Ad: Manage updates with the Download App
ie8 fix

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - September 17, 2012

by: Carol~ September 17, 2012 5:45 AM PDT

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - September 17, 2012

by Carol~ Moderator - 9/17/12 5:45 AM

Microsoft Internet Explorer Unspecified Code Execution Vulnerability

Release Date : 2012-09-17

Criticality level : Extremely critical
Impact : System access
Where : From remote
Solution Status : Unpatched

Software: Microsoft Internet Explorer 7.x
Microsoft Internet Explorer 8.x

Description:
A vulnerability has been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error and may be related to handling of "<img>" arrays. No further information is currently available.

Successful exploitation allows execution of arbitrary code.

NOTE: This is currently being actively exploited.

The vulnerability is reported on a fully patched Windows XP SP3. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Reported as a 0-day.

Original Advisory:
http://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over-yet/

http://secunia.com/advisories/50626/


Reply
Report offensive post
Email to friend

Oracle Business Transaction Management SOAP Web Service

by Carol~ Moderator - 9/17/12 5:46 AM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Oracle Business Transaction Management SOAP Web Service Directory Traversal Vulnerability

Release Date : 2012-09-17

Criticality level : Moderately critical
Impact : System access
Where : From local network
Solution Status : Unpatched

Software: Oracle Business Transaction Management (BTM) 12.x

Description:
A vulnerability has been reported in Oracle Business Transaction Management, which can be exploited by malicious people to compromise a vulnerable system.

Input passed to the "writeToFile()" method in the FlashTunnelService SOAP interface is not properly verified before being used to store files. This can be exploited to upload arbitrary files via directory traversal sequences.

The vulnerability is reported in version 12.1.0.7. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Andrea Micalizzi aka rgod.

Original Advisory:
http://www.exploit-db.com/exploits/20318/

http://secunia.com/advisories/50642/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

OptiPNG Palette Reduction Use-After-Free Vulnerability

by Carol~ Moderator - 9/17/12 6:05 AM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Release Date : 2012-09-17

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: OptiPNG 0.x

Description:
A vulnerability has been reported in OptiPNG, which can be exploited by malicious people to potentially compromise a user's system.

The vulnerability is caused due to a use-after-free error related to the palette reduction functionality. No further information is currently available.

Success exploitation may allow execution of arbitrary code.

The vulnerability is reported in version 0.7, 0.7.1, and 0.7.2.

Solution:
Update to version 0.7.3.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sourceforge.net/news/?group_id=151404

http://secunia.com/advisories/50654/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for inn

by Carol~ Moderator - 9/17/12 6:05 AM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Release Date : 2012-09-17

Criticality level : Less critical
Impact : Manipulation of data
Where : From remote
Solution Status : Vendor Patch

Operating System : openSUSE 11.4
openSUSE 12.1

Description:
SUSE has issued an update for inn. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:1171-1:
http://lists.opensuse.org/opensuse-updates/2012-09/msg00058.html

http://secunia.com/advisories/50661/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for java-1_4_2-ibm

by Carol~ Moderator - 9/17/12 6:36 AM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Release Date : 2012-09-17

Criticality level : Highly critical
Impact : Manipulation of data
Exposure of sensitive information
DoS
System access
Where : From remote
Solution Status : Vendor Patch

Operating System : SUSE Linux Enterprise Server (SLES) 10
SUSE Linux Enterprise Server (SLES) 11

Description:
SUSE has issued an update for java-1_4_2-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
SUSE-SU-2012:1177-1:
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html

http://secunia.com/advisories/50659/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for java-1_6_0-openjdk

by Carol~ Moderator - 9/17/12 6:36 AM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Release Date : 2012-09-17

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System : openSUSE 11.4
openSUSE 12.1

Description:
SUSE has issued an update for java-1_6_0-openjdk. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:1175-1:
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00019.html

http://secunia.com/advisories/50651/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for xen

by Carol~ Moderator - 9/17/12 7:16 AM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Release Date : 2012-09-17

Criticality level : Less critical
Impact : Privilege escalation
DoS
Where : Local system
Solution Status : Vendor Patch

Operating System : openSUSE 11.4

Description:
SUSE has issued an update for xen. This fixes multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:1174-1:
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html

http://secunia.com/advisories/50653/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for xen (2)

by Carol~ Moderator - 9/17/12 7:16 AM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Release Date : 2012-09-17

Criticality level : Less critical
Impact : Privilege escalation
DoS
Where : Local system
Solution Status : Vendor Patch

Operating System : openSUSE 12.1

Description:
SUSE has issued an update for xen. This fixes multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:1172-1:
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html

http://secunia.com/advisories/50625/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

SUSE update for qemu

by Carol~ Moderator - 9/17/12 7:48 AM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Release Date : 2012-09-17

Criticality level : Less critical
Impact : Privilege escalation
Where : Local system
Solution Status : Vendor Patch

Operating System : openSUSE 11.4
openSUSE 12.1

Description:
SUSE has issued an update for qemu. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges.

