The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Micro Focus Network Node Manager i

computer vulnerability bulletin CVE-2010-4422 CVE-2010-4447 CVE-2010-4448

Java JRE/JDK/SDK: several vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities of Java JRE/JDK/SDK can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code.
Impacted products: Debian, Fedora, HPE NNMi, HP-UX, Mandriva Linux, NLD, OES, Java OpenJDK, openSUSE, Java Oracle, RHEL, SLES, ESX, vCenter Server, VMware vSphere.
Severity: 4/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, denial of service on service, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 21.
Creation date: 16/02/2011.
Identifiers: BID-46091, BID-46386, BID-46387, BID-46388, BID-46391, BID-46393, BID-46394, BID-46395, BID-46397, BID-46398, BID-46399, BID-46400, BID-46401, BID-46402, BID-46403, BID-46404, BID-46405, BID-46406, BID-46407, BID-46409, BID-46410, BID-46411, c02775276, c03316985, c03358587, c03405642, CERTA-2003-AVI-001, CERTA-2011-AVI-079, CERTA-2011-AVI-093, CERTA-2011-AVI-118, CERTA-2011-AVI-196, CERTA-2011-AVI-197, CERTA-2011-AVI-219, CERTA-2011-AVI-474, CERTA-2011-AVI-483, CERTA-2012-AVI-286, CERTA-2012-AVI-395, CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4450, CVE-2010-4451, CVE-2010-4452, CVE-2010-4454, CVE-2010-4462, CVE-2010-4463, CVE-2010-4465, CVE-2010-4466, CVE-2010-4467, CVE-2010-4468, CVE-2010-4469, CVE-2010-4470, CVE-2010-4471, CVE-2010-4472, CVE-2010-4473, CVE-2010-4474, CVE-2010-4475, CVE-2010-4476, DSA-2224-1, FEDORA-2011-1631, FEDORA-2011-1645, HPSBMU02797, HPSBMU02799, HPSBUX02685, HPSBUX02777, javacpufeb2011, MDVSA-2011:054, openSUSE-SU-2011:0126-1, openSUSE-SU-2011:0155-1, RHSA-2011:0281-01, RHSA-2011:0282-01, RHSA-2011:0335-01, RHSA-2011:0357-01, RHSA-2011:0364-01, RHSA-2011:0490-01, RHSA-2011:0870-01, RHSA-2011:0880-01, SSRT100505, SSRT100854, SSRT100867, SUSE-SA:2011:010, SUSE-SA:2011:014, SUSE-SA:2011:024, SUSE-SR:2011:008, SUSE-SU-2011:0490-1, SUSE-SU-2011:0823-1, VIGILANCE-VUL-10368, VMSA-2011-0004.2, VMSA-2011-0005.3, VMSA-2011-0012.1, VMSA-2011-0013, VMSA-2011-0013.1, VMSA-2012-0005, ZDI-11-082, ZDI-11-083, ZDI-11-084, ZDI-11-085, ZDI-11-086.

Description of the vulnerability

Several vulnerabilities were announced in Java JRE/JDK/SDK. The most severe vulnerabilities lead to code execution.

An attacker can use a vulnerability of Deployment Applet2ClassLoader, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-46388, CVE-2010-4452, ZDI-11-084]

An attacker can use a vulnerability of Sound, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-46391, CVE-2010-4454]

An attacker can use an overflow in Sound XGetSamplePtrFromSnd, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-46394, CVE-2010-4462, ZDI-11-085]

An attacker can use a vulnerability of Deployment JNLP Extension, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-46386, CVE-2010-4463, ZDI-11-086]

An attacker can use a vulnerability of Swing Clipboard, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-46406, CVE-2010-4465, ZDI-11-083]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-46395, CVE-2010-4467]

An attacker can use a vulnerability of HotSpot, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-46400, CVE-2010-4469]

An attacker can use a vulnerability of Sound, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-46403, CVE-2010-4473]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-46402, CERTA-2011-AVI-093, CVE-2010-4422]

An attacker can use a vulnerability of Install, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-46405, CVE-2010-4451]

An attacker can use a vulnerability of Deployment, in order to obtain information on the NTLM authentication. [severity:2/4; BID-46411, CVE-2010-4466, ZDI-11-082]

