Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - March 22, 2012

by: Carol~ March 22, 2012 8:30 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - March 22, 2012

by Carol~ Moderator - 3/22/12 8:30 AM

Google Chrome Multiple Vulnerabilities

Release Date : 2012-03-22

Criticality level : Highly critical
Impact : Security Bypass
System access
Where : From remote
Solution Status : Vendor Patch

Software: Google Chrome 17.x

Description:
Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

1) A use-after-free error exists when handling the first letter.

2) An error exists in the bundled version of libpng.

3) A use-after-free error exists when handling CSS cross-fade.

4) An error when handling the WebGL canvas can be exploited to corrupt memory.

5) A use-after-free error exists in block splitting.

6) A weakness in the native UI does not prompt when installing unpacked extensions.

7) An error exists within the cross-origin policy when handling certain iframes.

8) An invalid read error exists within v8.

The vulnerabilities are reported in versions prior to 17.0.963.83.

Solution:
Update to version 17.0.963.83.

Provided and/or discovered by:
1, 5) miaubiz
3) Arthur Gerkis
4) Ben Vanik, Google
6) PinkiePie
7) Sergey Glazunov
8) Christian Holler

Original Advisory:
http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html

http://secunia.com/advisories/48512/


Reply
Report offensive post
Email to friend

Blue Coat PacketShaper and PolicyCenter OpenSSL Ciphersuite

by Carol~ Moderator - 3/22/12 8:35 AM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

Blue Coat PacketShaper and PolicyCenter OpenSSL Ciphersuite Downgrade Vulnerability

Release Date : 2012-03-22

Crriticality level : Less critical
Ipact : Security Bypass
Where : From local network
Solution Status : Vendor Patch

Software: Blue Coat PolicyCenter 8.x

Description:
Blue Coat has acknowledged a vulnerability in Blue Coat PacketShaper and PolicyCenter, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is reported in all Blue Coat PacketShaper and PolicyCenter versions prior to 8.7.1.

Solution:
Update to version 8.7.1.

Original Advisory:
https://kb.bluecoat.com/index?page=content&id=SA53

http://secunia.com/advisories/48517/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

IBM AIX OpenSSL Multiple Vulnerabilities

by Carol~ Moderator - 3/22/12 8:35 AM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

Release Date : 2012-03-22

Criticality level : Moderately critical
Impact : Exposure of sensitive information
DoS
System access
Where : From remote
Solution Status : Vendor Patch

Operating System: AIX 5.x
AIX 6.x
AIX 7.x

Description:
IBM has acknowledged multiple vulnerabilities in OpenSSL included in AIX, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise an application using the library.

Solution:
Apply fixes (please see the vendor's advisory for details).

Original Advisory:
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc

http://secunia.com/advisories/48528/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Public Knowledge Project Open Journal Systems

by Carol~ Moderator - 3/22/12 8:36 AM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

Public Knowledge Project Open Journal Systems "authors[][url]" Script Insertion Vulnerability

Release Date : 2012-03-22

Criticality level : Moderately critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: Public Knowledge Project Open Journal Systems 2.x

Description:
High-Tech Bridge SA has discovered a vulnerability in Public Knowledge Project Open Journal Systems, which can be exploited by malicious users to conduct script insertion attacks.

Input passed via the "authors[][url]" POST parameter to index.php when handling the step 3 of submissions is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.

Successful exploitation requires "Author" role permissions.

The vulnerability is confirmed in version 2.3.7. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
High-Tech Bridge SA

Original Advisory:
HTB23079:
https://www.htbridge.com/advisory/HTB23079

http://secunia.com/advisories/48449/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Public Knowledge Project Open Journal Systems Multiple

by Carol~ Moderator - 3/22/12 8:36 AM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

Public Knowledge Project Open Journal Systems Multiple Vulnerabilities

Release Date : 2012-03-22

Criticality level : Highly critical
Impact : Cross Site Scripting
Manipulation of data
System access
Where : From remote
Solution Status : Vendor Patch

Software: Public Knowledge Project Open Conference Systems 2.x

Description:
Multiple vulnerabilities have been reported in Public Knowledge Project Open Journal Systems, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks and manipulate certain data.

1) Certain input is not properly sanitised in the "String::stripUnsafeHtml()" function within lib/pkp/classes/core/String.inc.php before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.

2) Input passed via the "editor" and "callback" parameters to lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

3) Input passed via "articleId" when handling submissions is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

4) Input passed via the "param" parameter to lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php is not properly verified before being used to rename or delete files. This can be exploited to rename, move, or delete arbitrary files via directory traversal sequences and URL-encoded NULL bytes.

Note: This can further be exploited by users with "Author" role permissions to execute arbitrary PHP code by renaming and moving an uploaded file.

The vulnerabilities are reported in version 2.3.6. Prior versions may also be affected.

Solution:
Update to version 2.3.7.

