The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:

vulnerability announce CVE-2014-4143 CVE-2014-6323 CVE-2014-6337

IE: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of IE.
Impacted products: IE.
Severity: 4/4.
Consequences: user access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 17.
Creation date: 12/11/2014.
Identifiers: 3003057, CERTFR-2014-AVI-465, CVE-2014-4143, CVE-2014-6323, CVE-2014-6337, CVE-2014-6339, CVE-2014-6340, CVE-2014-6341, CVE-2014-6342, CVE-2014-6343, CVE-2014-6344, CVE-2014-6345, CVE-2014-6346, CVE-2014-6347, CVE-2014-6348, CVE-2014-6349, CVE-2014-6350, CVE-2014-6351, CVE-2014-6353, MS14-065, VIGILANCE-VUL-15612, ZDI-14-374, ZDI-14-375, ZDI-14-376, ZDI-14-377, ZDI-14-378, ZDI-14-379, ZDI-14-380, ZDI-14-381.

Description of the vulnerability

Several vulnerabilities were announced in IE.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2014-4143, ZDI-14-375]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2014-6337]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2014-6341, ZDI-14-376]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2014-6342, ZDI-14-377]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2014-6343, ZDI-14-378]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2014-6344, ZDI-14-379]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2014-6347, ZDI-14-374]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2014-6348, ZDI-14-380]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2014-6351, ZDI-14-381]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:4/4; CVE-2014-6353]

An attacker can escalate his privileges. [severity:2/4; CVE-2014-6349]

An attacker can escalate his privileges. [severity:2/4; CVE-2014-6350]

An attacker can access to another domain, in order to obtain sensitive information. [severity:2/4; CVE-2014-6340]

An attacker can access to another domain, in order to obtain sensitive information. [severity:2/4; CVE-2014-6345]

An attacker can access to another domain, in order to obtain sensitive information. [severity:2/4; CVE-2014-6346]

An attacker can read the Clipboard, in order to obtain sensitive information. [severity:2/4; CVE-2014-6323]

An attacker can bypass ASLR, in order to obtain sensitive information. [severity:2/4; CVE-2014-6339]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2014-6332

Windows OLE: memory corruption

Synthesis of the vulnerability

An attacker can invite the victim to open a malicious Office document, to generate a memory corruption in OLE of Windows, in order to trigger a denial of service, and possibly to execute code.
Impacted products: Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista.
Severity: 3/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Creation date: 12/11/2014.
Identifiers: 3011443, CERTFR-2014-AVI-464, CVE-2014-6332, MS14-064, VIGILANCE-VUL-15611, VU#158647.

Description of the vulnerability

The OLE (Object Linking and Embedding) feature is used by two Windows applications to share data. For example, a Word document can contain Excel data.

However, a PowerPoint document containing a malformed OLE object corrupts the Windows memory.

An attacker can therefore invite the victim to open a malicious Office document, to generate a memory corruption in OLE of Windows, in order to trigger a denial of service, and possibly to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2014-8510

Trend Micro InterScan Web Security: file reading via AdminUI

Synthesis of the vulnerability

An attacker can read files via the administration Web application of Trend Micro InterScan Web Security, in order to obtain sensitive information.
Impacted products: InterScan Web Security Suite.
Severity: 2/4.
Consequences: data reading.
Provenance: user account.
Creation date: 07/11/2014.
Identifiers: CVE-2014-8510, VIGILANCE-VUL-15610, ZDI-14-373.

Description of the vulnerability

The Trend Micro InterScan Web Security product provides an administration Web application.

However, an authenticated user can insert file paths into some fields of the man machine interface, in order to get the content of any file readable by the Web server.

An attacker can therefore read files via the administration Web application of Trend Micro InterScan Web Security, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note 15609

Qt Creator: missing SSH public key validation

Synthesis of the vulnerability

An attacker can intercept communications between Qt Creator and its controlled devices, in order to get the privileges of the authorized user.
Impacted products: Windows (platform) ~ not comprehensive, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights.
Provenance: intranet client.
Creation date: 07/11/2014.
Identifiers: QTCREATORBUG-13339, VIGILANCE-VUL-15609.

Description of the vulnerability

The Qt Creator product may be used to control mobile devices, including though a network.