An attacker can use a vulnerability of JAXP, in order to create a denial of service. [severity:2/4; BID-46387, CVE-2010-4470]

An attacker can use a vulnerability of 2D, in order to obtain information. [severity:2/4; BID-46399, CVE-2010-4471]

An attacker can use a special double floating point number, in order to create an infinite loop in Java programs (VIGILANCE-VUL-10321). [severity:3/4; BID-46091, BID-46401, CERTA-2011-AVI-079, CERTA-2011-AVI-118, CERTA-2011-AVI-197, CERTA-2011-AVI-219, CERTA-2011-AVI-474, CERTA-2011-AVI-483, CVE-2010-4476]

An attacker can use a vulnerability of Deployment, in order to obtain information. [severity:2/4; BID-46409, CVE-2010-4447]

An attacker can use a vulnerability of Deployment, in order to obtain information. [severity:2/4; BID-46410, CVE-2010-4475]

An attacker can use a vulnerability of JDBC, in order to obtain or alter information. [severity:2/4; BID-46393, CVE-2010-4468]

An attacker can use a vulnerability of Launcher, in order to obtain information, to alter information, or to create a denial of service. [severity:2/4; BID-46397, CVE-2010-4450]

An attacker can open numerous UDP ports, in order to facilitate a DNS cache poisoning attack (VIGILANCE-VUL-11087). [severity:2/4; BID-46398, CVE-2010-4448]

An attacker can use a vulnerability of XML Digital Signature, in order to create a denial of service. [severity:2/4; BID-46404, CVE-2010-4472]

An attacker can use a vulnerability of Security, in order to obtain information. [severity:2/4; BID-46407, CVE-2010-4474]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2010-4476

Java JRE: denial of service via a real

Synthesis of the vulnerability

An attacker can use a special double floating point number, in order to create an infinite loop in Java programs.
Impacted products: Debian, Fedora, HPE BAC, HPE NNMi, OpenView, OpenView NNM, Tru64 UNIX, HP-UX, AIX, DB2 UDB, Tivoli Directory Server, Tivoli Storage Manager, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, JBoss AS OpenSource, Mandriva Linux, NLD, OES, Java OpenJDK, openSUSE, Oracle iPlanet Web Server, Java Oracle, Oracle Web Tier, RHEL, JBoss EAP by Red Hat, SLES.
Severity: 3/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 02/02/2011.
Identifiers: 1468291, BID-46091, c02729756, c02738573, c02746026, c02752210, c02775276, c02826781, c02906075, c03090723, c03316985, CERTA-2002-AVI-271, CERTA-2012-AVI-286, cpuapr2011, CVE-2010-4476, DSA-2161-1, DSA-2161-2, FEDORA-2011-1231, FEDORA-2011-1263, HPSBMU02690, HPSBTU02684, HPSBUX02633, HPSBUX02641, HPSBUX02642, HPSBUX02645, HPSBUX02685, HPSBUX02725, HPSBUX02777, IZ94331, javacpufeb2011, MDVSA-2011:054, openSUSE-SU-2011:0126-1, PM32175, PM32177, PM32184, PM32192, PM32194, RHSA-2011:0210-01, RHSA-2011:0211-01, RHSA-2011:0212-01, RHSA-2011:0213-01, RHSA-2011:0214-01, RHSA-2011:0282-01, RHSA-2011:0290-01, RHSA-2011:0291-01, RHSA-2011:0292-01, RHSA-2011:0299-01, RHSA-2011:0333-01, RHSA-2011:0334-01, RHSA-2011:0336-01, RHSA-2011:0348-01, RHSA-2011:0349-01, RHSA-2011:0880-01, SSRT100387, SSRT100390, SSRT100412, SSRT100415, SSRT100505, SSRT100569, SSRT100627, SSRT100854, SUSE-SA:2011:010, SUSE-SA:2011:014, SUSE-SR:2011:008, SUSE-SU-2011:0823-1, swg21469266, swg24030066, swg24030067, VIGILANCE-VUL-10321.

Description of the vulnerability

The number 2.2250738585072011e-308 if the "largest subnormal double number" (in base 2 : 0x0fffffffffffff x 2^-1022).

