VARIoT IoT vulnerabilities database

Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323 packets, aka Bug ID CSCtc73759. Cisco IOS of H.323 For implementation, H.323 Service operation disruption due to incomplete packet processing (DoS) There is a vulnerability that becomes a condition. The problem is Bug ID : CSCtc73759 It is a problem.Skillfully crafted by a third party H.323 Service disruption via packets (DoS) There is a possibility of being put into a state. Cisco IOS is prone to an unspecified remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCtc73759. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100922-h323: http://www.cisco.com/warp/public/707/cisco-sa-20100922-h323.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Cisco has released free software updates that address these vulnerabilities. There are no workarounds to mitigate these vulnerabilities other than disabling H.323 on the vulnerable device. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100922-h323.shtml Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security Advisories. Five of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses vulnerabilities in Cisco Unified Communications Manager. Each advisory lists the releases that correct the vulnerability or vulnerabilities detailed in the advisory. The table at the following URL lists releases that correct all Cisco IOS Software vulnerabilities that have been published on September 22, 2010, or earlier: http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml Individual publication links are in "Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication" at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep10.html Affected Products ================= These vulnerabilities only affect devices that are running Cisco IOS Software with H.323 voice services enabled. Vulnerable Products +------------------ Cisco devices that are running affected Cisco IOS Software versions that are configured to process H.323 messages are affected by these vulnerabilities. H.323 is not enabled by default. To determine if the Cisco IOS Software device is running H.323 services, issue the show process cpu | include H323 command, as shown in this example: Router# show process cpu | include H323 249 16000 3 5333 0.00% 0.00% 0.00% 0 CCH323_CT 250 0 1 0 0.00% 0.00% 0.00% 0 CCH323_DNS Router# In the previous example the processes CCH323_CT and CCH323_DNS are running on the device; therefore, the device is listening to H.323 messages. The device is vulnerable if any of these processes (or similar) are active. Note: Creating a dial peer by issuing the dial-peer voice command will start the H.323 processes, which causes the Cisco IOS device to process H.323 messages. To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the show version command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the show version command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 12.3(26) with an installed image name of C2500-IS-L: Router# show version Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(26), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Mon 17-Mar-08 14:39 by dchih !--- output truncated The following example identifies a Cisco product that is running Cisco IOS Software Release 12.4(20)T with an installed image name of C1841-ADVENTERPRISEK9-M: Router# show version Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Thu 10-Jul-08 20:25 by prod_rel_team !--- output truncated Additional information about Cisco IOS Software release naming conventions is available in "White Paper: Cisco IOS Reference Guide" at the following link: http://www.cisco.com/web/about/security/intelligence/ios-ref.html Products Confirmed Not Vulnerable +-------------------------------- Cisco IOS XR Software is not affected by these vulnerabilities. No other Cisco products are currently known to be affected by these vulnerabilities. Details ======= H.323 is the International Telecommunication Union (ITU) standard for real-time multimedia communications and conferencing over packet-based (IP) networks. A subset of the H.323 standard is H.225.0, a standard that is used for call signaling protocols and media stream packetization over IP networks. An attacker can exploit these vulnerabilities remotely by sending crafted H.323 packets to an affected device that is running Cisco IOS Software. A TCP three-way handshake is required to exploit these vulnerabilities. These vulnerabilities are documented in Cisco Bug IDs CSCtc73759 ( registered customers only) and CSCtd33567 ( registered customers only) , and have been assigned Common Vulnerabilities and Exposures (CVE) IDs CVE-2010-2828 and CVE-2010-2829, respectively. Vulnerability Scoring Details ============================= Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at http://intellishield.cisco.com/security/alertmanager/cvss CSCtc73759 - Device crashing upon receipt of specific traffic CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed CSCtd33567 - Traceback seen when receiving crafted H.323 packets CVSS Base Score - 7.8 Access Vector Network Access Complexity Low Authentication None Confidentiality Impact None Integrity Impact None Availability Impact Complete CVSS Temporal Score - 6.4 Exploitability Functional Remediation Level Official Fix Report Confidence Confirmed Impact ====== Successful exploitation of the vulnerabilities described in this advisory may cause the affected device to reload. Theses vulnerabilities could be exploited repeatedly to cause an extended DoS condition. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the following Cisco IOS Software table corresponds to a Cisco IOS Software train. If a particular train is vulnerable, the earliest releases that contain the fix are listed in the First Fixed Release For This Advisory column. The First Fixed Release for All Advisories in the September 2010 Bundle Publication column lists the earliest possible releases that correct all the published vulnerabilities in the Cisco IOS Software Security Advisory bundled publication. Cisco recommends upgrading to the latest available release, where possible. +--------------------------------------------------------------------+ | Major | Availability of Repaired Releases | | Release | | |------------+-------------------------------------------------------| | Affected | | First Fixed Release for | | 12.0-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |--------------------------------------------------------------------| | There are no affected 12.0-based releases | |--------------------------------------------------------------------| | Affected | | First Fixed Release for | | 12.1-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | | | Vulnerable; first fixed | | | | in 12.4T | | 12.1 | Not Vulnerable | | | | | Releases up to and | | | | including 12.1(4b) are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1AA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1AX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1AY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1AZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1CX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1DC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1E | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EO | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EV | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1EZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1GA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1GB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.1T | | | | | Releases up to and | Releases up to and | | | including 12.1(3a)T8 are | including 12.1(3a)T8 are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1XA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XG | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XH | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XI | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XL | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XP | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XR | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.1XS | | | | | Releases up to and | Releases up to and | | | including 12.1(3)XS are | including 12.1(3)XS are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.1XT | | | | | Releases up to and | Releases up to and | | | including 12.1(2)XT2 are | including 12.1(2)XT2 are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1XU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XV | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1XW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1XX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.1XY | | | | | Releases up to and | Releases up to and | | | including 12.1(4)XY are | including 12.1(4)XY are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | 12.1XZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.1YA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1YB | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1YC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1YD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.1(5) | Releases prior to 12.1(5) | | | YE6 are vulnerable, | YE6 are vulnerable, | | 12.1YE | release 12.1(5)YE6 and | release 12.1(5)YE6 and | | | later are not vulnerable; | later are not vulnerable; | | | first fixed in 12.4 | first fixed in 12.4T | |------------+---------------------------+---------------------------| | 12.1YF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.1YH | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.1YI | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.1YJ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.2-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 12.2 | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.2B | | | | | Releases up to and | Releases up to and | | | including 12.2(2)B7 are | including 12.2(2)B7 are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | 12.2BC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2BW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.2SB | in 12.2SB | | 12.2BX | | | | | Releases up to and | Releases up to and | | | including 12.2(15)BX are | including 12.2(15)BX are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | | 12.2BY | | | | | Releases up to and | Releases up to and | | | including 12.2(2)BY3 are | including 12.2(2)BY3 are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | 12.2BZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2CX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2CY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2CZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2DA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2DD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2DX | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2EW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2EWA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2EX | Vulnerable; migrate to | Not Vulnerable | | | any release in 12.2SE | | |------------+---------------------------+---------------------------| | 12.2EY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2EZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2FZ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IRE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXB | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXC | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXD | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXF | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXG | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2IXH | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2JA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2JK | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2MB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases up to and | Releases up to and | | | including 12.2(15)MC1 are | including 12.2(15)MC1 are | | | not vulnerable. | not vulnerable. Releases | | 12.2MC | | 12.2(15)MC2b and later | | | Releases 12.2(15)MC2b and | are not vulnerable; first | | | later are not vulnerable; | fixed in 12.4T | | | first fixed in 12.4 | | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2MRA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.2MRB | Not Vulnerable | 12.2(33)MRB2 | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | 12.2S | (30)S are vulnerable, | (30)S are vulnerable, | | | release 12.2(30)S and | release 12.2(30)S and | | | later are not vulnerable | later are not vulnerable | |------------+---------------------------+---------------------------| | | 12.2(31)SB19 | 12.2(31)SB19 | | | | | | 12.2SB | Releases prior to 12.2 | Releases prior to 12.2 | | | (33)SB5 are vulnerable, | (33)SB5 are vulnerable, | | | release 12.2(33)SB5 and | release 12.2(33)SB5 and | | | later are not vulnerable | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.2SBC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.2SB | in 12.2SB | |------------+---------------------------+---------------------------| | 12.2SCA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.2SCB | in 12.2SCB | |------------+---------------------------+---------------------------| | | 12.2(33)SCB10 | | | | | | | 12.2SCB | 12.2(33)SCB9 | 12.2(33)SCB9 | | | | | | | 12.2(33)SCB8 | | |------------+---------------------------+---------------------------| | | 12.2(33)SCC5 | | | 12.2SCC | | 12.2(33)SCC5 | | | 12.2(33)SCC4 | | |------------+---------------------------+---------------------------| | | 12.2(33)SCD3 | | | 12.2SCD | | 12.2(33)SCD3 | | | 12.2(33)SCD4 | | |------------+---------------------------+---------------------------| | 12.2SE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SED | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SEG | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | | (40)SG are vulnerable, | (40)SG are vulnerable, | | 12.2SG | release 12.2(40)SG and | release 12.2(40)SG and | | | later are not vulnerable; | later are not vulnerable; | | | migrate to any release in | migrate to any release in | | | 12.2SGA | 12.2SGA | |------------+---------------------------+---------------------------| | 12.2SGA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SM | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SO | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SQ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | 12.2SRA | (33)SRA6 are vulnerable, | (33)SRA6 are vulnerable, | | | release 12.2(33)SRA6 and | release 12.2(33)SRA6 and | | | later are not vulnerable | later are not vulnerable | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | 12.2SRB | (33)SRB1 are vulnerable, | (33)SRB1 are vulnerable, | | | release 12.2(33)SRB1 and | release 12.2(33)SRB1 and | | | later are not vulnerable | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.2SRC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SRD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SRE | Not Vulnerable | 12.2(33)SRE1 | |------------+---------------------------+---------------------------| | 12.2STE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | | (29b)SV1 are vulnerable, | (29b)SV1 are vulnerable, | | 12.2SV | release 12.2(29b)SV1 and | release 12.2(29b)SV1 and | | | later are not vulnerable; | later are not vulnerable; | | | migrate to any release in | migrate to any release in | | | 12.2SVD | 12.2SVD | |------------+---------------------------+---------------------------| | 12.2SVA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SVC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SVD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SVE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases up to and | Releases up to and | | | including 12.2(21)SW1 are | including 12.2(21)SW1 are | | | not vulnerable. | not vulnerable. Releases | | 12.2SW | | 12.2(25)SW12 and later | | | Releases 12.2(25)SW12 and | are not vulnerable; first | | | later are not vulnerable; | fixed in 12.4T | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | | Releases up to and | | 12.2SX | Not Vulnerable | including 12.2(14)SX2 are | | | | not vulnerable. | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Vulnerable; Contact your | | | (17b)SXA2 are vulnerable, | support organization per | | 12.2SXA | release 12.2(17b)SXA2 and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Vulnerable; Contact your | | | (17d)SXB7 are vulnerable, | support organization per | | 12.2SXB | release 12.2(17d)SXB7 and | the instructions in | | | later are not vulnerable; | Obtaining Fixed Software | | | migrate to any release in | section of this advisory | | | 12.2SXE | | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Vulnerable; Contact your | | | (18)SXD2 are vulnerable, | support organization per | | 12.2SXD | release 12.2(18)SXD2 and | the instructions in | | | later are not vulnerable | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2SXE | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | Only 12.2(18)SXF7 and | Releases prior to 12.2 | | 12.2SXF | 12.2(18)SXF8 are | (18)SXF11 are vulnerable, | | | vulnerable | release 12.2(18)SXF11 and | | | | later are not vulnerable | |------------+---------------------------+---------------------------| | 12.2SXH | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2SXI | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | | | | support organization per | | | 12.2SY | the instructions in | Not Vulnerable | | | Obtaining Fixed Software | | | | section of this advisory | | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2SZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2T | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2TPC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | | | | in 12.4 | | | 12.2XA | | Vulnerable; first fixed | | | Releases up to and | in 12.4T | | | including 12.2(1)XA are | | | | not vulnerable. | | |------------+---------------------------+---------------------------| | 12.2XB | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XE | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2XF | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2XG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XH | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XI | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XL | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | | | | (33)XN1 are vulnerable, | Vulnerable; first fixed | | 12.2XN | release 12.2(33)XN1 and | in 12.2SB | | | later are not vulnerable; | | | | first fixed in 12.2SB | | |------------+---------------------------+---------------------------| | 12.2XNA | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNB | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNC | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XND | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNE | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XNF | Please see Cisco IOS-XE | Please see Cisco IOS-XE | | | Software Availability | Software Availability | |------------+---------------------------+---------------------------| | 12.2XO | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2XQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XR | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2XS | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XT | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XV | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2XW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2YA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YE | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YG | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YH | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YJ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YK | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2YM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YN | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | | | | support organization per | | | 12.2YO | the instructions in | Not Vulnerable | | | Obtaining Fixed Software | | | | section of this advisory | | |------------+---------------------------+---------------------------| | 12.2YP | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2YQ | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2YR | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2YS | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YT | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YU | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases prior to 12.2 | Releases prior to 12.2 | | 12.2YV | (11)YV1 are vulnerable, | (11)YV1 are vulnerable, | | | release 12.2(11)YV1 and | release 12.2(11)YV1 and | | | later are not vulnerable | later are not vulnerable | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YW | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YX | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YY | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2ZA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases up to and | Releases up to and | | 12.2ZB | including 12.2(8)ZB are | including 12.2(8)ZB are | | | not vulnerable. | not vulnerable. | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZC | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.2ZE | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2ZF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.2ZG | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.2ZH | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZJ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.2ZP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; migrate to | Vulnerable; Contact your | | | any release in 12.2SXH | support organization per | | 12.2ZU | | the instructions in | | | Releases up to and | Obtaining Fixed Software | | | including 12.2(18)ZU are | section of this advisory | | | not vulnerable. | | |------------+---------------------------+---------------------------| | 12.2ZX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZY | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | | support organization per | | 12.2ZYA | Not Vulnerable | the instructions in | | | | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.3-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 12.3 | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3B | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3BC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3BW | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3EU | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3JA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3JEA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3JEB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3JEC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3JED | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | | Releases up to and | Releases up to and | | | including 12.3(2)JK3 are | including 12.3(2)JK3 are | | | not vulnerable. | not vulnerable. Releases | | 12.3JK | | 12.3(8)JK1 and later are | | | Releases 12.3(8)JK1 and | not vulnerable; first | | | later are not vulnerable; | fixed in 12.4T | | | first fixed in 12.4 | | |------------+---------------------------+---------------------------| | 12.3JL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3JX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.3T | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | | Vulnerable; Contact your | | | Releases up to and | support organization per | | 12.3TPC | including 12.3(4)TPC11a | the instructions in | | | are not vulnerable. | Obtaining Fixed Software | | | | section of this advisory | |------------+---------------------------+---------------------------| | 12.3VA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.3(2) | | | | XA7 are vulnerable, | Vulnerable; first fixed | | 12.3XA | release 12.3(2)XA7 and | in 12.4T | | | later are not vulnerable; | | | | first fixed in 12.4 | | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.3XC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XE | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3XF | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.3XG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.3(7) | Releases prior to 12.3(7) | | | XI11 are vulnerable, | XI11 are vulnerable, | | 12.3XI | release 12.3(7)XI11 and | release 12.3(7)XI11 and | | | later are not vulnerable; | later are not vulnerable; | | | first fixed in 12.2SB | first fixed in 12.2SB | |------------+---------------------------+---------------------------| | 12.3XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.3YX | in 12.4XR | |------------+---------------------------+---------------------------| | 12.3XK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XL | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XR | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XS | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | | | | in 12.4T | | | 12.3XU | | Vulnerable; first fixed | | | Releases up to and | in 12.4T | | | including 12.3(8)XU1 are | | | | not vulnerable. | | |------------+---------------------------+---------------------------| | 12.3XW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.3YX | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XX | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XY | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3XZ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4 | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YA | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YD | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.3YX | in 12.4XR | |------------+---------------------------+---------------------------| | 12.3YG | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YH | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YI | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YJ | Not Vulnerable | Vulnerable; first fixed | | | | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.3 | | | | (11)YK3 are vulnerable, | Vulnerable; first fixed | | 12.3YK | release 12.3(11)YK3 and | in 12.4T | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | 12.3YM | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YQ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; first fixed | | | | in 12.4T | | | 12.3YS | | Vulnerable; first fixed | | | Releases up to and | in 12.4T | | | including 12.3(11)YS1 are | | | | not vulnerable. | | |------------+---------------------------+---------------------------| | 12.3YT | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YU | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.3YX | 12.3(14)YX17 | Vulnerable; first fixed | | | | in 12.4XR | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.3YZ | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.3ZA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 12.4-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 12.4 | 12.4(25d) | 12.4(25d) | |------------+---------------------------+---------------------------| | 12.4GC | 12.4(24)GC2 | 12.4(24)GC2 | |------------+---------------------------+---------------------------| | 12.4JA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JDA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JDC | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JDD | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JHA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JHB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JK | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JL | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JMA | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JMB | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JX | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4JY | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | 12.4MD | Not Vulnerable | 12.4(24)MD2 | |------------+---------------------------+---------------------------| | 12.4MDA | 12.4(22)MDA4 | 12.4(22)MDA4 | |------------+---------------------------+---------------------------| | 12.4MR | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4MRA | in 12.4MRA | |------------+---------------------------+---------------------------| | 12.4MRA | 12.4(20)MRA1 | 12.4(20)MRA1 | |------------+---------------------------+---------------------------| | | Releases prior to 12.4 | | | | (15)SW6 are vulnerable, | Vulnerable; first fixed | | 12.4SW | release 12.4(15)SW6 and | in 12.4T | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | 12.4(15)T14 | 12.4(15)T14 | | | | | | 12.4T | 12.4(20)T6 | 12.4(20)T6 | | | | | | | 12.4(24)T4 | 12.4(24)T4 | |------------+---------------------------+---------------------------| | 12.4XA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.4XB | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.4XC | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.4XD | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.4(6) | Releases prior to 12.4(6) | | | XE5 are vulnerable, | XE5 are vulnerable, | | 12.4XE | release 12.4(6)XE5 and | release 12.4(6)XE5 and | | | later are not vulnerable; | later are not vulnerable; | | | first fixed in 12.4T | first fixed in 12.4T | |------------+---------------------------+---------------------------| | 12.4XF | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | | Releases prior to 12.4(9) | | | | XG5 are vulnerable, | Vulnerable; first fixed | | 12.4XG | release 12.4(9)XG5 and | in 12.4T | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | 12.4XJ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.4XK | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XL | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases prior to 12.4 | | | | (15)XM3 are vulnerable, | Vulnerable; first fixed | | 12.4XM | release 12.4(15)XM3 and | in 12.4T | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XN | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XP | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases up to and | | | | including 12.4(15)XQ are | | | | not vulnerable. | 12.4(15)XQ6; Available on | | 12.4XQ | | 22-SEP-10 | | | Releases 12.4(15)XQ6 and | | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | | | 12.4(15)XR9 | | 12.4XR | Not Vulnerable | | | | | 12.4(22)XR7 | |------------+---------------------------+---------------------------| | 12.4XT | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4XV | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | 12.4XW | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.4XY | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.4XZ | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | 12.4YA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 12.4T | in 12.4T | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YB | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Vulnerable; Contact your | Vulnerable; Contact your | | | support organization per | support organization per | | 12.4YD | the instructions in | the instructions in | | | Obtaining Fixed Software | Obtaining Fixed Software | | | section of this advisory | section of this advisory | |------------+---------------------------+---------------------------| | | Releases prior to 12.4 | | | | (24)YE1 are vulnerable, | | | 12.4YE | release 12.4(24)YE1 and | 12.4(24)YE1 | | | later are not vulnerable; | | | | first fixed in 12.4T | | |------------+---------------------------+---------------------------| | 12.4YG | 12.4(24)YG3 | 12.4(24)YG3 | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.0-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | 15.0M | 15.0(1)M3 | 15.0(1)M3 | |------------+---------------------------+---------------------------| | | Cisco 7600 and 10000 | Cisco 7600 and 10000 | | | Series routers: Not | Series routers: 15.0(1)S1 | | | Vulnerable | (available early October | | | | 2010) | | 15.0S | Cisco ASR 1000 Series | | | | routes: Please see Cisco | Cisco ASR 1000 Series | | | IOS-XE Software | routes: Please see Cisco | | | Availability | IOS-XE Software | | | | Availability | |------------+---------------------------+---------------------------| | 15.0XA | Vulnerable; first fixed | Vulnerable; first fixed | | | in 15.1T | in 15.1T | |------------+---------------------------+---------------------------| | 15.0XO | Not Vulnerable | Not Vulnerable | |------------+---------------------------+---------------------------| | Affected | | First Fixed Release for | | 15.1-Based | First Fixed Release for | All Advisories in the | | Releases | This Advisory | September 2010 Bundle | | | | Publication | |------------+---------------------------+---------------------------| | | 15.1(1)T1 | | | 15.1T | | 15.1(2)T1 | | | 15.1(2)T0a | | |------------+---------------------------+---------------------------| | 15.1XB | Vulnerable; first fixed | Vulnerable; first fixed | | | in 15.1T | in 15.1T | +--------------------------------------------------------------------+ Cisco IOS XE Software +-------------------- +-------------------------------------------------------------------+ | Cisco IOS | First Fixed | First Fixed Release for All | | XE | Release for This | Advisories in the September 2010 | | Release | Advisory | Bundle Publication | |-----------+------------------+------------------------------------| | 2.1.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.2.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.3.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.4.x | Not Vulnerable | Not Vulnerable | |-----------+------------------+------------------------------------| | 2.5.x | 2.5.2 | Vulnerable; migrate to 2.6.2 or | | | | later | |-----------+------------------+------------------------------------| | 2.6.x | 2.6.1 | 2.6.2 | |-----------+------------------+------------------------------------| | 3.1.xS | Not Vulnerable | Not Vulnerable | +-------------------------------------------------------------------+ For mapping of Cisco IOS XE to Cisco IOS releases, please refer to the Cisco IOS XE 2 and Cisco IOS XE 3S Release Notes. Workarounds =========== There are no workarounds to mitigate these vulnerabilities apart from disabling H.323 if the Cisco IOS device does not require it. Applying access lists on interfaces that should not accept H.323 traffic and placing firewalls in strategic locations may greatly reduce exposure until an upgrade can be performed. Cisco provides Solution Reference Network Design (SRND) guides to help design and deploy networking solutions, which can be found at http://www.cisco.com/go/srnd Voice Security best practices are covered in the Cisco Unified Communications SRND Based on Cisco Unified Communications Manager 6.x at http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/srnd/6x/security.html To disable all H.323 call processing, administrators can issue the call service stop forced command under the voice service voip mode, as shown in this example: voice service voip h323 call service stop forced Note: The call service stop forced command disables all H.323 call processing. Additional mitigations that can be deployed on Cisco devices within the network are available in the companion document "Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Voice Products", which is available at the following location: http://www.cisco.com/warp/public/707/cisco-amb-20100922-voice.shtml Obtaining Fixed Software ======================== Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com Customers using Third Party Support Organizations +------------------------------------------------ Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory. The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac@cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory. These vulnerabilities were found during Cisco internal testing. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at : http://www.cisco.com/warp/public/707/cisco-sa-2010922-h323.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce@cisco.com * first-bulletins@lists.first.org * bugtraq@securityfocus.com * vulnwatch@vulnwatch.org * cisco@spot.colorado.edu * cisco-nsp@puck.nether.net * full-disclosure@lists.grok.org.uk * comp.dcom.sys.cisco@newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +-----------------------------------------+ | Revision | | Initial | | 1.0 | 2010-September-22 | public | | | | release. | +-----------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (Darwin) iEYEARECAAYFAkyZ/SoACgkQ86n/Gc8U/uCR8ACfbSQwX1PMeEwUVJWTSeGDtyrW jTMAnRuYshIzCis7CHMiORtLxeSKi80b =B67E -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