Solution:
Apply updated packages via the zypper package manager.

Original Advisory:
openSUSE-SU-2012:1170-1:
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00016.html

http://secunia.com/advisories/50632/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for kernel

by Carol~ Moderator - 9/17/12 7:48 AM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Release Date : 2012-09-17

Criticality level : Less critical
Impact : DoS
Where : From remote
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 11.10

Description:
Ubuntu has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Apply updated packages.

Original Advisory:
USN-1568-1:
http://www.ubuntu.com/usn/usn-1568-1/

http://secunia.com/advisories/45671/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for kernel (2)

by Carol~ Moderator - 9/17/12 7:49 AM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Release Date : 2012-09-17

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 11.04

Description:
Ubuntu has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).

Solution:
Apply updated packages.

Original Advisory:
USN-1567-1:
http://www.ubuntu.com/usn/usn-1567-1/

http://secunia.com/advisories/50650/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Trend Micro InterScan Messaging Security Suite Cross-Site

by Carol~ Moderator - 9/17/12 7:51 AM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Trend Micro InterScan Messaging Security Suite Cross-Site Scripting and Request Forgery

Release Date : 2012-09-17

Criticality level : Less critical
Impact : Cross Site Scripting
Where : From remote
Solution Status : Unpatched

Software: Trend Micro InterScan Messaging Security Suite 7.x

Description:
Two vulnerabilities have been reported in Trend Micro InterScan Messaging Security Suite, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.

1) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. create an arbitrary user with administrative privileges if a logged-in administrative user visits a malicious web site

2) Input passed to the "src" parameter in initUpdSchPage.imss is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerabilities are reported in version 7.1-Build_Win32_1394. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
US-CERT credits Tom Gregory.

Original Advisory:
http://www.kb.cert.org/vuls/id/471364

http://secunia.com/advisories/50620/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Moodle Multiple Vulnerabilities

by Carol~ Moderator - 9/17/12 7:53 AM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Release Date : 2012-09-17

Criticality level : Moderately critical
Impact : Security Bypass
Exposure of system information
Where : From remote
Solution Status : Vendor Patch

Software: Moodle 2.1.x
Moodle 2.2.x
Moodle 2.3.x

Description:
A weaknesses and some security issues have been reported in Moodle, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to disclose certain system information and bypass certain security restrictions.

1) The application does not properly restrict access to certain actions and can be exploited to show and hide topics and setting the current topic.

Successful exploitation of this security issue requires course editing capabilities.

This security issue is reported in versions 2.3 through 2.3.1+ and 2.2 through 2.2.4+.

2) The application does not verify the publication state of a blog when handling embedded files and can be exploited to access embedded files of an unpublished blog.

3) An error due to the application not properly verifying a certain permission can be exploited to reset a course by directly accessing the reset page.

4) The application does not properly restrict access to certain functions when using a web service token linked to certain external services and can be exploited to access otherwise restricted functionality.

The security issues #2 through #4 are reported in versions 2.3 through 2.3.1+, 2.2 through 2.2.4+, and 2.1 through 2.1.7+.

5) The application displays the full installation path within an error message when handling malformed requests in theme/yui_combo.php.

This weakness is reported in versions 2.3 through 2.3.1+.

Solution:
Update to version 2.1.8, 2.2.5, or 2.3.2.

Provided and/or discovered by:
The vendor credits:
1) Alexander Bias
2) Kyle Decot
3) Rex Lorenzo
4) Nathan Mares
5) Mark Baseggio

Original Advisory:
Moodle (MSA-12-0052, MSA-12-0053, MSA-12-0054, MSA-12-0055, MSA-12-0056):
http://moodle.org/mod/forum/discuss.php?d=211556
http://moodle.org/mod/forum/discuss.php?d=211557
http://moodle.org/mod/forum/discuss.php?d=211558
http://moodle.org/mod/forum/discuss.php?d=211559
http://moodle.org/mod/forum/discuss.php?d=211560

http://secunia.com/advisories/50588/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

XML-RPC for C/C++ Expat Denial of Service Vulnerabilities

by Carol~ Moderator - 9/17/12 2:37 PM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Release Date : 2012-09-17

Criticality level : Moderately critical
Impact : DoS
Where : From remote
Solution Status : Vendor Workaround

Software: XML-RPC for C/C++ (xmlrpc-c) 1.x

Description:
Some vulnerabilities have been reported in XML-RPC for C/C++, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library.

The vulnerabilities exist in the bundled version of Expat XML Parser.

The vulnerabilities are reported in version 1.31 and prior.

Solution:
Fixed in the source code repository (scheduled for release in version 1.32).

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://xmlrpc-c.sourceforge.net/change.html

http://secunia.com/advisories/50648/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Debian update for devscripts

by Carol~ Moderator - 9/17/12 2:37 PM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Release Date : 2012-09-17

Criticality level : Less critical
Impact : DoS
System access
Where : From remote
Solution Status : Vendor Patch

Operating System : Debian GNU/Linux 6.0

Description:
Debian has issued an update for devscripts. This fixes some weaknesses, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

1) Certain input passed to the dverify script is not properly verified before being used as arguments for external commands and can be exploited to execute arbitrary code via a specially crafted source package.

2) Certain input passed to the dget script is not properly verified when processing .dsc and .changes files and can be exploited to delete arbitrary files via a specially crafted source package.

3) Certain input passed to the dget script is not properly sanitised when processing .dsc and .changes files and can be exploited to execute arbitrary code via a specially crafted source package.

4) A race condition error in the annotate-output script when handling temporary files can be exploited to manipulate arbitrary files via symbolic link attacks.

Solution:
Apply updated packages via the apt-get package manager.

Provided and/or discovered by:
The vendor credits:
1 - 3) Raphael Geissert
4) Jim Meyering, Red Hat

Original Advisory:
DSA-2549-1:
http://www.debian.org/security/2012/dsa-2549

http://secunia.com/advisories/50600/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Liferay Portal Wiki Portlet Arbitrary File Deletion

by Carol~ Moderator - 9/17/12 2:37 PM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Liferay Portal Wiki Portlet Arbitrary File Deletion Vulnerability

Release Date : 2012-09-17

Criticality level : Less critical
Impact : Manipulation of data
Where : From remote
Solution Status : Vendor Patch

Software: Liferay Portal 6.x

Description:
A vulnerability has been reported in Liferay Portal, which can be exploited by malicious users to manipulate certain data.

The vulnerability is caused due to an unspecified error and can be exploited to delete arbitrary files.

Successful exploitation requires permissions to delete a file attachment.

The vulnerability is reported in versions 6.1.0 CE GA1 and 6.1.10 EE GA1.

Solution:
Apply 6.1.0-ce-ga1-security-3.0

Provided and/or discovered by:
The vendor credits Sam Kong

Original Advisory:
www.liferay.com/community/security-team/known-vulnerabilities/-/asset_publisher/T8Ei/content/cst-sa-lps-28934-delete-any-file-on-the-server-wiki-

http://secunia.com/advisories/50646/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Auxilium PetRatePro Multiple Vulnerabilities

by Carol~ Moderator - 9/17/12 2:39 PM

In Reply to: VULNERABILITIES / FIXES - September 17, 2012 by Carol~ Moderator

Release Date : 2012-09-17

Criticality level : Less critical
Impact : Cross Site Scripting
Manipulation of data
System access
Where : From remote
Solution Status : Unpatched

Software: Auxilium PetRatePro

Description:
Multiple vulnerabilities have been discovered in Auxilium PetRatePro, which can be exploited by malicious people to conduct cross-site request and SQL injection attacks and compromise a vulnerable system.

1) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. create an arbitrary user with administrative privileges if a logged-in administrative user visits a malicious web site.

2) Input passed via the "phid" parameter to viewcomments.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

3) An error due to the admin/sitebanners/upload_banners.php script allowing the upload of files with arbitrary extensions to a folder inside the webroot. This can be exploited to execute arbitrary PHP code by uploading a PHP file

Solution:
No official solution is currently available.

Provided and/or discovered by:
DaOne

Original Advisory:
http://www.exploit-db.com/exploits/21329/

http://secunia.com/advisories/50617/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close