011-2455.html
https://www.redhat.com/security/data/cve/CVE-2011-2456.html
https://www.redhat.com/security/data/cve/CVE-2011-2457.html
https://www.redhat.com/security/data/cve/CVE-2011-2459.html
https://www.redhat.com/security/data/cve/CVE-2011-2460.html
https://access.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb11-28.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFOvQ7YXlSAg2UNWIIRAnjKAJ9IBGUxIPb3wKrfMJ+365x1fi4VCgCfRQ3T
zthsykex3oM7jAzeyW7KUa0=
=VH9O
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
.
For more information:
SA46818
2) A double free error exists in the Theora decoder.
3) Some errors in the MKV and Vorbis media handlers can be exploited
to perform an out of bounds read.
7) A use-after-free error exists within certain editing
functionality.
8) The application fails to ask for permission when running some JRE7
applets.
SOLUTION:
Update to version 15.0.874.120.
PROVIDED AND/OR DISCOVERED BY:
8) Chris Evans, Google Chrome Security Team.
The vendor also credits:
2, 3, 5) Aki Helin, OUSPG.
4) Andrew Scherkus, Chromium development community.
6) Ken \x93strcpy\x94 Russell, Chromium development community.
7) pa_kt via ZDI.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Furthermore, a remote attacker may be able to bypass intended access
restrictions, bypass cross-domain policy, inject arbitrary web script,
or obtain sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.228"
References
==========
[ 1 ] CVE-2011-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2445
[ 2 ] CVE-2011-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2450
[ 3 ] CVE-2011-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2451
[ 4 ] CVE-2011-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2452
[ 5 ] CVE-2011-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2453
[ 6 ] CVE-2011-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2454
[ 7 ] CVE-2011-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2455
[ 8 ] CVE-2011-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2456
[ 9 ] CVE-2011-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2457
[ 10 ] CVE-2011-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2458
[ 11 ] CVE-2011-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2459
[ 12 ] CVE-2011-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2460
[ 13 ] CVE-2012-0752
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0752
[ 14 ] CVE-2012-0753
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0753
[ 15 ] CVE-2012-0754
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0754
[ 16 ] CVE-2012-0755
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0755
[ 17 ] CVE-2012-0756
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0756
[ 18 ] CVE-2012-0767
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0767
[ 19 ] CVE-2012-0768
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0768
[ 20 ] CVE-2012-0769
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0769
[ 21 ] CVE-2012-0773
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0773
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201204-07.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
SC World Congress, New York, USA, 16 November 2011
Visit the Secunia booth (#203) and discover how you can improve your handling of third party programs:
http://secunia.com/resources/events/sc_2011/
----------------------------------------------------------------------
TITLE:
Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46818
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46818/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46818
RELEASE DATE:
2011-11-11
DISCUSS ADVISORY:
http://secunia.com/advisories/46818/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46818/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46818
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Adobe Flash Player,
which can be exploited by malicious people to bypass certain security
restrictions and compromise a user's system.
1) An unspecified error can be exploited to corrupt memory.
2) An unspecified error can be exploited to cause a heap-based buffer
overflow.
3) An unspecified error can be exploited to corrupt memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to corrupt memory.
7) An unspecified error can be exploited to corrupt memory.
8) An unspecified error can be exploited to cause a buffer overflow.
9) An unspecified error can be exploited to cause a stack-based
buffer overflow.
10) An unspecified error can be exploited to bypass the cross-domain
policy.
Note: This vulnerability affects users running Internet Explorer
only.
11) An unspecified error can be exploited to corrupt memory.
12) An unspecified error can be exploited to corrupt memory.
Successful exploitation of vulnerabilities #1 through #9, #11, and
#12 may allow execution of arbitrary code.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
1) Ivan Golenkov and Alexander Gostev, Kaspersky Lab
2-6, 9, 12) Tavis Ormandy, Google Security Team
7) Bo Qu, Palo Alto Networks
8) Ben Hawkes, Google Security Team
10) lakehu, Tencent Security Center
11) anonymous via iDefense Labs
ORIGINAL ADVISORY:
http://www.adobe.com/support/security/bulletins/apsb11-28.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. This fixes multiple
vulnerabilities, which can be exploited by malicious people to
conduct cross-site scripting attacks, gain knowledge of potentially
sensitive information, bypass certain security restrictions, and
compromise a user's system
| VAR-201111-0229 | CVE-2011-4048 | Dell KACE K2000 Appliance database administration account allows arbitrary command execution |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials. Dell Provided by KACE K2000 System Deployment Appliance Contains an information disclosure vulnerability. KACE K2000 System Deployment Appliance Contains a lack of permissions for this account and an information disclosure vulnerability exists. Note that this vulnerability is affected only when the database function is configured to allow remote access. This setting is disabled by default, JVNVU#135606 This setting may be enabled by using vulnerabilities such as.A remote third party may obtain the username and password hash of the product. Other attacks may also be possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Dell KACE K2000 System Deployment Appliance Security Bypass and
Cross-Site Scripting
SECUNIA ADVISORY ID:
SA46796
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46796/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46796
RELEASE DATE:
2011-11-09
DISCUSS ADVISORY:
http://secunia.com/advisories/46796/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46796/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46796
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A security issue and some vulnerabilities have been reported in Dell
KACE K2000 System Deployment Appliance, which can be exploited by
malicious people to bypass certain security restrictions and conduct
cross-site scripting attacks.
2) Certain unspecified input is not properly sanitised before being
returned to the user.
SOLUTION:
Restrict access to trusted hosts only. Filter malicious characters
and character sequences using a proxy.
PROVIDED AND/OR DISCOVERED BY:
US-CERT credits Tenable Network Security.
ORIGINAL ADVISORY:
KACE:
http://www.kace.com/support/kb/index.php?action=artikel&id=1120
US-CERT (VU#135606, VU#193529):
http://www.kb.cert.org/vuls/id/135606
http://www.kb.cert.org/vuls/id/193529
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201111-0227 | CVE-2011-4046 | Dell KACE K2000 Appliance database administration account allows arbitrary command execution |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code. Dell Provided by KACE K2000 System Deployment Appliance Contains a vulnerability that allows unauthorized login. Dell Provided by KACE K2000 System Deployment Appliance Has a fixed password administrator account that is invisible to the user, and there is a vulnerability that allows unauthorized login with administrator privileges. This account cannot be removed from the product web management interface.It may be accessed with administrator privileges by a remote third party. Other attacks may also be possible. Malicious actors could exploit these vulnerabilities to bypass certain security restrictions and perform cross-site scripting attacks. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Dell KACE K2000 System Deployment Appliance Security Bypass and
Cross-Site Scripting
SECUNIA ADVISORY ID:
SA46796
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46796/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46796
RELEASE DATE:
2011-11-09
DISCUSS ADVISORY:
http://secunia.com/advisories/46796/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46796/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46796
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A security issue and some vulnerabilities have been reported in Dell
KACE K2000 System Deployment Appliance, which can be exploited by
malicious people to bypass certain security restrictions and conduct
cross-site scripting attacks.
2) Certain unspecified input is not properly sanitised before being
returned to the user.
SOLUTION:
Restrict access to trusted hosts only. Filter malicious characters
and character sequences using a proxy.
PROVIDED AND/OR DISCOVERED BY:
US-CERT credits Tenable Network Security.
ORIGINAL ADVISORY:
KACE:
http://www.kace.com/support/kb/index.php?action=artikel&id=1120
US-CERT (VU#135606, VU#193529):
http://www.kb.cert.org/vuls/id/135606
http://www.kb.cert.org/vuls/id/193529
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201111-0228 | CVE-2011-4047 | Dell KACE K2000 Appliance database administration account allows arbitrary command execution |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access. Dell Provided by KACE K2000 System Deployment Appliance Contains a command injection vulnerability. Dell Provided by KACE K2000 System Deployment Appliance In the database function of, there is an administrator account that can log in with a known user name and a password that can be identified, and there is a command injection vulnerability. Note that this vulnerability is affected only when the database function is configured to allow remote access. This setting is disabled by default, JVNVU#135606 This setting may be enabled by using vulnerabilities such as.By a remote third party, root An arbitrary program may be executed with authority. Other attacks may also be possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Dell KACE K2000 System Deployment Appliance Security Bypass and
Cross-Site Scripting
SECUNIA ADVISORY ID:
SA46796
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46796/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46796
RELEASE DATE:
2011-11-09
DISCUSS ADVISORY:
http://secunia.com/advisories/46796/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46796/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46796
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A security issue and some vulnerabilities have been reported in Dell
KACE K2000 System Deployment Appliance, which can be exploited by
malicious people to bypass certain security restrictions and conduct
cross-site scripting attacks.
2) Certain unspecified input is not properly sanitised before being
returned to the user.
SOLUTION:
Restrict access to trusted hosts only. Filter malicious characters
and character sequences using a proxy.
PROVIDED AND/OR DISCOVERED BY:
US-CERT credits Tenable Network Security.
ORIGINAL ADVISORY:
KACE:
http://www.kace.com/support/kb/index.php?action=artikel&id=1120
US-CERT (VU#135606, VU#193529):
http://www.kb.cert.org/vuls/id/135606
http://www.kb.cert.org/vuls/id/193529
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201111-0185 | CVE-2011-4436 | Dell KACE K2000 Appliance contains multiple reflected cross-site scripting vulnerabilities |
CVSS V2: 3.5 CVSS V3: - Severity: LOW |
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Dell Provided by KACE K2000 System Deployment Appliance Contains a cross-site scripting vulnerability. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Dell KACE K2000 System Deployment Appliance Security Bypass and
Cross-Site Scripting
SECUNIA ADVISORY ID:
SA46796
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46796/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46796
RELEASE DATE:
2011-11-09
DISCUSS ADVISORY:
http://secunia.com/advisories/46796/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46796/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46796
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A security issue and some vulnerabilities have been reported in Dell
KACE K2000 System Deployment Appliance, which can be exploited by
malicious people to bypass certain security restrictions and conduct
cross-site scripting attacks.
2) Certain unspecified input is not properly sanitised before being
returned to the user. This can be exploited to execute arbitrary HTML
and script code in a user's browser session in context of an affected
site.
SOLUTION:
Restrict access to trusted hosts only. Filter malicious characters
and character sequences using a proxy.
PROVIDED AND/OR DISCOVERED BY:
US-CERT credits Tenable Network Security.
ORIGINAL ADVISORY:
KACE:
http://www.kace.com/support/kb/index.php?action=artikel&id=1120
US-CERT (VU#135606, VU#193529):
http://www.kb.cert.org/vuls/id/135606
http://www.kb.cert.org/vuls/id/193529
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201111-0122 | CVE-2011-3653 | Mozilla Firefox and Thunderbird Vulnerabilities that bypass the same origin policy |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Mozilla Firefox before 8.0 and Thunderbird before 8.0 on Mac OS X do not properly interact with the GPU memory behavior of a certain driver for Intel integrated GPUs, which allows remote attackers to bypass the Same Origin Policy and read image data via vectors related to WebGL textures. Mozilla Firefox and Thunderbird are prone to an information-disclosure vulnerability.
Attackers can exploit this issue to obtain potentially sensitive information.