A vulnerability in the file transfer feature in the JP1/NETM/Remote Control Agent may allow authentication bypass.A remote attacker could manipulate arbitrary files on the system installed with the Remote Control Agent.

The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious PDF file with an affected application. Poppler is prone to multiple denial-of-service and memory-corruption vulnerabilities when handling malformed PDF files. Successfully exploiting these issues allows remote attackers to crash applications that use the vulnerable library, denying service to legitimate users. Due to the nature of some of these issues, arbitrary code execution may be possible; this has not been confirmed. Poppler 0.14.3 is vulnerable; other versions may also be affected. Packages for 2009.0 are provided as of the Extended Maintenance Program. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFM3Ra0mqjQ0CJFipgRAifRAJ9k+ShgxdVIOXD1cd+oAhpZMhDYsACZAQwN bF7gGtlw9dl5Da13toBE974= =fyOW -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Xpdf Two Vulnerabilities SECUNIA ADVISORY ID: SA41709 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41709/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41709 RELEASE DATE: 2010-10-12 DISCUSS ADVISORY: http://secunia.com/advisories/41709/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41709/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41709 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Xpdf, which can potentially be exploited by malicious people to compromise a user's system. For more information see vulnerabilities #1 and #2 in: SA41596 SOLUTION: Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Reported in Poppler by Joel Voss, Leviathan Security Group. ORIGINAL ADVISORY: https://rhn.redhat.com/errata/RHSA-2010-0751.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . For the stable distribution (lenny), these problems have been fixed in version 3.02-1.4+lenny3. For the upcoming stable distribution (squeeze) and the unstable distribution (sid), these problems don't apply, since xpdf has been patched to use the Poppler PDF library. Upgrade instructions - -------------------- If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201310-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Poppler: Multiple vulnerabilities Date: October 06, 2013 Bugs: #263028, #290430, #290464, #308017, #338878, #352581, #459866, #480366 ID: 201310-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Poppler, some of which may allow execution of arbitrary code. Background ========== Poppler is a cross-platform PDF rendering library originally based on Xpdf. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Poppler users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-text/poppler-0.22.2-r1" References ========== [ 1 ] CVE-2009-0146 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0146 [ 2 ] CVE-2009-0147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0147 [ 3 ] CVE-2009-0165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0165 [ 4 ] CVE-2009-0166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0166 [ 5 ] CVE-2009-0195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0195 [ 6 ] CVE-2009-0799 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0799 [ 7 ] CVE-2009-0800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0800 [ 8 ] CVE-2009-1179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1179 [ 9 ] CVE-2009-1180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1180 [ 10 ] CVE-2009-1181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1181 [ 11 ] CVE-2009-1182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1182 [ 12 ] CVE-2009-1183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1183 [ 13 ] CVE-2009-1187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1187 [ 14 ] CVE-2009-1188 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1188 [ 15 ] CVE-2009-3603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3603 [ 16 ] CVE-2009-3604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3604 [ 17 ] CVE-2009-3605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3605 [ 18 ] CVE-2009-3606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3606 [ 19 ] CVE-2009-3607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3607 [ 20 ] CVE-2009-3608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3608 [ 21 ] CVE-2009-3609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3609 [ 22 ] CVE-2009-3938 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3938 [ 23 ] CVE-2010-3702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3702 [ 24 ] CVE-2010-3703 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3703 [ 25 ] CVE-2010-3704 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3704 [ 26 ] CVE-2010-4653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4653 [ 27 ] CVE-2010-4654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4654 [ 28 ] CVE-2012-2142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2142 [ 29 ] CVE-2013-1788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1788 [ 30 ] CVE-2013-1789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1789 [ 31 ] CVE-2013-1790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1790 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201310-03.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . =========================================================== Ubuntu Security Notice USN-1005-1 October 19, 2010 poppler vulnerabilities CVE-2010-3702, CVE-2010-3703, CVE-2010-3704 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS Ubuntu 10.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libpoppler1 0.5.1-0ubuntu7.8 libpoppler1-glib 0.5.1-0ubuntu7.8 Ubuntu 8.04 LTS: libpoppler-glib2 0.6.4-1ubuntu3.5 libpoppler2 0.6.4-1ubuntu3.5 Ubuntu 9.04: libpoppler-glib4 0.10.5-1ubuntu2.6 libpoppler4 0.10.5-1ubuntu2.6 Ubuntu 9.10: libpoppler-glib4 0.12.0-0ubuntu2.3 libpoppler5 0.12.0-0ubuntu2.3 Ubuntu 10.04 LTS: libpoppler-glib4 0.12.4-0ubuntu5.1 libpoppler5 0.12.4-0ubuntu5.1 Ubuntu 10.10: libpoppler-glib5 0.14.3-0ubuntu1.1 libpoppler7 0.14.3-0ubuntu1.1 In general, a standard system update will make all the necessary changes. Details follow: It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ubuntu7.8.diff.gz Size/MD5: 27259 bedbca4c7d1fbb131e87ac7d01b9ccfb http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ubuntu7.8.dsc Size/MD5: 2375 9242a34c31aec338034bad41ff0e04fb http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1.orig.tar.gz Size/MD5: 954930 a136cd731892f4570933034ba97c8704 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.8_amd64.deb Size/MD5: 729804 990c4697220246f06734ec985bf79805 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.8_amd64.deb Size/MD5: 58242 4e17049f4d461125928bd33eb905542e http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.8_amd64.deb Size/MD5: 47402 2e1911778f8d114dc01570a16cc753fa http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.8_amd64.deb Size/MD5: 52998 4dc5f9471611f96ec0bfb5314a527d67 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.8_amd64.deb Size/MD5: 43618 37459b85fdf031fdba6e1b35ea116679 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.8_amd64.deb Size/MD5: 546536 7ad7ef20bd092f9007a0a4f2920d301d http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.8_amd64.deb Size/MD5: 101316 389d8b7bf42dd291ae246bbe5306c66e i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.8_i386.deb Size/MD5: 664928 8670a45be74a527aa2381c786d6f499c http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.8_i386.deb Size/MD5: 56038 20fa91b22991fbf8f2855d0019a30066 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.8_i386.deb Size/MD5: 46100 aa511d2877d5a86ee35fb8760168e746 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.8_i386.deb Size/MD5: 51888 e635377fcd0afcc86fb5665f12596940 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.8_i386.deb Size/MD5: 43120 0a299604034207977e6549719e97c3bb http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.8_i386.deb Size/MD5: 505126 546b78451a3db468d906a13c3e461755 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.8_i386.deb Size/MD5: 93028 075e41dd3d3608e7e4a5f682d3ab0d45 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.8_powerpc.deb Size/MD5: 769490 69fe73d00ba079febc5ada96e82cb518 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.8_powerpc.deb Size/MD5: 60272 ef55f2b86d376cfc7f81786fa56f0852 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.8_powerpc.deb Size/MD5: 47556 20725d1ceae67bd27b629bda23ea27aa http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.8_powerpc.deb Size/MD5: 54288 f1652517075e0ea34c6b762e8e1ec6ba http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.8_powerpc.deb Size/MD5: 44890 7ce2dad1bd9962aecd9184b74de80dbd http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.8_powerpc.deb Size/MD5: 552776 7b30e7f41666d93aaa7d3a95537333d8 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.8_powerpc.deb Size/MD5: 105656 6d4c33c8c30e18aba3e5248d19945312 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.8_sparc.deb Size/MD5: 690766 199896329398917fe8f2a37179d02a34 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.8_sparc.deb Size/MD5: 56618 d6fe358f5cdcbc02450e69db342ee8b3 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.8_sparc.deb Size/MD5: 46092 5d19384e2488912b2ba4d98ff39906b7 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.8_sparc.deb Size/MD5: 51360 9b6aaada69d2fd81edbf8a3f1e236256 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.8_sparc.deb Size/MD5: 42362 914f0dfd79b25858ad12ad20c4407905 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.8_sparc.deb Size/MD5: 518396 ccb5b4d7b6a3966174b55e82597d90b8 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.8_sparc.deb Size/MD5: 93880 6343457c99d3fe9e95c65e7f11ed1688 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.5.diff.gz Size/MD5: 22610 e40e61ff8f404dd8c570d7d9d37d3344 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.5.dsc Size/MD5: 1832 5e30251249c773f2fdb94278bf11050c http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4.orig.tar.gz Size/MD5: 1294481 13d12ca4e349574cfbbcf4a9b2b3ae52 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.5_amd64.deb Size/MD5: 899230 8fce2b7acfae6b6397caf9caf140a031 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.5_amd64.deb Size/MD5: 110018 dfafa5b34781fe749705af443a32d855 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.5_amd64.deb Size/MD5: 54810 5febb6077ff4019f33ef36b39d05087b http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.5_amd64.deb Size/MD5: 46176 f53d822dbade16249befcf24f503c443 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.5_amd64.deb Size/MD5: 25520 85571978f17908b52fde4a635b1a411e http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.5_amd64.deb Size/MD5: 146760 9ff80c2dbf2bb811e31e1b66caf6279c http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.5_amd64.deb Size/MD5: 201282 909dc624c82bc3c89a0b46ee49fc080f http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.5_amd64.deb Size/MD5: 648816 9c4f1dbc90f19b95970d601d05ebf72b http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.5_amd64.deb Size/MD5: 78984 ea5c07bc1f8cc794416c93e05b4f4815 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.5_i386.deb Size/MD5: 839500 f428fc3b2317229955ebf3145bd8b1ef http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.5_i386.deb Size/MD5: 102844 5abd270a2f436fd79d5fa021ed0a75a2 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.5_i386.deb Size/MD5: 52354 58e6cec2618c530ae21ca02fb009da06 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.5_i386.deb Size/MD5: 42614 9370944020717ba5be753fe28ab981d0 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.5_i386.deb Size/MD5: 25050 57ac26b842693f33b609ea6d6ced073b http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.5_i386.deb Size/MD5: 143622 9f476e4d71f8693f39e73e76c9a65d3c http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.5_i386.deb Size/MD5: 190086 b40f870abc3aa6f6b8203de269e88d93 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.5_i386.deb Size/MD5: 623310 43c9e0e5063794de8b008a567dd48545 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.5_i386.deb Size/MD5: 73692 d5434601a4e7ef66297888f349217a1f lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.5_lpia.deb Size/MD5: 859546 59e85a8660b8972ffac2b9964be303bd http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.5_lpia.deb Size/MD5: 103834 2dd93fcfeb085ad2d2ebbf2631b094e9 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.5_lpia.deb Size/MD5: 52614 bfa697640e43ddb7314d66f7107e021f http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.5_lpia.deb Size/MD5: 43048 f1173347bdf4b450a9058f558a0e98e0 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.5_lpia.deb Size/MD5: 24792 2f1a32e1c3062d9ff8ad2bac1a89a5e2 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.5_lpia.deb Size/MD5: 145068 e079cb3940740d3866454898c7a635ba http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.5_lpia.deb Size/MD5: 191294 c0083aef2f0adfc21064be2f95f6316d http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.5_lpia.deb Size/MD5: 637232 bff9ecff5a68a668e00a2c0bab55b290 http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.5_lpia.deb Size/MD5: 74708 14d03ac4f0abc79bb2b7696776db9362 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.5_powerpc.deb Size/MD5: 956836 642c3332a4295161be0729b72f6ccfb0 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.5_powerpc.deb Size/MD5: 115792 671359d71e699df8ef011ef9b1b97e13 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.5_powerpc.deb Size/MD5: 58464 118f2e096f121fb43ad8a287335f5892 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.5_powerpc.deb Size/MD5: 46142 60ec3d227164cb4f52531bf0d0d94a71 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.5_powerpc.deb Size/MD5: 28862 cf22690c891eaf82c9587faff7e7aec1 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.5_powerpc.deb Size/MD5: 152744 fef8f36a164ceb3a425882cc697d9cad http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.5_powerpc.deb Size/MD5: 209554 7c20fafa41749c91709a2c925844cad1 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.5_powerpc.deb Size/MD5: 683376 5c9e55ebefa5e5dfabbd72787bf5b7bb http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.5_powerpc.deb Size/MD5: 94454 