On a x86 processor, the Java JRE uses x87 FPU registers (80 bit), in order to find bit-after-bit the closest real value. This loop stops when the remainder is inferior to the precision. However, with the number 2.225..., this stop condition is never true (80 bit rounded to 64 bit), and an infinite loop occurs.

An attacker can therefore use a special double floating point number, in order to create an infinite loop in Java programs.

The origin of this vulnerability is the same as VIGILANCE-VUL-10257.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2010-4015

PostgreSQL: buffer overflow of intarray

Synthesis of the vulnerability

When the intarray module is installed on PostgreSQL, an authenticated attacker can create an overflow, in order to execute code.
Impacted products: Debian, Fedora, HPE NNMi, NSM Central Manager, NSMXpress, Mandriva Linux, openSUSE, Solaris, PostgreSQL, RHEL, SLES.
Severity: 2/4.
Consequences: privileged access/rights.
Provenance: user account.
Creation date: 01/02/2011.
Identifiers: BID-46084, c03333585, CERTA-2002-AVI-280, CVE-2010-4015, DSA-2157-1, FEDORA-2011-0963, FEDORA-2011-0990, HPSBMU02781, MDVSA-2011:021, openSUSE-SU-2011:0254-1, PSN-2012-08-686, PSN-2012-08-687, PSN-2012-08-688, PSN-2012-08-689, PSN-2012-08-690, PSN-2012-11-767, RHSA-2011:0197-01, RHSA-2011:0198-01, SSRT100617, SUSE-SR:2011:005, VIGILANCE-VUL-10320.

Description of the vulnerability

The intarray optional module adds PostgreSQL features to process integer arrays.

The "@@" and "~~" operator detects if an array contains some values. The format of the clause is:
  array @@ query_int
For example, to detect if an integer array contain values 1, 2 or 3:
  myArray @@ 1&(2|3)

However, if the query_int field is too long, a buffer overflow occurs.

When the intarray module is installed on PostgreSQL, an authenticated attacker can therefore create an overflow, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2009-3555 CVE-2010-1321 CVE-2010-3541

Java JRE/JDK/SDK: several vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities of Java JRE/JDK/SDK can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code.
Impacted products: Fedora, HPE NNMi, HP-UX, NLD, OES, Java OpenJDK, openSUSE, Java Oracle, RHEL, SLES, ESX, ESXi, vCenter Server, VirtualCenter, VMware vSphere, VMware vSphere Hypervisor.
Severity: 4/4.
Consequences: user access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 29.
Creation date: 13/10/2010.
Identifiers: BID-43965, BID-43971, BID-43979, BID-43985, BID-43988, BID-43992, BID-43994, BID-43999, BID-44009, BID-44011, BID-44012, BID-44013, BID-44014, BID-44016, BID-44017, BID-44020, BID-44021, BID-44023, BID-44024, BID-44026, BID-44027, BID-44028, BID-44030, BID-44032, BID-44035, BID-44038, BID-44040, c02616748, c03405642, CERTA-2009-AVI-528, CERTA-2010-AVI-149, CERTA-2010-AVI-196, CERTA-2010-AVI-219, CERTA-2010-AVI-239, CERTA-2010-AVI-241, CERTA-2010-AVI-365, CERTA-2010-AVI-500, CERTA-2010-AVI-513, CERTA-2010-AVI-573, CERTA-2011-AVI-253, CERTA-2011-AVI-400, CERTA-2012-AVI-241, CERTA-2012-AVI-395, CVE-2009-3555, CVE-2010-1321, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3550, CVE-2010-3551, CVE-2010-3552, CVE-2010-3553, CVE-2010-3554, CVE-2010-3555, CVE-2010-3556, CVE-2010-3557, CVE-2010-3558, CVE-2010-3559, CVE-2010-3560, CVE-2010-3561, CVE-2010-3562, CVE-2010-3563, CVE-2010-3565, CVE-2010-3566, CVE-2010-3567, CVE-2010-3568, CVE-2010-3569, CVE-2010-3570, CVE-2010-3571, CVE-2010-3572, CVE-2010-3573, CVE-2010-3574, FEDORA-2010-16240, FEDORA-2010-16294, FEDORA-2010-16312, HPSBMU02799, HPSBUX02608, openSUSE-SU-2010:0754-1, openSUSE-SU-2010:0957-1, RHSA-2010:0768-01, RHSA-2010:0770-01, RHSA-2010:0786-01, RHSA-2010:0807-01, RHSA-2010:0865-02, RHSA-2010:0873-02, RHSA-2010:0935-01, RHSA-2010:0986-01, RHSA-2010:0987-01, RHSA-2011:0152-01, RHSA-2011:0169-01, RHSA-2011:0880-01, SSRT100333, SSRT100867, SUSE-SA:2010:061, SUSE-SA:2011:006, SUSE-SA:2011:014, SUSE-SR:2010:019, VIGILANCE-VUL-10040, VMSA-2011-0003, VMSA-2011-0003.1, VMSA-2011-0003.2, VMSA-2011-0004.2, VMSA-2011-0005.3, VMSA-2011-0012.1, VMSA-2011-0013, VMSA-2012-0005, ZDI-10-202, ZDI-10-203, ZDI-10-204, ZDI-10-205, ZDI-10-206, ZDI-10-207, ZDI-10-208.

