The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
History of vulnerabilities analyzed by Vigil@nce:

computer vulnerability bulletin CVE-2005-2712

Domino: denial of service of LDAP

Synthesis of the vulnerability

A network attacker can send an invalid LDAP request in order to stop Lotus Domino Server 7.0.
Impacted products: Domino.
Severity: 1/4.
Consequences: denial of service on service.
Provenance: intranet client.
Creation date: 07/02/2006.
Revision date: 13/02/2006.
Identifiers: BID-16523, CVE-2005-2712, iDEFENSE Security Advisory 02.10.06, VIGILANCE-VUL-5588.

Description of the vulnerability

The LDAP service listens on the 389/tcp port. The LDAP protocol exchanges its data encoding them using ASN.1.

The ASN.1 language (Abstract Syntax Notation 1) defines the format of messages exchanged between two services.

The LDAP service of Lotus Domino Server 7.0 does not correctly decode some ASN.1 sequences. The service then stops.

A network attacker can therefore send malicious ASN.1 data in order to stop LDAP service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2006-0582

Heimdal: file corruption with rshd

Synthesis of the vulnerability

An attacker can connect to rshd in order to overwrite a file, to obtain ownership of this file.
Impacted products: Debian, openSUSE, SLES, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: user account.
Creation date: 07/02/2006.
Identifiers: 2006-02-06, CVE-2006-0582, DSA-977-1, SUSE-SA:2006:010, SUSE-SA:2006:011, VIGILANCE-VUL-5587.

Description of the vulnerability

The Heimdal rshd daemon implements the RSH protocol, which permits to run a shell command on the computer. Rshd users can run commands with their own rights.

User's credentials are stored in a cache file.

However, an authenticated attacker can overwrite any system file with his own cache file. The system file is therefore corrupted, and the attacker becomes its owner. Attacker can then edit this file.

This vulnerability therefore permits an attacker to alter a file in order for example to increase his privileges on the system.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2005-4667

unzip: code execution via file name

Synthesis of the vulnerability

A buffer overflow vulnerability permits an attacker to run code on the machine using very long .zip file names.
Impacted products: Fedora, Mandriva Linux, Mandriva NF, RHEL, RedHat Linux.
Severity: 2/4.
Consequences: privileged access/rights.
Provenance: document.
Creation date: 06/02/2006.
Identifiers: CERTA-2006-AVI-094, CVE-2005-4667, FEDORA-2006-098, FLSA-2006:180159, MDKSA-2005:050, RHSA-2007:0203-02, VIGILANCE-VUL-5586.

Description of the vulnerability

The unzip utility is used to list, test or extract files from a ZIP archive.

An insufficient memory allocation to store the file name of the .zip archive used by unzip causes a buffer overflow.

A local attacker can thus use a .zip file with a very long file name to run code on the machine using unzip.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2005-4636

OpenOffice: loading of hyperlinks despite their deactivation

Synthesis of the vulnerability

The loading of hyperlinks is still active in spite of OpenOffice being configured to deactivate them.
Impacted products: OpenOffice, Mandriva Linux.
Severity: 1/4.
Consequences: no consequence.
Provenance: document.
Creation date: 03/02/2006.
Identifiers: CVE-2005-4636, MDKSA-2006:033, VIGILANCE-VUL-5585.

Description of the vulnerability

The OpenOffice suite permits to load hyperlinks contained in documents.

It is possible to configure OpenOffice to deactivate hyperlinks by setting the variable "Office.Security/HyperLinks/Open" to 0. When it is the case, an error message must alert the user that links have been deactivated.

Despite the use of this security option, hyperlinks are still active.

This vulnerability thus permits to bypass a security option.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2006-0299

Firefox, Thunderbird: data exchange using AnyName object of E4X

Synthesis of the vulnerability

The existence of the AnyName object of E4X permits two scripts to exchange data.
Impacted products: Firefox, Thunderbird, Slackware.
Severity: 1/4.
Consequences: data flow.
Provenance: internet server.
Creation date: 02/02/2006.
Identifiers: BID-16476, CVE-2006-0299, MFSA2006-01, MFSA2006-02, MFSA2006-03, MFSA2006-04, MFSA2006-05, MFSA2006-06, MFSA2006-07, MFSA2006-08, SSA:2006-045-02, VIGILANCE-VUL-5584.

Description of the vulnerability

E4X is a Mozilla extension added in the versions 1.5 of Firefox and Thunderbird.

The existence of the AnyName object of E4X permits two scripts to exchange data.
Thunderbird 1.5 is vulnerable if JavaScript execution is activated.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2006-0298

Firefox: denial of service by reading overflow of the buffer

Synthesis of the vulnerability

When a XML file is parsed, Firefox reads data stored beyond the end of the buffer which causes a denial of service of the application.
Impacted products: Firefox, Slackware.
Severity: 1/4.
Consequences: denial of service on service.
Provenance: internet server.
Creation date: 02/02/2006.
Identifiers: BID-16476, CVE-2006-0298, MFSA2006-01, MFSA2006-02, MFSA2006-03, MFSA2006-04, MFSA2006-05, MFSA2006-06, MFSA2006-07, MFSA2006-08, SSA:2006-045-02, VIGILANCE-VUL-5583.

Description of the vulnerability

The XML parser have been updated in the version 1.5 of Mozilla Firefox.

When a XML file is parsed, Firefox reads data stored beyond the end of the buffer which causes a denial of service of the application.