50f79c3f37ccade2e26ac5f01fedb367 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.5_sparc.deb Size/MD5: 859950 ca8b01d58970c27729fb9311f7706611 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.5_sparc.deb Size/MD5: 104158 a60feaf9f57f703ae37d4587071e10e3 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.5_sparc.deb Size/MD5: 51408 3a832dd5583a5ebdca67fb868b774f46 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.5_sparc.deb Size/MD5: 42008 563aa6cce06916284a5bbccc8f9a4a2a http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.5_sparc.deb Size/MD5: 23902 dbda45ef43ff352439a2595766a8725f http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.5_sparc.deb Size/MD5: 145340 fcacd993458d4e16e4104b1c2fef74b5 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.5_sparc.deb Size/MD5: 193258 872f6f3ef8af1a386100f929342c23f3 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.5_sparc.deb Size/MD5: 631572 31bc91916469b6fee1e4ed2411b98c70 http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.5_sparc.deb Size/MD5: 72984 85a3e42acdf1819c8fc07053cb9012c3 Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.10.5-1ubuntu2.6.diff.gz Size/MD5: 22658 46a4434de1013ad6a1aedd7f83f4638e http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.10.5-1ubuntu2.6.dsc Size/MD5: 2319 cb6568c37577a77805a323102daf8cbe http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.10.5.orig.tar.gz Size/MD5: 1516687 125f671a19707861132fb03e73b61184 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.6_amd64.deb Size/MD5: 1000762 2511c181edee11136cd95f2fd8f7df4e http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.6_amd64.deb Size/MD5: 124320 8e44bb95aaf500ea3f5f2cfeda92c77b http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.6_amd64.deb Size/MD5: 64498 433f22fd427b85eda6c6f79c093c7bf4 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.6_amd64.deb Size/MD5: 51136 3fce9dd192f7cf72beb2a462b78a045f http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.6_amd64.deb Size/MD5: 26084 40b1eb43d7c31c344ee807f67b56405a http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.6_amd64.deb Size/MD5: 166096 856ebcf506dfe1e6f73a16d039683576 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.6_amd64.deb Size/MD5: 235030 001590442c32e9d44d12c708cb484a34 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.6_amd64.deb Size/MD5: 715688 100b06d8f1c178b74a72627c1293a99d http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.6_amd64.deb Size/MD5: 3191282 9fad2dc154e6816007978eecba272f98 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.6_amd64.deb Size/MD5: 80310 e6f5e58168c6548ee953afc2f2e198e2 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.6_i386.deb Size/MD5: 939116 1a637f61cc6980c737f0485fc2ee9d46 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.6_i386.deb Size/MD5: 118186 be93a766d70095e2b904e8a1059c1ea9 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.6_i386.deb Size/MD5: 61432 b48d904620036b494dae30f846757933 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.6_i386.deb Size/MD5: 48108 502e462be767601fd4f37278ff6fb0c9 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.6_i386.deb Size/MD5: 25400 0d97956139ca4df762ff50924775c7ee http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.6_i386.deb Size/MD5: 164406 c48888d902bace1af6f9568bc7d11781 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.6_i386.deb Size/MD5: 219842 642d8bf864daa53baa9aba14ef1d8e8d http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.6_i386.deb Size/MD5: 687198 ebd3b55dd94130e8031fce6fdd9c2977 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.6_i386.deb Size/MD5: 3106210 be7d517d3130e27b75b778b1fafab2c2 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.6_i386.deb Size/MD5: 75150 842cb849ecdc92162f1ef0645a89694a lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.6_lpia.deb Size/MD5: 951712 5833f800109087edef20d0d2e043a2a0 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.6_lpia.deb Size/MD5: 118064 f415be637dbb5991ce0cf7d4bc62b9b7 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.6_lpia.deb Size/MD5: 61512 247589fb21e89512e10055a39cdef0c0 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.6_lpia.deb Size/MD5: 48234 53a1552904e2243babf5b4480f4e39d2 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.6_lpia.deb Size/MD5: 25090 fe55913c8f07a2d573d202669dd1697e http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.6_lpia.deb Size/MD5: 164652 37ca1c8caa83a03a65f2d24d4f7576bb http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.6_lpia.deb Size/MD5: 220064 5d8c233389507dc10c6830ab35ab31e4 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.6_lpia.deb Size/MD5: 698034 6b6e1e71dc2b4d73ce5d91ab18ed1434 http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.6_lpia.deb Size/MD5: 3141000 792164965ecec628891930c15056146e http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.6_lpia.deb Size/MD5: 75852 566179c180af7420345a59aef66d20ab powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.6_powerpc.deb Size/MD5: 1067816 72f7c6c253c7a0d6de9572a45b766bea http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.6_powerpc.deb Size/MD5: 132060 05faca87e109c1c75a82a458b2d23949 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.6_powerpc.deb Size/MD5: 69138 2c877d50106cacbfa82cb9e60e572e7e http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.6_powerpc.deb Size/MD5: 51250 377d0b6a2fb986aafde1ee9f8045e04a http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.6_powerpc.deb Size/MD5: 28790 9a4a744f8bbaee83ab3e0d624425dda3 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.6_powerpc.deb Size/MD5: 170364 ce061c2566a07dd3c159a23d66d829fc http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.6_powerpc.deb Size/MD5: 239232 b223e0531752af48a78b9feb2964e77a http://ports.ubuntu.com/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.6_powerpc.deb Size/MD5: 751112 72ec27c3cfa98ec9c51e1735b233d70a http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.6_powerpc.deb Size/MD5: 3289146 731cdf54cada7da65a2a3c939df59f93 http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.6_powerpc.deb Size/MD5: 92846 b62d9487645a67d4c892c3671a75e05c sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.6_sparc.deb Size/MD5: 958890 6948353f591647da86e316845ec8f9eb http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.6_sparc.deb Size/MD5: 120824 6ff59a3bbd4a9b425ef23110a76c4298 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.6_sparc.deb Size/MD5: 61180 2cc5e6f027e76b607defdc9a797fea4d http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.6_sparc.deb Size/MD5: 47586 c343721df8aec6efa801c42368c65187 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.6_sparc.deb Size/MD5: 24302 829a6fd6cb43629453b0d03abb134c74 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.6_sparc.deb Size/MD5: 165794 e2baae9323c3dc1bfd4c7a5188b876a4 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.6_sparc.deb Size/MD5: 227060 24c905d2bf65312b9654f3a8c3ff1b85 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.6_sparc.deb Size/MD5: 699612 e891d015a5e9f4a06c62330ae13ad8ff http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.6_sparc.deb Size/MD5: 3054006 65d02dc72ebedeee044492a0d54a7c9b http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.6_sparc.deb Size/MD5: 75462 14106f64edcc64399c73cecfffe82660 Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.12.0-0ubuntu2.3.diff.gz Size/MD5: 16162 e2f7027909f54a82d3b05a5dab49bfe3 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.12.0-0ubuntu2.3.dsc Size/MD5: 2333 0ca7e3c51f46e811ab8b764d19735017 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.12.0.orig.tar.gz Size/MD5: 1595424 399b25d9d71ad22bc9a2a9281769c49c amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.12.0-0ubuntu2.3_amd64.deb Size/MD5: 1051980 811eb825ef2a4a35a2737c7cc8f7dc18 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.12.0-0ubuntu2.3_amd64.deb Size/MD5: 147620 0df853686d2bde4d3251e2034d4aaca4 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib4_0.12.0-0ubuntu2.3_amd64.deb Size/MD5: 75082 66a4118be485eca8c0d64bcb507d95fe http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.12.0-0ubuntu2.3_amd64.deb Size/MD5: 56040 9aa3e75a67f5b3325354e0cd0783b4eb http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.12.0-0ubuntu2.3_amd64.deb Size/MD5: 26016 ab04a30595e5e10a8ea324ce5429859d http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.12.0-0ubuntu2.3_amd64.deb Size/MD5: 169758 a0feabc74a20a921577bb14b328f4f08 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.12.0-0ubuntu2.3_amd64.deb Size/MD5: 246134 66b67de914b70e969cef45ad38be8350 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler5_0.12.0-0ubuntu2.3_amd64.deb Size/MD5: 758072 3759109d011266b2f989d6d4b9c700f8 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.12.0-0ubuntu2.3_amd64.deb Size/MD5: 3352576 018f3529b1b4b66eb8fce6446e151276 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.12.0-0ubuntu2.3_amd64.deb Size/MD5: 84178 3242ad6a0e40ac5017b25f252026b4ec i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.12.0-0ubuntu2.3_i386.deb Size/MD5: 989400 4c6f5530a2751fbef0c4cf2b91c0a450 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.12.0-0ubuntu2.3_i386.deb Size/MD5: 140982 8b2732a5ee3087e754cfbc8a311508a9 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib4_0.12.0-0ubuntu2.3_i386.deb Size/MD5: 72374 9dafd2e2f353b30269b61184d8a05a73 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.12.0-0ubuntu2.3_i386.deb Size/MD5: 53740 92abc5198ae95accc2a9c04535a12e74 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.12.0-0ubuntu2.3_i386.deb Size/MD5: 25630 9ed21683dc9ce42230357a75c9f8efaf http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.12.0-0ubuntu2.3_i386.deb Size/MD5: 166244 5407024e0fbca9ca17cf31784689f530 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.12.0-0ubuntu2.3_i386.deb Size/MD5: 231402 085ad28bb8f30fb81c922bdf98461f62 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler5_0.12.0-0ubuntu2.3_i386.deb Size/MD5: 725946 56e85e5a60eded5dd71286df5afcddad http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.12.0-0ubuntu2.3_i386.deb Size/MD5: 3273936 4900c20227ee15c570803e0a5ea2380e http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.12.0-0ubuntu2.3_i386.deb Size/MD5: 80140 8397685b99e33d2295945e01b5a9c5a9 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.12.0-0ubuntu2.3_sparc.deb Size/MD5: 1024116 82f69ec56049caaaa2e6d6ddfbcf38e9 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.12.0-0ubuntu2.3_sparc.deb Size/MD5: 145452 ca9c8d859dd2c259254c1015c8150e7c http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.12.0-0ubuntu2.3_sparc.deb Size/MD5: 73070 93faf777eb853626a8021a4fdf951ae0 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.12.0-0ubuntu2.3_sparc.deb Size/MD5: 53314 f04f80d8c690dd8eed9f2d8629b82ab6 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.12.0-0ubuntu2.3_sparc.deb Size/MD5: 24216 5597f9b407ed6e297dfb60495a926835 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.12.0-0ubuntu2.3_sparc.deb Size/MD5: 168690 d5f6fc3fd30c50549a0425684be4456f http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.12.0-0ubuntu2.3_sparc.deb Size/MD5: 244286 73acb1d168e1b946fc0ab87e52a98d2b http://ports.ubuntu.com/pool/main/p/poppler/libpoppler5_0.12.0-0ubuntu2.3_sparc.deb Size/MD5: 749218 e362ac899fed10132a24579c856392bf http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.12.0-0ubuntu2.3_sparc.deb Size/MD5: 3243524 b3809cb3b43f6c6fcbf78e5f195454b8 http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.12.0-0ubuntu2.3_sparc.deb Size/MD5: 80606 84e09ef47c3a62d374f7d72d077857f7 Updated packages for Ubuntu 10.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.12.4-0ubuntu5.1.diff.gz Size/MD5: 36586 3c8f46489d270a6553c603f1bf42df61 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.12.4-0ubuntu5.1.dsc Size/MD5: 2321 6309c218890373f2d2f3829083f1e14e http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.12.4.orig.tar.gz Size/MD5: 1674400 4155346f9369b192569ce9184ff73e43 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.12.4-0ubuntu5.1_amd64.deb Size/MD5: 1057464 02cfbb58b185dce47f79752bc448ecfb http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.12.4-0ubuntu5.1_amd64.deb Size/MD5: 153226 6a1cd66dad1f036c916834a9bee5290e http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib4_0.12.4-0ubuntu5.1_amd64.deb Size/MD5: 79122 fc4779709ed8b692f9debc48054dcf66 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.12.4-0ubuntu5.1_amd64.deb Size/MD5: 56012 6c389ff1ec4144b526b34e3df0390361 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.12.4-0ubuntu5.1_amd64.deb Size/MD5: 26902 e4f305ff49b07e2d4266f3c23b737328 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.12.4-0ubuntu5.1_amd64.deb Size/MD5: 172296 6a277bb044e8bddf0b7211ef4f201e8a http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.12.4-0ubuntu5.1_amd64.deb Size/MD5: 252048 07a540e9727055ad6ea3af4805ca02f4 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler5_0.12.4-0ubuntu5.1_amd64.deb Size/MD5: 762152 b900a754d1f4fd137a984a5d9a428b49 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.12.4-0ubuntu5.1_amd64.deb Size/MD5: 3392098 40b5213d5c65333912cb2a6837cb8155 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.12.4-0ubuntu5.1_amd64.deb Size/MD5: 84984 222e314966329a71370119194760f289 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.12.4-0ubuntu5.1_i386.deb Size/MD5: 994314 0cf46cddcca262acb400301c6ccfadcf http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.12.4-0ubuntu5.1_i386.deb Size/MD5: 146050 ecfd6621c0c8125575908fce67e87037 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib4_0.12.4-0ubuntu5.1_i386.deb Size/MD5: 75926 9460e967f9ea99f6e52cea7b82794cf1 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.12.4-0ubuntu5.1_i386.deb Size/MD5: 53792 094890d2058126fad34a2a9f1b74a9fe http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.12.4-0ubuntu5.1_i386.deb Size/MD5: 26526 ae6f93323c82c1d452e81335025c4677 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.12.4-0ubuntu5.1_i386.deb Size/MD5: 169754 b69d20dacb024e9412954289e62606e5 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.12.4-0ubuntu5.1_i386.deb Size/MD5: 237416 79df3cbaef280ae078fe5d90d1efeca6 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler5_0.12.4-0ubuntu5.1_i386.deb