In the network case, Qt Creator uses SSH. However, it does not check the public key of the SSH server of the device. So an attacker installed as a proxy (man in the middle) can read and modify exchanged data in the same way than if SSH was not used. This is similar to the vulnerablities where an X.509 certificate is not fully validated for SSL connections.

An attacker can therefore intercept communications between Qt Creator and its controlled devices, in order to get the privileges of the authorized user.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2014-8651

KDE workspace: privilege escalation via clock setting

Synthesis of the vulnerability

An attacker can create an illicit ntpdate program and make KDE fix the local clock, in order to escalate his privileges.
Impacted products: Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user account.
Creation date: 07/11/2014.
Identifiers: advisory-20141106-1, CVE-2014-8651, USN-2402-1, VIGILANCE-VUL-15608.

Description of the vulnerability

The desktop environment KDE provides a tool to fix the clock.

This tool uses the well known tool ntpdate (a NTP client) or the legacy rdate. However, it may use a user controlled environment variable PATH to search the ntpdate program. Moreover, for some system configuration, the user can specify the name to the program to be run. So, the user can create a program so named, which will be run by the privileged tool if the system does not provide any ntpdate program.

An attacker can therefore create an illicit ntpdate program and make KDE fix the local clock, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2014-7825 CVE-2014-7826

Linux kernel: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of the Linux kernel.
Impacted products: Fedora, Linux, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: privileged access/rights, denial of service on server, denial of service on service.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 2.
Creation date: 07/11/2014.
Identifiers: CERTFR-2014-AVI-528, CERTFR-2015-AVI-093, CERTFR-2015-AVI-189, CVE-2014-7825, CVE-2014-7826, FEDORA-2014-15200, FEDORA-2014-17244, MDVSA-2014:230, openSUSE-SU-2014:1669-1, openSUSE-SU-2014:1677-1, openSUSE-SU-2014:1678-1, openSUSE-SU-2015:0566-1, RHSA-2014:1943-01, RHSA-2015:0290-01, RHSA-2015:0864-01, SUSE-SU-2014:1693-1, SUSE-SU-2014:1693-2, SUSE-SU-2014:1695-1, SUSE-SU-2014:1695-2, SUSE-SU-2014:1698-1, SUSE-SU-2015:0068-1, SUSE-SU-2015:0481-1, USN-2443-1, USN-2444-1, USN-2445-1, USN-2446-1, USN-2447-1, USN-2447-2, USN-2448-1, USN-2448-2, VIGILANCE-VUL-15607.

Description of the vulnerability

Several vulnerabilities were announced in the Linux kernel.

A local attacker can pass too large system call numbers to the system calls for performance measurement, in order to trigger a denial of service. [severity:1/4; CVE-2014-7825]

A local attacker who has administration privileges can pass too large system call numbers to the system calls for performance measurement, in order to run code with kernel privileges. [severity:1/4; CVE-2014-7826]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2014-8709

Linux kernel: information disclosure via WiFi

Synthesis of the vulnerability

An attacker can sniff the WiFi traffic, incompletely encrypted by the Linux kernel, in order to obtain sensitive information.
Impacted products: Android OS, Linux, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: data reading.
Provenance: radio connection.
Creation date: 07/11/2014.
Identifiers: CERTFR-2014-AVI-528, CERTFR-2015-AVI-093, CERTFR-2015-AVI-165, CVE-2014-8709, openSUSE-SU-2014:1669-1, openSUSE-SU-2014:1677-1, openSUSE-SU-2015:0566-1, RHSA-2015:0290-01, RHSA-2015:1272-01, SUSE-SU-2014:1693-1, SUSE-SU-2014:1693-2, SUSE-SU-2014:1695-1, SUSE-SU-2014:1695-2, SUSE-SU-2014:1698-1, SUSE-SU-2015:0481-1, SUSE-SU-2015:0652-1, USN-2441-1, USN-2442-1, VIGILANCE-VUL-15606.

Description of the vulnerability

The Linux kernel can implement encryption for IEEE 8022.11, in the unusual case the hardware does not provide it.

However, because of an error in the handling of data queued for sending, the first fragment of a IP packet is not rightly encrypted and up to 8 bytes are broadcasted as plain text. These bytes are typically part of the IP header.

