The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:

vulnerability CVE-2013-2074

KDE: password displayed in KIO Slave HTTP error messages

Synthesis of the vulnerability

A local attacker can trigger a network error, so that KDE displays an error message containing the password used by the HTTP KIO Slave.
Impacted products: Debian, Fedora, Unix (platform) ~ not comprehensive.
Severity: 1/4.
Consequences: user access/rights, data reading.
Provenance: user shell.
Creation date: 13/05/2013.
Identifiers: 319428, BID-59808, CVE-2013-2074, DLA-952-1, FEDORA-2013-8689, FEDORA-2013-8717, VIGILANCE-VUL-12770.

Description of the vulnerability

The HTTP KIO Slave processes HTTP sessions in background.

When a network error occurs, the kioslave/http/http.cpp file calls m_request.url.url() to generate the error message. However, this url can contain the password required to access to the resource (http://user:password@server/).

A local attacker can therefore trigger a network error, so that KDE displays an error message containing the password used by the HTTP KIO Slave.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note 12769

LibreOffice Cacl: links followed without Control

Synthesis of the vulnerability

When the user configured the security option "Ctrl-click required to follow hyperlinks", it is not honored in LibreOffice Calc, so an attacker can force the victim to browse a site.
Impacted products: LibreOffice.
Severity: 1/4.
Consequences: data reading.
Provenance: document.
Creation date: 13/05/2013.
Identifiers: 51296, VIGILANCE-VUL-12769.

Description of the vulnerability

LibreOffice has an option requiring the user to press on the Control key, before clicking on a link, in order to open it:
 - Options
 - LibreOffice
 - Security
 - Options
 - Ctrl-click required to follow hyperlinks

However, LibreOffice Calc accepts to follow the link, even if the user did not press the Control key.

When the user configured the security option "Ctrl-click required to follow hyperlinks", it is not honored in LibreOffice Calc, so an attacker can therefore force the victim to browse a site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin 12768

GnuPG: denial of service via keyblock

Synthesis of the vulnerability

An attacker can force the victim to import a key with a malformed keyblock, in order to trigger a denial of service of GnuPG.
Impacted products: GnuPG.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 13/05/2013.
Identifiers: VIGILANCE-VUL-12768.

Description of the vulnerability

The GnuPG software can import keys.

However, if keyblock packets are invalid, an error occurs.

An attacker can therefore force the victim to import a key with a malformed keyblock, in order to trigger a denial of service of GnuPG.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2013-2977

IBM Notes: integer overflow of PNG

Synthesis of the vulnerability

An attacker can send an email containing a malicious PNG image, to generate an integer overflow in IBM Notes, in order to trigger a denial of service, and possibly to execute code.
Impacted products: Notes.
Severity: 3/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Creation date: 07/05/2013.
Identifiers: BID-59693, CERTA-2013-AVI-357, CVE-2013-2977, swg21633819, swg21635878, VIGILANCE-VUL-12767.

Description of the vulnerability

An attacker can send an email containing a malicious PNG image, to generate an integer overflow in IBM Notes, in order to trigger a denial of service, and possibly to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2013-2028

nginx: buffer overflow of Chunked TE

Synthesis of the vulnerability

An attacker can use a chunked Transfer-Encoding, to generate a buffer overflow in nginx, in order to trigger a denial of service, and possibly to execute code.
Impacted products: nginx.
Severity: 3/4.
Consequences: user access/rights, denial of service on service.
Provenance: internet client.
Creation date: 07/05/2013.
Identifiers: BID-59699, CERTA-2013-AVI-294, CVE-2013-2028, VIGILANCE-VUL-12766.

Description of the vulnerability

The HTTP Transfer-Encoding header can use the "chunked" type, to indicate that data is split in chunks before being transmitted.

The http/ngx_http_parse.c file of nginx reassembles these chunks. However, if the size of data is too large and becomes negative, a buffer overflow occurs.

