Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - May 07, 2012

by: Carol~ May 7, 2012 8:23 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - May 07, 2012

by Carol~ Moderator - 5/7/12 8:23 AM

Adobe Flash Player Object Confusion Vulnerability

Release Date : 2012-05-07

Criticality level : Extremely critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: Adobe Flash Player 11.x

Description:
A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error related to object confusion. No further information is currently available.

Successful exploitation allows execution of arbitrary code.

NOTE: The vulnerability is reportedly being actively exploited in targeted attacks.

The vulnerability is reported in the following versions:
* Adobe Flash Player versions 11.2.202.233 and prior for Windows, Macintosh, and Linux.
* Adobe Flash Player versions 11.1.115.7 and prior for Android 4.x and versions 11.1.111.8 and prior for Android 3.x and 2.x.

Solution:
Update to a fixed version.

Provided and/or discovered by:
Reported as a 0-day.

Original Advisory:
Adobe (APSB12-09):
http://www.adobe.com/support/security/bulletins/apsb12-09.html

http://secunia.com/advisories/49096/


Reply
Report offensive post
Email to friend

Apple Mac OS X FileVault Plain Text Password Logging

by Carol~ Moderator - 5/7/12 8:27 AM

In Reply to: VULNERABILITIES / FIXES - May 07, 2012 by Carol~ Moderator

Apple Mac OS X FileVault Plain Text Password Logging Security Issue

Release Date : 2012-05-07

Criticality level : Not critical
Impact : Security Bypass
Where : Local system
Solution Status : Vendor Workaround

Operating System: Apple Macintosh OS X

Description:
A security issue has been reported in Apple Mac OS X, which can be exploited by malicious people with physical access to bypass certain security restrictions.

The security issue is caused due to the debug switch being enabled within FileVault when using "Legacy FileVault". This may lead to users' password being saved in DEBUGLOG in plain text and can be exploited to read the password via FireWire target disk mode.

Successful exploitation requires that OS X is upgraded from an older version and uses the "Legacy FileVault" feature.

The security issue is reported in version 10.7.3.

Solution:
As a workaround use FileVault 2.

Provided and/or discovered by:
tarwinator in a forum post.

Original Advisory:
https://discussions.apple.com/thread/3715366

http://secunia.com/advisories/49039/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for php

by Carol~ Moderator - 5/7/12 8:27 AM

In Reply to: VULNERABILITIES / FIXES - May 07, 2012 by Carol~ Moderator

Release Date : 2012-05-07

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System: Ubuntu Linux 10.04
Ubuntu Linux 11.04
Ubuntu Linux 11.10
Ubuntu Linux 12.04
Ubuntu Linux 8.04

Description:
Ubuntu has issued an update for php. This fixes a vulnerability, which can be exploited by malicious people to disclose certain sensitive information or compromise a vulnerable system.

Solution:
Apply updated packages.

Original Advisory:
USN-1437-1:
http://www.ubuntu.com/usn/usn-1437-1/

http://secunia.com/advisories/49097/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Genium CMS "itemID" Cross-Site Scripting Vulnerability

by Carol~ Moderator - 5/7/12 8:27 AM

In Reply to: VULNERABILITIES / FIXES - May 07, 2012 by Carol~ Moderator

Release Date : 2012-05-07

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: Genium CMS

Description:
Vulnerability Lab has reported a vulnerability in Genium CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "itemID" parameter to galerie.php5 is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Solution:
Filter malicious characters and character sequences using a proxy.

Provided and/or discovered by:
Vulnerability Lab.