Description of the vulnerability

Several vulnerabilities were announced in Java JRE/JDK/SDK. The most severe vulnerabilities lead to code execution.

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43979, CVE-2010-3562]

An attacker can use a vulnerability of 2D (JPEGImageWriter.writeImage), in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43985, CVE-2010-3565, ZDI-10-205]

An attacker can use a vulnerability of 2D (ICC Profile Device Information Tag), in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43988, CVE-2010-3566, ZDI-10-204]

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43992, CVE-2010-3567]

An attacker can use a vulnerability of 2D (ICC Profile Unicode Description), in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43965, CVE-2010-3571, ZDI-10-203]

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43994, CVE-2010-3554]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43999, CVE-2010-3563]

An attacker can use a vulnerability of Java Runtime Environment, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44012, CVE-2010-3568]

An attacker can use a vulnerability of Java Runtime Environment, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44016, CVE-2010-3569]

An attacker can use a vulnerability of Java Web Start, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44021, CVE-2010-3558]

An attacker can use a vulnerability of New Java Plug-in docbase, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44023, CVE-2010-3552, ZDI-10-206]

An attacker can use a vulnerability of Sound (HeadspaceSoundbank.nGetName), in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44026, CVE-2010-3559, ZDI-10-208]

An attacker can use a vulnerability of Sound, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44030, CVE-2010-3572]

An attacker can use a vulnerability of Swing, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44035, CVE-2010-3553]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44038, CVE-2010-3555]

An attacker can use a vulnerability of Java Web Start, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44040, CVE-2010-3550]

An attacker can use a vulnerability of Deployment Toolkit, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-44020, CVE-2010-3570]

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-44013, CVE-2010-3561]

An attacker can use a vulnerability of JSSE, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; CERTA-2009-AVI-528, CERTA-2010-AVI-149, CERTA-2010-AVI-196, CERTA-2010-AVI-239, CERTA-2010-AVI-241, CERTA-2010-AVI-365, CERTA-2010-AVI-513, CERTA-2010-AVI-573, CERTA-2011-AVI-253, CERTA-2012-AVI-241, CVE-2009-3555]

An attacker can use a vulnerability of Kerberos, in order to create a denial of service. [severity:2/4; CERTA-2010-AVI-219, CERTA-2011-AVI-400, CVE-2010-1321]

An attacker can use a vulnerability of Networking, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-44027, CVE-2010-3549]

An attacker can use a vulnerability of Swing, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-44014, CVE-2010-3557]

An attacker can use a vulnerability of Networking, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-44032, CVE-2010-3541]

An attacker can use a vulnerability of Networking, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-44028, CVE-2010-3573]

An attacker can use a vulnerability of Networking, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-44011, CVE-2010-3574]

An attacker can use a vulnerability of JNDI, in order to obtain information. [severity:2/4; BID-44017, CVE-2010-3548]

An attacker can use a vulnerability of Networking, in order to obtain information. [severity:2/4; BID-44009, CVE-2010-3551]

An attacker can use a vulnerability of Networking, in order to obtain information. [severity:1/4; BID-44024, CVE-2010-3560]

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-43971, CERTA-2010-AVI-500, CVE-2010-3556]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2010-3433

