Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - April 16, 2012

by: Carol~ April 16, 2012 7:57 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - April 16, 2012

by Carol~ Moderator - 4/16/12 7:57 AM

IBM 31-bit SDK for z/OS and IBM 64-bit SDK for z/OS Multiple Vulnerabilities

Release Date : 2012-04-16

Criticality level : Highly critical
Impact : Manipulation of data
Exposure of sensitive information
DoS
System access
Where : From remote
Solution Status : Vendor Patch

Software: IBM 31-bit SDK for z/OS 6.x
IBM 64-bit SDK for z/OS 6.x

Description:
IBM has acknowledged multiple vulnerabilities in IBM 31-bit SDK for z/OS and IBM 64-bit SDK for z/OS, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

Solution:
Apply APAR.

Original Advisory:
IBM (PM59971, PM59978):
http://www.ibm.com/support/docview.wss?uid=swg1PM59971
http://www.ibm.com/support/docview.wss?uid=swg1PM59978

http://secunia.com/advisories/48854/


Reply
Report offensive post
Email to friend

RealPlayer Enterprise Multiple Vulnerabilities

by Carol~ Moderator - 4/16/12 7:58 AM

In Reply to: VULNERABILITIES / FIXES - April 16, 2012 by Carol~ Moderator

Release Date : 2012-04-16

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: RealPlayer Enterprise 2.x

Description:
Multiple vulnerabilities have been repor:ed in RealPlayer Enterprise, which can be exploited by malicious people to compromise a user's system.

The vulnerabilities are reported in versions prior to 2.1.8.

Solution:
Update to version 2.1.8.

Provided and/or discovered by:
The vendor credits:
* Andrzej Dyjak via iDefense Labs
* Damian Put via ZDI
* Luigi Auriemma via ZDI

Original Advisory:
http://helixproducts.real.com/docs/security/SecurityUpdate04062012RPE.pdf

http://secunia.com/advisories/48868/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

MediaXXX Mobile Video Module "query" SQL Injection

by Carol~ Moderator - 4/16/12 8:06 AM

In Reply to: VULNERABILITIES / FIXES - April 16, 2012 by Carol~ Moderator

MediaXXX Mobile Video Module "query" SQL Injection Vulnerability

Release Date : 2012-04-16

Criticality level : Moderately critical
Impact : Manipulation of data
Where : From remote
Solution Status : Unpatched

Software: MediaXXX Mobile Video Module

Description:
A vulnerability has been reported in MediaXXX Mobile Video Module, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed via the "query" parameter to search is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Solution:
Filter malicious characters and character sequences using a proxy.

Provided and/or discovered by:
Daniel Godoy

Original Advisory:
http://www.exploit-db.com/exploits/18743/

http://secunia.com/advisories/48836/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SRWare Iron Multiple Vulnerabilities

by Carol~ Moderator - 4/16/12 8:06 AM

In Reply to: VULNERABILITIES / FIXES - April 16, 2012 by Carol~ Moderator

Release Date : 2012-04-16

Criticality level : Highly critical
Impact : Unknown
System access
Where : From remote
Solution Status : Vendor Patch

Software: SRWare Iron 18.x

Description:
Multiple vulnerabilities have been reported in SRWare Iron, where some have an unknown impact and others can be exploited by malicious people to compromise a user's system.

Solution:
Update to version 18.0.1050.0.

Original Advisory:
http://www.srware.net/forum/viewtopic.php?f=18&t=3521

http://secunia.com/advisories/48866/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for samba

by Carol~ Moderator - 4/16/12 8:06 AM

In Reply to: VULNERABILITIES / FIXES - April 16, 2012 by Carol~ Moderator

Release Date : 2012-04-16

Criticality level : Moderately critical
Impact : System access
DoS
Where : From local network
Solution Status : Vendor Patch

Operating System: SUSE Linux Enterprise Server (SLES) 11

Description:
SUSE has issued an update for samba. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
SUSE-SU-2012:0502-1:
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00008.html

http://secunia.com/advisories/48879/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for samba (2)

by Carol~ Moderator - 4/16/12 8:06 AM

In Reply to: VULNERABILITIES / FIXES - April 16, 2012 by Carol~ Moderator

Release Date : 2012-04-16

Criticality level : Moderately critical
Impact : System access
Where : From local network
Solution Status : Vendor Patch