An attacker can therefore sniff the WiFi traffic, incompletely encrypted by the Linux kernel, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2014-7990

Cisco IOS XE: privilege escalation via the command "request system shell"

Synthesis of the vulnerability

An attacker can exploit the authentication step of the command "request system shell" of Cisco IOS XE, in order to escalate his privileges.
Impacted products: Cisco Catalyst, IOS XE Cisco, Cisco Router.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user account.
Creation date: 07/11/2014.
Identifiers: CVE-2014-7990, VIGILANCE-VUL-15605.

Description of the vulnerability

The Cisco IOS XE product provides a special command "request system shell".

This command requires an authentication based on a pair challenge-response. However, the response to the challenge is not correctly parsed, which allows to reach a shell process running as root.

An attacker can therefore exploit the authentication step of the command "request system shell" of Cisco IOS XE, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2014-8737

GNU binutils: creation or corruption of files by directory traversal

Synthesis of the vulnerability

An attacker can create an AR archive, in order to create or change files outside the directory the archive is located in.
Impacted products: Debian, Fedora, RHEL, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Consequences: data creation/edition.
Provenance: document.
Creation date: 06/11/2014.
Identifiers: 17533, CVE-2014-8737, DSA-3123-1, DSA-3123-2, FEDORA-2014-17586, FEDORA-2014-17603, FEDORA-2015-0461, FEDORA-2015-0471, FEDORA-2015-0750, MDVSA-2015:029, MDVSA-2015:029-1, RHSA-2015:2079-09, USN-2496-1, VIGILANCE-VUL-15604.

Description of the vulnerability

The tools from the GNU binutils package are used to process program and library files.

AR archives include a field for the file path. However, these patch may contain sequences such as "/..", which allows the archive author to create or files at any location if the archive author guesses where the archive will be extracted.

Other tools from the package, for instance strip and objcopy, that usually process simple files can also process archive files, which allows creation or overwriting of files as extracting the archive would do.

An attacker can therefore create an AR archive, in order to create or change files outside the directory the archive is located in.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2014-3094 CVE-2014-3095 CVE-2014-6097

IBM DB2 9.7: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of IBM DB2 9.7.
Impacted products: DB2 UDB.
Severity: 1/4.
Consequences: denial of service on service.
Provenance: user account.
Number of vulnerabilities in this bulletin: 4.
Creation date: 06/11/2014.
Identifiers: 1450666, CVE-2014-3094, CVE-2014-3095, CVE-2014-6097, CVE-2014-6159, IT02291, IT02433, IT02592, IT02645, IT02646, IT03786, IT04730, IT05074, IT05105, VIGILANCE-VUL-15603.

Description of the vulnerability

Several vulnerabilities were announced in IBM DB2 9.7.

An attacker can use ALTER MODULE, in order to trigger a denial of service. [severity:1/4; CVE-2014-3094, IT02291, IT02592]

An attacker can generate an error in the SQL Compiler, in order to trigger a denial of service. [severity:1/4; CVE-2014-3095, IT02433, IT02645, IT02646]

An attacker can use the ALTER TABLE command, in order to trigger a denial of service. [severity:1/4; CVE-2014-6097, IT03786]

An attacker can use the ALTER TABLE command with AUTO_REVAL set to IMMEDIATE, in order to trigger a denial of service. [severity:1/4; CVE-2014-6159, IT04730, IT05074, IT05105]
Full Vigil@nce bulletin... (Free trial)

Previous page   Next page

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 541 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1141 1161 1181 1201 1221 1241 1261 1281 1301 1321 1341 1361 1381 1401 1421 1441 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1481 1501 1521 1541 1561 1581 1601 1621 1641 1661 1681 1701 1721 1741 1761 1781 1801 1821 1841 1861 1881 1901 1921 1941 1961 1981 2001 2021 2041 2061 2081 2101 2121 2141 2161 2181 2201 2221 2241 2261 2281 2301 2321 2341 2361 2381 2401 2421 2441 2461 2481 2501 2521 2541 2561 2581 2601 2621 2641 2661 2681 2701 2721 2741 2761 2781 2801 2821 2841 2861 2881 2899