VARIoT IoT vulnerabilities database

Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences. Google Chrome There is a service disruption (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected. This vulnerability Webkit Vulnerability in Google Chrome Other than Webkit Products that use may also be affected.By a third party Service operation interruption (DoS) You may be put into a state or affected by other details. Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible. Versions prior to Chrome 17.0.963.46 are vulnerable. Google Chrome is a web browser developed by Google (Google). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201202-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Chromium: Multiple vulnerabilities Date: February 18, 2012 Bugs: #402841, #404067 ID: 201202-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Background ========== Chromium is an open source web browser project. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 17.0.963.56 >= 17.0.963.56 Description =========== Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact ====== A remote attacker could entice a user to open a specially crafted web site using Chromium, possibly resulting in the execution of arbitrary code with the privileges of the process, a Denial of Service condition, information leak (clipboard contents), bypass of the Same Origin Policy, or escape from NativeClient's sandbox. A remote attacker could also entice the user to perform a set of UI actions (drag and drop) to trigger an URL bar spoofing vulnerability. Workaround ========== There is no known workaround at this time. Resolution ========== All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-17.0.963.56" References ========== [ 1 ] CVE-2011-3016 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3016 [ 2 ] CVE-2011-3017 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3017 [ 3 ] CVE-2011-3018 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3018 [ 4 ] CVE-2011-3019 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3019 [ 5 ] CVE-2011-3020 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3020 [ 6 ] CVE-2011-3021 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3021 [ 7 ] CVE-2011-3022 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3022 [ 8 ] CVE-2011-3023 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3023 [ 9 ] CVE-2011-3024 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3024 [ 10 ] CVE-2011-3025 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3025 [ 11 ] CVE-2011-3027 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3027 [ 12 ] CVE-2011-3953 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3953 [ 13 ] CVE-2011-3954 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3954 [ 14 ] CVE-2011-3955 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3955 [ 15 ] CVE-2011-3956 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3956 [ 16 ] CVE-2011-3957 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3957 [ 17 ] CVE-2011-3958 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3958 [ 18 ] CVE-2011-3959 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3959 [ 19 ] CVE-2011-3960 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3960 [ 20 ] CVE-2011-3961 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3961 [ 21 ] CVE-2011-3962 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3962 [ 22 ] CVE-2011-3963 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3963 [ 23 ] CVE-2011-3964 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3964 [ 24 ] CVE-2011-3965 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3965 [ 25 ] CVE-2011-3966 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3966 [ 26 ] CVE-2011-3967 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3967 [ 27 ] CVE-2011-3968 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3968 [ 28 ] CVE-2011-3969 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3969 [ 29 ] CVE-2011-3970 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3970 [ 30 ] CVE-2011-3971 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3971 [ 31 ] CVE-2011-3972 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3972 [ 32 ] Release Notes 17.0.963.46 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.ht= ml [ 33 ] Release Notes 17.0.963.56 http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.htm= l Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201202-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data. This vulnerability Webkit Vulnerability in Google Chrome Other than Webkit Products that use may also be affected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible. Versions prior to Chrome 17.0.963.46 are vulnerable. Google Chrome is a web browser developed by Google (Google). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201202-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Chromium: Multiple vulnerabilities Date: February 18, 2012 Bugs: #402841, #404067 ID: 201202-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Background ========== Chromium is an open source web browser project. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 17.0.963.56 >= 17.0.963.56 Description =========== Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact ====== A remote attacker could entice a user to open a specially crafted web site using Chromium, possibly resulting in the execution of arbitrary code with the privileges of the process, a Denial of Service condition, information leak (clipboard contents), bypass of the Same Origin Policy, or escape from NativeClient's sandbox. A remote attacker could also entice the user to perform a set of UI actions (drag and drop) to trigger an URL bar spoofing vulnerability. Workaround ========== There is no known workaround at this time. Resolution ========== All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-17.0.963.56" References ========== [ 1 ] CVE-2011-3016 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3016 [ 2 ] CVE-2011-3017 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3017 [ 3 ] CVE-2011-3018 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3018 [ 4 ] CVE-2011-3019 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3019 [ 5 ] CVE-2011-3020 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3020 [ 6 ] CVE-2011-3021 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3021 [ 7 ] CVE-2011-3022 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3022 [ 8 ] CVE-2011-3023 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3023 [ 9 ] CVE-2011-3024 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3024 [ 10 ] CVE-2011-3025 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3025 [ 11 ] CVE-2011-3027 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3027 [ 12 ] CVE-2011-3953 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3953 [ 13 ] CVE-2011-3954 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3954 [ 14 ] CVE-2011-3955 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3955 [ 15 ] CVE-2011-3956 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3956 [ 16 ] CVE-2011-3957 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3957 [ 17 ] CVE-2011-3958 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3958 [ 18 ] CVE-2011-3959 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3959 [ 19 ] CVE-2011-3960 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3960 [ 20 ] CVE-2011-3961 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3961 [ 21 ] CVE-2011-3962 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3962 [ 22 ] CVE-2011-3963 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3963 [ 23 ] CVE-2011-3964 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3964 [ 24 ] CVE-2011-3965 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3965 [ 25 ] CVE-2011-3966 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3966 [ 26 ] CVE-2011-3967 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3967 [ 27 ] CVE-2011-3968 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3968 [ 28 ] CVE-2011-3969 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3969 [ 29 ] CVE-2011-3970 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3970 [ 30 ] CVE-2011-3971 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3971 [ 31 ] CVE-2011-3972 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3972 [ 32 ] Release Notes 17.0.963.46 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.ht= ml [ 33 ] Release Notes 17.0.963.56 http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.htm= l Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201202-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. This vulnerability Webkit Vulnerability in Google Chrome Other than Webkit Products that use may also be affected.Service disruption through crafted documents by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible. Versions prior to Chrome 17.0.963.46 are vulnerable. Google Chrome is a web browser developed by Google (Google). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201202-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Chromium: Multiple vulnerabilities Date: February 18, 2012 Bugs: #402841, #404067 ID: 201202-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Background ========== Chromium is an open source web browser project. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 17.0.963.56 >= 17.0.963.56 Description =========== Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact ====== A remote attacker could entice a user to open a specially crafted web site using Chromium, possibly resulting in the execution of arbitrary code with the privileges of the process, a Denial of Service condition, information leak (clipboard contents), bypass of the Same Origin Policy, or escape from NativeClient's sandbox. A remote attacker could also entice the user to perform a set of UI actions (drag and drop) to trigger an URL bar spoofing vulnerability. Workaround ========== There is no known workaround at this time. Resolution ========== All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-17.0.963.56" References ========== [ 1 ] CVE-2011-3016 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3016 [ 2 ] CVE-2011-3017 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3017 [ 3 ] CVE-2011-3018 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3018 [ 4 ] CVE-2011-3019 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3019 [ 5 ] CVE-2011-3020 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3020 [ 6 ] CVE-2011-3021 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3021 [ 7 ] CVE-2011-3022 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3022 [ 8 ] CVE-2011-3023 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3023 [ 9 ] CVE-2011-3024 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3024 [ 10 ] CVE-2011-3025 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3025 [ 11 ] CVE-2011-3027 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3027 [ 12 ] CVE-2011-3953 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3953 [ 13 ] CVE-2011-3954 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3954 [ 14 ] CVE-2011-3955 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3955 [ 15 ] CVE-2011-3956 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3956 [ 16 ] CVE-2011-3957 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3957 [ 17 ] CVE-2011-3958 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3958 [ 18 ] CVE-2011-3959 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3959 [ 19 ] CVE-2011-3960 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3960 [ 20 ] CVE-2011-3961 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3961 [ 21 ] CVE-2011-3962 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3962 [ 22 ] CVE-2011-3963 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3963 [ 23 ] CVE-2011-3964 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3964 [ 24 ] CVE-2011-3965 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3965 [ 25 ] CVE-2011-3966 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3966 [ 26 ] CVE-2011-3967 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3967 [ 27 ] CVE-2011-3968 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3968 [ 28 ] CVE-2011-3969 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3969 [ 29 ] CVE-2011-3970 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3970 [ 30 ] CVE-2011-3971 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3971 [ 31 ] CVE-2011-3972 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3972 [ 32 ] Release Notes 17.0.963.46 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.ht= ml [ 33 ] Release Notes 17.0.963.56 http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.htm= l Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201202-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible. Versions prior to Chrome 17.0.963.46 are vulnerable. Google Chrome is a web browser developed by Google (Google). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201202-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Chromium: Multiple vulnerabilities Date: February 18, 2012 Bugs: #402841, #404067 ID: 201202-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Background ========== Chromium is an open source web browser project. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 17.0.963.56 >= 17.0.963.56 Description =========== Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact ====== A remote attacker could entice a user to open a specially crafted web site using Chromium, possibly resulting in the execution of arbitrary code with the privileges of the process, a Denial of Service condition, information leak (clipboard contents), bypass of the Same Origin Policy, or escape from NativeClient's sandbox. A remote attacker could also entice the user to perform a set of UI actions (drag and drop) to trigger an URL bar spoofing vulnerability. Workaround ========== There is no known workaround at this time. Resolution ========== All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-17.0.963.56" References ========== [ 1 ] CVE-2011-3016 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3016 [ 2 ] CVE-2011-3017 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3017 [ 3 ] CVE-2011-3018 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3018 [ 4 ] CVE-2011-3019 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3019 [ 5 ] CVE-2011-3020 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3020 [ 6 ] CVE-2011-3021 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3021 [ 7 ] CVE-2011-3022 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3022 [ 8 ] CVE-2011-3023 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3023 [ 9 ] CVE-2011-3024 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3024 [ 10 ] CVE-2011-3025 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3025 [ 11 ] CVE-2011-3027 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3027 [ 12 ] CVE-2011-3953 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3953 [ 13 ] CVE-2011-3954 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3954 [ 14 ] CVE-2011-3955 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3955 [ 15 ] CVE-2011-3956 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3956 [ 16 ] CVE-2011-3957 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3957 [ 17 ] CVE-2011-3958 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3958 [ 18 ] CVE-2011-3959 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3959 [ 19 ] CVE-2011-3960 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3960 [ 20 ] CVE-2011-3961 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3961 [ 21 ] CVE-2011-3962 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3962 [ 22 ] CVE-2011-3963 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3963 [ 23 ] CVE-2011-3964 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3964 [ 24 ] CVE-2011-3965 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3965 [ 25 ] CVE-2011-3966 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3966 [ 26 ] CVE-2011-3967 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3967 [ 27 ] CVE-2011-3968 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3968 [ 28 ] CVE-2011-3969 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3969 [ 29 ] CVE-2011-3970 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3970 [ 30 ] CVE-2011-3971 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3971 [ 31 ] CVE-2011-3972 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3972 [ 32 ] Release Notes 17.0.963.46 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.ht= ml [ 33 ] Release Notes 17.0.963.56 http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.htm= l Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201202-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents. This vulnerability Webkit Vulnerability in Google Chrome Other than Webkit Products that use may also be affected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible. Versions prior to Chrome 17.0.963.46 are vulnerable. Google Chrome is a web browser developed by Google (Google). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201202-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Chromium: Multiple vulnerabilities Date: February 18, 2012 Bugs: #402841, #404067 ID: 201202-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Background ========== Chromium is an open source web browser project. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 17.0.963.56 >= 17.0.963.56 Description =========== Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact ====== A remote attacker could entice a user to open a specially crafted web site using Chromium, possibly resulting in the execution of arbitrary code with the privileges of the process, a Denial of Service condition, information leak (clipboard contents), bypass of the Same Origin Policy, or escape from NativeClient's sandbox. A remote attacker could also entice the user to perform a set of UI actions (drag and drop) to trigger an URL bar spoofing vulnerability. Workaround ========== There is no known workaround at this time. Resolution ========== All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-17.0.963.56" References ========== [ 1 ] CVE-2011-3016 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3016 [ 2 ] CVE-2011-3017 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3017 [ 3 ] CVE-2011-3018 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3018 [ 4 ] CVE-2011-3019 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3019 [ 5 ] CVE-2011-3020 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3020 [ 6 ] CVE-2011-3021 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3021 [ 7 ] CVE-2011-3022 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3022 [ 8 ] CVE-2011-3023 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3023 [ 9 ] CVE-2011-3024 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3024 [ 10 ] CVE-2011-3025 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3025 [ 11 ] CVE-2011-3027 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3027 [ 12 ] CVE-2011-3953 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3953 [ 13 ] CVE-2011-3954 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3954 [ 14 ] CVE-2011-3955 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3955 [ 15 ] CVE-2011-3956 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3956 [ 16 ] CVE-2011-3957 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3957 [ 17 ] CVE-2011-3958 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3958 [ 18 ] CVE-2011-3959 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3959 [ 19 ] CVE-2011-3960 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3960 [ 20 ] CVE-2011-3961 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3961 [ 21 ] CVE-2011-3962 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3962 [ 22 ] CVE-2011-3963 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3963 [ 23 ] CVE-2011-3964 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3964 [ 24 ] CVE-2011-3965 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3965 [ 25 ] CVE-2011-3966 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3966 [ 26 ] CVE-2011-3967 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3967 [ 27 ] CVE-2011-3968 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3968 [ 28 ] CVE-2011-3969 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3969 [ 29 ] CVE-2011-3970 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3970 [ 30 ] CVE-2011-3971 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3971 [ 31 ] CVE-2011-3972 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3972 [ 32 ] Release Notes 17.0.963.46 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.ht= ml [ 33 ] Release Notes 17.0.963.56 http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.htm= l Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201202-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

zenAdminSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted packet to TCP port 50777, aka Reference Number 25240. Punzenberger COPA-DATA GmbH zenon is an industrial automation software. Punzenberger COPA-DATA GmbH zenon is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to crash an affected system, denying service to legitimate users. zenon 6.51 SP0 is vulnerable; other versions may also be affected. ---------------------------------------------------------------------- SC Magazine awards the Secunia CSI a 5-Star rating Top-level rating for ease of use, performance, documentation, support, and value for money. Read more and get a free trial here: http://secunia.com/blog/296 ---------------------------------------------------------------------- TITLE: zenon Two Code Execution Vulnerabilities SECUNIA ADVISORY ID: SA47892 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47892/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47892 RELEASE DATE: 2012-02-08 DISCUSS ADVISORY: http://secunia.com/advisories/47892/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47892/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47892 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in zenon, which can be exploited by malicious people to potentially compromise a vulnerable system. 1) An error in zenAdminSrv.exe when processing certain packets can be exploited via a specially crafted packet sent to TCP port 50777. 2) An error in ZenSysSrv.exe when handling client connections can be exploited by connecting and disconnecting multiple times on TCP port 1101. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in version 6.51 SP0. SOLUTION: Reportedly a patch has been released. Contact the vendor for further information. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Kuang-Chun Hung, Security Research and Service Institute Information and Communication Security Technology Center (ICST). ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-013-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

ZenSysSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denial of service (service crash) or possibly execute arbitrary code via a series of connections and disconnections on TCP port 1101, aka Reference Number 25212. Punzenberger COPA-DATA GmbH zenon is an industrial automation software. Punzenberger COPA-DATA GmbH zenon is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to crash an affected system, denying service to legitimate users. zenon 6.51 SP0 is vulnerable; other versions may also be affected. ---------------------------------------------------------------------- SC Magazine awards the Secunia CSI a 5-Star rating Top-level rating for ease of use, performance, documentation, support, and value for money. Read more and get a free trial here: http://secunia.com/blog/296 ---------------------------------------------------------------------- TITLE: zenon Two Code Execution Vulnerabilities SECUNIA ADVISORY ID: SA47892 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47892/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47892 RELEASE DATE: 2012-02-08 DISCUSS ADVISORY: http://secunia.com/advisories/47892/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47892/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47892 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in zenon, which can be exploited by malicious people to potentially compromise a vulnerable system. 1) An error in zenAdminSrv.exe when processing certain packets can be exploited via a specially crafted packet sent to TCP port 50777. 2) An error in ZenSysSrv.exe when handling client connections can be exploited by connecting and disconnecting multiple times on TCP port 1101. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in version 6.51 SP0. SOLUTION: Reportedly a patch has been released. Contact the vendor for further information. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Kuang-Chun Hung, Security Research and Service Institute Information and Communication Security Technology Center (ICST). ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-013-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the HMI web server and runtime loader. plural Siemens The product includes HMI Web An arbitrary code execution vulnerability exists due to a flaw in processing related to the server and runtime loader.Crafted by attackers project An arbitrary code may be executed via the file. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. Social engineering is required to enable administrators to download files and execute them. SIMATIC Wincc Runtime Advanced is prone to a remote security vulnerability. Vulnerabilities exist in several versions of Siemens SIMATIC WinCC

The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not perform authentication, which makes it easier for remote attackers to obtain access via a TCP session. plural Siemens Product TELNET Since the daemon does not authenticate, there is a vulnerability that allows easy access.By a third party TCP Access can easily be gained through a session. Siemens SIMATIC is an automation software in a single engineering environment. SIMATIC panels include the Telnet daemon by default, but the daemon does not implement any validation features. A vulnerability exists in several versions of Siemens SIMATIC WinCC due to the failure of the TELNET daemon to perform authentication. A remote attacker could use this vulnerability to gain access through a TCP session

CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. plural Siemens Product HMI Web The server CRLF An injection vulnerability exists.By any third party HTTP Inserted header, and HTTP Response splitting attacks can be triggered. Siemens SIMATIC is an automation software in a single engineering environment. The HMI web server has a header injection vulnerability that allows elevation of privilege, stealing data or breaking services. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions

Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to read arbitrary files via a ..%5c (dot dot backslash) in a URI. plural Siemens Product HMI Web Server miniweb.exe Contains a directory traversal vulnerability.By a third party ..%5c ( Dot dot backslash ) including URI Any file may be read via. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. The HMI web server listening on TCP ports 80 and 443 does not correctly verify the URL in the HTTP request, and builds a URL containing a specially crafted slash to perform a directory traversal attack and read any file in the file system. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions. A remote attacker can exploit this vulnerability to read arbitrary files by means of ../ (dotted backslashes) in the URL

miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not properly handle URIs beginning with a 0xfa character, which allows remote attackers to read data from arbitrary memory locations or cause a denial of service (application crash) via a crafted POST request. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. The HMI web server does not properly validate the HTTP request. The first byte in the URL is manipulated. Siemens SIMATIC WinCC is prone to an HTTP-header-injection issue, a directory-traversal issue, and an arbitrary memory-read access issue because the application fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to gain elevated privileges, obtain sensitive information, or cause denial-of-service conditions. The vulnerability stems from the failure of miniweb.exe in the HMI web server to correctly handle URLs starting with the 0xfa character

Unspecified vulnerability in the BE User Switch (beuserswitch) extension 0.0.1 for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, and obtain sensitive information. BE User Switch 0.0.1 is vulnerable; other versions may be affected. Typo3, one of the leading brands of open source Content Management Systems (CMS) and Content Management Frameworks (CMF) based on PHP and MySQL databases, is a powerful open source solution

Cross-site scripting (XSS) vulnerability in the BE User Switch (beuserswitch) extension 0.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, and obtain sensitive information. BE User Switch 0.0.1 is vulnerable; other versions may be affected. Typo3, one of the leading brands of open source Content Management Systems (CMS) and Content Management Frameworks (CMF) based on PHP and MySQL databases, is a powerful open source solution

Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-cookbook/processSimple.do or (3) struts-cookbook/processDyna.do. (1) struts-examples/upload/upload-submit.do of name Parameters (2) struts-cookbook/processSimple.do of name Or message Parameters (3) struts-cookbook/processDyna.do of name Or message Parameters. Apache is a popular free open source web server that runs on a variety of Unix and Linux platforms and runs on Windows. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks

Internet Sharing in Apple Mac OS X before 10.7.3 does not preserve the Wi-Fi configuration across software updates, which allows remote attackers to obtain sensitive information by leveraging the lack of a WEP password for a Wi-Fi network. Apple Mac OS X is prone to a security bypass vulnerability that affects the Internet Sharing component. An attacker can exploit this issue to gain unauthorized access to the Wi-Fi network. The following products are vulnerable: Mac OS X 10.7 to 10.7.2 Mac OS X Server 10.7 to 10.7.2 NOTE: This issue was previously discussed in BID 51798 (Apple Mac OS X Prior to 10.7.3 Multiple Security Vulnerabilities) but has been given its own record to better document it. The vulnerability stems from Internet Sharing not maintaining the Wi-Fi configuration for the entire software update

CoreUI in Apple Mac OS X 10.7.x before 10.7.3 does not properly restrict the allocation of stack memory, which allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption and application crash) via a long URL. Apple Mac OS X is prone to a remote code-execution vulnerability. Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. The following products are vulnerable: Mac OS X 10.7 to 10.7.2 Mac OS X Server 10.7 to 10.7.2 NOTE: This issue was previously discussed in BID 51798 (Apple Mac OS X Prior to 10.7.3 Multiple Security Vulnerabilities) but has been given its own record to better document it. There is an unbounded limit stack allocation problem when dealing with ultra-long URLs

Heap-based buffer overflow in CoreMedia in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. Apple Mac OS X is prone to a heap-based buffer-overflow vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code within the context of the application. Failed exploit attempts will likely result in a denial-of-service condition. The following versions are affected: Mac OS X 10.6.8 Mac OS X Server 10.6.8 Mac OS X 10.7 to 10.7.2 Mac OS X Server 10.7 to 10.7.2 NOTE: This issue was previously discussed in BID 51798 (Apple Mac OS X Prior to 10.7.3 Multiple Security Vulnerabilities) but has been given its own record to better document it

CFNetwork in Apple Mac OS X 10.7.x before 10.7.3 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL. Apple Mac OS X is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may lead to further attacks. The vulnerability stems from CFNetwork not correctly constructing the request header in the process of parsing the URL

Address Book in Apple Mac OS X before 10.7.3 automatically switches to unencrypted sessions upon failure of encrypted connections, which allows remote attackers to read CardDAV data by terminating an encrypted connection and then sniffing the network. Apple Mac OS X is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may lead to further attacks. NOTE: This issue was previously discussed in BID 51798 (Apple Mac OS X Prior to 10.7.3 Multiple Security Vulnerabilities) but has been given its own record to better document it