Original Advisory:
http://www.vulnerability-lab.com/get_content.php?id=517

http://secunia.com/advisories/49067/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for rpm and rpm-python

by Carol~ Moderator - 5/7/12 8:27 AM

In Reply to: VULNERABILITIES / FIXES - May 07, 2012 by Carol~ Moderator

Release Date : 2012-05-07

Criticality level : Less critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System: openSUSE 11.4
openSUSE 12.1

Description:
SUSE has issued an update for rpm and rpm-python. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:0588-1:
http://lists.opensuse.org/opensuse-updates/2012-05/msg00004.html

openSUSE-SU-2012:0589-1:
http://lists.opensuse.org/opensuse-updates/2012-05/msg00005.html

http://secunia.com/advisories/49110/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

IBM Tivoli Access Manager for e-business Java Double Literal

by Carol~ Moderator - 5/7/12 8:29 AM

In Reply to: VULNERABILITIES / FIXES - May 07, 2012 by Carol~ Moderator

IBM Tivoli Access Manager for e-business Java Double Literal Denial of Service Vulnerability

Release Date : 2012-05-07

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch

Software: IBM Tivoli Access Manager for e-business 6.x

Description:
IBM has acknowledged a vulnerability in Tivoli Access Manager for e-business, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is reported in version 6.1.1.

Solution:
Apply patch 6.1.1-TIV-TAM-FP0005.

Original Advisory:
IBM:
http://www-01.ibm.com/support/docview.wss?uid=swg24032592

http://secunia.com/advisories/49108/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

IBM OS/400 OpenSSL DER Format Data Processing Vulnerability

by Carol~ Moderator - 5/7/12 10:45 AM

In Reply to: VULNERABILITIES / FIXES - May 07, 2012 by Carol~ Moderator

Release Date : 2012-05-07

Criticality level : Highly critical
Impact : DoS
System access
Where : From remote
Solution Status : Vendor Patch

Operating System: IBM OS/400 6.x

Description:
IBM has acknowledged a vulnerability in OS/400, which can be exploited by malicious people to potentially compromise an application using the library.

The vulnerability is reported in version V6R1M0.

Solution:
Apply patch 5733SC1.

Original Advisory:
IBM (SE51936):
http://www-01.ibm.com/support/docview.wss?uid=nas2d7439844d1fd14f0862579f5003c71ce

http://secunia.com/advisories/49107/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Symantec Web Gateway "l" Cross-Site Scripting Vulnerability

by Carol~ Moderator - 5/7/12 11:36 AM

In Reply to: VULNERABILITIES / FIXES - May 07, 2012 by Carol~ Moderator

Release Date : 2012-05-07

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Operating System: Symantec Web Gateway 5.x

Description:
A vulnerability has been discovered in Symantec Web Gateway, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed via the "l" parameter to spywall/timer.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability is confirmed in version 5.0.2.8. Other versions may also be affected.

Solution:
Filter malicious characters and character sequences using a proxy.

Provided and/or discovered by:
B00y@.

http://secunia.com/advisories/49064/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

EMC Documentum IRM Server Multiple Denial of Service

by Carol~ Moderator - 5/7/12 11:37 AM

In Reply to: VULNERABILITIES / FIXES - May 07, 2012 by Carol~ Moderator

EMC Documentum IRM Server Multiple Denial of Service Vulnerabilities

Release Date : 2012-05-07

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Unpatched

Software: EMC Documentum IRM Server 4.x

Description:
Luigi Auriemma has reported multiple vulnerabilities in EMC Documentum IRM Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

1) A NULL pointer dereference error exists when processing version compatibility check requests and can be exploited to cause a crash.

2) An unspecified error exists when processing commands with an invalid ID and can be exploited to consume server resources.

3) A NULL pointer dereference error exists when processing commands after an invalid version compatibility check request has been sent and can be exploited to cause a crash.

The vulnerabilities are reported in versions 4.6.1.1995 and prior.

Solution:
Restrict access to trusted hosts only.

Provided and/or discovered by:
Luigi Auriemma

Original Advisory:
http://aluigi.altervista.org/adv/irm_1-adv.txt

http://secunia.com/advisories/48690/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

ConnMan "dhcpv6_get_option()" Denial of Service

by Carol~ Moderator - 5/7/12 11:38 AM

In Reply to: VULNERABILITIES / FIXES - May 07, 2012 by Carol~ Moderator

ConnMan "dhcpv6_get_option()" Denial of Service Vulnerability

Release Date : 2012-05-07

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch

Software: ConnMan 0.x

Description:
A vulnerability has been reported in ConnMan, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the "dhcpv6_get_option()" function (gdhcp/client.c) when parsing certain responses. This can be exploited to trigger an infinite loop and cause a crash by sending specially crafted DHCP packets.