Size/MD5: 729896 ebd5b47847b7d4c2d6a7956d5f2b9c9c http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.12.4-0ubuntu5.1_i386.deb Size/MD5: 3308176 1901fd74a67d54354fc37140a3820651 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.12.4-0ubuntu5.1_i386.deb Size/MD5: 80940 24c64a45a096f19bc5e29ac070570932 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.12.4-0ubuntu5.1_powerpc.deb Size/MD5: 1139050 391b272517bddffbfecbbc91a43b7f96 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.12.4-0ubuntu5.1_powerpc.deb Size/MD5: 160174 5e5fbf2fdbf5007373e8f76a762b875d http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.12.4-0ubuntu5.1_powerpc.deb Size/MD5: 83092 96d39f59f5dbb721fc5bbd370f0b3540 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.12.4-0ubuntu5.1_powerpc.deb Size/MD5: 57086 00f8a4e9617f841bd90e57d2835311f4 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.12.4-0ubuntu5.1_powerpc.deb Size/MD5: 27700 b373ca19c5ec767a6398dffc9bedd553 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.12.4-0ubuntu5.1_powerpc.deb Size/MD5: 174170 ff1770256477129693ba12fa671d00f2 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.12.4-0ubuntu5.1_powerpc.deb Size/MD5: 257882 c5a46d4e9d96ab2e705e5a538cf3731e http://ports.ubuntu.com/pool/main/p/poppler/libpoppler5_0.12.4-0ubuntu5.1_powerpc.deb Size/MD5: 802012 68d7baf4f9f6c09fbf4f1c0e382fa182 http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.12.4-0ubuntu5.1_powerpc.deb Size/MD5: 3517048 e614b7e4a6a126f9b7dd67f6efefd117 http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.12.4-0ubuntu5.1_powerpc.deb Size/MD5: 85044 6187f4e8bac574e941da55a6a69690af sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.12.4-0ubuntu5.1_sparc.deb Size/MD5: 1061366 41136167b401a0728acbcdb4019d10a9 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.12.4-0ubuntu5.1_sparc.deb Size/MD5: 152744 080f6cd7a3b25dafb7a859b7feb7095e http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.12.4-0ubuntu5.1_sparc.deb Size/MD5: 77452 04f109d31474b5aa18934e158adf6d62 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.12.4-0ubuntu5.1_sparc.deb Size/MD5: 54694 2300562f2a7cfb8d4a33f881332ace15 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.12.4-0ubuntu5.1_sparc.deb Size/MD5: 25448 53b2a8352578c81f64e8f4cab898007b http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.12.4-0ubuntu5.1_sparc.deb Size/MD5: 172760 f147f6913ced592759716f7b3df63af2 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.12.4-0ubuntu5.1_sparc.deb Size/MD5: 255112 3257864700e4387e8cf4e11e5f4aef4e http://ports.ubuntu.com/pool/main/p/poppler/libpoppler5_0.12.4-0ubuntu5.1_sparc.deb Size/MD5: 761444 626f9943c20f6c2f8cddfaed957e0251 http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.12.4-0ubuntu5.1_sparc.deb Size/MD5: 3312976 945e1150e98d3545f2790ceaec85220f http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.12.4-0ubuntu5.1_sparc.deb Size/MD5: 82324 33c251009e49841c9ae76e74a1e4e559 Updated packages for Ubuntu 10.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.14.3-0ubuntu1.1.diff.gz Size/MD5: 14357 2913cf42deabe02923039b83f4d3a09b http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.14.3-0ubuntu1.1.dsc Size/MD5: 2426 d8addbeb6ab59e8dfeaab3262b4215e8 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.14.3.orig.tar.gz Size/MD5: 1791880 1024c608a8a7c1d6ec301bddf11f3af9 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-cpp-dev_0.14.3-0ubuntu1.1_amd64.deb Size/MD5: 64468 6a423398bc892f513b2f38e2e3d5c602 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-cpp0_0.14.3-0ubuntu1.1_amd64.deb Size/MD5: 31168 539169982c29fbd85ad92d3564b46332 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.14.3-0ubuntu1.1_amd64.deb Size/MD5: 1103468 a14ada191171b0af80c8ed455cc43602 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.14.3-0ubuntu1.1_amd64.deb Size/MD5: 165088 a094e30c378323c4e13fce76cb41eaef http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib5_0.14.3-0ubuntu1.1_amd64.deb Size/MD5: 83900 ba49980dc7ae19ec805f2d2e0a9dd341 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.14.3-0ubuntu1.1_amd64.deb Size/MD5: 59162 2e9264fd1688912c647a684349b04bc1 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.14.3-0ubuntu1.1_amd64.deb Size/MD5: 26422 f2e204b7a284aa1c7762671eb764f65f http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.14.3-0ubuntu1.1_amd64.deb Size/MD5: 175388 12fdd82ec02447154cb66ffee97eb6bd http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.14.3-0ubuntu1.1_amd64.deb Size/MD5: 262250 4b22149a50d268aff9c443f577272ec9 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler7_0.14.3-0ubuntu1.1_amd64.deb Size/MD5: 783016 b6a88c5290d6584cf118e03486ee5b28 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.14.3-0ubuntu1.1_amd64.deb Size/MD5: 3782700 92aaee73614843eb71a1e894d6e6b6db http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.14.3-0ubuntu1.1_amd64.deb Size/MD5: 84584 cff59800844c6d64d58481682d7096c2 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-cpp-dev_0.14.3-0ubuntu1.1_i386.deb Size/MD5: 61226 2daec50e448a0023cefc89ecdac63e2f http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-cpp0_0.14.3-0ubuntu1.1_i386.deb Size/MD5: 31404 ad307f5350fd07a9cc409f4e9e1a76a3 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.14.3-0ubuntu1.1_i386.deb Size/MD5: 1031432 cb1b0f48c777da1e83104a1f8a92850c http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.14.3-0ubuntu1.1_i386.deb Size/MD5: 156646 33c97aaca1542522ac44c0c2c1aa32f9 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib5_0.14.3-0ubuntu1.1_i386.deb Size/MD5: 80682 9c4b0a4534eb6719a7d9f974b2fc8b61 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.14.3-0ubuntu1.1_i386.deb Size/MD5: 56974 6d8a32bff9e98d95c8cf754c47aae4f6 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.14.3-0ubuntu1.1_i386.deb Size/MD5: 25986 ce814f61d00c0be09742cff50d691d1a http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.14.3-0ubuntu1.1_i386.deb Size/MD5: 172378 d6a441c24baa014e23428de75ee78913 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.14.3-0ubuntu1.1_i386.deb Size/MD5: 246084 0f3d944e284b2e96f78ff7c897d89310 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler7_0.14.3-0ubuntu1.1_i386.deb Size/MD5: 746296 c5b46a4f36381b2d6ac1f4cdc973a85d http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.14.3-0ubuntu1.1_i386.deb Size/MD5: 3694024 28b7b242f8fe4b6decc198ce2cddc5e4 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.14.3-0ubuntu1.1_i386.deb Size/MD5: 79640 326c2ea9f373fec8622ca654b942fee2 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-cpp-dev_0.14.3-0ubuntu1.1_powerpc.deb Size/MD5: 65034 e6fe859f3e6071f20f9cf880107c1f2e http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-cpp0_0.14.3-0ubuntu1.1_powerpc.deb Size/MD5: 32576 1923fe67aeb448dae67c0c3de7acad51 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.14.3-0ubuntu1.1_powerpc.deb Size/MD5: 1182088 7d90bf72cedc6ccda4da639e657ba3ec http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.14.3-0ubuntu1.1_powerpc.deb Size/MD5: 171878 728ed879151c66c82c09d074ca3d6b74 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib5_0.14.3-0ubuntu1.1_powerpc.deb Size/MD5: 88564 38714d7ad6697b4231e2c89c511195c4 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.14.3-0ubuntu1.1_powerpc.deb Size/MD5: 60498 2422b28c607abc4cf25388199ad89052 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.14.3-0ubuntu1.1_powerpc.deb Size/MD5: 27190 4e063517954ef91ae8ce1d959f939bad http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.14.3-0ubuntu1.1_powerpc.deb Size/MD5: 177264 79deabe8844ba4993b7643a846b6ba7f http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.14.3-0ubuntu1.1_powerpc.deb Size/MD5: 270448 a6924c87f821b74c9d9ef642d3182194 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler7_0.14.3-0ubuntu1.1_powerpc.deb Size/MD5: 822532 fded6e9509fb172ea0587cd536b8e24c http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.14.3-0ubuntu1.1_powerpc.deb Size/MD5: 3916390 bd49980f1d5fe6a419961106a2635ad6 http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.14.3-0ubuntu1.1_powerpc.deb Size/MD5: 82814 8552bb3b2508b96a0c3a2be0b7a02f00 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: tetex security update Advisory ID: RHSA-2012:1201-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1201.html Issue date: 2012-08-23 CVE Names: CVE-2010-2642 CVE-2010-3702 CVE-2010-3704 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554 ===================================================================== 1. Summary: Updated tetex packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: teTeX is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent (DVI) file as output. teTeX embeds a copy of t1lib to rasterize bitmaps from PostScript Type 1 fonts. The following issues affect t1lib code: Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics (AFM) files. (CVE-2010-2642, CVE-2011-0433) An invalid pointer dereference flaw was found in t1lib. (CVE-2011-0764) A use-after-free flaw was found in t1lib. (CVE-2011-1553) An off-by-one flaw was found in t1lib. (CVE-2011-1554) An out-of-bounds memory read flaw was found in t1lib. A specially-crafted font file could, when opened, cause teTeX to crash. (CVE-2011-1552) teTeX embeds a copy of Xpdf, an open source Portable Document Format (PDF) file viewer, to allow adding images in PDF format to the generated PDF documents. The following issues affect Xpdf code: An uninitialized pointer use flaw was discovered in Xpdf. If pdflatex was used to process a TeX document referencing a specially-crafted PDF file, it could cause pdflatex to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2010-3702) An array index error was found in the way Xpdf parsed PostScript Type 1 fonts embedded in PDF documents. If pdflatex was used to process a TeX document referencing a specially-crafted PDF file, it could cause pdflatex to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2010-3704) Red Hat would like to thank the Evince development team for reporting CVE-2010-2642. Upstream acknowledges Jon Larimer of IBM X-Force as the original reporter of CVE-2010-2642. All users of tetex are advised to upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 595245 - CVE-2010-3702 xpdf: uninitialized Gfx::parser pointer dereference 638960 - CVE-2010-3704 xpdf: array indexing error in FoFiType1::parse() 666318 - CVE-2010-2642 evince, t1lib: Heap based buffer overflow in DVI file AFM font parser 679732 - CVE-2011-0433 evince, t1lib: Heap-based buffer overflow DVI file AFM font parser 692853 - CVE-2011-1552 t1lib: invalid read crash via crafted Type 1 font 692854 - CVE-2011-1553 t1lib: Use-after-free via crafted Type 1 font 692856 - CVE-2011-1554 t1lib: Off-by-one via crafted Type 1 font 692909 - CVE-2011-0764 t1lib: Invalid pointer dereference via crafted Type 1 font 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/tetex-3.0-33.15.el5_8.1.src.rpm i386: tetex-3.0-33.15.el5_8.1.i386.rpm tetex-afm-3.0-33.15.el5_8.1.i386.rpm tetex-debuginfo-3.0-33.15.el5_8.1.i386.rpm tetex-doc-3.0-33.15.el5_8.1.i386.rpm tetex-dvips-3.0-33.15.el5_8.1.i386.rpm tetex-fonts-3.0-33.15.el5_8.1.i386.rpm tetex-latex-3.0-33.15.el5_8.1.i386.rpm tetex-xdvi-3.0-33.15.el5_8.1.i386.rpm x86_64: tetex-3.0-33.15.el5_8.1.x86_64.rpm tetex-afm-3.0-33.15.el5_8.1.x86_64.rpm tetex-debuginfo-3.0-33.15.el5_8.1.x86_64.rpm tetex-doc-3.0-33.15.el5_8.1.x86_64.rpm tetex-dvips-3.0-33.15.el5_8.1.x86_64.rpm tetex-fonts-3.0-33.15.el5_8.1.x86_64.rpm tetex-latex-3.0-33.15.el5_8.1.x86_64.rpm tetex-xdvi-3.0-33.15.el5_8.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/tetex-3.0-33.15.el5_8.1.src.rpm i386: tetex-3.0-33.15.el5_8.1.i386.rpm tetex-afm-3.0-33.15.el5_8.1.i386.rpm tetex-debuginfo-3.0-33.15.el5_8.1.i386.rpm tetex-doc-3.0-33.15.el5_8.1.i386.rpm tetex-dvips-3.0-33.15.el5_8.1.i386.rpm tetex-fonts-3.0-33.15.el5_8.1.i386.rpm tetex-latex-3.0-33.15.el5_8.1.i386.rpm tetex-xdvi-3.0-33.15.el5_8.1.i386.rpm ia64: tetex-3.0-33.15.el5_8.1.ia64.rpm tetex-afm-3.0-33.15.el5_8.1.ia64.rpm tetex-debuginfo-3.0-33.15.el5_8.1.ia64.rpm tetex-doc-3.0-33.15.el5_8.1.ia64.rpm tetex-dvips-3.0-33.15.el5_8.1.ia64.rpm tetex-fonts-3.0-33.15.el5_8.1.ia64.rpm tetex-latex-3.0-33.15.el5_8.1.ia64.rpm tetex-xdvi-3.0-33.15.el5_8.1.ia64.rpm ppc: tetex-3.0-33.15.el5_8.1.ppc.rpm tetex-afm-3.0-33.15.el5_8.1.ppc.rpm tetex-debuginfo-3.0-33.15.el5_8.1.ppc.rpm tetex-doc-3.0-33.15.el5_8.1.ppc.rpm tetex-dvips-3.0-33.15.el5_8.1.ppc.rpm tetex-fonts-3.0-33.15.el5_8.1.ppc.rpm tetex-latex-3.0-33.15.el5_8.1.ppc.rpm tetex-xdvi-3.0-33.15.el5_8.1.ppc.rpm s390x: tetex-3.0-33.15.el5_8.1.s390x.rpm tetex-afm-3.0-33.15.el5_8.1.s390x.rpm tetex-debuginfo-3.0-33.15.el5_8.1.s390x.rpm tetex-doc-3.0-33.15.el5_8.1.s390x.rpm tetex-dvips-3.0-33.15.el5_8.1.s390x.rpm tetex-fonts-3.0-33.15.el5_8.1.s390x.rpm tetex-latex-3.0-33.15.el5_8.1.s390x.rpm tetex-xdvi-3.0-33.15.el5_8.1.s390x.rpm x86_64: tetex-3.0-33.15.el5_8.1.x86_64.rpm tetex-afm-3.0-33.15.el5_8.1.x86_64.rpm tetex-debuginfo-3.0-33.15.el5_8.1.x86_64.rpm tetex-doc-3.0-33.15.el5_8.1.x86_64.rpm tetex-dvips-3.0-33.15.el5_8.1.x86_64.rpm tetex-fonts-3.0-33.15.el5_8.1.x86_64.rpm tetex-latex-3.0-33.15.el5_8.1.x86_64.rpm tetex-xdvi-3.0-33.15.el5_8.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2010-2642.html https://www.redhat.com/security/data/cve/CVE-2010-3702.html https://www.redhat.com/security/data/cve/CVE-2010-3704.html https://www.redhat.com/security/data/cve/CVE-2011-0433.html https://www.redhat.com/security/data/cve/CVE-2011-0764.html https://www.redhat.com/security/data/cve/CVE-2011-1552.html https://www.redhat.com/security/data/cve/CVE-2011-1553.html https://www.redhat.com/security/data/cve/CVE-2011-1554.html https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQNkf0XlSAg2UNWIIRAiQFAJ9WUAfXKk43rYvg+UYPr0aOZvojRgCeKWRl PAzUWlaBGi1pT+Kr2TaQk1E= =iYiF -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x through 10.6.4 does not properly handle errors, which allows remote attackers to bypass the password requirement for shared-folder access by leveraging knowledge of a valid account name. Remote attackers with knowledge of an account name on a target computer can exploit this issue to access AFP shared folders. The following are affected: Mac OS X 10.6 through 10.6.4 Mac OS X Server 10.6 through 10.6.4