PostgreSQL: privilege elevation via PL

Synthesis of the vulnerability

A local attacker can redefine a function of a procedural language, and use a role changing mechanism, in order to elevate his privileges on PostgreSQL.
Impacted products: Debian, Fedora, HPE NNMi, NSMXpress, Mandriva Linux, openSUSE, PostgreSQL, RHEL, SLES.
Severity: 2/4.
Consequences: privileged access/rights.
Provenance: user account.
Creation date: 06/10/2010.
Identifiers: BID-43747, c03333585, CERTA-2002-AVI-272, CERTA-2010-AVI-471, CVE-2010-3433, DSA-2120-1, FEDORA-2010-15852, FEDORA-2010-15954, FEDORA-2010-15960, HPSBMU02781, MDVSA-2010:197, openSUSE-SU-2010:0903-1, PSN-2012-08-686, PSN-2012-08-687, PSN-2012-08-688, PSN-2012-08-689, PSN-2012-08-690, RHSA-2010:0742-01, RHSA-2010:0908-01, SSRT100617, SUSE-SR:2010:019, SUSE-SR:2010:020, VIGILANCE-VUL-10005.

Description of the vulnerability

PostgreSQL supports several procedural languages: PL/perl, PL/tcl, PL/PHP, etc.

When a function is created, the "SECURITY" attribute can be used:
  SECURITY DEFINER : function is run with rights of the user who created the function
  SECURITY INVOKER : function is run with rights of the user who called the function

An attacker connected to the database can redefine a standard function in PL/perl, PL/tcl or PL/PHP. He can then call a SECURITY DEFINER function created by a privileged user, and calling the function he redefined. The attacker thus gains privileges of this user.

A similar attack can be created with the SET ROLE and SET SESSION AUTHORIZATION privilege changing features.

A local attacker can therefore redefine a function of a procedural language, and use a role changing mechanism, in order to elevate his privileges on PostgreSQL.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2010-1169 CVE-2010-1170 CVE-2010-1447

PostgreSQL: five vulnerabilities

Synthesis of the vulnerability

An attacker can use five vulnerabilities of PostgreSQL, in order to execute code or to generate a denial of service.
Impacted products: Debian, Fedora, HPE NNMi, NSMXpress, Mandriva Linux, OpenSolaris, openSUSE, Solaris, PostgreSQL, RHEL, SLES.
Severity: 2/4.
Consequences: privileged access/rights, denial of service on service.
Provenance: user account.
Number of vulnerabilities in this bulletin: 5.
Creation date: 18/05/2010.
Revision date: 21/05/2010.
Identifiers: BID-40215, BID-40304, BID-40305, c03333585, CERTA-2010-AVI-214, CVE-2010-1169, CVE-2010-1170, CVE-2010-1447, CVE-2010-1975, DSA-2051-1, FEDORA-2010-15870, FEDORA-2010-16004, FEDORA-2010-8696, FEDORA-2010-8715, FEDORA-2010-8723, HPSBMU02781, MDVSA-2010:103, PSN-2012-08-686, PSN-2012-08-687, PSN-2012-08-688, PSN-2012-08-689, PSN-2012-08-690, RHSA-2010:0427-01, RHSA-2010:0428-01, RHSA-2010:0429-01, RHSA-2010:0430-01, SSRT100617, SUSE-SR:2010:014, SUSE-SR:2010:016, VIGILANCE-VUL-9647.

Description of the vulnerability

Five vulnerabilities were announced in PostgreSQL.

An attacker can define methods or overload operators, in order to bypass restrictions imposed by the Safe.pm module of Perl. This vulnerability is a variant of VIGILANCE-VUL-9657/CVE-2010-1168. [severity:2/4; CVE-2010-1169]

An attacker can use a reference on a subroutine, in order to bypass restrictions imposed by the Safe.pm module of Perl (VIGILANCE-VUL-9658). [severity:2/4; BID-40305, CERTA-2010-AVI-214, CVE-2010-1447]

When the Procedure Language PL/tcl is installed, a local attacker can store malicious data using autoload() in the pltcl_modules table in order to execute code. [severity:2/4; CVE-2010-1170]