An attacker can thus causes a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2006-0297

Firefox, Thunderbird: integer overflow in E4X, SVG and Canvas

Synthesis of the vulnerability

Several integer overflow which permit an attacker to run code have been detected in E4X, SVG and Canvas.
Impacted products: Firefox, Thunderbird, Slackware.
Severity: 2/4.
Consequences: privileged access/rights.
Provenance: internet server.
Creation date: 02/02/2006.
Identifiers: BID-16476, CVE-2006-0297, MFSA2006-01, MFSA2006-02, MFSA2006-03, MFSA2006-04, MFSA2006-05, MFSA2006-06, MFSA2006-07, MFSA2006-08, SSA:2006-045-02, VIGILANCE-VUL-5582.

Description of the vulnerability

E4X, SVG, and Canvas are extensions of Mozilla.

Several integer overflows have been detected in E4X, SVG and Canvas.
Thunderbird 1.5 is vulnerable if JavaScript execution is activated.


These overflows permit an attacker to run code on the machine.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2006-0296

Mozilla, Firefox, Thunderbird: JavaScript code injection at the application startup

Synthesis of the vulnerability

An attacker can inject JavaScript code which will be executed during application startup.
Impacted products: Fedora, Mandriva Linux, Firefox, Mozilla Suite, Thunderbird, RHEL, RedHat Linux, Slackware.
Severity: 3/4.
Consequences: privileged access/rights.
Provenance: internet server.
Creation date: 02/02/2006.
Identifiers: 20060201-01-U, BID-16476, CVE-2006-0296, FEDORA-2006-07, FEDORA-2006-075, FEDORA-2006-076, FLSA-2006:180036-1, FLSA-2006:180036-2, MDKSA-2006:036, MDKSA-2006:037, MFSA2006-01, MFSA2006-02, MFSA2006-03, MFSA2006-04, MFSA2006-05, MFSA2006-06, MFSA2006-07, MFSA2006-08, RHSA-2006:019, RHSA-2006:0199-01, RHSA-2006:020, RHSA-2006:0200-01, SSA:2006-045-02, VIGILANCE-VUL-5581, VU#592425.

Description of the vulnerability

The localstore.rdf file contains information about the current user profile. This file is run at the application startup.

The XULDocument.persist() function does not validate the attribute name. This error permits to inject XML data in the localstore.rdf file.
Thunderbird 1.5 is vulnerable if JavaScript execution is activated.

An attacker can exploit this vulnerability to inject JavaScript code which will be executed with the application rights at its next startup.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2006-0295

Firefox, Thunderbird: memory corruption via Location and Navigator objects

Synthesis of the vulnerability

An attacker can corrupt the system memory by calling the "QueryInterface" method of Location and Navigator objects.
Impacted products: Firefox, Thunderbird, Slackware.
Severity: 2/4.
Consequences: privileged access/rights.
Provenance: internet server.
Creation date: 02/02/2006.
Revision date: 07/02/2006.
Identifiers: BID-16476, CVE-2006-0295, MFSA2006-01, MFSA2006-02, MFSA2006-03, MFSA2006-04, MFSA2006-05, MFSA2006-06, MFSA2006-07, MFSA2006-08, SSA:2006-045-02, VIGILANCE-VUL-5580, VU#759273.

Description of the vulnerability

Mozilla uses objects named Location and Navigator.

The use of the "QueryInterface" method of Location and Navigator objects causes the corruption of the system memory.
Thunderbird 1.5 is vulnerable if JavaScript execution is activated.

An attacker can use this memory corruption to run code on the machine.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2006-0294

Firefox, Thunderbird: code execution via Gecko

Synthesis of the vulnerability

An attacker can run code on the machine by making Gecko write code in freed memory.
Impacted products: Firefox, Thunderbird, Slackware.
Severity: 2/4.
Consequences: privileged access/rights.
Provenance: internet server.
Creation date: 02/02/2006.
Identifiers: BID-16476, CVE-2006-0294, MFSA2006-01, MFSA2006-02, MFSA2006-03, MFSA2006-04, MFSA2006-05, MFSA2006-06, MFSA2006-07, MFSA2006-08, SSA:2006-045-02, VIGILANCE-VUL-5579.

Description of the vulnerability

Gecko is the web layout engine used by Mozilla Firefox.

Modifying an element style from the "relative" position to the "static" position causes the writing by Gecko in a freed section of the memory.
Thunderbird 1.5 is vulnerable if JavaScript execution is activated.

An attacker can run code on the user machine.
Full Vigil@nce bulletin... (Free trial)

Previous page   Next page

Direct access to page 1 21 41 61 81 101 121 141 161 181 201 221 241 261 281 301 321 341 361 381 401 421 441 461 481 501 521 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 561 581 601 621 641 661 681 701 721 741 761 781 801 821 841 861 881 901 921 941 961 981 1001 1021 1041 1061 1081 1101 1121 1141 1161 1181 1201 1221 1241 1261 1281 1301 1321 1341 1361 1381 1401 1421 1441 1461 1481 1501 1521 1541 1561 1581 1601 1621 1641 1661 1681 1701 1721 1741 1761 1781 1801 1821 1841 1861 1881 1901 1921 1941 1961 1981 2001 2021 2041 2061 2081 2101 2121 2141 2161 2181 2201 2221 2241 2261 2281 2301 2321 2341 2361 2381 2401 2421 2441 2461 2481 2501 2521 2541 2561 2581 2601 2621 2641 2661 2681 2701 2721 2741 2761 2781 2801 2821 2841 2861 2881 2899