Operating System: SUSE Linux Enterprise Server (SLES) 10
SUSE Linux Enterprise Server (SLES) 11
SUSE Linux Enterprise Server 9

Software: SUSE Linux Enterprise Server 10 GPLv3 Extras

Description:
SUSE has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
SUSE-SU-2012:0500-1:
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00006.html

SUSE-SU-2012:0501-1:
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00007.html

SUSE-SU-2012:0501-2:
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00010.html

SUSE-SU-2012:0504-1:
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00009.html

http://secunia.com/advisories/48873/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Attachmate Reflection X X.Org xrdb Hostname Command

by Carol~ Moderator - 4/16/12 8:10 AM

In Reply to: VULNERABILITIES / FIXES - April 16, 2012 by Carol~ Moderator

Attachmate Reflection X X.Org xrdb Hostname Command Injection Security Issue

Release Date : 2012-04-16

Criticality level : Less critical
Impact : Privilege escalation
System access
Where : From local network
Solution Status : Vendor Patch

Software: Reflection 14.x
Reflection X 2011

Description:
Attachmate has acknowledged a security issue in Reflection X, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a vulnerable system.

The security issue is reported in versions prior to 14.1 SP2.

Solution:
Update to version 14.1 SP2.

Original Advisory:
http://support.attachmate.com/techdocs/1708.html

http://secunia.com/advisories/48865/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Apache OFBiz Cross-Site Scripting and Code Execution

by Carol~ Moderator - 4/16/12 8:12 AM

In Reply to: VULNERABILITIES / FIXES - April 16, 2012 by Carol~ Moderator

Apache OFBiz Cross-Site Scripting and Code Execution Vulnerabilities

Release Date : 2012-04-16

Criticality level : Highly critical
Impact : Cross Site Scripting
System access
Where : From remote
Solution Status : Vendor Patch

Software: Apache OFBiz 10.x

Description:
Multiple vulnerabilities have been reported in Apache OFBiz, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.

1) Certain unspecified input is not properly sanitised within the "getServerError()" function in checkoutProcess.js before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

2) Certain input passed as parameter arrays is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

3) Certain input related to content IDs and map-keys is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

4) Certain unspecified input passed to the Webslinger component is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

5) An error in the FlexibleStringExpander class when handling strings with nested scripts can be exploited to execute arbitrary code.

The vulnerabilities are reported in version 10.04.01. Prior versions may also be affected.

Solution:
Update to version 10.04.02.

Provided and/or discovered by:
1-4) The vendor credits Matias Madou.
5) Reported by the vendor.

Original Advisory:
Apache:
http://mail-archives.apache.org/mod_mbox/www-announce/201204.mbox/%3C2B984C00-EC65-4455-98D3-55735ABE8AF9@apache.org%3E
http://mail-archives.apache.org/mod_mbox/ofbiz-dev/201204.mbox/%3CA126EDA0-06A5-4B67-8CDD-FC5F5AABA147@apache.org%3E
http://mail-archives.apache.org/mod_mbox/ofbiz-user/201204.mbox/%3C4F378887-E697-44E7-976C-48B9B7475C4D@apache.org%3E

http://secunia.com/advisories/48800/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

IrfanView FlashPix PlugIn Image Decompression Buffer

by Carol~ Moderator - 4/16/12 9:21 AM

In Reply to: VULNERABILITIES / FIXES - April 16, 2012 by Carol~ Moderator

IrfanView FlashPix PlugIn Image Decompression Buffer Overflow

Release Date: 2012-04-13
Last Update: 2012-04-16

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: IrfanView FlashPix PlugIn 4.x

Description:
Francis Provencher has discovered a vulnerability in the FlashPix PlugIn for IrfanView, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to insufficient validation when decompressing FlashPix images and can be exploited to cause a heap-based buffer overflow via a specially crafted FPX file.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is confirmed in version 4.3.2.0. Other versions may also be affected.

Solution:
Update to version 4.3.4.0.

Provided and/or discovered by:
Francis Provencher via Secunia.

Original Advisory:
Francis Provencher:
http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=41&Itemid=41

http://secunia.com/advisories/48772/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

latex2man Insecure Temporary File Security Issue

by Carol~ Moderator - 4/16/12 10:06 AM

In Reply to: VULNERABILITIES / FIXES - April 16, 2012 by Carol~ Moderator

Release Date : 2012-04-16

Criticality level : Less critical
Impact : Privilege escalation
Where : Local system
Solution Status : Unpatched

Software: latex2man 1.x

Description:
A security issue has been reported in latex2man, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

The security issue is caused due to the application creating temporary files in an insecure manner, which can be exploited to e.g. overwrite or delete arbitrary files via symlink attacks.