When a Warm Standby slave database is used by PostgreSQL 8.4, the WAL (Write-Ahead Logging) data for "ALTER table SET TABLESPACE" is invalid, so the slave database is corrupted. An attacker can therefore use this command, in order to generate a denial of service. [severity:1/4]

An attacker can use RESET ALL in order to reset some privileged fields of one of his databases, or of his record in the USER database. [severity:1/4; BID-40304, CVE-2010-1975]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2010-0738 CVE-2010-1428 CVE-2010-1429

JBoss Enterprise Application Platform: three vulnerabilities

Synthesis of the vulnerability

An attacker can use three vulnerabilities of JBoss Enterprise Application Platform, in order to access to the console or to obtain sensitive information.
Impacted products: ControlMinder, HPE BAC, HPE BSM, HPE NNMi, Junos Space, Junos Space Network Management Platform, RHEL, JBoss EAP by Red Hat.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 27/04/2010.
Identifiers: BID-39710, c03057508, c03127140, c03824583, CA20130213-01, CERTA-2013-AVI-440, CVE-2010-0738, CVE-2010-1428, CVE-2010-1429, HPSBMU02714, HPSBMU02736, HPSBMU02894, RHSA-2010:0376-01, RHSA-2010:0377-01, RHSA-2010:0378-01, RHSA-2010:0379-01, SSRT100244, SSRT100699, VIGILANCE-VUL-9613.

Description of the vulnerability

Three vulnerabilities were announced in JBoss Enterprise Application Platform.

An attacker can use an HTTP query different from GET/POST in order to access to the JMX Console. [severity:3/4; CVE-2010-0738]

An attacker can use an HTTP query different from GET/POST in order to access to the Web Console (/web-console). [severity:3/4; CVE-2010-1428]

An attacker can access to the status servlet, in order to obtain sensitive information. [severity:2/4; CVE-2010-1429]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2009-3555 CVE-2009-3910 CVE-2010-0082

Java JRE/JDK/SDK: several vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities of Java JRE/JDK/SDK can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code.
Impacted products: Fedora, HPE NNMi, HP-UX, Mandriva Linux, NLD, OES, Java OpenJDK, openSUSE, Java Oracle, RHEL, SLES, ESX, ESXi, vCenter Server, VirtualCenter, VMware vSphere, VMware vSphere Hypervisor.
Severity: 3/4.
Consequences: user access/rights, data reading, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 31/03/2010.
Identifiers: BID-39062, BID-39065, BID-39067, BID-39068, BID-39069, BID-39070, BID-39071, BID-39072, BID-39073, BID-39075, BID-39077, BID-39078, BID-39081, BID-39082, BID-39083, BID-39084, BID-39085, BID-39086, BID-39088, BID-39089, BID-39090, BID-39091, BID-39093, BID-39094, BID-39095, BID-39096, BID-39559, c02122104, c03405642, CERTA-2009-AVI-528, CERTA-2010-AVI-149, CERTA-2010-AVI-192, CERTA-2010-AVI-196, CERTA-2010-AVI-239, CERTA-2010-AVI-241, CERTA-2010-AVI-276, CERTA-2010-AVI-365, CERTA-2010-AVI-513, CERTA-2010-AVI-573, CERTA-2011-AVI-253, CERTA-2012-AVI-241, CERTA-2012-AVI-395, CVE-2009-3555, CVE-2009-3910, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849, CVE-2010-0850, FEDORA-2010-6025, FEDORA-2010-6039, FEDORA-2010-6279, HPSBMU02799, HPSBUX02524, javacpumar2010, MDVSA-2010:084, RHSA-2010:0337-01, RHSA-2010:0338-01, RHSA-2010:0339-01, RHSA-2010:0383-01, RHSA-2010:0408-01, RHSA-2010:0471-01, RHSA-2010:0489-01, RHSA-2010:0574-01, RHSA-2010:0586-01, RHSA-2010:0865-02, SSRT100089, SSRT100867, SUSE-SA:2010:026, SUSE-SA:2010:028, SUSE-SR:2010:008, SUSE-SR:2010:011, SUSE-SR:2010:013, SUSE-SR:2010:017, VIGILANCE-VUL-9550, VMSA-2011-0003, VMSA-2011-0003.1, VMSA-2011-0003.2, VU#507652, ZDI-10-051, ZDI-10-052, ZDI-10-053, ZDI-10-054, ZDI-10-055, ZDI-10-056, ZDI-10-057, ZDI-10-059, ZDI-10-060, ZDI-10-061.

