19.02.2010
Обнаруженные уязвимости с 15 февраля по 19 февраля 2010 года
- Многочисленные уязвимости безопасности в ядре Linux
- Обход защиты gnome-screensaver
- Переполнение буфера в OpenOffice
- DoS против MIT Kerberos 5
- Squid HTCP Packets Processing Denial of Service Vulnerability
- OpenOffice.org Data Processing Multiple Code Execution Vulnerabilities
Оглавление
- Многочисленные уязвимости безопасности в ядре Linux
- Обход защиты gnome-screensaver
- Переполнение буфера в OpenOffice
- DoS против MIT Kerberos 5
- Squid HTCP Packets Processing Denial of Service Vulnerability
- OpenOffice.org Data Processing Multiple Code Execution Vulnerabilities
Возврат к списку
Description: DoS условия, доступ к памяти ядра, повышение привилегий,
слабые разрешения.
CVE: CVE-2010-0415
CVE-2010-0410
CVE-2010-0309
CVE-2010-0307
CVE-2010-0306
CVE-2010-0298
CVE-2010-0291
CVE-2010-0007
CVE-2010-0003
CVE-2009-4538
CVE-2009-4536
CVE-2009-4027
CVE-2009-3939
URL: http://securityvulns.ru/news/Linux/kernel/1002-2.html
Date: 2010-02-16
Возврат к списку
Description: Отказ скринсейвера при подключении монитора.
CVE: CVE-2010-0414
URL: http://securityvulns.ru/news/gnome/screensaver/hotplug.html
Date: 2010-02-16
Возврат к списку
Description: Переполнения буфера при разборе документов Microsoft Word.
CVE: CVE-2009-3302
CVE-2009-3301
URL: http://securityvulns.ru/news/OpenOffice/HO.html
Date: 2010-02-17
Возврат к списку
Description: DoS против KDC при обработке запроса.
CVE: CVE-2010-0283
URL: http://securityvulns.ru/news/MIT/KRB5/1002.html
Date: 2010-02-17
Возврат к списку
Description: A vulnerability has been identified in Squid, which could be exploited by attackers to cause a denial of service. This issue is caused by an error when processing malformed HTCP (Hypertext Caching Protocol) packets, which could be exploited by remote attackers to crash an affected server, creating a denial of service condition.
CVE: CVE-2010-0639
URL: http://www.vupen.com/english/advisories/2010/0371
Date: 2010-02-15
Возврат к списку
Description: Multiple vulnerabilities have been identified in OpenOffice.org, which could be exploited by attackers to compromise a vulnerable system.
The first issue is caused by a heap overflow error when processing malformed records in a Word document, which could be exploited by attackers to execute arbitrary code.
The second vulnerability is caused by a heap overflow error when processing malformed records in a Word document, which could be exploited by attackers to compromise a vulnerable system.
The third issue is caused by a buffer overflow error when parsing GIF data, which could be exploited by attackers to execute arbitrary code.
The fourth vulnerability is caused by an integer overflow error when processing XPM data, which could be exploited by attackers to execute arbitrary code.
The fifth issue is caused by an error in the Windows version of the application which is includes a vulnerable version of the MSVC Runtime. For additional information, see : VUPEN/ADV-2009-2034
The sixth vulnerability is caused by an error in libxmlsec. For additional information, see : VUPEN/ADV-2009-1911
The seventh issue is caused by an error in libxml2. For additional information, see : VUPEN/ADV-2006-3453
Critical: 4/4 Critical
CVE: CVE ID
URL: http://www.vupen.com/english/advisories/2010/0366
Date: 2010-02-15
Возврат к списку