Provided and/or discovered by:
1, 2, 4) High-Tech Bridge SA.
3) Reported by the vendor.

Original Advisory:
HTB23079:
https://www.htbridge.com/advisory/HTB23079

Public Knowledge Project Open Journal Systems:
http://pkp.sfu.ca/ojs/RELEASE-2.3.7

http://secunia.com/advisories/48464/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Public Knowledge Project Open Conference Systems Multiple

by Carol~ Moderator - 3/22/12 8:37 AM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

Public Knowledge Project Open Conference Systems Multiple Vulnerabilities

Release Date : 2012-03-22

Criticality level : Moderately critical
Impact : Cross Site Scripting
Manipulation of data
Where : From remote
Solution Status : Vendor Patch

Software: Public Knowledge Project Open Conference Systems 2.x

Description:
Some vulnerabilities have been discovered in Public Knowledge Project Open Conference Systems, which can be exploited by by malicious people to conduct cross-site scripting attacks and manipulate certain data.

1) Input passed via the "editor" and "callback" parameters is not properly sanitised before being returned to the user.

2) Input passed via the "param" parameter is not properly verified before being used to rename or delete files.

The vulnerabilities are confirmed in version 2.3.4. Prior versions may also be affected.

Solution:
Update to version 2.3.5.

Provided and/or discovered by:
Originally reported by High-Tech Bridge SA in Public Knowledge Project Open Journal Systems.

Original Advisory:
Public Knowledge Project Open Conference Systems:
http://pkp.sfu.ca/ocs/RELEASE-2.3.4

http://secunia.com/advisories/48467/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress Blaze Slideshow Plugin Unspecified Vulnerabilities

by Carol~ Moderator - 3/22/12 8:38 AM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

Release Date : 2012-03-22

Criticality level : Moderately critical
Impact : Unknown
Where : From remote
Solution Status : Vendor Patch

Software: WordPress Blaze Slideshow Plugin 2.x

Description:
Some vulnerabilities with an unknown impact have been reported in the Blaze Slideshow plugin for WordPress.

The vulnerabilities are caused due to unspecified errors. Currently there is no further information available.

The vulnerabilities are reported in versions prior to 2.2.

Solution:
Update to version 2.2.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://wordpress.org/extend/plugins/blaze-slide-show-for-wordpress/changelog/

http://secunia.com/advisories/48472/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress Carousel Slideshow Plugin Unspecified

by Carol~ Moderator - 3/22/12 8:39 AM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

WordPress Carousel Slideshow Plugin Unspecified Vulnerabilities

Release Date : 2012-03-22

Criticality level : Moderately critical
Impact : Unknown
Where : From remote
Solution Status : Vendor Patch

Software: WordPress Carousel Slideshow Plugin 3.x

Description:
Some vulnerabilities with an unknown impact have been reported in the Carousel Slideshow plugin for WordPress.

The vulnerabilities are caused due to unspecified errors. Currently there is no further information available.

The vulnerabilities are reported in versions prior to 3.7.

Solution:
Update to version 3.7.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://wordpress.org/extend/plugins/wp-carouselslideshow/changelog/

http://secunia.com/advisories/48470/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Atheme "myuser_delete()" Certificate Fingerprint Handling

by Carol~ Moderator - 3/22/12 9:20 AM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

Atheme "myuser_delete()" Certificate Fingerprint Handling Vulnerability

Release Date : 2012-03-22

Criticality level : Less critical
Impact : Security Bypass
DoS
Where : From remote
Solution Status : Vendor Patch

Software: Atheme 5.x
Atheme 6.x

Description:
A vulnerability has been reported in Atheme, which can be exploited by malicious users to bypass certain security restrictions or cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the "myuser_delete()" function (libathemecore/account.c), which does not delete certificate fingerprints when deleting accounts. This can be exploited to drop an account and reconnect as another user using the same fingerprint or crash the server.

The vulnerability is reported in versions prior to 5.2.7 and 6.0.10.

Solution:
Update to version 5.2.7 or 6.0.10.

Provided and/or discovered by:
Aaron M. D. Jones in a bug report.

Original Advisory:
ASA-2012-03-01:
http://archives.neohapsis.com/archives/fulldisclosure/2012-03/0248.html
http://jira.atheme.org/browse/SRV-166

http://secunia.com/advisories/48481/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Drupal Wishlist Module "wl_reveal" Cross-Site Scripting

by Carol~ Moderator - 3/22/12 12:07 PM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

Drupal Wishlist Module "wl_reveal" Cross-Site Scripting Vulnerability

Release Date : 2012-03-22

Criticality level : Less critical
Impact : Cross Site Scripting
Where: From remote
Solution Status : Vendor Patch

Software: Drupal Wishlist Module 6.x
Drupal Wishlist Module 7.x

Description:
A vulnerability has been reported in the Wishlist module for Drupal, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "wl_reveal" parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is reported in versions 6.x-2.x prior to 6.x-2.6 and 7.x-2.x prior to 7.x-2.6.