Description of the vulnerability

Several vulnerabilities were announced in Java JRE/JDK/SDK. The most severe vulnerabilities lead to code execution.

Twenty four vulnerabilities lead to code execution. [severity:3/4; BID-39062, BID-39065, BID-39067, BID-39068, BID-39069, BID-39070, BID-39071, BID-39072, BID-39073, BID-39075, BID-39077, BID-39078, BID-39081, BID-39082, BID-39083, BID-39084, BID-39085, BID-39086, BID-39088, BID-39089, BID-39090, BID-39091, BID-39094, CERTA-2009-AVI-528, CERTA-2010-AVI-149, CERTA-2010-AVI-196, CERTA-2010-AVI-239, CERTA-2010-AVI-241, CERTA-2010-AVI-276, CERTA-2010-AVI-365, CERTA-2010-AVI-513, CERTA-2010-AVI-573, CERTA-2011-AVI-253, CERTA-2012-AVI-241, CVE-2009-3555, CVE-2010-0082, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0090, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849, CVE-2010-0850, VU#507652, ZDI-10-051, ZDI-10-052, ZDI-10-053, ZDI-10-054, ZDI-10-055, ZDI-10-056, ZDI-10-057, ZDI-10-059, ZDI-10-060, ZDI-10-061]

An attacker can obtain sensitive information. [severity:2/4; BID-39093, CERTA-2010-AVI-192, CVE-2010-0084]

An attacker can generate a denial of service of Java Web Start. [severity:2/4; BID-39095, CVE-2010-0089]

An attacker can obtain sensitive information. [severity:2/4; BID-39096, CVE-2010-0091]

A buffer overflow of HsbParser.getSoundBank() leads to code execution. [severity:3/4; BID-39559, CVE-2009-3910]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2010-0445

HP NNM: code execution

Synthesis of the vulnerability

A remote attacker can execute a command on the server using a vulnerability of HP Network Node Manager.
Impacted products: HPE NNMi, OpenView.
Severity: 3/4.
Consequences: user access/rights.
Provenance: intranet client.
Creation date: 10/02/2010.
Identifiers: BID-38174, c01954593, CERTA-2010-AVI-075, CVE-2010-0445, HPSBMA02484, SSRT090076, VIGILANCE-VUL-9440.

Description of the vulnerability

The HP Network Node Manager product is used to manage a computer network.

A remote attacker can execute a command on the server using a vulnerability of HP Network Node Manager.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2009-4034 CVE-2009-4136

PostgreSQL: two vulnerabilities

Synthesis of the vulnerability

An attacker can use two vulnerabilities of PostgreSQL, in order to access to user's data.
Impacted products: Debian, Fedora, HPE NNMi, Mandriva Linux, OpenSolaris, openSUSE, Solaris, PostgreSQL, RHEL, SLES, TurboLinux.
Severity: 2/4.
Consequences: user access/rights, data reading, data creation/edition.
Provenance: user account.
Number of vulnerabilities in this bulletin: 2.
Creation date: 15/12/2009.
Identifiers: 274870, 6909139, 6909140, 6909142, BID-37333, BID-37334, c03333585, CERTA-2009-AVI-546, CVE-2009-4034, CVE-2009-4136, DSA-1964-1, FEDORA-2009-13363, FEDORA-2009-13381, HPSBMU02781, MDVSA-2009:333, RHSA-2010:0427-01, RHSA-2010:0428-01, RHSA-2010:0429-01, SSRT100617, SUSE-SR:2010:001, TLSA-2010-2, VIGILANCE-VUL-9285.

Description of the vulnerability

Two vulnerabilities were announced in PostgreSQL.

When a SSL certificate is used, an attacker can send a X.509 certificate with a field containing a null character, in order to bypass access restrictions. [severity:2/4; BID-37334, CERTA-2009-AVI-546, CVE-2009-4034]

A local attacker can use an index function, in order to elevate his privileges. [severity:2/4; BID-37333, CVE-2009-4136]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Micro Focus Network Node Manager i: