Ad: Manage updates with the Download App
ie8 fix
Click Here

Spyware, viruses, & security forum: VULNERABILITIES / FIXES - December 11, 2012

by: Carol~ December 11, 2012 10:49 AM PST

Like this

0 people like this thread

Staff pick

VULNERABILITIES / FIXES - December 11, 2012

by Carol~ Moderator - 12/11/12 10:49 AM

Symantec Endpoint Protection Management Console Code Execution Vulnerabilities

Release Date : 2012-12-11

Criticality level : Moderately critical
Impact : System access
Where : From local network
Solution Status : Vendor Patch

Software: Symantec Endpoint Protection 11.x
Symantec Endpoint Protection 12.x
Symantec Endpoint Protection Manager 11.x
Symantec Endpoint Protection Manager 12.x

Description:
Some vulnerabilities have been reported in Symantec Endpoint Protection, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerabilities are caused due to unspecified errors within the management console. No further information is currently available.

The vulnerabilities are reported in the following versions:
* Symantec Endpoint Protection version 11.0
* Symantec Endpoint Protection version 12.0
* Symantec Endpoint Protection version 12.1

Solution:
Update to a fixed version.

Provided and/or discovered by:
The vendor credits an anonymous person via Beyond Security SSD.

Original Advisory:
Symantec (SYM12-019):
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20121210_00

http://secunia.com/advisories/51527/


Reply
Report offensive post
Email to friend

Blue Coat IntelligenceCenter OpenSSL DER Format Data

by Carol~ Moderator - 12/11/12 10:53 AM

In Reply to: VULNERABILITIES / FIXES - December 11, 2012 by Carol~ Moderator

Blue Coat IntelligenceCenter OpenSSL DER Format Data Processing Vulnerabilities

Release Date : 2012-12-11

Criticality level : Highly critical
Impact : DoS
System access
Where : From remote
Solution Status : Unpatched

Software: Blue Coat IntelligenceCenter 3.x

Description:
Blue Coat has acknowledged some vulnerabilities in IntelligenceCenter, which can be exploited by malicious people to potentially compromise a vulnerable system.

The vulnerabilities exist in the bundled version of OpenSSL.

The vulnerabilities are reported in versions 3.1 and 3.2.

Solution:
No official solution is currently available.

Original Advisory:
BlueCoat:
https://kb.bluecoat.com/index?page=content&id=SA70

http://secunia.com/advisories/51522/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Blue Coat ProxySG OpenSSL DER Format Data Processing

by Carol~ Moderator - 12/11/12 10:53 AM

In Reply to: VULNERABILITIES / FIXES - December 11, 2012 by Carol~ Moderator

Blue Coat ProxySG OpenSSL DER Format Data Processing Vulnerabilities

Release Date : 2012-12-11

Criticality level : Highly critical
Impact : DoS
System access
Where : From remote
Solution Status : Vendor Patch

Operating System: Blue Coat ProxySG 5.x
Blue Coat ProxySG 6.x

Description:
Blue Coat has acknowledged some vulnerabilities in ProxySG, which can be exploited by malicious people to potentially compromise a vulnerable system.

The vulnerabilities exist in the bundled version of OpenSSL.

The vulnerabilities are reported in versions 5.4, 5.5, 6.1, 6.2, 6.3..

Solution:
Apply fixes (please see the vendor's advisory for details).

Original Advisory:
BlueCoat:
https://kb.bluecoat.com/index?page=content&id=SA70

http://secunia.com/advisories/51542/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Joomla! JooProperty Component Cross-Site Scripting and SQL

by Carol~ Moderator - 12/11/12 10:53 AM

In Reply to: VULNERABILITIES / FIXES - December 11, 2012 by Carol~ Moderator

Joomla! JooProperty Component Cross-Site Scripting and SQL Injection Vulnerabilities

Release Date : 2012-12-11

Criticality level : Moderately critical
Impact : Cross Site Scripting
Manipulation of data
Where : From remote
Solution Status: Unpatched

Software: JooProperty 1.x (component for Joomla!)

Description:
Two vulnerabilities have been reported in the JooProperty component for Joomla!, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

1) Input passed to the "product_id" parameter in index.php (when "option" is set to "com_jooproperty", "view" is set to "booking", and "layout" is set to "modal") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

2) Input passed via the "product_id" parameter to index.php (when "option" is set to "com_jooproperty", "view" is set to "booking", and "layout" is set to "modal") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities are reported in version 1.13.0. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Daniel Barragan "D4NB4R"

Original Advisory:
http://packetstormsecurity.org/files/118741/Joomla-Jooproperty-SQL-Injection-Cross-Site-Scripting.html

http://secunia.com/advisories/51512/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for mysql-5.1, mysql-5.5, and mysql-dfsg-5.1

by Carol~ Moderator - 12/11/12 10:53 AM

In Reply to: VULNERABILITIES / FIXES - December 11, 2012 by Carol~ Moderator

Release Date : 2012-12-11

Criticality level : Less critical
Impact : System access
Where : From local network
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 10.04
Ubuntu Linux 11.10
Ubuntu Linux 12.04

Description:
Ubuntu has issued an update for mysql. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system.

Solution:
Apply updated packages.

Original Advisory:
USN-1658-1:
http://www.ubuntu.com/usn/usn-1658-1/

http://secunia.com/advisories/51529/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Ubuntu update for gimp

by Carol~ Moderator - 12/11/12 10:53 AM

In Reply to: VULNERABILITIES / FIXES - December 11, 2012 by Carol~ Moderator

Release Date : 2012-12-11

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System : Ubuntu Linux 10.04
Ubuntu Linux 11.10
Ubuntu Linux 12.04

Description:
Ubuntu has issued an update for gimp. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

Solution:
Apply updated packages.

Original Advisory:
USN-1659-1:
http://www.ubuntu.com/usn/usn-1659-1/

http://secunia.com/advisories/51528/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

FreeVimager GIF Image Decompression Array Indexing

by Carol~ Moderator - 12/11/12 11:16 AM

In Reply to: VULNERABILITIES / FIXES - December 11, 2012 by Carol~ Moderator

FreeVimager GIF Image Decompression Array Indexing Vulnerability

Release Date : 2012-12-11

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Unpatched

Software: FreeVimager 4.x

Description:
A vulnerability has been discovered in FreeVimager, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an array indexing error when decompressing image data. This can be exploited to corrupt memory via a specially crafted GIF image containing a large "LZWMinimumCodeSize" value.

Successful exploitation may allow execution of arbitrary code, but requires tricking a user into opening a malicious file.

The vulnerability is confirmed in version 4.1.0. Other versions may also be affected.

Solution:
No official solution is currently available.

Provided and/or discovered by:
Jean Pascal Pereira

Additional information provided by Secunia Research.

Original Advisory:
Jean Pascal Pereira:
http://packetstormsecurity.org/files/118712/FreeVimager-4.1.0-WriteAV-Arbitrary-Code-Execution.html

http://secunia.com/advisories/51518/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Microsoft Internet Explorer Three Use-After-Free

by Carol~ Moderator - 12/11/12 11:24 AM

In Reply to: VULNERABILITIES / FIXES - December 11, 2012 by Carol~ Moderator

Microsoft Internet Explorer Three Use-After-Free Vulnerabilities

Release Date : 2012-12-11

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: Microsoft Internet Explorer 10.x
Microsoft Internet Explorer 6.x
Microsoft Internet Explorer 7.x
Microsoft Internet Explorer 8.x
Microsoft Internet Explorer 9.x

Description:
Three vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.

1) A use-after-free error within the "InjectHTMLStream()" function can be exploited to dereference already freed memory.

2) A use-after-free error within the "CMarkup" class can be exploited to dereference already freed memory.

3) A use-after-free error within "Ref Counting" can be exploited to dereference already freed memory.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.

Solution:
Apply updates.

Provided and/or discovered by:
1, 2) The vendor credits Rosario Valotta.
3) The vendor credits Fermin J. Serna, Google.

Original Advisory:
MS12-077 (KB2761465):
http://technet.microsoft.com/en-us/security/bulletin/ms12-077

http://secunia.com/advisories/51411/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Microsoft Windows OpenType and TrueType Font Parsing

by Carol~ Moderator - 12/11/12 11:31 AM

In Reply to: VULNERABILITIES / FIXES - December 11, 2012 by Carol~ Moderator

Microsoft Windows OpenType and TrueType Font Parsing Vulnerabilities

Release Date : 2012-12-11

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System : Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows RT
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Storage Server 2003
Microsoft Windows Vista
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

Description:
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

1) An error in the OpenType Font (OTF) driver when handling certain objects can be exploited via a specially crafted font file.

2) An error when handling certain TrueType Fonts (TTF) can be exploited via a specially crafted font file.

Successful exploitation of the vulnerabilities allows execution of arbitrary code.

Solution:
Apply patches.

Provided and/or discovered by:
1) Reported by the vendor.
2) The vendor credits Eetu Luodemaa and Joni Vahamaki, Documill via Chromium Security Rewards Program.

Original Advisory:
MS12-078 (KB2779030, KB2753842):
http://technet.microsoft.com/en-us/security/bulletin/ms12-078

http://secunia.com/advisories/51459/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Microsoft Windows IP-HTTPS Certificate Revocation Check

by Carol~ Moderator - 12/11/12 11:45 AM

In Reply to: VULNERABILITIES / FIXES - December 11, 2012 by Carol~ Moderator

Microsoft Windows IP-HTTPS Certificate Revocation Check Bypass Security Issue

Release Date : 2012-12-11

Criticality level : Less critical
Impact : Security Bypass
Where : From remote
Solution Status : Vendor Patch

Operating System : Microsoft Windows Server 2008
Microsoft Windows Server 2012

Description:
A security issue has been reported in Microsoft Windows, which can be exploited by malicious people to bypass certain security restrictions.

The security issue is caused due to the IP-HTTPS component not properly validating the certificates, which can lead to a revoked certificate being considered as valid.

