The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:

vulnerability CVE-2013-0637 CVE-2013-0638 CVE-2013-0639

Adobe Flash Player: multiple vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities of Adobe Flash Player can be used by an attacker to execute code.
Impacted products: Flash Player, IE, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 4/4.
Consequences: user access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 17.
Creation date: 13/02/2013.
Identifiers: 2755801, BID-57907, BID-57912, BID-57916, BID-57917, BID-57918, BID-57919, BID-57920, BID-57921, BID-57922, BID-57923, BID-57924, BID-57925, BID-57926, BID-57927, BID-57929, BID-57930, BID-57932, BID-57933, CERTA-2013-AVI-127, CVE-2013-0637, CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374, openSUSE-SU-2013:0295-1, openSUSE-SU-2013:0295-2, openSUSE-SU-2013:0298-1, RHSA-2013:0254-01, Security updates available for Adobe Flash Player, SUSE-SU-2013:0296-1, VIGILANCE-VUL-12420.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can trigger a buffer overflow, leading to code execution. [severity:4/4; BID-57912, CVE-2013-1372]

An attacker can trigger a buffer overflow, leading to code execution. [severity:4/4; BID-57916, CVE-2013-0645]

An attacker can trigger a buffer overflow, leading to code execution. [severity:4/4; BID-57917, CVE-2013-1373]

An attacker can trigger a buffer overflow, leading to code execution. [severity:4/4; BID-57918, CVE-2013-1369]

An attacker can trigger a buffer overflow, leading to code execution. [severity:4/4; BID-57919, CVE-2013-1370]

An attacker can trigger a buffer overflow, leading to code execution. [severity:4/4; BID-57920, CVE-2013-1366]

An attacker can trigger a buffer overflow, leading to code execution. [severity:4/4; BID-57921, CVE-2013-1365]

An attacker can trigger a buffer overflow, leading to code execution. [severity:4/4; BID-57922, CVE-2013-1368]

An attacker can trigger a buffer overflow, leading to code execution. [severity:4/4; BID-57923, CVE-2013-0642]

An attacker can trigger a buffer overflow, leading to code execution. [severity:4/4; BID-57924, CVE-2013-1367]

An attacker can use a freed memory area, leading to code execution. [severity:4/4; BID-57930, CVE-2013-0649]

An attacker can use a freed memory area, leading to code execution. [severity:4/4; BID-57932, CVE-2013-1374]

An attacker can use a freed memory area, leading to code execution. [severity:4/4; BID-57933, CVE-2013-0644]

An attacker can trigger an integer overflow, leading to code execution. [severity:4/4; BID-57925, CVE-2013-0639]

An attacker can corrupt the memory, leading to code execution. [severity:4/4; BID-57926, CVE-2013-0638]

An attacker can corrupt the memory, leading to code execution. [severity:4/4; BID-57927, CVE-2013-0647]

An attacker can obtain information. [severity:2/4; BID-57929, CVE-2013-0637]

An attacker can therefore invite the victim to display a malicious web page with Adobe Flash Player, in order to stop the web browser, or to execute code on victim's computer.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2013-1313

Windows XP: code execution via RTF and OLE

Synthesis of the vulnerability

An attacker can invite the victim to open a malicious RTF file using OLE, in order to execute code with his privileges.
Impacted products: Windows XP.
Severity: 3/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 13/02/2013.
Identifiers: 2802968, BID-57863, CERTA-2013-AVI-124, CVE-2013-1313, MS13-020, VIGILANCE-VUL-12419, ZDI-13-024.

Description of the vulnerability

The OLE Automation (Object Linking and Embedding) protocol can be used by applications to share data and call methods.

When a RTF (Rich Text Format) file is opened, OLE Automation features are called. However, this leads to an integer overflow in the SysAllocStringLen() function of the Oleaut32.dll file.

An attacker can therefore invite the victim to open a malicious RTF file using OLE, in order to execute code with his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2013-0076

Windows: privilege elevation via CSRSS

Synthesis of the vulnerability

A local attacker can use a vulnerability of CSRSS, in order to elevate his privileges.
Impacted products: Windows 2008 R0, Windows 2008 R2, Windows 7.
Severity: 2/4.
Consequences: administrator access/rights.
Provenance: user shell.
Creation date: 13/02/2013.
Identifiers: 2790113, BID-57821, CERTA-2013-AVI-123, CVE-2013-0076, MS13-019, VIGILANCE-VUL-12418.