An attacker can therefore use a chunked Transfer-Encoding, to generate a buffer overflow in nginx, in order to trigger a denial of service, and possibly to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability 12765

WordPress: Cross Site Scripting of Live Comment Preview

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in Live Comment Preview of WordPress, in order to execute JavaScript code in the context of the web site.
Impacted products: WordPress Plugins ~ not comprehensive.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 07/05/2013.
Identifiers: BID-59652, VIGILANCE-VUL-12765.

Description of the vulnerability

The Live Comment Preview plugin displays comments.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting in Live Comment Preview of WordPress, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2013-2707

WordPress: Cross Site Request Forgery of Login With Ajax

Synthesis of the vulnerability

An attacker can trigger a Cross Site Request Forgery in Login With Ajax of WordPress, in order to force the victim to perform operations.
Impacted products: WordPress Plugins ~ not comprehensive.
Severity: 2/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 07/05/2013.
Identifiers: BID-59663, CVE-2013-2707, VIGILANCE-VUL-12764.

Description of the vulnerability

The Login With Ajax plugin processes authentication.

However, the origin of queries is not checked. They can for example originate from an image included in an HTML document.

An attacker can therefore trigger a Cross Site Request Forgery in Login With Ajax of WordPress, in order to force the victim to perform operations.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2013-2698

WordPress: Cross Site Request Forgery of Calendar

Synthesis of the vulnerability

An attacker can trigger a Cross Site Request Forgery in Calendar of WordPress, in order to force the victim to perform operations.
Impacted products: WordPress Plugins ~ not comprehensive.
Severity: 2/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 07/05/2013.
Identifiers: BID-59661, CVE-2013-2698, VIGILANCE-VUL-12763.

Description of the vulnerability

The Calendar plugin is used to manage events.

However, the origin of queries is not checked. They can for example originate from an image included in an HTML document.

An attacker can therefore trigger a Cross Site Request Forgery in Calendar of WordPress, in order to force the victim to perform operations.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2013-7331 CVE-2013-7332

Internet Explorer: file detection via XMLDOM

Synthesis of the vulnerability

An attacker can create an HTML page using XMLDOM of Internet Explorer, in order to detect if a file or a directory exists on user's computer.
Impacted products: IE.
Severity: 1/4.
Consequences: data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 07/05/2013.
Identifiers: BID-59657, BID-65601, BID-65854, CVE-2013-7331, CVE-2013-7332, VIGILANCE-VUL-12762, VU#539289.

Description of the vulnerability

The Microsoft.XMLDOM ActiveX is used to process XML documents.

The loadXML() method loads a document. If an error occurs, an error message is stored in the parseError.errorCode, parseError.reason and parseError.line attributes.

However, as this error message depends on the context, an attacker can use it to obtain information.

An attacker can therefore create an HTML page using XMLDOM of Internet Explorer, in order to detect if a file or a directory exists on user's computer.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2013-3254

WordPress: Cross Site Scripting of WP Photo Album Plus

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in WP Photo Album Plus of WordPress, in order to execute JavaScript code in the context of the web site.
Impacted products: WordPress Plugins ~ not comprehensive.
Severity: 2/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 07/05/2013.
Identifiers: BID-59655, CVE-2013-3254, VIGILANCE-VUL-12761.

Description of the vulnerability

The WP Photo Album Plus plugin is used to manage photos.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting in WP Photo Album Plus of WordPress, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

Previous page   Next page

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1141 1161 1181 1201 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1241 1261 1281 1301 1321 1341 1361 1381 1401 1421 1441 1461 1481 1501 1521 1541 1561 1581 1601 1621 1641 1661 1681 1701 1721 1741 1761 1781 1801 1821 1841 1861 1881 1901 1921 1941 1961 1981 2001 2021 2041 2061 2081 2101 2121 2141 2161 2181 2201 2221 2241 2261 2281 2301 2321 2341 2361 2381 2401 2421 2441 2461 2481 2501 2521 2541 2561 2581 2601 2621 2641 2661 2681 2701 2721 2741 2761 2781 2801 2821 2841 2861 2881 2899