The vulnerability is reported in versions prior to 0.85.

Solution:
Update to version 0.85.

Provided and/or discovered by:
Reported in a SUSE bug report.

Original Advisory:
https://bugzilla.novell.com/show_bug.cgi?id=715172

http://secunia.com/advisories/49033/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

VMware Workstation / Player / Fusion Two Privilege

by Carol~ Moderator - 5/7/12 11:45 AM

In Reply to: VULNERABILITIES / FIXES - May 07, 2012 by Carol~ Moderator

VMware Workstation / Player / Fusion Two Privilege Escalation Vulnerabilities

Release Date : 2012-05-04
Last Update: 2012-05-07

Criticality level : Less critical
Impact : Privilege escalation
Where : Local system
Solution Status : Partial Fix

Software: VMware Fusion 4.x
VMware Player 4.x
VMware Workstation 8.x

Description:
Two vulnerabilities have been reported in VMware Workstation, VMware Player, and VMware Fusion, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges.

The vulnerabilities are reported in the following products:
* VMware Workstation prior to 8.0.3.
* VMware Player prior to 4.0.3.
* VMware Fusion prior to 4.1.2.

Solution:
Update to a fixed version.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
VMSA-2012-0009:
http://www.vmware.com/security/advisories/VMSA-2012-0009.html

http://secunia.com/advisories/49032


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Pidgin Two Denial of Service Weaknesses

by Carol~ Moderator - 5/7/12 12:40 PM

In Reply to: VULNERABILITIES / FIXES - May 07, 2012 by Carol~ Moderator

Release Date : 2012-05-07

Criticality level : Not critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Software: Pidgin 2.x

Description:
Two weaknesses have been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service).

1) An error within SOCKS5 proxy handling code (libpurple/proxy.c) can be exploited to dereference an invalid pointer and cause a crash by sending multiple specially crafted file transfer requests.

Successful exploitation of this weakness requires that the victim accepts at least one file transfer request.

2) An error within the "msn_message_parse_payload()" function (libpurple/protocols/msn/msg.c) when handling messages with certain characters or character encodings can be exploited to cause a crash.

The weaknesses are reported in versions prior to 2.10.4.

Solution:
Update to version 2.10.4.

Provided and/or discovered by:
The vendor credits:
1) Jose Valentin Gutierrez
2) Fabian Yamaguchi

Original Advisory:
http://www.pidgin.im/news/security/?id=62
http://www.pidgin.im/news/security/?id=63

http://secunia.com/advisories/49036/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

OpenStack Dashboard (Horizon) Session Fixation Weakness

by Carol~ Moderator - 5/7/12 6:04 PM

In Reply to: VULNERABILITIES / FIXES - May 07, 2012 by Carol~ Moderator

Release Date : 2012-05-07

Criticality level : Not critical
Impact : Highjacking
Where : From remote
Solution Status : Vendor Workaround

Software: OpenStack Dashboard (Horizon) 2012.x

Description:
A weakness has been reported in OpenStack Dashboard (Horizon), which can be exploited by malicious users to conduct session fixation attacks.

The weakness is caused due to the application reusing session IDs and can be exploited to gain access to the session by tricking a user into logging in using the same browser instance.

The weakness is reported in versions 2012.1 and 2012.2. Other versions may also be affected.

Solution:
Fixed in the GIT repository.

Provided and/or discovered by:
The vendor credits Thomas Biege, SUSE Linux.

Original Advisory:
https://lists.launchpad.net/openstack/msg11263.html
https://bugs.launchpad.net/horizon/+bug/978896

http://secunia.com/advisories/49024/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close