These issues are fixed in:
Firefox 8.0
Thunderbird 8.0. An information disclosure vulnerability exists in Mozilla Firefox versions prior to 8.0 and Thunderbird versions prior to 8.0 based on the Mac OS X platform. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Mozilla Firefox / Thunderbird Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46773
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46773/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46773
RELEASE DATE:
2011-11-09
DISCUSS ADVISORY:
http://secunia.com/advisories/46773/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46773/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46773
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Mozilla Firefox and
Thunderbird, which can be exploited by malicious people to disclose
potentially sensitive information, conduct cross-site scripting
attacks, bypass certain security restrictions, and potentially
compromise a user's system.
1) An error when parsing invalid sequences in the Shift-JIS encoding
can be exploited to disclose potentially sensitive information and
conduct cross-site scripting attacks.
2) Some unspecified errors can be exploited to corrupt memory.
3) An error due to an unchecked allocation failure can be exploited
to corrupt memory.
4) An error when a SVG <mpath> tag links to a non-SVG element can be
exploited to corrupt memory.
5) An error when using Firebug to profile a JavaScript file with many
functions can be exploited to corrupt memory.
Successful exploitation of vulnerabilities #2 through #5 may allow
execution of arbitrary code.
6) An error within Windows D2D hardware acceleration can be exploited
to bypass the same-origin policy and read data from a different
domain.
This is related to vulnerability #7 in:
SA45581
7) An error within WebGL can be exploited to disclose random image
data from the GPU memory.
8) An error within an internal privilege check due to not respecting
the NoWaiverWrappers restrictions can be exploited to grant escalated
privileges to certain web content.
Successful exploitation of this vulnerability may allow execution of
arbitrary code.
SOLUTION:
Upgrade to version 8.0.
PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
1) Yosuke Hasegawa
2) Jason Orendorff, Boris Zbarsky, Gregg Tavares, Mats Palmgren,
Christian Holler, Jesse Ruderman, Simona Marcu, Bob Clary, and
William McCloskey
3) Rho
4) Aki Helin
5) Marc Schoenefeld
6) Bas Schouten
7) Claus Wahlers
8) moz_bug_r_a4
ORIGINAL ADVISORY:
http://www.mozilla.org/security/announce/2011/mfsa2011-47.html
http://www.mozilla.org/security/announce/2011/mfsa2011-48.html
http://www.mozilla.org/security/announce/2011/mfsa2011-49.html
http://www.mozilla.org/security/announce/2011/mfsa2011-50.html
http://www.mozilla.org/security/announce/2011/mfsa2011-51.html
http://www.mozilla.org/security/announce/2011/mfsa2011-52.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201301-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: Mozilla Products: Multiple vulnerabilities
Date: January 08, 2013
Bugs: #180159, #181361, #207261, #238535, #246602, #251322,
#255221, #255234, #255687, #257577, #260062, #261386,
#262704, #267234, #273918, #277752, #280226, #280234,
#280393, #282549, #284439, #286721, #290892, #292034,
#297532, #305689, #307045, #311021, #312361, #312645,
#312651, #312675, #312679, #312763, #313003, #324735,
#326341, #329279, #336396, #341821, #342847, #348316,
#357057, #360055, #360315, #365323, #373595, #379549,
#381245, #388045, #390771, #395431, #401701, #403183,
#404437, #408161, #413657, #419917, #427224, #433383,
#437780, #439586, #439960, #444318
ID: 201301-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which
may allow execution of arbitrary code or local privilege escalation. The
SeaMonkey project is a community effort to deliver production-quality
releases of code derived from the application formerly known as the
'Mozilla Application Suite'. NSS is Mozilla's Network Security Services library
that implements PKI support. IceCat is the GNU version of Firefox.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/firefox < 10.0.11 >= 10.0.11
2 www-client/firefox-bin < 10.0.11 >= 10.0.11
3 mail-client/thunderbird < 10.0.11 >= 10.0.11
4 mail-client/thunderbird-bin
< 10.0.11 >= 10.0.11
5 www-client/seamonkey < 2.14-r1 >= 2.14-r1
6 www-client/seamonkey-bin
< 2.14 >= 2.14
7 dev-libs/nss < 3.14 >= 3.14
8 www-client/mozilla-firefox
<= 3.6.8 Vulnerable!
9 www-client/mozilla-firefox-bin
<= 3.5.6 Vulnerable!
10 mail-client/mozilla-thunderbird
<= 3.0.4-r1 Vulnerable!
11 mail-client/mozilla-thunderbird-bin
<= 3.0 Vulnerable!
12 www-client/icecat <= 10.0-r1 Vulnerable!
13 net-libs/xulrunner <= 2.0-r1 Vulnerable!
14 net-libs/xulrunner-bin <= 1.8.1.19 Vulnerable!
-------------------------------------------------------------------
NOTE: Certain packages are still vulnerable. Users should migrate
to another package if one is available or wait for the
existing packages to be marked stable by their
architecture maintainers.
-------------------------------------------------------------------
14 affected packages
Description
===========
Multiple vulnerabilities have been discovered in Mozilla Firefox,
Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review
the CVE identifiers referenced below for details.
Impact
======
A remote attacker could entice a user to view a specially crafted web
page or email, possibly resulting in execution of arbitrary code or a
Denial of Service condition. Furthermore, a remote attacker may be able
to perform Man-in-the-Middle attacks, obtain sensitive information,
bypass restrictions and protection mechanisms, force file downloads,
conduct XML injection attacks, conduct XSS attacks, bypass the Same
Origin Policy, spoof URL's for phishing attacks, trigger a vertical
scroll, spoof the location bar, spoof an SSL indicator, modify the
browser's font, conduct clickjacking attacks, or have other unspecified
impact.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Mozilla Firefox users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11"
All users of the Mozilla Firefox binary package should upgrade to the
latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"=
All Mozilla Thunderbird users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11"
All users of the Mozilla Thunderbird binary package should upgrade to
the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11"
All Mozilla SeaMonkey users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.14-r1"
All users of the Mozilla SeaMonkey binary package should upgrade to the
latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.14"
All NSS users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/nss-3.14"
The "www-client/mozilla-firefox" package has been merged into the
"www-client/firefox" package. To upgrade, please unmerge
"www-client/mozilla-firefox" and then emerge the latest
"www-client/firefox" package:
# emerge --sync
# emerge --unmerge "www-client/mozilla-firefox"
# emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11"
The "www-client/mozilla-firefox-bin" package has been merged into the
"www-client/firefox-bin" package. To upgrade, please unmerge
"www-client/mozilla-firefox-bin" and then emerge the latest
"www-client/firefox-bin" package:
# emerge --sync
# emerge --unmerge "www-client/mozilla-firefox-bin"
# emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"=
The "mail-client/mozilla-thunderbird" package has been merged into the
"mail-client/thunderbird" package. To upgrade, please unmerge
"mail-client/mozilla-thunderbird" and then emerge the latest
"mail-client/thunderbird" package:
# emerge --sync
# emerge --unmerge "mail-client/mozilla-thunderbird"
# emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11"
The "mail-client/mozilla-thunderbird-bin" package has been merged into
the "mail-client/thunderbird-bin" package. To upgrade, please unmerge
"mail-client/mozilla-thunderbird-bin" and then emerge the latest
"mail-client/thunderbird-bin" package:
# emerge --sync
# emerge --unmerge "mail-client/mozilla-thunderbird-bin"
# emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11"
Gentoo discontinued support for GNU IceCat. We recommend that users
unmerge GNU IceCat:
# emerge --unmerge "www-client/icecat"
Gentoo discontinued support for XULRunner. We recommend that users
unmerge XULRunner:
# emerge --unmerge "net-libs/xulrunner"
Gentoo discontinued support for the XULRunner binary package. We
recommend that users unmerge XULRunner:
# emerge --unmerge "net-libs/xulrunner-bin"
References
==========
[ 1 ] CVE-2011-3101
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3101
[ 2 ] CVE-2007-2436
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2436
[ 3 ] CVE-2007-2437
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2437
[ 4 ] CVE-2007-2671
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2671
[ 5 ] CVE-2007-3073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3073
[ 6 ] CVE-2008-0016
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0016
[ 7 ] CVE-2008-0017
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0017
[ 8 ] CVE-2008-0367
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0367
[ 9 ] CVE-2008-3835
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3835
[ 10 ] CVE-2008-3836
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3836
[ 11 ] CVE-2008-3837
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3837
[ 12 ] CVE-2008-4058
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4058
[ 13 ] CVE-2008-4059
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4059
[ 14 ] CVE-2008-4060
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4060
[ 15 ] CVE-2008-4061
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4061
[ 16 ] CVE-2008-4062
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4062
[ 17 ] CVE-2008-4063
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4063
[ 18 ] CVE-2008-4064
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4064
[ 19 ] CVE-2008-4065
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4065
[ 20 ] CVE-2008-4066
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4066
[ 21 ] CVE-2008-4067
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4067
[ 22 ] CVE-2008-4068
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4068
[ 23 ] CVE-2008-4069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4069
[ 24 ] CVE-2008-4070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4070
[ 25 ] CVE-2008-4582
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4582
[ 26 ] CVE-2008-5012
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5012
[ 27 ] CVE-2008-5013
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5013
[ 28 ] CVE-2008-5014
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5014
[ 29 ] CVE-2008-5015
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5015
[ 30 ] CVE-2008-5016
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5016
[ 31 ] CVE-2008-5017
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5017
[ 32 ] CVE-2008-5018
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5018
[ 33 ] CVE-2008-5019
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5019
[ 34 ] CVE-2008-5021
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5021
[ 35 ] CVE-2008-5022
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5022
[ 36 ] CVE-2008-5023
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5023
[ 37 ] CVE-2008-5024
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5024
[ 38 ] CVE-2008-5052
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5052
[ 39 ] CVE-2008-5500
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5500
[ 40 ] CVE-2008-5501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5501
[ 41 ] CVE-2008-5502
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5502
[ 42 ] CVE-2008-5503
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5503
[ 43 ] CVE-2008-5504
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5504
[ 44 ] CVE-2008-5505
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5505
[ 45 ] CVE-2008-5506
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5506
[ 46 ] CVE-2008-5507
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5507
[ 47 ] CVE-2008-5508
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5508
[ 48 ] CVE-2008-5510
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5510
[ 49 ] CVE-2008-5511
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5511
[ 50 ] CVE-2008-5512
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5512
[ 51 ] CVE-2008-5513
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5513
[ 52 ] CVE-2008-5822
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5822
[ 53 ] CVE-2008-5913
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5913
[ 54 ] CVE-2008-6961
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6961
[ 55 ] CVE-2009-0071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071
[ 56 ] CVE-2009-0071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071
[ 57 ] CVE-2009-0352
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0352
[ 58 ] CVE-2009-0353
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0353
[ 59 ] CVE-2009-0354
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0354
[ 60 ] CVE-2009-0355
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0355
[ 61 ] CVE-2009-0356
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0356
[ 62 ] CVE-2009-0357
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0357
[ 63 ] CVE-2009-0358
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0358
[ 64 ] CVE-2009-0652
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0652
[ 65 ] CVE-2009-0771
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0771
[ 66 ] CVE-2009-0772
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0772
[ 67 ] CVE-2009-0773
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0773
[ 68 ] CVE-2009-0774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0774
[ 69 ] CVE-2009-0775
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0775
[ 70 ] CVE-2009-0776
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0776
[ 71 ] CVE-2009-0777
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0777
[ 72 ] CVE-2009-1044
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1044
[ 73 ] CVE-2009-1169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1169
[ 74 ] CVE-2009-1302
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1302
[ 75 ] CVE-2009-1303
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1303
[ 76 ] CVE-2009-1304
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1304
[ 77 ] CVE-2009-1305
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1305
[ 78 ] CVE-2009-1306
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1306
[ 79 ] CVE-2009-1307
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1307
[ 80 ] CVE-2009-1308
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1308
[ 81 ] CVE-2009-1309
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1309
[ 82 ] CVE-2009-1310
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1310
[ 83 ] CVE-2009-1311
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1311
[ 84 ] CVE-2009-1312
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1312
[ 85 ] CVE-2009-1313
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1313
[ 86 ] CVE-2009-1392
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1392
[ 87 ] CVE-2009-1563
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1563
[ 88 ] CVE-2009-1571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1571
[ 89 ] CVE-2009-1828
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1828
[ 90 ] CVE-2009-1832
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1832
[ 91 ] CVE-2009-1833
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1833
[ 92 ] CVE-2009-1834
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1834
[ 93 ] CVE-2009-1835
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1835
[ 94 ] CVE-2009-1836
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1836
[ 95 ] CVE-2009-1837
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1837
[ 96 ] CVE-2009-1838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1838
[ 97 ] CVE-2009-1839
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1839
[ 98 ] CVE-2009-1840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1840
[ 99 ] CVE-2009-1841
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1841
[ 100 ] CVE-2009-2043
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2043
[ 101 ] CVE-2009-2044
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2044
[ 102 ] CVE-2009-2061
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2061
[ 103 ] CVE-2009-2065
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2065
[ 104 ] CVE-2009-2210
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2210
[ 105 ] CVE-2009-2404
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2404
[ 106 ] CVE-2009-2408
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2408
[ 107 ] CVE-2009-2462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2462
[ 108 ] CVE-2009-2463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2463
[ 109 ] CVE-2009-2464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2464
[ 110 ] CVE-2009-2465
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2465
[ 111 ] CVE-2009-2466
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2466
[ 112 ] CVE-2009-2467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2467
[ 113 ] CVE-2009-2469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2469
[ 114 ] CVE-2009-2470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2470
[ 115 ] CVE-2009-2471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2471
[ 116 ] CVE-2009-2472
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2472
[ 117 ] CVE-2009-2477
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2477
[ 118 ] CVE-2009-2478
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2478
[ 119 ] CVE-2009-2479
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2479
[ 120 ] CVE-2009-2535
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2535
[ 121 ] CVE-2009-2654
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2654
[ 122 ] CVE-2009-2662
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2662
[ 123 ] CVE-2009-2664
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2664
[ 124 ] CVE-2009-2665
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2665
[ 125 ] CVE-2009-3069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3069
[ 126 ] CVE-2009-3070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3070
[ 127 ] CVE-2009-3071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3071
[ 128 ] CVE-2009-3072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3072
[ 129 ] CVE-2009-3074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3074
[ 130 ] CVE-2009-3075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3075
[ 131 ] CVE-2009-3076
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3076
[ 132 ] CVE-2009-3077
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3077
[ 133 ] CVE-2009-3078
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3078
[ 134 ] CVE-2009-3079
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3079
[ 135 ] CVE-2009-3274
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3274
[ 136 ] CVE-2009-3371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3371
[ 137 ] CVE-2009-3372
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3372
[ 138 ] CVE-2009-3373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3373
[ 139 ] CVE-2009-3374
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3374
[ 140 ] CVE-2009-3375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3375
[ 141 ] CVE-2009-3376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3376
[ 142 ] CVE-2009-3377
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3377
[ 143 ] CVE-2009-3378
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3378
[ 144 ] CVE-2009-3379
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3379
[ 145 ] CVE-2009-3380
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3380
[ 146 ] CVE-2009-3381
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3381
[ 147 ] CVE-2009-3382
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3382
[ 148 ] CVE-2009-3383
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3383
[ 149 ] CVE-2009-3388
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3388
[ 150 ] CVE-2009-3389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3389
[ 151 ] CVE-2009-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555
[ 152 ] CVE-2009-3978
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3978
[ 153 ] CVE-2009-3979
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3979
[ 154 ] CVE-2009-3980
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3980
[ 155 ] CVE-2009-3981
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3981
[ 156 ] CVE-2009-3982
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3982
[ 157 ] CVE-2009-3983
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3983
[ 158 ] CVE-2009-3984
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3984
[ 159 ] CVE-2009-3985
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3985
[ 160 ] CVE-2009-3986
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3986
[ 161 ] CVE-2009-3987
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3987
[ 162 ] CVE-2009-3988
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3988
[ 163 ] CVE-2010-0159
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0159
[ 164 ] CVE-2010-0160
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0160
[ 165 ] CVE-2010-0162
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0162
[ 166 ] CVE-2010-0163
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0163
[ 167 ] CVE-2010-0164
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0164
[ 168 ] CVE-2010-0165
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0165
[ 169 ] CVE-2010-0166
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0166
[ 170 ] CVE-2010-0167
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167
[ 171 ] CVE-2010-0167
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167
[ 172 ] CVE-2010-0168
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0168
[ 173 ] CVE-2010-0169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169
[ 174 ] CVE-2010-0169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169
[ 175 ] CVE-2010-0170
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0170
[ 176 ] CVE-2010-0171
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171
[ 177 ] CVE-2010-0171
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171
[ 178 ] CVE-2010-0172
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0172
[ 179 ] CVE-2010-0173
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0173
[ 180 ] CVE-2010-0174
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174
[ 181 ] CVE-2010-0174
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174
[ 182 ] CVE-2010-0175
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175
[ 183 ] CVE-2010-0175
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175
[ 184 ] CVE-2010-0176
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176
[ 185 ] CVE-2010-0176
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176
[ 186 ] CVE-2010-0177
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0177
[ 187 ] CVE-2010-0178
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0178
[ 188 ] CVE-2010-0179
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0179
[ 189 ] CVE-2010-0181
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0181
[ 190 ] CVE-2010-0182
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0182
[ 191 ] CVE-2010-0183
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0183
[ 192 ] CVE-2010-0220
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0220
[ 193 ] CVE-2010-0648
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0648
[ 194 ] CVE-2010-0654
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0654
[ 195 ] CVE-2010-1028
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1028
[ 196 ] CVE-2010-1121
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1121
[ 197 ] CVE-2010-1125
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1125
[ 198 ] CVE-2010-1196
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1196
[ 199 ] CVE-2010-1197
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1197
[ 200 ] CVE-2010-1198
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1198
[ 201 ] CVE-2010-1199
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1199
[ 202 ] CVE-2010-1200
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1200
[ 203 ] CVE-2010-1201
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1201
[ 204 ] CVE-2010-1202
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1202
[ 205 ] CVE-2010-1203
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1203
[ 206 ] CVE-2010-1205
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205
[ 207 ] CVE-2010-1206
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1206
[ 208 ] CVE-2010-1207
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1207
[ 209 ] CVE-2010-1208
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1208
[ 210 ] CVE-2010-1209
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1209
[ 211 ] CVE-2010-1210
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1210
[ 212 ] CVE-2010-1211
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1211
[ 213 ] CVE-2010-1212
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1212
[ 214 ] CVE-2010-1213
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1213
[ 215 ] CVE-2010-1214
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1214
[ 216 ] CVE-2010-1215
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1215
[ 217 ] CVE-2010-1585
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1585
[ 218 ] CVE-2010-2751
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2751
[ 219 ] CVE-2010-2752
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2752
[ 220 ] CVE-2010-2753
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2753
[ 221 ] CVE-2010-2754
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2754
[ 222 ] CVE-2010-2755
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2755
[ 223 ] CVE-2010-2760
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2760
[ 224 ] CVE-2010-2762
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2762
[ 225 ] CVE-2010-2763
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2763
[ 226 ] CVE-2010-2764
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2764
[ 227 ] CVE-2010-2765
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2765
[ 228 ] CVE-2010-2766
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2766
[ 229 ] CVE-2010-2767
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2767
[ 230 ] CVE-2010-2768
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2768
[ 231 ] CVE-2010-2769
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2769
[ 232 ] CVE-2010-2770
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2770
[ 233 ] CVE-2010-3131
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3131
[ 234 ] CVE-2010-3166
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3166
[ 235 ] CVE-2010-3167
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3167
[ 236 ] CVE-2010-3168
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3168
[ 237 ] CVE-2010-3169
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3169
[ 238 ] CVE-2010-3170
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3170
[ 239 ] CVE-2010-3171
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3171
[ 240 ] CVE-2010-3173
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3173
[ 241 ] CVE-2010-3174
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3174
[ 242 ] CVE-2010-3175
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3175
[ 243 ] CVE-2010-3176
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3176
[ 244 ] CVE-2010-3177
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3177
[ 245 ] CVE-2010-3178
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3178
[ 246 ] CVE-2010-3179
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3179
[ 247 ] CVE-2010-3180
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3180
[ 248 ] CVE-2010-3182
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3182
[ 249 ] CVE-2010-3183
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3183
[ 250 ] CVE-2010-3399
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3399
[ 251 ] CVE-2010-3400
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3400
[ 252 ] CVE-2010-3765
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3765
[ 253 ] CVE-2010-3766
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3766
[ 254 ] CVE-2010-3767
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3767
[ 255 ] CVE-2010-3768
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3768
[ 256 ] CVE-2010-3769
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3769
[ 257 ] CVE-2010-3770
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3770
[ 258 ] CVE-2010-3771
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3771
[ 259 ] CVE-2010-3772
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3772
[ 260 ] CVE-2010-3773
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3773
[ 261 ] CVE-2010-3774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3774
[ 262 ] CVE-2010-3775
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3775
[ 263 ] CVE-2010-3776
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3776
[ 264 ] CVE-2010-3777
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3777
[ 265 ] CVE-2010-3778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3778
[ 266 ] CVE-2010-4508
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4508
[ 267 ] CVE-2010-5074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5074
[ 268 ] CVE-2011-0051
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0051
[ 269 ] CVE-2011-0053
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0053
[ 270 ] CVE-2011-0054
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0054
[ 271 ] CVE-2011-0055
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0055
[ 272 ] CVE-2011-0056
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0056
[ 273 ] CVE-2011-0057
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0057
[ 274 ] CVE-2011-0058
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0058
[ 275 ] CVE-2011-0059
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0059
[ 276 ] CVE-2011-0061
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0061
[ 277 ] CVE-2011-0062
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0062
[ 278 ] CVE-2011-0065
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0065
[ 279 ] CVE-2011-0066
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0066
[ 280 ] CVE-2011-0067
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0067
[ 281 ] CVE-2011-0068
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0068
[ 282 ] CVE-2011-0069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0069
[ 283 ] CVE-2011-0070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0070
[ 284 ] CVE-2011-0071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0071
[ 285 ] CVE-2011-0072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0072
[ 286 ] CVE-2011-0073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0073
[ 287 ] CVE-2011-0074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0074
[ 288 ] CVE-2011-0075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0075
[ 289 ] CVE-2011-0076
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0076
[ 290 ] CVE-2011-0077
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0077
[ 291 ] CVE-2011-0078
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0078
[ 292 ] CVE-2011-0079
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0079
[ 293 ] CVE-2011-0080
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0080
[ 294 ] CVE-2011-0081
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0081
[ 295 ] CVE-2011-0082
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0082
[ 296 ] CVE-2011-0083
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0083
[ 297 ] CVE-2011-0084
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0084
[ 298 ] CVE-2011-0085
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0085
[ 299 ] CVE-2011-1187
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1187
[ 300 ] CVE-2011-1202
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1202
[ 301 ] CVE-2011-1712
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1712
[ 302 ] CVE-2011-2362
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2362
[ 303 ] CVE-2011-2363
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2363
[ 304 ] CVE-2011-2364
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2364
[ 305 ] CVE-2011-2365
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2365
[ 306 ] CVE-2011-2369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2369
[ 307 ] CVE-2011-2370
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2370
[ 308 ] CVE-2011-2371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2371
[ 309 ] CVE-2011-2372
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2372