Description of the vulnerability

The CSRSS (Client/Server Run-time Subsystem) subsystem manages user consoles and processes.

However, a reference count error on an object leads to a memory corruption.

A local attacker can therefore use a vulnerability of CSRSS, in order to elevate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2013-0075

Windows: denial of service via FIN_WAIT_2

Synthesis of the vulnerability

An attacker can open a TCP session with a Windows system, and wait for Windows to send a FIN packet, then send a special packet, in order to consume resources, leading to a denial of service.
Impacted products: Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 2/4.
Consequences: denial of service on server.
Provenance: internet client.
Creation date: 13/02/2013.
Revision date: 13/02/2013.
Identifiers: 2790655, BID-57858, CERTA-2013-AVI-122, CVE-2013-0075, MS13-018, VIGILANCE-VUL-12417.

Description of the vulnerability

A TCP session can be ended with a packet with the FIN flag set. A TCP session has several states, such as FIN_WAIT_1 and FIN_WAIT_2 (RFC 793).

When Windows is at the initiative of the TCP session closure, it sends a FIN packet, and jumps to the state FIN_WAIT_1. Then, the remote computer acknowledges this closure, and Windows jumps in the FIN_WAIT_2 state. However, if the acknowledgement packet uses a TCP window size of zero, Windows does not free data structures in memory.

An attacker can therefore open a TCP session with a Windows system, and wait for Windows to send a FIN packet, then send a special packet, in order to consume resources. When this operation is repeated, it leads to a denial of service.

Note: the web service of IIS cannot be used as an attack vector.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2013-1278 CVE-2013-1279 CVE-2013-1280

Windows: privilege elevation via kernel

Synthesis of the vulnerability

A local attacker can use several kernel vulnerabilities, in order to gain system privileges.
Impacted products: Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista, Windows XP.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 3.
Creation date: 13/02/2013.
Identifiers: 2799494, BID-57854, BID-57855, BID-57856, CERTA-2013-AVI-121, CVE-2013-1278, CVE-2013-1279, CVE-2013-1280, MS13-017, VIGILANCE-VUL-12416.

Description of the vulnerability

Three vulnerabilities were announced in the Windows kernel.

An attacker can use a race vulnerability, in order to elevate his privileges. [severity:2/4; BID-57855, CVE-2013-1278]

An attacker can use a race vulnerability, in order to elevate his privileges. [severity:2/4; BID-57856, CVE-2013-1279]

An attacker can use a reference count error, in order to elevate his privileges. [severity:2/4; BID-57854, CVE-2013-1280]

A local attacker can therefore use several kernel vulnerabilities, in order to gain system privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2013-1248 CVE-2013-1249 CVE-2013-1250

Windows: privilege elevation via Win32k

Synthesis of the vulnerability

A local attacker can use several kernel vulnerabilities, in order to gain system privileges.
Impacted products: Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista, Windows XP.
Severity: 2/4.
Consequences: administrator access/rights.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 30.
Creation date: 12/02/2013.
Identifiers: 2778344, BID-57786, BID-57791, BID-57792, BID-57793, BID-57794, BID-57795, BID-57796, BID-57797, BID-57798, BID-57799, BID-57800, BID-57801, BID-57802, BID-57803, BID-57804, BID-57805, BID-57806, BID-57807, BID-57808, BID-57809, BID-57810, BID-57811, BID-57812, BID-57813, BID-57814, BID-57815, BID-57816, BID-57817, BID-57818, BID-57819, CERTA-2013-AVI-120, CVE-2013-1248, CVE-2013-1249, CVE-2013-1250, CVE-2013-1251, CVE-2013-1252, CVE-2013-1253, CVE-2013-1254, CVE-2013-1255, CVE-2013-1256, CVE-2013-1257, CVE-2013-1258, CVE-2013-1259, CVE-2013-1260, CVE-2013-1261, CVE-2013-1262, CVE-2013-1263, CVE-2013-1264, CVE-2013-1265, CVE-2013-1266, CVE-2013-1267, CVE-2013-1268, CVE-2013-1269, CVE-2013-1270, CVE-2013-1271, CVE-2013-1272, CVE-2013-1273, CVE-2013-1274, CVE-2013-1275, CVE-2013-1276, CVE-2013-1277, MS13-016, VIGILANCE-VUL-12415.

Description of the vulnerability

The Win32k driver is the interface to the Windows kernel.

However, an attacker can use several race vulnerabilities on Win32k, in order to elevate his privileges.

A local attacker can therefore use several kernel vulnerabilities, in order to gain system privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2013-0073

Microsoft .NET: code execution via WinForms

Synthesis of the vulnerability

An attacker can invite the victim to display a malicious web site or to install a malicious ASP.NET application, in order to execute code on his computer.
Impacted products: .NET Framework, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows Vista, Windows XP.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights.
Provenance: document.
Creation date: 12/02/2013.
Identifiers: 2800277, BID-57847, CERTA-2013-AVI-119, CVE-2013-0073, MS13-015, VIGILANCE-VUL-12414.

Description of the vulnerability

The Microsoft .NET Framework installs components, which can run:
 - a Microsoft .NET Application (runs locally)
 - a Microsoft ASP.NET Application (runs on a web server)
 - an XAML Browser Application (runs in a web browser, when the user browses an XBAP page)

The WinForms API is used to create a graphical interface. It uses "callbacks" to process delayed actions. However, a callback can bypass CAS (Code Access Security).

An attacker can thus invite the victim to display a malicious web site or to install a malicious ASP.NET application, in order to execute code on his computer.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2013-1281

Windows: denial of service via NFS

Synthesis of the vulnerability

When the NFS service is enabled on Windows, an attacker can use a malicious query, in order to trigger a denial of service.
Impacted products: Windows 2008 R2, Windows 2012.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: intranet client.
Creation date: 12/02/2013.
Identifiers: 2790978, BID-57853, CERTA-2013-AVI-118, CVE-2013-1281, MS13-014, VIGILANCE-VUL-12413.

Description of the vulnerability

The NFS (Network File System) service is used to share files in a Unix environment.

However, this service does not correctly process a read operation on a file, and dereferences a NULL pointer.

When the NFS service is enabled on Windows, an attacker can therefore use a malicious query, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2013-0077

Windows: code execution via Quartz.dll

Synthesis of the vulnerability

An attacker can invite the victim to display a malicious multimedia document, in order to trigger an error during data decoding, which leads to code execution.
Impacted products: Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows Vista, Windows XP.
Severity: 4/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 12/02/2013.
Identifiers: 2780091, BID-57857, CERTA-2013-AVI-115, CVE-2013-0077, MS13-011, VIGILANCE-VUL-12412.

Description of the vulnerability

The Quartz.dll library is used to decode and display multimedia documents.

However, a decoding error corrupts the memory.

An attacker can therefore invite the victim to display a malicious multimedia document, in order to trigger an error during data decoding, which leads to code execution.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2013-0030

Internet Explorer: code execution via VML

Synthesis of the vulnerability

An attacker can invite the victim to display a malicious VML image, in order to execute code on his computer.
Impacted products: IE, Windows RT.
Severity: 4/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 12/02/2013.
Identifiers: 2797052, BID-57852, CERTA-2013-AVI-114, CVE-2013-0030, MS13-010, VIGILANCE-VUL-12411.

Description of the vulnerability

The VML format (Vector Markup Language) stores vector images in XML.

However, malicious VML data corrupt IE memory.

An attacker can therefore invite the victim to display a malicious VML image, in order to execute code on his computer.
Full Vigil@nce bulletin... (Free trial)

Previous page   Next page

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1141 1161 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1201 1221 1241 1261 1281 1301 1321 1341 1361 1381 1401 1421 1441 1461 1481 1501 1521 1541 1561 1581 1601 1621 1641 1661 1681 1701 1721 1741 1761 1781 1801 1821 1841 1861 1881 1901 1921 1941 1961 1981 2001 2021 2041 2061 2081 2101 2121 2141 2161 2181 2201 2221 2241 2261 2281 2301 2321 2341 2361 2381 2401 2421 2441 2461 2481 2501 2521 2541 2561 2581 2601 2621 2641 2661 2681 2701 2721 2741 2761 2775