Solution:
Apply updates.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
MS12-083 (KB2765809):
http://technet.microsoft.com/en-us/security/bulletin/ms12-083

http://secunia.com/advisories/51500/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Microsoft Windows Filename Parsing Vulnerability

by Carol~ Moderator - 12/11/12 11:45 AM

In Reply to: VULNERABILITIES / FIXES - December 11, 2012 by Carol~ Moderator

Release Date : 2012-12-11

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System : Microsoft Windows 7
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows Storage Server 2003
Microsoft Windows Vista
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error when parsing file or subfolder names and can be exploited to corrupt memory e.g. via a file with a specially crafted filename.

Successful exploitation allows execution of arbitrary code.

Solution:
Apply patches.

Provided and/or discovered by:
The vendor credits Lucas Apa, IOActive.

Original Advisory:
MS12-081 (KB2758857):
http://technet.microsoft.com/en-us/security/bulletin/ms12-081

http://secunia.com/advisories/51493/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Microsoft Exchange Server Outside In Technology and RSS

by Carol~ Moderator - 12/11/12 12:24 PM

In Reply to: VULNERABILITIES / FIXES - December 11, 2012 by Carol~ Moderator

Microsoft Exchange Server Outside In Technology and RSS Feed Parsing Vulnerabilities

Release Date : 2012-12-11

Criticality level : Highly critical
Impact : DoS
System access
Where : From remote
Solution Status : Vendor Patch

Software: Microsoft Exchange Server 2007
Microsoft Exchange Server 2010

Description:
Multiple vulnerabilities have been reported in Microsoft Exchange Server, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to compromise a vulnerable system.

1) Two vulnerabilities exist in the bundled version of Oracle Outside In Technology libraries.

2) An error when parsing RSS feeds can be exploited to render the Information Store service unresponsive and corrupt Exchange databases.

Solution:
Apply updates.

Provided and/or discovered by:
2) Reported by the vendor.

Original Advisory:
MS12-080 (KB2784126, KB2746157, KB2787763, KB2785908):
http://technet.microsoft.com/en-us/security/bulletin/ms12-080

http://secunia.com/advisories/51474/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Microsoft Office Word RTF "listoverridecount" Parsing

by Carol~ Moderator - 12/11/12 1:20 PM

In Reply to: VULNERABILITIES / FIXES - December 11, 2012 by Carol~ Moderator

Microsoft Office Word RTF "listoverridecount" Parsing Vulnerability

Release Date : 2012-12-11

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Software: Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2007
Microsoft Office 2010
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
Microsoft Office Web Apps
Microsoft Office Word Viewer
Microsoft SharePoint Server 2010

Description:
A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error when parsing Rich Text Format (RTF) data related to the listoverridecount and can be exploited to corrupt memory.

Successful exploitation allows execution of arbitrary code.

Solution:
Apply patches.

Provided and/or discovered by:
The vendor credits an anonymous person via SecuriTeam Secure Disclosure.

Original Advisory:
MS12-079 (KB2687412, KB2760405, KB2760410, KB2760416, KB2760421, KB2760497, KB2760498):
http://technet.microsoft.com/en-us/security/bulletin/ms12-079

http://secunia.com/advisories/51467/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Microsoft Windows DirectPlay Buffer Overflow Vulnerability

by Carol~ Moderator - 12/11/12 1:20 PM

In Reply to: VULNERABILITIES / FIXES - December 11, 2012 by Carol~ Moderator

Release Date : 2012-12-11

Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch

Operating System : Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Storage Server 2003
Microsoft Windows Vista
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error in the DirectPlay component of the DirectX functionality and can be exploited to cause a heap-based buffer overflow.

Successful exploitation may allow execution of arbitrary code, but requires tricking a user into opening a malicious office document.

Solution:
Apply patches.

Provided and/or discovered by:
The vendor credits Aniway via iDefense Labs.

Original Advisory:
MS12-082 (KB2770660):
http://technet.microsoft.com/en-us/security/bulletin/ms12-082

http://secunia.com/advisories/51497/


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Oracle Outside In Technology HTML and JPEG Vulnerabilities

by Carol~ Moderator - 12/11/12 1:26 PM

In Reply to: VULNERABILITIES / FIXES - December 11, 2012 by Carol~ Moderator

Release Date: 2012-10-17
Last Update: 2012-12-11

Criticality level: Moderately critical
Impact : DoS
System access
Where: From remote
Solution Status : Vendor Patch

Software: Oracle Outside In Technology 8.x

Description:
Two vulnerabilities have been reported in Oracle Outside In Technology, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

1) An indexing error in the JPG graphic import filter (ibjpg2.flt) when processing the number of components within a progressive DCT-based image (SOF2) can be exploited to reference an invalid memory handle via a specially crafted quantization table selector value.

Successful exploitation of this vulnerability may allow execution of arbitrary code.

2) An unspecified error in the Outside In HTML Export SDK component can be exploited to cause a crash.

The vulnerabilities are reported in version 8.3.7.

Solution:
Apply updates.

Provided and/or discovered by:
1) Francis Provencher via Secunia.

Original Advisory:
Oracle:
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html#AppendixFMW

Francis Provencher:
http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=63&Itemid=63

http://secunia.com/advisories/50993


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close