[ 310 ] CVE-2011-2373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2373
[ 311 ] CVE-2011-2374
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2374
[ 312 ] CVE-2011-2375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2375
[ 313 ] CVE-2011-2376
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2376
[ 314 ] CVE-2011-2377
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2377
[ 315 ] CVE-2011-2378
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2378
[ 316 ] CVE-2011-2605
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2605
[ 317 ] CVE-2011-2980
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2980
[ 318 ] CVE-2011-2981
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2981
[ 319 ] CVE-2011-2982
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2982
[ 320 ] CVE-2011-2983
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2983
[ 321 ] CVE-2011-2984
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2984
[ 322 ] CVE-2011-2985
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2985
[ 323 ] CVE-2011-2986
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2986
[ 324 ] CVE-2011-2987
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2987
[ 325 ] CVE-2011-2988
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2988
[ 326 ] CVE-2011-2989
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2989
[ 327 ] CVE-2011-2990
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2990
[ 328 ] CVE-2011-2991
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2991
[ 329 ] CVE-2011-2993
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2993
[ 330 ] CVE-2011-2995
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2995
[ 331 ] CVE-2011-2996
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2996
[ 332 ] CVE-2011-2997
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2997
[ 333 ] CVE-2011-2998
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2998
[ 334 ] CVE-2011-2999
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2999
[ 335 ] CVE-2011-3000
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3000
[ 336 ] CVE-2011-3001
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3001
[ 337 ] CVE-2011-3002
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3002
[ 338 ] CVE-2011-3003
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3003
[ 339 ] CVE-2011-3004
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3004
[ 340 ] CVE-2011-3005
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3005
[ 341 ] CVE-2011-3026
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026
[ 342 ] CVE-2011-3062
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3062
[ 343 ] CVE-2011-3232
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3232
[ 344 ] CVE-2011-3389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389
[ 345 ] CVE-2011-3640
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3640
[ 346 ] CVE-2011-3647
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3647
[ 347 ] CVE-2011-3648
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3648
[ 348 ] CVE-2011-3649
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3649
[ 349 ] CVE-2011-3650
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3650
[ 350 ] CVE-2011-3651
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3651
[ 351 ] CVE-2011-3652
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3652
[ 352 ] CVE-2011-3653
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3653
[ 353 ] CVE-2011-3654
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3654
[ 354 ] CVE-2011-3655
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3655
[ 355 ] CVE-2011-3658
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3658
[ 356 ] CVE-2011-3659
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3659
[ 357 ] CVE-2011-3660
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3660
[ 358 ] CVE-2011-3661
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3661
[ 359 ] CVE-2011-3663
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3663
[ 360 ] CVE-2011-3665
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3665
[ 361 ] CVE-2011-3670
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3670
[ 362 ] CVE-2011-3866
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3866
[ 363 ] CVE-2011-4688
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4688
[ 364 ] CVE-2012-0441
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0441
[ 365 ] CVE-2012-0442
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0442
[ 366 ] CVE-2012-0443
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0443
[ 367 ] CVE-2012-0444
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0444
[ 368 ] CVE-2012-0445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0445
[ 369 ] CVE-2012-0446
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0446
[ 370 ] CVE-2012-0447
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0447
[ 371 ] CVE-2012-0449
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0449
[ 372 ] CVE-2012-0450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0450
[ 373 ] CVE-2012-0451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0451
[ 374 ] CVE-2012-0452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0452
[ 375 ] CVE-2012-0455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0455
[ 376 ] CVE-2012-0456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0456
[ 377 ] CVE-2012-0457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0457
[ 378 ] CVE-2012-0458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0458
[ 379 ] CVE-2012-0459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0459
[ 380 ] CVE-2012-0460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0460
[ 381 ] CVE-2012-0461
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0461
[ 382 ] CVE-2012-0462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0462
[ 383 ] CVE-2012-0463
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0463
[ 384 ] CVE-2012-0464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0464
[ 385 ] CVE-2012-0467
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0467
[ 386 ] CVE-2012-0468
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0468
[ 387 ] CVE-2012-0469
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0469
[ 388 ] CVE-2012-0470
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0470
[ 389 ] CVE-2012-0471
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0471
[ 390 ] CVE-2012-0473
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0473
[ 391 ] CVE-2012-0474
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0474
[ 392 ] CVE-2012-0475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0475
[ 393 ] CVE-2012-0477
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0477
[ 394 ] CVE-2012-0478
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0478
[ 395 ] CVE-2012-0479
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0479
[ 396 ] CVE-2012-1937
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1937
[ 397 ] CVE-2012-1938
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1938
[ 398 ] CVE-2012-1939
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1939
[ 399 ] CVE-2012-1940
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1940
[ 400 ] CVE-2012-1941
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1941
[ 401 ] CVE-2012-1945
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1945
[ 402 ] CVE-2012-1946
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1946
[ 403 ] CVE-2012-1947
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1947
[ 404 ] CVE-2012-1948
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1948
[ 405 ] CVE-2012-1949
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1949
[ 406 ] CVE-2012-1950
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1950
[ 407 ] CVE-2012-1951
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1951
[ 408 ] CVE-2012-1952
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1952
[ 409 ] CVE-2012-1953
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1953
[ 410 ] CVE-2012-1954
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1954
[ 411 ] CVE-2012-1955
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1955
[ 412 ] CVE-2012-1956
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1956
[ 413 ] CVE-2012-1957
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1957
[ 414 ] CVE-2012-1958
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1958
[ 415 ] CVE-2012-1959
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1959
[ 416 ] CVE-2012-1960
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1960
[ 417 ] CVE-2012-1961
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1961
[ 418 ] CVE-2012-1962
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1962
[ 419 ] CVE-2012-1963
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1963
[ 420 ] CVE-2012-1964
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1964
[ 421 ] CVE-2012-1965
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1965
[ 422 ] CVE-2012-1966
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1966
[ 423 ] CVE-2012-1967
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1967
[ 424 ] CVE-2012-1970
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1970
[ 425 ] CVE-2012-1971
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1971
[ 426 ] CVE-2012-1972
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1972
[ 427 ] CVE-2012-1973
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1973
[ 428 ] CVE-2012-1974
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1974
[ 429 ] CVE-2012-1975
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1975
[ 430 ] CVE-2012-1976
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1976
[ 431 ] CVE-2012-1994
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1994
[ 432 ] CVE-2012-3956
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3956
[ 433 ] CVE-2012-3957
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3957
[ 434 ] CVE-2012-3958
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3958
[ 435 ] CVE-2012-3959
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3959
[ 436 ] CVE-2012-3960
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3960
[ 437 ] CVE-2012-3961
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3961
[ 438 ] CVE-2012-3962
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3962
[ 439 ] CVE-2012-3963
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3963
[ 440 ] CVE-2012-3964
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3964
[ 441 ] CVE-2012-3965
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3965
[ 442 ] CVE-2012-3966
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3966
[ 443 ] CVE-2012-3967
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3967
[ 444 ] CVE-2012-3968
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3968
[ 445 ] CVE-2012-3969
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3969
[ 446 ] CVE-2012-3970
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3970
[ 447 ] CVE-2012-3971
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3971
[ 448 ] CVE-2012-3972
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3972
[ 449 ] CVE-2012-3973
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3973
[ 450 ] CVE-2012-3975
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3975
[ 451 ] CVE-2012-3976
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3976
[ 452 ] CVE-2012-3977
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3977
[ 453 ] CVE-2012-3978
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3978
[ 454 ] CVE-2012-3980
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3980
[ 455 ] CVE-2012-3982
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3982
[ 456 ] CVE-2012-3984
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3984
[ 457 ] CVE-2012-3985
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3985
[ 458 ] CVE-2012-3986
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3986
[ 459 ] CVE-2012-3988
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3988
[ 460 ] CVE-2012-3989
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3989
[ 461 ] CVE-2012-3990
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3990
[ 462 ] CVE-2012-3991
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3991
[ 463 ] CVE-2012-3992
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3992
[ 464 ] CVE-2012-3993
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3993
[ 465 ] CVE-2012-3994
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3994
[ 466 ] CVE-2012-3995
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3995
[ 467 ] CVE-2012-4179
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4179
[ 468 ] CVE-2012-4180
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4180
[ 469 ] CVE-2012-4181
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4181
[ 470 ] CVE-2012-4182
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4182
[ 471 ] CVE-2012-4183
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4183
[ 472 ] CVE-2012-4184
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4184
[ 473 ] CVE-2012-4185
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4185
[ 474 ] CVE-2012-4186
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4186
[ 475 ] CVE-2012-4187
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4187
[ 476 ] CVE-2012-4188
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4188
[ 477 ] CVE-2012-4190
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4190
[ 478 ] CVE-2012-4191
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4191
[ 479 ] CVE-2012-4192
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4192
[ 480 ] CVE-2012-4193
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4193
[ 481 ] CVE-2012-4194
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4194
[ 482 ] CVE-2012-4195
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4195
[ 483 ] CVE-2012-4196
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4196
[ 484 ] CVE-2012-4201
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4201
[ 485 ] CVE-2012-4202
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4202
[ 486 ] CVE-2012-4204
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4204
[ 487 ] CVE-2012-4205
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4205
[ 488 ] CVE-2012-4206
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4206
[ 489 ] CVE-2012-4207
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4207
[ 490 ] CVE-2012-4208
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4208
[ 491 ] CVE-2012-4209
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4209
[ 492 ] CVE-2012-4210
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4210
[ 493 ] CVE-2012-4212
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4212
[ 494 ] CVE-2012-4215
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4215
[ 495 ] CVE-2012-4216
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4216
[ 496 ] CVE-2012-5354
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5354
[ 497 ] CVE-2012-5829
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5829
[ 498 ] CVE-2012-5830
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5830
[ 499 ] CVE-2012-5833
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5833
[ 500 ] CVE-2012-5835
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5835
[ 501 ] CVE-2012-5836
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5836
[ 502 ] CVE-2012-5838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5838
[ 503 ] CVE-2012-5839
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5839
[ 504 ] CVE-2012-5840
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5840
[ 505 ] CVE-2012-5841
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5841
[ 506 ] CVE-2012-5842
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5842
[ 507 ] CVE-2012-5843
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5843
[ 508 ] Firefox Blocking Fraudulent Certificates
http://blog.mozilla.org/security/2011/03/22/firefox-blocking-fraudulent-c=
ertificates/
[ 509 ] Mozilla Foundation Security Advisory 2011-11
http://www.mozilla.org/security/announce/2011/mfsa2011-11.html
[ 510 ] Mozilla Foundation Security Advisory 2011-34
http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201301-01.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2013 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
| VAR-201111-0225 | CVE-2011-3442 | Apple iOS Arbitrary kernel unsigned code execution vulnerability |
CVSS V2: 7.2 CVSS V3: - Severity: HIGH |
The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app. Apple iOS is prone to a security-bypass vulnerability that affects the code signing security feature.
Attackers can exploit this issue by enticing an unsuspecting user to install a specially crafted application on the affected device.
Successful exploits will allow attackers to bypass certain security restrictions and execute arbitrary code on the affected device.
Apple iOS 4.3 through 5.0 are vulnerable.
NOTE: This vulnerability only affects iPad 2. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2011-11-10-1 iOS 5.0.1 Software Update
iOS 5.0.1 Software Update is now available and addresses the
following:
CFNetwork
Available for: iOS 3.0 through 5.0 for iPhone 3GS,
iPhone 4 and iPhone 4S,
iOS 3.1 through 5.0 for iPod touch (3rd generation) and later,
iOS 3.2 through 5.0 for iPad, iOS 4.3 through 5.0 for iPad 2
Impact: Visiting a maliciously crafted website may lead to the
disclosure of sensitive information
Description: An issue existed in CFNetwork's handling of maliciously
crafted URLs. When accessing a maliciously crafted HTTP or HTTPS URL,
CFNetwork could navigate to an incorrect server.
CVE-ID
CVE-2011-3246 : Erling Ellingsen of Facebook
CoreGraphics
Available for: iOS 3.0 through 5.0 for iPhone 3GS,
iPhone 4 and iPhone 4S,
iOS 3.1 through 5.0 for iPod touch (3rd generation) and later,
iOS 3.2 through 5.0 for iPad, iOS 4.3 through 5.0 for iPad 2
Impact: Viewing a document containing a maliciously crafted font may
lead to arbitrary code execution
Description: Multiple memory corruption issues existed in FreeType,
the most serious of which may lead to arbitrary code execution when
processing a maliciously crafted font.
CVE-ID
CVE-2011-3439 : Apple
Data Security
Available for: iOS 3.0 through 5.0 for iPhone 3GS,
iPhone 4 and iPhone 4S,
iOS 3.1 through 5.0 for iPod touch (3rd generation) and later,
iOS 3.2 through 5.0 for iPad, iOS 4.3 through 5.0 for iPad 2
Impact: An attacker with a privileged network position may intercept
user credentials or other sensitive information
Description: Two certificate authorities in the list of trusted root
certificates have independently issued intermediate certificates to
DigiCert Malaysia. DigiCert Malaysia has issued certificates with
weak keys that it is unable to revoke. An attacker with a privileged
network position could intercept user credentials or other sensitive
information intended for a site with a certificate issued by DigiCert
Malaysia. This issue is addressed by configuring default system trust
settings so that DigiCert Malaysia's certificates are not trusted. We
would like to acknowledge Bruce Morton of Entrust, Inc. for reporting
this issue.
Kernel
Available for: iOS 3.0 through 5.0 for iPhone 3GS,
iPhone 4 and iPhone 4S,
iOS 3.1 through 5.0 for iPod touch (3rd generation) and later,
iOS 3.2 through 5.0 for iPad, iOS 4.3 through 5.0 for iPad 2
Impact: An application may execute unsigned code
Description: A logic error existed in the mmap system call's
checking of valid flag combinations. This issue may lead to a bypass
of codesigning checks. This issue does not affect devices running
iOS prior to version 4.3.
CVE-ID
CVE-2011-3442 : Charlie Miller of Accuvant Labs
libinfo
Available for: iOS 3.0 through 5.0 for iPhone 3GS,
iPhone 4 and iPhone 4S,
iOS 3.1 through 5.0 for iPod touch (3rd generation) and later,
iOS 3.2 through 5.0 for iPad, iOS 4.3 through 5.0 for iPad 2
Impact: Visiting a maliciously crafted website may lead to the
disclosure of sensitive information
Description: An issue existed in libinfo's handling of DNS name
lookups. When resolving a maliciously crafted hostname, libinfo could
return an incorrect result.
CVE-ID
CVE-2011-3441 : Erling Ellingsen of Facebook, Per Johansson of
Blocket AB
Passcode Lock
Available for: iOS 4.3 through 5.0 for iPad 2
Impact: A person with physical access to a locked iPad 2 may be able
to access some of the user's data
Description: When a Smart Cover is opened while iPad 2 is confirming
power off in the locked state, the iPad does not request a passcode.
This allows some access to the iPad, but data protected by Data
Protection is inaccessible and apps cannot be launched.
CVE-ID
CVE-2011-3440
Installation note:
This update is only available through iTunes, and will not appear
in your computer's Software Update application, or in the Apple
Downloads site. Make sure you have an Internet connection and have
installed the latest version of iTunes from www.apple.com/itunes/
iTunes will automatically check Apple's update server on its weekly
schedule. When an update is detected, it will download it. When
the iPhone, iPod touch or iPad is docked, iTunes will present the
user with the option to install the update. We recommend applying
the update immediately if possible. Selecting Don't Install will
present the option the next time you connect your iPhone, iPod touch,
or iPad.
The automatic update process may take up to a week depending on the
day that iTunes checks for updates. You may manually obtain the
update via the Check for Updates button within iTunes. After doing
this, the update can be applied when your iPhone, iPod touch, or iPad
is docked to your computer.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update will be
"5.0.1 (9A405)".
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJOuxWjAAoJEGnF2JsdZQeeYkAH/1Yz7Y7kSrJKjNeGyxLpliM8
1r33Xu0r6+WJgrjq1Ym4S6Yz1SJvz6uyvt8yLlKMxQHpYxmTjoToVbzvCvr81Kam
tpXhpfihRtwzSDEJAV7jRShtylVwoTIfUBTp982eun+2PrJmHI3P070pgCjUiT/C
63O4sen+K0hhT2cJxzWYsw1hmXv8OAmy+snUOh44ovMEa10KrpOqxr6sjrSfBbpU
gHyD1BOVB5VPUWSpj+R9/Eji634StaPkmy1yp+iv926MpGMGYT8mB07ec4MP4C78
b7ZaKzmhZILikMR6+fiOUWIZJQ0M8TYzyMol15DP/5mnXiHr46eZvsqWeAuvsok=
=RjAe
-----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
SC World Congress, New York, USA, 16 November 2011
Visit the Secunia booth (#203) and discover how you can improve your handling of third party programs:
http://secunia.com/resources/events/sc_2011/
----------------------------------------------------------------------
TITLE:
Apple iOS Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46747
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46747/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46747
RELEASE DATE:
2011-11-11
DISCUSS ADVISORY:
http://secunia.com/advisories/46747/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46747/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46747
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Apple iOS, which can
be exploited by malicious people to disclose certain sensitive
information, conduct spoofing attacks, and compromise a user's
device.
1) An error within the CFNetwork component when handling URLs can be
exploited to redirect a user to an incorrect server.
This is related to vulnerability #4 in:
SA46377
2) Multiple errors within the CoreGraphics component when handling
FreeType fonts can be exploited to corrupt memory.
Successful exploitation of this vulnerability requires that the user
is tricked into installing a malicious App.
4) An error within libinfo when handling DNS name lookups can be
exploited to spoof lookups.
PROVIDED AND/OR DISCOVERED BY:
2) Reported by the vendor.
The vendor credits:
1) Erling Ellingsen, Facebook.
3) Charlie Miller, Accuvant Labs.
4) Erling Ellingsen, Facebook and Per Johansson, Blocket AB.
ORIGINAL ADVISORY:
Apple:
http://support.apple.com/kb/HT5052
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201111-0142 | CVE-2011-3997 | Opengear console servers vulnerable to authentication bypass |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
Opengear console servers with firmware before 2.2.1 allow remote attackers to bypass authentication, and modify settings or access connected equipment, via unspecified vectors. Opengear console servers contains an authentication bypass vulnerability. Opengear console servers are for managing servers and network products. Opengear console servers contain an authentication bypass vulnerability. Tadayoshi Nakahira reported this vulnerability to IPA.
Versions prior to Opengear Console Server 2.2.1 are vulnerable. The vulnerability stems from an unidentified error. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Opengear Console Servers Authentication Security Bypass Vulnerability
SECUNIA ADVISORY ID:
SA46721
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46721/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46721
RELEASE DATE:
2011-11-04
DISCUSS ADVISORY:
http://secunia.com/advisories/46721/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46721/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46721
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Opengear Console Servers, which
can be exploited by malicious people to bypass certain security
restrictions.
SOLUTION:
Update to version 2.2.1.
PROVIDED AND/OR DISCOVERED BY:
JVN credits Tadayoshi Nakahira.
ORIGINAL ADVISORY:
http://jvn.jp/en/jp/JVN71349007/index.html
http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000096.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201111-0143 | CVE-2011-3998 | WebObjects vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in Apple WebObjects 5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. WebObjects provided by Apple, contains a cross-site scripting vulnerability. WebObjects provided by Apple is a web application server. WebObjects contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An arbitrary script may be executed on the user's web browser.
Successful exploits will allow attacker-supplied script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible.
Apple WebObjects 5.2 and prior are vulnerable
| VAR-201111-0190 | CVE-2011-3607 |
Apache HTTP Server Integer overflow vulnerability
Related entries in the VARIoT exploits database: VAR-E-201111-0031 |
CVSS V2: 4.4 CVSS V3: - Severity: MEDIUM |
Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow. Apache HTTP Server is prone to a local privilege-escalation vulnerability because of an integer-overflow error.
Local attackers can exploit this issue to run arbitrary code with elevated privileges (with the privileges of the Apache webserver process). Failed exploit attempts may crash the affected application, denying service to legitimate users.
Note: To trigger this issue, 'mod_setenvif' must be enabled and the attacker should be able to place a malicious '.htaccess' file on the affected webserver. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: httpd security update
Advisory ID: RHSA-2012:0128-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0128.html
Issue date: 2012-02-13
CVE Names: CVE-2011-3607 CVE-2011-3639 CVE-2011-4317
CVE-2012-0031 CVE-2012-0053
=====================================================================
1. Summary:
Updated httpd packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
3.
It was discovered that the fix for CVE-2011-3368 (released via
RHSA-2011:1391) did not completely address the problem. An attacker could
bypass the fix and make a reverse proxy connect to an arbitrary server not
directly accessible to the attacker by sending an HTTP version 0.9 request,
or by using a specially-crafted URI. (CVE-2011-3639, CVE-2011-4317)
The httpd server included the full HTTP header line in the default error
page generated when receiving an excessively long or malformed header.