NitroSecurity NitroView Enterprise Security Manager is a real-time tool for secure time and information correlation analysis. The NitroSecurity NitroView Enterprise Security Manager management interface has an input validation error that can be exploited by a local attacker to read any local file on the local file system. Successful exploitation of the vulnerability can be used to obtain ROOT privileges. Other attacks may also be possible. NitroView Enterprise Security Manager (ESM) firmware version 8.4.0 is vulnerable; other versions may also be affected. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: NitroSecurity NitroView ESM Privilege Escalation SECUNIA ADVISORY ID: SA41501 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41501/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41501 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41501/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41501/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41501 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in NitroSecurity NitroView Enterprise Security Manager (ESM), which can be exploited by malicious users to disclose sensitive information and gain escalated privileges. The vulnerability is reported in 8.4.0. SOLUTION: Update to version 8.4.0b. PROVIDED AND/OR DISCOVERED BY: Ben Nell, Foreground Security OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document. Webkit is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. NOTE: This issue was previously covered in BID 43315 (Google Chrome prior to 6.0.472.62 Multiple Security Vulnerabilities), but has been assigned its own record to better document it. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Apple iOS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42314 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42314/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42314 RELEASE DATE: 2010-11-24 DISCUSS ADVISORY: http://secunia.com/advisories/42314/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42314/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42314 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose sensitive information, bypass certain security restrictions, or to compromise a user's system. For more information: SA40257 SA41328 SA42151 SA42312 SOLUTION: Upgrade to iOS 4.2 (downloadable and installable via iTunes). ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4456 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . For more information: SA32349 SA33495 SA35095 SA35379 SA35411 SA35449 SA35758 SA36269 SA36677 SA37273 SA37346 SA37769 SA38061 SA38545 SA38932 SA39029 SA39091 SA39384 SA39661 SA39937 SA40002 SA40072 SA40105 SA40112 SA40148 SA40196 SA40257 SA40664 SA40783 SA41014 SA41085 SA41242 SA41328 SA41390 SA41443 SA41535 SA41841 SA41888 SA41968 SA42151 SA42264 SA42290 SA42312 SA42443 SA42461 SA42658 SA42769 SA42886 SA42956 SA43053 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server

Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC Client before 1.0.25 allows user-assisted remote attackers to execute arbitrary code via a crafted .csv file, related to a status log message. This vulnerability WTclient.dll Due to the library. SCADA is the data acquisition and monitoring control system. BACnet OPC Client is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will likely result in denial-of-service conditions. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SCADA Engine BACnet OPC Client Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41466 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41466/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41466 RELEASE DATE: 2010-09-18 DISCUSS ADVISORY: http://secunia.com/advisories/41466/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41466/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41466 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in SCADA Engine BACnet OPC Client, which can be exploited by malicious people to compromise a user's system. tricking a user into opening a specially crafted *.csv file. The vulnerability is confirmed in version 1.0.24. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Jeremy Brown OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

VHS to DVD is a set of video capture devices for converting video tapes to DVD discs. VHS to DVD comes with video capture and editing software that has a stack overflow when processing .ilj project files. Users who are tricked into loading malicious project files may cause arbitrary code execution. VHS to DVD is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. VHS to DVD versions 3.0.30 Deluxe and prior are vulnerable. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Honest Technology VHS to DVD Project File Processing Buffer Overflow SECUNIA ADVISORY ID: SA41473 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41473/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41473 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41473/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41473/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41473 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Honest Technology VHS to DVD, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of project files and can be exploited to cause a stack-based buffer overflow when a user is tricked into opening a specially crafted ".ilj" file containing an overly long "file" entry. The vulnerability is reported in version 3.0.30 Deluxe. Other versions may also be affected. SOLUTION: Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Brennon Thomas OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Google Chrome before 6.0.472.59 on Mac OS X does not properly implement file dialogs, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. NOTE: this issue exists because of an incorrect fix for CVE-2010-3112 on Mac OS X. The problem is CVE-2010-3112 This is due to an incomplete fix.Denial of service by attacker (DoS) You may be put into a state or affected by other details. Chrome is prone to a denial-of-service vulnerability. Google Chrome is an open source web browser released by Google

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Platespin Orchestrate. Authentication is not required to exploit this vulnerability.The specific flaw exists within how the application utilizes a bundled component for rendering graphs. The application will pass user-supplied arguments to this component without proper sanitization. An attacker can abuse this to specify arbitrary arguments to this tool. Successful exploitation will lead to code execution in the context of the graph component application. PlateSpin Orchestrate is a Novell product that helps data center administrators automate the management of large numbers of virtual machines. The application renders the graphics with the bundled components. Failed attacks may cause denial-of-service conditions. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Novell PlateSpin Orchestrate Graph Rendering Component Vulnerability SECUNIA ADVISORY ID: SA41470 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41470/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41470 RELEASE DATE: 2010-09-20 DISCUSS ADVISORY: http://secunia.com/advisories/41470/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41470/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41470 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Novell PlateSpin Orchestrate, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an input validation error when rendering graphs and can be exploited to pass arbitrary arguments to the graph rendering tool. SOLUTION: Apply the vendor patch. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: 1c239c43f521145fa8385d64a9c32243, reported via ZDI ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-10-178/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Authentication is not required to exploit this vulnerability. -- Vendor Response: Novell has issued an update to correct this vulnerability. More details can be found at: http://download.novell.com/Download?buildid=BkIPy5JtULM~ -- Disclosure Timeline: 2010-02-02 - Vulnerability reported to vendor 2010-09-15 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * 1c239c43f521145fa8385d64a9c32243 -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi

Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware before 1.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: a separate XSS issue for HP System Management Homepage (SMH) was originally assigned CVE-2010-3010 due to a CNA error, but CVE-2010-3012 is the appropriate identifier for the SMH issue. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02512995 Version: 1 HPSBMA02568 SSRT100219 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), HTTP Response Splitting, and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2010-09-15 Last Updated: 2010-09-15 Potential Security Impact: Remote cross site scripting (XSS), HTTP response splitting, and other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) for Linux and Windows. The vulnerabilities could be exploited remotely resulting in cross site scripting (XSS), HTTP response splitting, Denial of Service (DoS), information disclosure, and data modification. References: CVE-2010-3010 XSS CVE-2010-3011 HTTP response splitting CVE-2010-2068 Apache CVE-2009-4143 PHP CVE-2009-4018 PHP CVE-2009-4017 PHP CVE-2009-3555 SSL SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage for Linux (x86) prior to v6.2 HP System Management Homepage for Linux (AMD64/EM64T) prior to v6.2 HP System Management Homepage for Windows prior to v6.2 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2010-3010 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2010-3011 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2010-2068 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2009-4143 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-4018 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-4017 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2009-3555 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided HP System Management Homepage v6.2 or subsequent to resolve the vulnerabilities. HP System Management Homepage v6.2 or subsequent for Linux (x86), Linux (AMD64/EM64T), and Windows can be downloaded from the following link. http://www.hp.com/servers/manage/smh PRODUCT SPECIFIC INFORMATION None HISTORY Version:1 (rev.1) - 15 September 2010 Initial Release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyQ1mwACgkQ4B86/C0qfVnXFQCglbMn0B+FmCZvloAoXci/cEpU ceEAoNPOhpE7qN8Ckcf3HDXsfRydveyw =mQKh -----END PGP SIGNATURE-----

Multiple cross-site scripting (XSS) vulnerabilities in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5.0.2 allow remote attackers to inject arbitrary web script or HTML via (1) the date1 parameter to pvm_messagestore.php, (2) the userfilter parameter to pvm_user_management.php, (3) the ping parameter to sys_tools.php in a sys_ping.php action, (4) the action parameter to pvm_cert_commaction.php, (5) the action parameter to pvm_cert_serveraction.php, (6) the action parameter to pvm_smtpstore.php, (7) the l parameter to sla/index.php, or (8) unspecified stored data; and allow remote authenticated users to inject arbitrary web script or HTML via (9) saved search filters. (1) pvm_messagestore.php To date1 Parameters (2) pvm_user_management.php To userfilter Parameters (3) sys_ping.php action of sys_tools.php To ping Parameters (4) pvm_cert_commaction.php of action Parameters (5) pvm_cert_serveraction.php To action Parameters (6) pvm_smtpstore.php To action Parameters (7) sla/index.php To l Parameters (8) Stored data. The Local Management Interface is a set of enhancements to the basic Frame Relay specification. When exploited by an external/internal attacker, such identified vulnerabilities could lead to Session Hijack, Information Disclosure, force installation of malicious file or Trojan on users' PCs, etc. A persistent XSS vulnerability can be exploited by an external unauthenticated attacker to inject malicious scripting code which is persistently stored. When the system is accessed by authorised users, such malicious code could be used to severely compromise the security of the appliance. A persistent XSS vulnerability identified in saved search filters (Mail Security->Email Browser) allows an internal authenticated attacker to inject malicious scripting code. Multiple reflected XSS vulnerabilities can be exploited by manipulating parameters of pvm_messagestore.php resource. url_placeholder/pvm_messagestore.php?msgid=&sender=&rcpt=&subject=&meta=&mailsize=&folder=allfolders&date1=<script>alert('xss')</script>&date2=&s=mails&favname= Reflected XSS vulnerabilities can be exploited by manipulating parameters of the following resources: * userfilter parameter of pvm_user_management.php resource. url_placeholder/pvm_smtpstore.php?id=frozen&action="><script>alert("XSS")</script> * l parameter of /sla/index.php resource url_placeholder/sla/index.php?l="><script>alert(document.cookie)</script> Affected Versions IBM Proventia Network Mail Security System - virtual appliance (firmware 1.6) IBM Proventia Network Mail Security System - virtual appliance (firmware 2.5) Mitigation Vendor recommends upgrading to PNMSS firmware 2.5.0.2 or later. Alternatively, please contact IBM for technical support. Disclosure Timeline 2009, November 07: Vulnerabilities discovered and documented 2009, November 08: Notification sent to IBM 2009, November 09: IBM acknowledges receiving the report 2010, March: IBM releases PNMSS Firmware 2.5.0.2 correcting the reported issues 2010, September 12: MVSA-10-007 advisory published. Credits Dr. Marian Ventuneac http://ventuneac.net

The Nokia E72 is a smartphone based on the Symbian system. The Nokia E72 keyboard lock verification password has a delay during which the screen will be unlocked, allowing the user to select and use any application. Nokia E72 is prone to an authentication-bypass vulnerability. An attacker with physical access to a locked device can exploit this issue to bypass security restrictions and access arbitrary applications without proper authorization

Multiple cross-site request forgery (CSRF) vulnerabilities in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change settings or (2) conduct denial of service attacks. The Local Management Interface is a set of enhancements to the basic Frame Relay specification. When exploited by an attacker, the identified vulnerabilities could lead to compromising the security of the appliance, including unauthorized alteration of appliance's settings, DoS attacks, etc. Affected Versions IBM Proventia Network Mail Security System - virtual appliance (firmware 1.6) IBM Proventia Network Mail Security System - virtual appliance (firmware 2.5) Mitigation Vendor recommends upgrading to PNMSS firmware 2.5.0.2 or later. Alternatively, please contact IBM for technical support. Disclosure Timeline 2009, November 07: Vulnerabilities discovered and documented 2009, November 08: Notification sent to IBM 2009, November 09: IBM acknowledges receiving the report 2010, March: IBM releases PNMSS Firmware 2.5.0.2 correcting the reported issues 2010, September 12: MVSA-10-006 advisory published. Credits Dr. Marian Ventuneac http://ventuneac.net