Solution:
Update to version 6.x-2.6 or 7.x-2.6

Provided and/or discovered by:
The vendor credits Justin Klein Keane

Original Advisory:
SA-CONTRIB-2012-042:
http://drupal.org/node/1492624

http://secunia.com/advisories/48486/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Debian update for icedove

by Carol~ Moderator - 3/22/12 12:07 PM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

Release Date : 2012-03-22

Criticality level : Highly critical
Impact : Cross Site Scripting
Exposure of sensitive information
System access
Where : From remote
Solution Status : Vendor Patch

Operating System: Debian GNU/Linux 6.0

Description:
Debian has issued an update for icedove. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose certain sensitive information, and compromise a user's system.

Solution:
Apply updated packages via the apt-get package manager.

Original Advisory:
DSA-2437-1:
http://www.debian.org/security/2012/dsa-2437

http://secunia.com/advisories/48483/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for thunderbird

by Carol~ Moderator - 3/22/12 12:07 PM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

Release Date : 2012-03-22

Criticality level : Highly critical
Impact : Security Bypass
Cross Site Scripting
Exposure of sensitive information
System access
Where : From remote
Solution Status : Vendor Patch

Operating System: Ubuntu Linux 11.10

Description:
Ubuntu has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, disclose certain sensitive information, and compromise a user's system.

Solution:
Apply updated packages.

Original Advisory:
USN-1400-3:
http://www.ubuntu.com/usn/usn-1400-3

http://secunia.com/advisories/48513/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

phplist "num" Cross-Site Scripting Vulnerability

by Carol~ Moderator - 3/22/12 12:07 PM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

Release Date : 2012-03-22

Criticality level : Less critical
Impact : Cross Site Scripting
Where: From remote
Solution Status : Vendor Patch

Software: phplist 2.x

Description:
Gjoko Krstic has discovered a vulnerability in phplist, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "num" parameter in admin/index.php (when "page" is set to "reconcileusers" and "option" is set to "bounces") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 2.10.17. Prior versions may also be affected.

Solution:
Update to versions 2.10.18.

Provided and/or discovered by:
Gjoko Krstic, Zero Science Lab.

Original Advisory:
phplist:
https://www.phplist.com/?lid=567

ZSL-2012-5081:
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5081.php

http://secunia.com/advisories/48491/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

OpenOffice.org ODF Document XML External Entity Processing

by Carol~ Moderator - 3/22/12 12:11 PM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

OpenOffice.org ODF Document XML External Entity Processing Information Disclosure Vulnerability

Release Date : 2012-03-22

Criticality level : Less critical
Impact : Exposure of sensitive information
Where: From remote
Solution Status : Vendor Patch

Software: OpenOffice.org 3.x

Description:
A vulnerability has been reported in OpenOffice.org, which can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to an error when processing XML external entities in certain XML components within an ODF document. This can be exploited to disclose the contents of arbitrary files within an ODF document by specially crafted XML entities.

The vulnerability is reported in version 3.3 running on Windows and Mac OS X. Other versions may also be affected.

Solution:
Apply patch.

Provided and/or discovered by:
The vendor credits Timothy D. Morgan of Virtual Security Research, LLC.

Original Advisory:
http://www.openoffice.org/security/cves/CVE-2012-0037.html

http://secunia.com/advisories/48494/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for osc

by Carol~ Moderator - 3/22/12 1:19 PM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

Release Date : 2012-03-22

Criticality level : Moderately critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System: openSUSE 11.4
openSUSE 12.1

Description:
SUSE has issued an update for osc. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to the application not properly sanitising escape sequences, which can be exploited to overwrite files or execute arbitrary commands via a specially crafted build log or build status.

Successful exploitation may allow execution of arbitrary code, but requires tricking a user into connecting to a malicious repository server.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:0400-1:
https://hermes.opensuse.org/messages/14019833

http://secunia.com/advisories/48477/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

WordPress ALO EasyMail Newsletter Plugin Multiple

by Carol~ Moderator - 3/22/12 1:53 PM

In Reply to: VULNERABILITIES / FIXES - March 22, 2012 by Carol~ Moderator

WordPress ALO EasyMail Newsletter Plugin Multiple Unspecified Cross-Site Scripting Vulnerabilities

Release Date : 2012-03-22

Criticality level : Less critical
Impact : Cross Site Scripting
Where: From remote
Solution Status : Vendor Patch

Software: WordPress ALO EasyMail Newsletter Plugin 2.x

Description:
Mutliple vulnerabilities have been reported in the ALO EasyMail Newsletter plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are reported in versions prior to 2.4.5.

Solution:
Update to version 2.4.5.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://wordpress.org/extend/plugins/alo-easymail/changelog/

http://secunia.com/advisories/48482/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close