Malicious JavaScript running in the server's domain context could use this
flaw to gain access to httpOnly cookies. (CVE-2012-0053)
An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way httpd performed substitutions in regular expressions. An
attacker able to set certain httpd settings, such as a user permitted to
override the httpd configuration for a specific directory using a
".htaccess" file, could use this flaw to crash the httpd child process or,
possibly, execute arbitrary code with the privileges of the "apache" user.
(CVE-2011-3607)
A flaw was found in the way httpd handled child process status information.
A malicious program running with httpd child process privileges (such as a
PHP or CGI script) could use this flaw to cause the parent httpd process to
crash during httpd service shutdown. (CVE-2012-0031)
All httpd users should upgrade to these updated packages, which contain
backported patches to correct these issues. After installing the updated
packages, the httpd daemon will be restarted automatically.
4. Solution:
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
5. Bugs fixed (http://bugzilla.redhat.com/):
752080 - CVE-2011-3639 httpd: http 0.9 request bypass of the reverse proxy vulnerability CVE-2011-3368 fix
756483 - CVE-2011-4317 httpd: uri scheme bypass of the reverse proxy vulnerability CVE-2011-3368 fix
769844 - CVE-2011-3607 httpd: ap_pregsub Integer overflow to buffer overflow
773744 - CVE-2012-0031 httpd: possible crash on shutdown due to flaw in scoreboard handling
785069 - CVE-2012-0053 httpd: cookie exposure due to error responses
6. Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/httpd-2.2.15-15.el6_2.1.src.rpm
i386:
httpd-2.2.15-15.el6_2.1.i686.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
httpd-tools-2.2.15-15.el6_2.1.i686.rpm
x86_64:
httpd-2.2.15-15.el6_2.1.x86_64.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.x86_64.rpm
httpd-tools-2.2.15-15.el6_2.1.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/httpd-2.2.15-15.el6_2.1.src.rpm
i386:
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
httpd-devel-2.2.15-15.el6_2.1.i686.rpm
mod_ssl-2.2.15-15.el6_2.1.i686.rpm
noarch:
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm
x86_64:
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.x86_64.rpm
httpd-devel-2.2.15-15.el6_2.1.i686.rpm
httpd-devel-2.2.15-15.el6_2.1.x86_64.rpm
mod_ssl-2.2.15-15.el6_2.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/httpd-2.2.15-15.el6_2.1.src.rpm
x86_64:
httpd-2.2.15-15.el6_2.1.x86_64.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.x86_64.rpm
httpd-tools-2.2.15-15.el6_2.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/httpd-2.2.15-15.el6_2.1.src.rpm
noarch:
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm
x86_64:
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.x86_64.rpm
httpd-devel-2.2.15-15.el6_2.1.i686.rpm
httpd-devel-2.2.15-15.el6_2.1.x86_64.rpm
mod_ssl-2.2.15-15.el6_2.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/httpd-2.2.15-15.el6_2.1.src.rpm
i386:
httpd-2.2.15-15.el6_2.1.i686.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
httpd-devel-2.2.15-15.el6_2.1.i686.rpm
httpd-tools-2.2.15-15.el6_2.1.i686.rpm
mod_ssl-2.2.15-15.el6_2.1.i686.rpm
noarch:
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm
ppc64:
httpd-2.2.15-15.el6_2.1.ppc64.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.ppc.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.ppc64.rpm
httpd-devel-2.2.15-15.el6_2.1.ppc.rpm
httpd-devel-2.2.15-15.el6_2.1.ppc64.rpm
httpd-tools-2.2.15-15.el6_2.1.ppc64.rpm
mod_ssl-2.2.15-15.el6_2.1.ppc64.rpm
s390x:
httpd-2.2.15-15.el6_2.1.s390x.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.s390.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.s390x.rpm
httpd-devel-2.2.15-15.el6_2.1.s390.rpm
httpd-devel-2.2.15-15.el6_2.1.s390x.rpm
httpd-tools-2.2.15-15.el6_2.1.s390x.rpm
mod_ssl-2.2.15-15.el6_2.1.s390x.rpm
x86_64:
httpd-2.2.15-15.el6_2.1.x86_64.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.x86_64.rpm
httpd-devel-2.2.15-15.el6_2.1.i686.rpm
httpd-devel-2.2.15-15.el6_2.1.x86_64.rpm
httpd-tools-2.2.15-15.el6_2.1.x86_64.rpm
mod_ssl-2.2.15-15.el6_2.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/httpd-2.2.15-15.el6_2.1.src.rpm
i386:
httpd-2.2.15-15.el6_2.1.i686.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
httpd-devel-2.2.15-15.el6_2.1.i686.rpm
httpd-tools-2.2.15-15.el6_2.1.i686.rpm
mod_ssl-2.2.15-15.el6_2.1.i686.rpm
noarch:
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm
x86_64:
httpd-2.2.15-15.el6_2.1.x86_64.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
httpd-debuginfo-2.2.15-15.el6_2.1.x86_64.rpm
httpd-devel-2.2.15-15.el6_2.1.i686.rpm
httpd-devel-2.2.15-15.el6_2.1.x86_64.rpm
httpd-tools-2.2.15-15.el6_2.1.x86_64.rpm
mod_ssl-2.2.15-15.el6_2.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://www.redhat.com/security/data/cve/CVE-2011-3607.html
https://www.redhat.com/security/data/cve/CVE-2011-3639.html
https://www.redhat.com/security/data/cve/CVE-2011-4317.html
https://www.redhat.com/security/data/cve/CVE-2012-0031.html
https://www.redhat.com/security/data/cve/CVE-2012-0053.html
https://access.redhat.com/security/updates/classification/#moderate
https://rhn.redhat.com/errata/RHSA-2011-1391.html
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFPOXUIXlSAg2UNWIIRAg4AAJ9vTPttyKrbHbaSV7xCAzG89ytZgACfTSq+
HOLS5+cKusdo+jUiYKIV4mw=
=fM2U
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. The could allow the attacker to access internal
servers that are not otherwise accessible from the outside.
The three CVE ids denote slightly different variants of the same
issue.
Note that, even with this issue fixed, it is the responsibility of
the administrator to ensure that the regular expression replacement
pattern for the target URI does not allow a client to append arbitrary
strings to the host or port parts of the target URI. This is a violation of the privilege separation
between the apache2 processes and could potentially be used to worsen
the impact of other vulnerabilities.
CVE-2012-0053:
The response message for error code 400 (bad request) could be used to
expose "httpOnly" cookies. This could allow a remote attacker using
cross site scripting to steal authentication cookies.
For the oldstable distribution (lenny), these problems have been fixed in
version apache2 2.2.9-10+lenny12.
For the stable distribution (squeeze), these problems have been fixed in
version apache2 2.2.16-6+squeeze6
For the testing distribution (wheezy), these problems will be fixed in
version 2.2.22-1.
For the unstable distribution (sid), these problems have been fixed in
version 2.2.22-1.
We recommend that you upgrade your apache2 packages. The new version
number for the oldstable distribution is 2.2.6-02-1+lenny7. In the
stable distribution, apache2-mpm-itk has the same version number as
apache2. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Note: the current version of the following document is available here:
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03360041
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03360041
Version: 1
HPSBMU02786 SSRT100877 rev.1 - HP System Management Homepage (SMH) Running on
Linux and Windows, Remote Unauthorized Access, Disclosure of Information,
Data Modification, Denial of Service (DoS), Execution of Arbitrary Code
NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.
Release Date: 2012-06-26
Last Updated: 2012-06-26
Potential Security Impact: Remote unauthorized access, disclosure of
information, data modification, Denial of Service (DoS), execution of
arbitrary code
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP System
Management Homepage (SMH) running on Linux and Windows. The vulnerabilities
could be exploited remotely resulting in unauthorized access, disclosure of
information, data modification, Denial of Service (DoS), and execution of
arbitrary code.
References: CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3379,
CVE-2011-3607, CVE-2011-4078, CVE-2011-4108, CVE-2011-4153, CVE-2011-4317,
CVE-2011-4415, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2011-4885,
CVE-2012-0021, CVE-2012-0027, CVE-2012-0031, CVE-2012-0036, CVE-2012-0053,
CVE-2012-0057, CVE-2012-0830, CVE-2012-1165, CVE-2012-1823,
CVE-2012-2012 (AUTOCOMPLETE enabled), CVE-2012-2013 (DoS),
CVE-2012-2014 (Improper input validation), CVE-2012-2015 (Privilege
Elevation),
CVE-2012-2016 (Information disclosure),
SSRT100336, SSRT100753, SSRT100669, SSRT100676,
SSRT100695, SSRT100714, SSRT100760, SSRT100786,
SSRT100787, SSRT100815, SSRT100840, SSRT100843, SSRT100869
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP System Management Homepage (SMH) before v7.1.1 running on Linux and
Windows.
BACKGROUND
CVSS 2.0 Base Metrics
===========================================================
Reference Base Vector Base Score
CVE-2012-2012 (AV:N/AC:L/Au:N/C:C/I:C/A:P) 9.7
CVE-2012-2013 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2012-2014 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 6.8
CVE-2012-2015 (AV:N/AC:M/Au:S/C:P/I:N/A:N) 6.5
CVE-2012-2016 (AV:L/AC:M/Au:S/C:C/I:N/A:N) 4.4
CVE-2011-1944 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2011-2821 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2011-2834 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8
CVE-2011-3379 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2011-3607 (AV:L/AC:M/Au:N/C:P/I:P/A:P) 4.4
CVE-2011-4078 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2011-4108 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2011-4153 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2011-4317 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2011-4415 (AV:L/AC:H/Au:N/C:N/I:N/A:P) 1.2
CVE-2011-4576 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
CVE-2011-4577 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3
CVE-2011-4619 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2011-4885 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2012-0021 (AV:N/AC:H/Au:N/C:N/I:N/A:P) 2.6
CVE-2012-0027 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2012-0031 (AV:L/AC:L/Au:N/C:P/I:P/A:P) 4.6
CVE-2012-0036 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2012-0053 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3
CVE-2012-0057 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4
CVE-2012-0830 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
CVE-2012-1165 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0
CVE-2012-1823 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided HP System Management Homepage v7.1.1 or subsequent to resolve
the vulnerabilities. HP System Management Homepage v7.1.1 is available here:
HP System Management Homepage for Windows x64
[Download here] or enter the following URL into the browser address window.
http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail
s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati
onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa
meId%253D4091409%257CswEnvOID%253D4064%257CswLang%253D8%257CswItem%253DMTX-ab
0d4e9bb4654a8da503eccfd9%257Cmode%253D3%257Caction%253DdriverDocument&javax.p
ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign
ette.cachetoken
HP System Management Homepage for Windows x86
[Download here] or enter the following URL into the browser address window.
http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail
s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati
onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa
meId%253D4091409%257CswEnvOID%253D4022%257CswLang%253D8%257CswItem%253DMTX-f7
c0d15d28474255bd0ec23136%257Cmode%253D3%257Caction%253DdriverDocument&javax.p
ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign
ette.cachetoken
HP System Management Homepage for Linux (AMD64/EM64T)
[Download here] or enter the following URL into the browser address window.
http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail
s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati
onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa
meId%253D4091409%257CswEnvOID%253D4035%257CswLang%253D8%257CswItem%253DMTX-18
d373dd1361400fbaca892942%257Cmode%253D3%257Caction%253DdriverDocument&javax.p
ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign
ette.cachetoken
HP System Management Homepage for Linux (x86)
[Download here] or enter the following URL into the browser address window.
http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetail
s/?sp4ts.oid=4091409&spf_p.tpst=psiSwdMain&spf_p.prp_psiSwdMain=wsrp-navigati
onalState%3Dlang%253Den%257Ccc%253DUS%257CprodSeriesId%253D4091408%257CprodNa
meId%253D4091409%257CswEnvOID%253D4006%257CswLang%253D8%257CswItem%253DMTX-9e
8a0188f97d48139dcb466509%257Cmode%253D3%257Caction%253DdriverDocument&javax.p
ortlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vign
ette.cachetoken
HISTORY
Version:1 (rev.1) 26 June 2012 Initial release
Third Party Security Patches: Third party security patches that are to be
installed on systems running HP software products should be applied in
accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HP Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported
product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin
alerts via Email:
http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated
periodically, is contained in HP Security Notice HPSN-2011-001:
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is
available here:
http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in
the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
GN = HP General Software
HF = HP Hardware and Firmware
MP = MPE/iX
MU = Multi-Platform Software
NS = NonStop Servers
OV = OpenVMS
PI = Printing and Imaging
PV = ProCurve
ST = Storage Software
TU = Tru64 UNIX
UX = HP-UX
Copyright 2012 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors
or omissions contained herein. The information provided is provided "as is"
without warranty of any kind. To the extent permitted by law, neither HP or
its affiliates, subcontractors or suppliers will be liable for
incidental,special or consequential damages including downtime cost; lost
profits;damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration. The
information in this document is subject to change without notice.
Hewlett-Packard Company and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in the United States and
other countries. Other product and company names mentioned herein may be
trademarks of their respective owners.
The update for B.11.11 is available for download from https://h20392.www2.hp.com/portal/swdepot/try.do?productNumber=HPUXWSATW235
The update for B.11.23 and B.11.31 is available for download from https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXWSATW323
Web Server Suite Version
Apache Depot Name
HP-UX Web Server Suite v.3.23
HP-UX B.11.23 HPUXWS22ATW-B323-64.depot
HP-UX B.11.23 HPUXWS22ATW-B323-32.depot
HP-UX B.11.31 HPUXWS22ATW-B323-64.depot
HP-UX B.11.31 HPUXWS22ATW-B323-32.depot
HP-UX Web Server Suite v.2.35
HP-UX B.11.11 HP-UX_11.11_HPUXWSATW-B235-1111.depot
MANUAL ACTIONS: Yes - Update
Install HP-UX Web Server Suite v3.23 or subsequent
Install HP-UX Web Server Suite v2.35 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42,
2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision
1179239 patch is in place, does not properly interact with use of (1)
RewriteRule and (2) ProxyPassMatch pattern matches for configuration
of a reverse proxy, which allows remote attackers to send requests
to intranet servers via a malformed URI containing an \@ (at sign)
character and a : (colon) character in invalid positions. NOTE: this
vulnerability exists because of an incomplete fix for CVE-2011-3368
(CVE-2011-4317). The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and
Security Update 2012-004
OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update
2012-004 are now available and address the following:
Apache
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Multiple vulnerabilities in Apache
Description: Apache is updated to version 2.2.22 to address several
vulnerabilities, the most serious of which may lead to a denial of
service. Further information is available via the Apache web site at
http://httpd.apache.org/. This issue does not affect OS X Mountain
Lion systems.
CVE-ID
CVE-2011-3368
CVE-2011-3607
CVE-2011-4317
CVE-2012-0021
CVE-2012-0031
CVE-2012-0053
BIND
Available for: OS X Lion v10.7 to v10.7.4,
OS X Lion Server v10.7 to v10.7.4
Impact: A remote attacker may be able to cause a denial of service
in systems configured to run BIND as a DNS nameserver
Description: A reachable assertion issue existed in the handling of
DNS records. This issue was addressed by updating to BIND 9.7.6-P1.
This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2011-4313
BIND
Available for: OS X Lion v10.7 to v10.7.4,
OS X Lion Server v10.7 to v10.7.4,
OS X Mountain Lion v10.8 and v10.8.1
Impact: A remote attacker may be able to cause a denial of service,
data corruption, or obtain sensitive information from process memory
in systems configured to run BIND as a DNS nameserver
Description: A memory management issue existed in the handling of
DNS records. This issue was addressed by updating to BIND 9.7.6-P1 on
OS X Lion systems, and BIND 9.8.3-P1 on OS X Mountain Lion systems.
CVE-ID
CVE-2012-1667
CoreText
Available for: OS X Lion v10.7 to v10.7.4,
OS X Lion Server v10.7 to v10.7.4
Impact: Applications that use CoreText may be vulnerable to an
unexpected application termination or arbitrary code execution
Description: A bounds checking issue existed in the handling of text
glyphs, which may lead to out of bounds memory reads or writes. This
issue was addressed through improved bounds checking. This issue does
not affect Mac OS X v10.6 or OS X Mountain Lion systems.
CVE-ID
CVE-2012-3716 : Jesse Ruderman of Mozilla Corporation
Data Security
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4,
OS X Mountain Lion v10.8 and v10.8.1
Impact: An attacker with a privileged network position may intercept
user credentials or other sensitive information
Description: TrustWave, a trusted root CA, has issued, and
subsequently revoked, a sub-CA certificate from one of its trusted
anchors. This sub-CA facilitated the interception of communications
secured by Transport Layer Security (TLS). This update adds the
involved sub-CA certificate to OS X's list of untrusted certificates.
DirectoryService
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8
Impact: If the DirectoryService Proxy is used, a remote attacker may
cause a denial of service or arbitrary code execution
Description: A buffer overflow existed in the DirectoryService
Proxy. This issue was addressed through improved bounds checking.
This issue does not affect OS X Lion and Mountain Lion systems.
CVE-ID
CVE-2012-0650 : aazubel working with HP's Zero Day Initiative
ImageIO
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted PNG image may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in libpng's
handling of PNG images. These issues were addressed through improved
validation of PNG images. These issues do not affect OS X Mountain
Lion systems.
CVE-ID
CVE-2011-3026 : Juri Aedla
CVE-2011-3048
ImageIO
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted TIFF image may lead to an
unexpected application termination or arbitrary code execution
Description: An integer overflow issue existed in libTIFF's handling
of TIFF images. This issue was addressed through improved validation
of TIFF images. This issue does not affect OS X Mountain Lion
systems.
CVE-ID
CVE-2012-1173 : Alexander Gavrun working with HP's Zero Day
Initiative
Installer
Available for: OS X Lion v10.7 to v10.7.4,
OS X Lion Server v10.7 to v10.7.4
Impact: Remote admins and persons with physical access to the system
may obtain account information
Description: The fix for CVE-2012-0652 in OS X Lion 10.7.4 prevented
user passwords from being recorded in the system log, but did not
remove the old log entries. This issue was addressed by deleting log
files that contained passwords. This issue does not affect Mac OS X
10.6 or OS X Mountain Lion systems.
CVE-ID
CVE-2012-0652
International Components for Unicode
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Applications that use ICU may be vulnerable to an unexpected
application termination or arbitrary code execution
Description: A stack buffer overflow existed in the handling of ICU
locale IDs. This issue was addressed through improved bounds
checking. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2011-4599
Kernel
Available for: OS X Lion v10.7 to v10.7.4,
OS X Lion Server v10.7 to v10.7.4
Impact: A malicious program could bypass sandbox restrictions
Description: A logic issue existed in the handling of debug system
calls. This may allow a malicious program to gain code execution in
other programs with the same user privileges. This issue was
addressed by disabling handling of addresses in PT_STEP and
PT_CONTINUE. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-0643 : iOS Jailbreak Dream Team
LoginWindow
Available for: OS X Mountain Lion v10.8 and v10.8.1
Impact: A local user may be able to obtain other user's login
passwords
Description: A user-installed input method could intercept password
keystrokes from Login Window or Screen Saver Unlock. This issue was
addressed by preventing user-installed methods from being used when
the system is handling login information.
CVE-ID
CVE-2012-3718 : An anonymous researcher
Mail
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing an e-mail message may lead to execution of web
plugins
Description: An input validation issue existed in Mail's handling of
embedded web plugins. This issue was addressed by disabling third-
party plug-ins in Mail. This issue does not affect OS X Mountain Lion
systems.
CVE-ID
CVE-2012-3719 : Will Dormann of the CERT/CC
Mobile Accounts
Available for: OS X Mountain Lion v10.8 and v10.8.1
Impact: A user with access to the contents of a mobile account may
obtain the account password
Description: Creating a mobile account saved a hash of the password
in the account, which was used to login when the mobile account was
used as an external account. The password hash could be used to
determine the user's password. This issue was addressed by creating
the password hash only if external accounts are enabled on the system
where the mobile account is created.
CVE-ID
CVE-2012-3720 : Harald Wagener of Google, Inc.
PHP
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4,
OS X Mountain Lion v10.8 and v10.8.1
Impact: Multiple vulnerabilities in PHP
Description: >PHP is updated to version 5.3.15 to address multiple
vulnerabilities, the most serious of which may lead to arbitrary code
execution. Further information is available via the PHP web site at
http://www.php.net
CVE-ID
CVE-2012-0831
CVE-2012-1172
CVE-2012-1823
CVE-2012-2143
CVE-2012-2311
CVE-2012-2386
CVE-2012-2688
PHP
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: PHP scripts which use libpng may be vulnerable to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of
PNG files. This issue was addressed by updating PHP's copy of libpng
to version 1.5.10. This issue does not affect OS X Mountain Lion
systems.
CVE-ID
CVE-2011-3048
Profile Manager
Available for: OS X Lion Server v10.7 to v10.7.4
Impact: An unauthenticated user could enumerate managed devices
Description: An authentication issue existed in the Device
Management private interface. This issue was addressed by removing
the interface. This issue does not affect OS X Mountain Lion
systems.
CVE-ID
CVE-2012-3721 : Derick Cassidy of XEquals Corporation
QuickLook
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted .pict file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of
.pict files. This issue was addressed through improved validation of
.pict files. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-0671 : Rodrigo Rubira Branco (twitter.com/bsdaemon) from the
Qualys Vulnerability & Malware Research Labs (VMRL)
QuickTime
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: An integer overflow existed in QuickTime's handling of
sean atoms. This issue was addressed through improved bounds
checking. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-0670 : Tom Gallagher (Microsoft) and Paul Bates (Microsoft)
working with HP's Zero Day Initiative
QuickTime
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: An uninitialized memory access existed in the handling
of Sorenson encoded movie files. This issue was addressed through
improved memory initialization. This issue does not affect OS X
Mountain Lion systems.
CVE-ID
CVE-2012-3722 : Will Dormann of the CERT/CC
QuickTime
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of RLE
encoded movie files. This issue was addressed through improved bounds
checking. This issue does not affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-0668 : Luigi Auriemma working with HP's Zero Day Initiative
Ruby
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7 to v10.7.4, OS X Lion Server v10.7 to v10.7.4
Impact: An attacker may be able to decrypt data protected by SSL
Description: There are known attacks on the confidentiality of SSL
3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode.
The Ruby OpenSSL module disabled the 'empty fragment' countermeasure
which prevented these attacks. This issue was addressed by enabling
empty fragments. This issue does not affect OS X Mountain Lion
systems.
CVE-ID
CVE-2011-3389
USB
Available for: OS X Lion v10.7 to v10.7.4,
OS X Lion Server v10.7 to v10.7.4
Impact: Attaching a USB device may lead to an unexpected system
termination or arbitrary code execution
Description: A memory corruption issue existed in the handling of
USB hub descriptors. This issue was addressed through improved
handling of the bNbrPorts descriptor field. This issue does not
affect OS X Mountain Lion systems.
CVE-ID
CVE-2012-3723 : Andy Davis of NGS Secure
Note: OS X Mountain Lion v10.8.2 includes the content of
Safari 6.0.1. For further details see "About the security content
of Safari 6.0.1" at http://http//support.apple.com/kb/HT5502
OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update
2012-004 may be obtained from the Software Update pane in System
Preferences, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
The Software Update utility will present the update that applies
to your system configuration. Only one is needed, either
OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 or Security Update
2012-004.
For OS X Mountain Lion v10.8.1
The download file is named: OSXUpd10.8.2.dmg
Its SHA-1 digest is: d6779e1cc748b78af0207499383b1859ffbebe33
For OS X Mountain Lion v10.8
The download file is named: OSXUpdCombo10.8.2.dmg
Its SHA-1 digest is: b08f10233d362e39f20b69f91d1d73f5e7b68a2c
For OS X Lion v10.7.4
The download file is named: MacOSXUpd10.7.5.dmg
Its SHA-1 digest is: e0a9582cce9896938a7a541bd431862d93893532
For OS X Lion v10.7 and v10.7.3
The download file is named: MacOSXUpdCombo10.7.5.dmg
Its SHA-1 digest is: f7a26b164fa10dae4fe646e57b01c34a619c8d9b
For OS X Lion Server v10.7.4
The download file is named: MacOSXServerUpd10.7.5.dmg
Its SHA-1 digest is: a891b03bfb4eecb745c0c39a32f39960fdb6796a
For OS X Lion Server v10.7 and v10.7.3
The download file is named: MacOSXServerUpdCombo10.7.5.dmg
Its SHA-1 digest is: df6e1748ab0a3c9e05c890be49d514673efd965e
For Mac OS X v10.6.8
The download file is named: SecUpd2012-004.dmg
Its SHA-1 digest is: 5b136e29a871d41012f0c6ea1362d6210c8b4fb7
For Mac OS X Server v10.6.8
The download file is named: SecUpdSrvr2012-004.dmg
Its SHA-1 digest is: 9b24496be15078e58a88537700f2f39c112e3b28
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJQWhlbAAoJEPefwLHPlZEwwjwQAKrpQlZh1B2mkSTLxR7QZg6e
Qm7SmIZL9sjl5gQkTxoAvOGxJ8uRdYPlJ1IpyU/MbK0GqO53KmFSeKkwCnvLKMaW
pc6tiFaQ4zV4LEAwBAFEuqCsMyPEJqKDhYXl2cHQmWfAlrLCyCKfzGLy2mY2UnkE
DQC2+ys70DChFv2GzyXlibBXAGMKDygJ5dVKynsi1ceZLYWbUJoGwlUtXPylBpnO
QyGWXmEloPbhK6HJbKMNacuDdVcb26pvIeFiivkTSxPVlZ3ns2tAwEyvHrzA9O4n
7rQ6jvfDbguOZmM5sPFvVKBw2GVDBNU+G3T8ouIXhk6Pjhr4in8VFCb8MIMLb8hm
7YYn2z1TzKTNmUuYbwe6ukQvf57cPuW0bAvslbl6PgrzqorlNPU4rDoSvPrJx/RO
BOYkcxfirevHDGibfkeqXPjL3h+bVrb1USZpAv+ZOAy0M89SHFcvMtpAhxnoGiV5
w4EyKB+9Yi/CSAk2Ne3Y5kHH7/v3pWV68aJwhVirya7ex3vnJ+M+lRLKSm2BUjL3
+9fykrJBDujFDXoCmK5CN5Wx36DSVZ4VO1h635crotudtcvd+LQ2VHma/Chav5wK
q5SSllf4KEownpx6o/qTxpg5tcC4lvgTcsDHlYcNq2s8KTTjmOden8ar4h7M7QD2
xyBfrQfG/dsif6jGHaot
=8joH
-----END PGP SIGNATURE-----
| VAR-201111-0003 | CVE-2011-0941 | Cisco Unified Communications Manager and Cisco IOS Memory leak vulnerability |
CVSS V2: 7.8 CVSS V3: - Severity: HIGH |
Memory leak in Cisco Unified Communications Manager (CUCM) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su3, 8.x before 8.0(3a)su1, and 8.5 before 8.5(1), and Cisco IOS 12.4 and 15.1, allows remote attackers to cause a denial of service (memory consumption and process failure or device reload) via a malformed SIP message, aka Bug IDs CSCti75128 and CSCtj09179. Cisco Unified Communications Manager (CUCM) and Cisco IOS Contains a memory leak vulnerability
| VAR-201111-0322 | No CVE | Parallels Plesk Panel Cross-Site Scripting Vulnerability |
CVSS V2: - CVSS V3: - Severity: HIGH |
Plesk is a comprehensive control panel solution for managing your site. A cross-site scripting vulnerability exists in Parallels Plesk Panel. Since some unspecified input is not properly filtered before being returned to the user, an attacker can exploit the vulnerability to execute arbitrary HTML and script code in the user's browser session of the affected site context. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Parallels Plesk Panel Cross-Site Scripting and SQL Injection
Vulnerabilities
SECUNIA ADVISORY ID:
SA46158
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46158/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46158
RELEASE DATE:
2011-10-30
DISCUSS ADVISORY:
http://secunia.com/advisories/46158/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46158/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46158
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
David Hoyt has reported multiple vulnerabilities in Parallels Plesk
Panel, which can be exploited by malicious people to conduct
cross-site scripting and SQL injection attacks.
1) Certain unspecified input is not properly sanitised before being
returned to the user.
The vulnerabilities are reported in versions 10.0 through 10.2.
SOLUTION:
Update to version 10.3 or apply patch.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
David Hoyt
ORIGINAL ADVISORY:
David Hoyt:
http://xss.cx/examples/plesk-reports/xss-reflected-cross-site-scripting-cwe79-capec86-plesk-parallels-control-panel-version-20110407.20.html
http://xss.cx/examples/plesk-reports/plesk-redhat-el6-psa-10.2.0-build-1011110331.18-xss-sqli-cwe79-cwe89-javascript-injection-exception-example-poc-report-paros-burp-suite-pro-1.4.1.html
Parallels:
http://kb.parallels.com/112403
http://kb.parallels.com/112402
http://kb.parallels.com/112401
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201401-0260 | CVE-2013-6467 | Libreswan Service disruption in (DoS) Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Libreswan 3.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. Openswan is a VPN implemented using ipsec technology.
Versions prior to Libreswan 3.8 are vulnerable. Openswan is prone to a remote denial-of-service vulnerability due to a use-after-free error.
An attacker may exploit this issue to crash the application, resulting in a denial-of-service condition.
Note: This issue occurs only when Openswan is configured with 'nhelpers=0'.
Openswan 2.3.0 to 2.6.36 are vulnerable
| VAR-201110-0495 | No CVE | Trend Micro InterScan Web Security Suite 'patchCmd' Privilege Escalation Vulnerability |
CVSS V2: - CVSS V3: - Severity: MEDIUM |
Trend Micro InterScan Web Security Suite can create PatchExe.sh or RollbackExe in CWD by executing an error in the setuid/setgid root/opt/trend/iwss/data/patch/bin/patchCmd binary when performing certain operations. Sh script, execute the binary file to get root privileges. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Trend Micro InterScan Web Security Suite "patchCmd" Privilege
Escalation Vulnerability
SECUNIA ADVISORY ID:
SA46610
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46610/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46610
RELEASE DATE:
2011-10-28
DISCUSS ADVISORY:
http://secunia.com/advisories/46610/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46610/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46610
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Buguroo Offensive Security has discovered a vulnerability in Trend
Micro InterScan Web Security Suite for Linux, which can be exploited
by malicious, local users to gain escalated privileges.
The vulnerability is confirmed in version 3.1 Build 1027 for Linux.
Other versions may also be affected.
SOLUTION:
Restrict access to trusted users only.
PROVIDED AND/OR DISCOVERED BY:
Jose Ramon Villa, Buguroo Offensive Security
ORIGINAL ADVISORY:
http://buguroo.com/adv/BSA-2011-002.txt
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201111-0137 | CVE-2011-3992 | Multiple D-Link products vulnerable to buffer overflow |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Buffer overflow in the SSH server functionality on the D-Link DES-3800 with firmware before 4.50B052, DWL-2100AP with firmware before 2.50RC548, and DWL-3200AP with firmware before 2.55RC549 allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors. Multiple D-Link products contain a buffer overflow vulnerability. Multiple D-Link products contain a buffer overflow vulnerability due to a SSH implementation issue. Hisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. The problem exists in the SSH server provided by the device. Unexplained security vulnerabilities allow remote attackers to perform buffer overflow attacks. Successful exploitation of a vulnerability can execute arbitrary code in the context of an application.
Very few details are available regarding this issue. We will update this BID when more information emerges. Failed exploit attempts will likely result in a denial-of-service condition.
The issue affects the following:
D-Link DES-3800 firmware prior to R4.50B052
D-Link DWL-2100AP firmware prior to 2.50RC548
D-Link DWL-3200AP firmware prior to 2.55RC549. D-Link is a network company founded by Taiwan D-Link Group, dedicated to the R&D, production and marketing of LAN, broadband network, wireless network, voice network and related network equipment. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
D-Link Products SSH Server Buffer Overflow Vulnerability
SECUNIA ADVISORY ID:
SA46637
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46637/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46637
RELEASE DATE:
2011-10-29
DISCUSS ADVISORY:
http://secunia.com/advisories/46637/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46637/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46637
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in multiple D-Link products, which
can be exploited by malicious people to compromise a vulnerable
device.
SOLUTION:
Update to fixed firmware (please see the vendor's advisory for
details).
PROVIDED AND/OR DISCOVERED BY:
JVN credits Hisashi Kojima, and Masahiro Nakada, Fujitsu Laboratories
Ltd.
ORIGINAL ADVISORY:
D-Link (DL-VU2011-001):
http://www.dlink-jp.com/page/sc/F/security_info20111028.html
JVN:
http://jvn.jp/en/jp/JVN72640744/index.html
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000092.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201112-0164 | CVE-2011-4895 | Tor Enumerated bridge vulnerabilities |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Tor before 0.2.2.34, when configured as a bridge, sets up circuits through a process different from the process used by a client, which makes it easier for remote attackers to enumerate bridges by observing circuit building. Tor is prone to a bridge enumeration weakness.
Successful exploits will allow attackers to obtain sensitive information to launch further attacks.
Versions prior to Tor 0.2.2.34 are vulnerable