Directory traversal vulnerability in sla/index.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the l parameter, related to an "Insecure Direct Object Reference vulnerability.". ( Dot 2 One ) Any file may be read via. The Local Management Interface is a set of enhancements to the basic Frame Relay specification

CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the javaVersion parameter. The Local Management Interface is a set of enhancements to the basic Frame Relay specification

Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages. Google Chrome Used in Webkit Is SVG style Service operation is interrupted due to incomplete processing (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the methodology the application takes to inform a user about an error while parsing a malformed document. When displaying the error message, the application will append the message to the current instance of the DOM tree causing another element to be removed which will lead to the styles being recalculated. When the styles are recalculated the application will access the initially freed element which can lead to code execution under the context of the application. WebKit is prone to multiple memory-corruption vulnerabilities. An attacker may exploit these issues by enticing victims into viewing a malicious webpage. This BID is being retired. The following individual records exists to better document the issues: 46684 WebKit CVE-2011-0111 Unspecified Memory Corruption Vulnerability 46686 WebKit CVE-2011-0117 Unspecified Memory Corruption Vulnerability 46687 WebKit CVE-2011-0118 Unspecified Memory Corruption Vulnerability 46688 WebKit CVE-2011-0119 Unspecified Memory Corruption Vulnerability 46689 WebKit CVE-2011-0141 Unspecified Memory Corruption Vulnerability 46690 WebKit CVE-2011-0136 Unspecified Memory Corruption Vulnerability 46691 WebKit CVE-2011-0114 Unspecified Memory Corruption Vulnerability 46692 WebKit CVE-2011-0128 Unspecified Memory Corruption Vulnerability 46693 WebKit CVE-2011-0129 Unspecified Memory Corruption Vulnerability 46694 WebKit CVE-2011-0120 Unspecified Memory Corruption Vulnerability 46695 WebKit CVE-2011-0143 Unspecified Memory Corruption Vulnerability 46696 WebKit CVE-2011-0121 Unspecified Memory Corruption Vulnerability 46698 WebKit CVE-2011-0123 Unspecified Memory Corruption Vulnerability 46699 WebKit CVE-2011-0144 Unspecified Memory Corruption Vulnerability 46700 WebKit CVE-2011-0130 Unspecified Memory Corruption Vulnerability 46701 WebKit CVE-2011-0125 Unspecified Memory Corruption Vulnerability 46702 WebKit CVE-2011-0147 Unspecified Memory Corruption Vulnerability 46703 WebKit CVE-2011-0164 Unspecified Memory Corruption Vulnerability 46704 WebKit CVE-2011-0131 Unspecified Memory Corruption Vulnerability 46705 WebKit CVE-2011-0127 Unspecified Memory Corruption Vulnerability 46706 WebKit CVE-2011-0142 Unspecified Memory Corruption Vulnerability 46707 WebKit CVE-2011-0137 Unspecified Memory Corruption Vulnerability 46708 WebKit CVE-2011-0148 Unspecified Memory Corruption Vulnerability 46709 WebKit CVE-2011-0135 Unspecified Memory Corruption Vulnerability 46710 WebKit CVE-2011-0145 Unspecified Memory Corruption Vulnerability 46711 WebKit CVE-2011-0134 Unspecified Memory Corruption Vulnerability 46712 WebKit CVE-2011-0139 Unspecified Memory Corruption Vulnerability 46713 WebKit CVE-2011-0138 Unspecified Memory Corruption Vulnerability 46714 WebKit CVE-2011-0140 Unspecified Memory Corruption Vulnerability 46715 WebKit CVE-2011-0146 Unspecified Memory Corruption Vulnerability 46716 WebKit CVE-2011-0165 Unspecified Memory Corruption Vulnerability 46717 WebKit CVE-2011-0150 Unspecified Memory Corruption Vulnerability 46718 WebKit CVE-2011-0152 Unspecified Memory Corruption Vulnerability 46719 WebKit CVE-2011-0151 Unspecified Memory Corruption Vulnerability 46720 WebKit CVE-2011-0153 Unspecified Memory Corruption Vulnerability 46721 WebKit CVE-2011-0155 Unspecified Memory Corruption Vulnerability 46722 WebKit CVE-2011-0168 Unspecified Memory Corruption Vulnerability 46723 WebKit CVE-2011-0122 Unspecified Memory Corruption Vulnerability 46724 WebKit CVE-2011-0156 Unspecified Memory Corruption Vulnerability 46725 WebKit CVE-2011-0124 Unspecified Memory Corruption Vulnerability 46726 WebKit CVE-2011-0112 Unspecified Memory Corruption Vulnerability 46727 WebKit CVE-2011-0126 Unspecified Memory Corruption Vulnerability 46728 WebKit CVE-2011-0113 Unspecified Memory Corruption Vulnerability 46744 WebKit CVE-2011-0149 'HTMLBRElement' Style Memory Corruption Vulnerability 46745 WebKit CVE-2011-0154 Javascript 'sort()' Method Memory Corruption Vulnerability 46746 WebKit Range Object Remote Code Execution Vulnerability 46747 WebKit CVE-2011-0116 'setOuterText()' Method Memory Corruption Remote Code Execution Vulnerability 46748 WebKit 'Runin' Box CVE-2011-0132 Use-After-Free Memory Corruption Vulnerability 46749 WebKit CVE-2011-0133 Glyph Data Memory Corruption Vulnerability. NOTE: This issue was previously discussed in BID 43228 (Google Chrome prior to 6.0.472.59 Multiple Security Vulnerabilities) but has been given its own record to better document it. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. ---------------------------------------------------------------------- Get a tax break on purchases of Secunia Solutions! If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/ ---------------------------------------------------------------------- TITLE: Apple iTunes Multiple Vulnerabilities SECUNIA ADVISORY ID: SA43582 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43582/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43582 RELEASE DATE: 2011-03-03 DISCUSS ADVISORY: http://secunia.com/advisories/43582/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43582/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43582 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Apple iTunes, which can be exploited by malicious people to compromise a user's system. 1) Some errors exists due to the use of a vulnerable libpng library. For more information: SA40302 2) An array indexing error in the CoreGraphics library (ImageIO) when processing the International Color Consortium (ICC) profile within a JPEG image can be exploited to corrupt heap-based memory. 3) An error in the libTIFF library when handling JPEG encoded TIFF images can be exploited to cause a buffer overflow. 4) A boundary error in the libTIFF library when handling CCITT Group 4 encoded TIFF images. For more information: SA43593 5) A double free error in the libxml library when handling XPath expressions. For more information: SA42721 6) An error exists in the libxml library when traversing the XPath. 9) An error in the WebKit component when handling a DOM level 2 range object can be exploited to corrupt memory by manipulating the DOM via an event listener. 10) A use-after-free error in the "setOuterText()" method in the htmlelement library (WebKit) when tracking DOM manipulations can be exploited to dereference freed memory. 11) A use-after-free error in the WebKit component when promoting a run-in element can be exploited to dereference freed memory. 12) An error in the WebKit component when performing layout operations for a floating block of a pseudo-element can be exploited to dereference uninitialised glyph data. 13) An error in the WebKit component when parsing a Root HTMLBRElement element can be exploited to call an unmapped dangling pointer. 14) An error in the Javascript array "sort()" method (WebKit) can be exploited to manipulate elements outside of the array's boundary. SOLUTION: Update to version 10.2. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: 2) Andrzej Dyjak via iDefense VCP 3, 4) Reported by the vendor 8, 11 - 13) wushi of team509 via ZDI 9) J23 via ZDI 10, 14) An anonymous person via ZDI 11) Jose A. Vazquez via ZDI The vendor also credits: 5) Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences 6) Bui Quang Minh, Bkis 8) kuzcc 9) Emil A Eklund, Google Inc 13) SkyLined, Google Chrome Security Team The vendor provides a bundled list of credits for vulnerabilities in #7: Sergey Glazunov Andreas Kling, Nokia Yuzo Fujishima, Google Inc. Abhishek Arya (Inferno), Google, Inc. Mihai Parparita, Google, Inc. Emil A Eklund, Google, Inc. Michal Zalewski, Google, Inc. Chris Evans, Google Chrome Security Team SkyLined, Google Chrome Security Team Chris Rohlf, Matasano Security Aki Helin, OUSPG Dirk Schulze Slawomir Blazek David Bloom Famlam Jan Tosovsky Michael Gundlach ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4554 iDefense VCP: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=897 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-095/ http://www.zerodayinitiative.com/advisories/ZDI-11-096/ http://www.zerodayinitiative.com/advisories/ZDI-11-097/ http://www.zerodayinitiative.com/advisories/ZDI-11-098/ http://www.zerodayinitiative.com/advisories/ZDI-11-099/ http://www.zerodayinitiative.com/advisories/ZDI-11-100/ http://www.zerodayinitiative.com/advisories/ZDI-11-101/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). For more information: SA32349 SA33495 SA35095 SA35379 SA35411 SA35449 SA35758 SA36269 SA36677 SA37273 SA37346 SA37769 SA38061 SA38545 SA38932 SA39029 SA39091 SA39384 SA39661 SA39937 SA40002 SA40072 SA40105 SA40112 SA40148 SA40196 SA40257 SA40664 SA40783 SA41014 SA41085 SA41242 SA41328 SA41390 SA41443 SA41535 SA41841 SA41888 SA41968 SA42151 SA42264 SA42290 SA42312 SA42443 SA42461 SA42658 SA42769 SA42886 SA42956 SA43053 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT4554 -- Disclosure Timeline: 2010-10-18 - Vulnerability reported to vendor 2011-03-02 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by: * wushi of team509 -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ========================================================================== Ubuntu Security Notice USN-1195-1 August 23, 2011 webkit vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: Multiple security vulnerabilities were fixed in WebKit. Software Description: - webkit: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.10: libwebkit-1.0-2 1.2.7-0ubuntu0.10.10.1 Ubuntu 10.04 LTS: libwebkit-1.0-2 1.2.7-0ubuntu0.10.04.1 After a standard system update you need to restart any applications that use WebKit, such as Epiphany and Midori, to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1195-1 CVE-2010-1824, CVE-2010-2646, CVE-2010-2651, CVE-2010-2900, CVE-2010-2901, CVE-2010-3120, CVE-2010-3254, CVE-2010-3812, CVE-2010-3813, CVE-2010-4040, CVE-2010-4042, CVE-2010-4197, CVE-2010-4198, CVE-2010-4199, CVE-2010-4204, CVE-2010-4206, CVE-2010-4492, CVE-2010-4493, CVE-2010-4577, CVE-2010-4578, CVE-2011-0482, CVE-2011-0778 Package Information: https://launchpad.net/ubuntu/+source/webkit/1.2.7-0ubuntu0.10.10.1 https://launchpad.net/ubuntu/+source/webkit/1.2.7-0ubuntu0.10.04.1

Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka rdar problem 8442098. Google Chrome Used in Webkit There is a service disruption (DoS) There are vulnerabilities that can be in a state or are otherwise unaffected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks are also possible. Versions prior to Chrome 6.0.472.59 are vulnerable. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. The vulnerability has been demonstrated in Cascading Style Sheet (CSS) files that reference invalid SVG fonts. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6 Safari 5.1 and Safari 5.0.6 are now available and address the following: CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: In certain situations, Safari may treat a file as HTML, even if it is served with the 'text/plain' content type. This may lead to a cross-site scripting attack on sites that allow untrusted users to post text files. This issue is addressed through improved handling of 'text/plain' content. CVE-ID CVE-2010-1420 : Hidetake Jo working with Microsoft Vulnerability Research (MSVR), Neal Poole of Matasano Security CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Authenticating to a maliciously crafted website may lead to arbitrary code execution Description: The NTLM authentication protocol is susceptible to a replay attack referred to as credential reflection. Authenticating to a maliciously crafted website may lead to arbitrary code execution. To mitigate this issue, Safari has been updated to utilize protection mechanisms recently added to Windows. This issue does not affect Mac OS X systems. CVE-ID CVE-2010-1383 : Takehiro Takahashi of IBM X-Force Research CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: A root certificate that is disabled may still be trusted Description: CFNetwork did not properly validate that a certificate was trusted for use by a SSL server. As a result, if the user had marked a system root certificate as not trusted, Safari would still accept certificates signed by that root. This issue is addressed through improved certificate validation. This issue does not affect Mac OS X systems. CVE-ID CVE-2011-0214 : An anonymous reporter ColorSync Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0200 : binaryproof working with TippingPoint's Zero Day Initiative CoreFoundation Available for: Windows 7, Vista, XP SP2 or later Impact: Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution Description: An off-by-one buffer overflow issue existed in the handling of CFStrings. Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. CVE-ID CVE-2011-0201 : Harry Sintonen CoreGraphics Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow issue existed in the handling of Type 1 fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert of the Google Security Team International Components for Unicode Available for: Windows 7, Vista, XP SP2 or later Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A buffer overflow issue existed in ICU's handling of uppercase strings. Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. CVE-ID CVE-2011-0206 : David Bienvenu of Mozilla ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0204 : Dominic Chell of NGS Secure ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A reentrancy issue existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. This issue does not affect Mac OS X systems. CVE-ID CVE-2011-0215 : Juan Pablo Lopez Yacubian working with iDefense VCP ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0204 : Dominic Chell of NGS Secure libxslt Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap Description: libxslt's implementation of the generate-id() XPath function disclosed the address of a heap buffer. Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap. This issue is addressed by generating an ID based on the difference between the addresses of two heap buffers. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0195 : Chris Evans of the Google Chrome Security Team libxml Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A one-byte heap buffer overflow existed in libxml's handling of XML data. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-0216 : Billy Rios of the Google Security Team Safari Available for: Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: If the "AutoFill web forms" feature is enabled, visiting a maliciously crafted website and typing may lead to the disclosure of information from the user's Address Book Description: Safari's "AutoFill web forms" feature filled in non- visible form fields, and the information was accessible by scripts on the site before the user submitted the form. This issue is addressed by displaying all fields that will be filled, and requiring the user's consent before AutoFill information is available to the form. CVE-ID CVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah Grossman] Safari Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: With a certain Java configuration, visiting a malicious website may lead to unexpected text being displayed on other sites Description: A cross origin issue existed in the handling of Java Applets. This applies when Java is enabled in Safari, and Java is configured to run within the browser process. Fonts loaded by a Java applet could affect the display of text content from other sites. This issue is addressed by running Java applets in a separate process. CVE-ID CVE-2011-0219 : Joshua Smith of Kaon Interactive WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2010-1823 : David Weston of Microsoft and Microsoft Vulnerability Research (MSVR), wushi of team509, and Yong Li of Research In Motion Ltd CVE-2011-0164 : Apple CVE-2011-0218 : SkyLined of Google Chrome Security Team CVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS Research Team, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0223 : Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative CVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0234 : Rob King working with TippingPoint's Zero Day Initiative, wushi of team509 working with TippingPoint's Zero Day Initiative, wushi of team509 working with iDefense VCP CVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0237 : wushi of team509 working with iDefense VCP CVE-2011-0238 : Adam Barth of Google Chrome Security Team CVE-2011-0240 : wushi of team509 working with iDefense VCP CVE-2011-0253 : Richard Keen CVE-2011-0254 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0255 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc CVE-2011-0983 : Martin Barbella CVE-2011-1109 : Sergey Glazunov CVE-2011-1114 : Martin Barbella CVE-2011-1115 : Martin Barbella CVE-2011-1117 : wushi of team509 CVE-2011-1121 : miaubiz CVE-2011-1188 : Martin Barbella CVE-2011-1203 : Sergey Glazunov CVE-2011-1204 : Sergey Glazunov CVE-2011-1288 : Andreas Kling of Nokia CVE-2011-1293 : Sergey Glazunov CVE-2011-1296 : Sergey Glazunov CVE-2011-1449 : Marek Majkowski, wushi of team 509 working with iDefense VCP CVE-2011-1451 : Sergey Glazunov CVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-1457 : John Knottenbelt of Google CVE-2011-1462 : wushi of team509 CVE-2011-1797 : wushi of team509 WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A configuration issue existed in WebKit's use of libxslt. Visiting a maliciously crafted website may lead to arbitrary files being created with the privileges of the user, which may lead to arbitrary code execution. This issue is addressed through improved libxslt security settings. CVE-ID CVE-2011-1774 : Nicolas Gregoire of Agarri WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an information disclosure Description: A cross-origin issue existed in the handling of Web Workers. Visiting a maliciously crafted website may lead to an information disclosure. CVE-ID CVE-2011-1190 : Daniel Divricean of divricean.ro WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of URLs with an embedded username. Visiting a maliciously crafted website may lead to a cross-site scripting attack. This issue is addressed through improved handling of URLs with an embedded username. CVE-ID CVE-2011-0242 : Jobert Abma of Online24 WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of DOM nodes. Visiting a maliciously crafted website may lead to a cross- site scripting attack. CVE-ID CVE-2011-1295 : Sergey Glazunov WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: A maliciously crafted website may be able to cause a different URL to be shown in the address bar Description: A URL spoofing issue existed in the handling of the DOM history object. A maliciously crafted website may have been able to cause a different URL to be shown in the address bar. CVE-ID CVE-2011-1107 : Jordi Chancel WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to an information disclosure Description: A canonicalization issue existed in the handling of URLs. Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to arbitrary files being sent from the user's system to a remote server. This update addresses the issue through improved handling of URLs. CVE-ID CVE-2011-0244 : Jason Hullinger WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Applications that use WebKit, such as mail clients, may connect to an arbitrary DNS server upon processing HTML content Description: DNS prefetching was enabled by default in WebKit. Applications that use WebKit, such a s mail clients, may connect to an arbitrary DNS server upon processing HTML content. This update addresses the issue by requiring applications to opt in to DNS prefetching. CVE-ID CVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd. Note: Safari 5.1 is included with OS X Lion. Safari 5.1 and Safari 5.0.6 address the same set of security issues. Safari 5.1 is provided for Mac OS X v10.6, and Windows systems. Safari 5.0.6 is provided for Mac OS X v10.5 systems. Safari 5.1 is available via the Apple Software Update application, or Apple's Safari download site at: http://www.apple.com/safari/download/ Safari 5.0.6 is available via the Apple Software Update application, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ Safari for Mac OS X v10.6.8 and later The download file is named: Safari5.1SnowLeopard.dmg Its SHA-1 digest is: 2c3cef8e06c5aa586379b1a5fd5cf7b54e8acc24 Safari for Mac OS X v10.5.8 The download file is named: Safari5.0.6Leopard.dmg Its SHA-1 digest is: ea970375d2116a7b74094a2a7669bebc306b6e6f Safari for Windows 7, Vista or XP The download file is named: SafariSetup.exe Its SHA-1 digest is: d00b791c694b1ecfc22d6a1ec9aa21cc14fd8e36 Safari for Windows 7, Vista or XP from the Microsoft Choice Screen The download file is named: Safari_Setup.exe Its SHA-1 digest is: ccb3bb6b06468a430171d9f62708a1a6d917f45b Safari+QuickTime for Windows 7, Vista or XP The file is named: SafariQuickTimeSetup.exe Its SHA-1 digest is: 1273e0ee742a294d65e4f25a9b3e36f79fb517c9 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJOJI45AAoJEGnF2JsdZQeezHQIALKZms5tzYgYxUSdxmo+DmYw up9gAmEVcltZvCeVS1lUxfjqnRiGRSWyuou8Ynt9PfGQCz9GfLvzlrCHc5rsnKaD MeYY1IH7lQc6aqmV0hwb4nUL5qJntP6G5Ai0E/0UiRQNC/ummS+qnmdsiFo78ODY nKaB5cAWhqGHgOAPnUG0JwmxpYgR2HEtGYJSqlYykMwt1vnlAr5hHVNaUJcJ3Hlb vesN6fB7zQMiJVo8+iJBixCvIYlbII5HnVAmD1ToyKgENg4Iguo46YBMVr8DPgF/ KD2s0+VF/O4utYVX0GiRGReVyq1PMvz/HI23ym8U3LjbezXD/AALQET0Q2hUEYQ= =fOfF -----END PGP SIGNATURE----- . Description: Multiple memory corruption issues existed in WebKit. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for Multiple Packages SECUNIA ADVISORY ID: SA43068 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43068/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43068 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43068/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43068/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43068 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for multiple packages, which fixes multiple vulnerabilities. For more information: SA32349 SA33495 SA35095 SA35379 SA35411 SA35449 SA35758 SA36269 SA36677 SA37273 SA37346 SA37769 SA38061 SA38545 SA38932 SA39029 SA39091 SA39384 SA39661 SA39937 SA40002 SA40072 SA40105 SA40112 SA40148 SA40196 SA40257 SA40664 SA40783 SA41014 SA41085 SA41242 SA41328 SA41390 SA41443 SA41535 SA41841 SA41888 SA41968 SA42151 SA42264 SA42290 SA42312 SA42443 SA42461 SA42658 SA42769 SA42886 SA42956 SA43053 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SR:2011:002: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability.". Microsoft IIS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to force the affected application to become unresponsive, denying service to legitimate users. This issue affects IIS 5.1, 6.0, 7.0, and 7.5. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft IIS Repeated Parameter Request Denial of Service SECUNIA ADVISORY ID: SA41399 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41399/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41399 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41399/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41399/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41399 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Internet Information Services, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a stack overflow error in the script processing code when handling repeated parameter requests. This can be exploited to crash the service via specially crafted requests to hosted ASP scripts, which write parameters from the request in the response. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Jinsik Shim. ORIGINAL ADVISORY: MS10-065 (KB2124261, KB2267960): http://www.microsoft.com/technet/security/bulletin/ms10-065.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-257A Microsoft Updates for Multiple Vulnerabilities Original release date: September 14, 2010 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Office Overview There are multiple vulnerabilities in Microsoft Windows and Microsoft Office. Microsoft has released updates to address these vulnerabilities. I. Description The Microsoft Security Bulletin Summary for September 2010 describes multiple vulnerabilities in Microsoft Windows and Microsoft Office. Microsoft has released updates to address the vulnerabilities. II. Impact A remote, unauthenticated attacker could execute arbitrary code or cause a vulnerable system or application to crash. III. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for September 2010. That bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * Microsoft Security Bulletin Summary for September 2010 - <http://www.microsoft.com/technet/security/bulletin/ms10-sep.mspx> * Microsoft Windows Server Update Services - <http://technet.microsoft.com/en-us/wsus/default.aspx> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA10-257A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA10-257A Feedback VU#447990" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History September 14, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTI/u6T6pPKYJORa3AQKfgQgAsBDEHMH+Dq73qHFwsGnUIBWi7DkAV64s 0tz109GDGQRXL/MkXwWfaFfDc+h4ZUgjfVv93GBjK0NI78mYOWxSS7Pd3WhD6TaH YFcDcF4IW06Er4wEjgR+y5fTvF17k3Cix0GdsVzet/I2XMd4uCnIrHyLzLgZhf5s sWtv+kLaqCKUl8zsmcpmTcKUt+V2U3VWGeICIwuZXjB8FNHWuzYN1r/togFt0tcA 16gtGSCmdJy6Er+FyXxTJvWX4uJywBTDtIZZY/xyhGp2dBWUdOfY1k+7C5Dp/tCY Rq9tOY6caxHUYmitTtABaop83jTJFnS53lQJo4UizDNQoNbRSUIVFA== =dDpT -----END PGP SIGNATURE-----

Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability.". Microsoft IIS is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects IIS 7.5 on Windows 7 and Windows Server 2008 R2. ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft IIS FastCGI Request Header Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41375 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41375/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41375 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41375/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41375/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41375 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Internet Information Services, which can be exploited by malicious people to compromise a vulnerable system. Successful exploitation requires that FastCGI is enabled (disabled by default). SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Travis Raybold, Rubicon West. ORIGINAL ADVISORY: MS10-065 (KB2267960, KB2271195): http://www.microsoft.com/technet/security/bulletin/ms10-065.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-257A Microsoft Updates for Multiple Vulnerabilities Original release date: September 14, 2010 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Office Overview There are multiple vulnerabilities in Microsoft Windows and Microsoft Office. Microsoft has released updates to address these vulnerabilities. I. Description The Microsoft Security Bulletin Summary for September 2010 describes multiple vulnerabilities in Microsoft Windows and Microsoft Office. Microsoft has released updates to address the vulnerabilities. II. III. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for September 2010. That bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * Microsoft Security Bulletin Summary for September 2010 - <http://www.microsoft.com/technet/security/bulletin/ms10-sep.mspx> * Microsoft Windows Server Update Services - <http://technet.microsoft.com/en-us/wsus/default.aspx> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA10-257A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA10-257A Feedback VU#447990" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History September 14, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTI/u6T6pPKYJORa3AQKfgQgAsBDEHMH+Dq73qHFwsGnUIBWi7DkAV64s 0tz109GDGQRXL/MkXwWfaFfDc+h4ZUgjfVv93GBjK0NI78mYOWxSS7Pd3WhD6TaH YFcDcF4IW06Er4wEjgR+y5fTvF17k3Cix0GdsVzet/I2XMd4uCnIrHyLzLgZhf5s sWtv+kLaqCKUl8zsmcpmTcKUt+V2U3VWGeICIwuZXjB8FNHWuzYN1r/togFt0tcA 16gtGSCmdJy6Er+FyXxTJvWX4uJywBTDtIZZY/xyhGp2dBWUdOfY1k+7C5Dp/tCY Rq9tOY6caxHUYmitTtABaop83jTJFnS53lQJo4UizDNQoNbRSUIVFA== =dDpT -----END PGP SIGNATURE-----