The security issue is reported in version 1.24. Other versions may also be affected.

Solution:
Restrict access to trusted users only.

Provided and/or discovered by:
Helmut Grohne in a Debian bug report.

Original Advisory:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668779

http://secunia.com/advisories/48860/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

OllyDbg Resource Directory Processing Integer Overflow

by Carol~ Moderator - 4/16/12 10:09 AM

In Reply to: VULNERABILITIES / FIXES - April 16, 2012 by Carol~ Moderator

OllyDbg Resource Directory Processing Integer Overflow Vulnerability

Release Date : 2012-04-16

Criticality level : Less critical
Impact : System access
Where : From remote
Solution Status : Unpatched

Software: OllyDbg 1.x

Description:
Walied Assar has discovered a vulnerability in OllyDbg, which can be exploited by malicious people to potentially compromise a user's system.

The vulnerability is caused due to an integer overflow error when allocating memory based on the size of the resource directory entry. This can be exploited to cause a heap-based buffer overflow via a specially crafted Portable Executable (PE) file.

Successful exploitation may allow execution of arbitrary code, but requires tricking a user into opening a specially crafted file (does not require debugging it).

The vulnerability is confirmed in version 1.10. Other versions may also be affected.

Solution:
Do not open files from untrusted sources.

Provided and/or discovered by:
Walied Assar

Original Advisory:
http://waleedassar.blogspot.com/2012/03/ollydbg-resource-table-parsing-integer.html

http://secunia.com/advisories/48834/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

PacketFence Captive Portal Unspecified Cross-Site Scripting

by Carol~ Moderator - 4/16/12 11:12 AM

In Reply to: VULNERABILITIES / FIXES - April 16, 2012 by Carol~ Moderator

PacketFence Captive Portal Unspecified Cross-Site Scripting Vulnerability

Release Date : 2012-04-16

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Vendor Patch

Software: PacketFence 3.x

Description:
A vulnerability has been reported in PacketFence, which can be exploited by malicious people to conduct cross-site scripting attacks.

Certain unspecified input passed to the captive portal is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is reported in versions prior to 3.3.0.

Solution:
Update to version 3.3.0.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sourceforge.net/mailarchive/message.php?msg_id=29126135

http://secunia.com/advisories/48833/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Gajim Insecure Temporary File Creation Security Issue

by Carol~ Moderator - 4/16/12 12:18 PM

In Reply to: VULNERABILITIES / FIXES - April 16, 2012 by Carol~ Moderator

Release Date : 2012-04-16

Criticality level : Less critical
Impact : Privilege escalation
Where : Local system
Solution Status : Vendor Workaround

Software: Gajim 0.x

Description:
A security issue has been reported in Gajim, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

The security issue is caused due to the "get_tmpfile_name()" function (src/common/latex.py) creating temporary files in an insecure manner, which can be exploited to e.g. overwrite arbitrary files via symlink attacks.

The security issue is reported in version 0.15. Other versions may also be affected.

Solution:
Fixed in the Mercurial repository.

Provided and/or discovered by:
Nico Golde

Original Advisory:
Gajim:
https://trac.gajim.org/changeset/13759/src/common/latex.py

Nico Golde:
http://seclists.org/oss-sec/2012/q2/47

http://secunia.com/advisories/48695/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Debian update for gajim

by Carol~ Moderator - 4/16/12 12:18 PM

In Reply to: VULNERABILITIES / FIXES - April 16, 2012 by Carol~ Moderator

Release Date : 2012-04-16

Criticality level : Highly critical
Impact : Manipulation of data
Privilege escalation
System access
Where : From remote
Solution Status : Vendor Patch

Operating System: Debian GNU/Linux 6.0

Description:
Debian has issued an update for gajim. This fixes a security issue and two vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to conduct SQL injection attacks and compromise a user's system.

Solution:
Apply updated packages via the apt-get package manager.

Original Advisory:
DSA-2453-1:
http://lists.debian.org/debian-security-announce/2012/msg00083.html

http://secunia.com/advisories/48794/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close