Bala Krishna, Sergey Yakovlev Security Vulnerabilities

PT-2013-34: Cross-Site Scripting in Siemens Simatic WinCC TIA Portal

PT-2013-34: Cross-Site Scripting in Siemens Simatic WinCC TIA Portal Vulnerable software Siemens Simatic WinCC TIA Portal Version: 11.x Application link: http://www.siemens.com/ Severity level Severity level: Medium Impact: Cross-Site Scripting Access Vector: Remote CVSS v2: Base Score:...

PT-2013-32: Directory Traversal in Siemens Simatic WinCC TIA Portal

PT-2013-32: Directory Traversal in Siemens Simatic WinCC TIA Portal Vulnerable software Siemens Simatic WinCC TIA Portal Version: 11.x Application link: http://www.siemens.com/ Severity level Severity level: Medium Impact: Directory Traversal Access Vector: Remote CVSS v2: Base Score: 4.0 ...

PT-2012-43: Arbitrary Files Reading in Siemens Simatic WinCC WebNavigator

PT-2012-43: Arbitrary Files Reading in Siemens Simatic WinCC WebNavigator Vulnerable software Siemens Simatic WinCC WebNavigator Version: 7.0 SP3 and earlier Application link: http://www.siemens.com/ Severity level Severity level: Medium Impact: Arbitrary Files Reading Access Vector: Remote ...

PT-2012-42: Multiple Cross Site Scripting and Cross Site Request Forgery vulnerabilities in Siemens Simatic WinCC WebNavigator

PT-2012-42: Multiple Cross Site Scripting and Cross Site Request Forgery vulnerabilities in Siemens Simatic WinCC WebNavigator Vulnerable software Siemens Simatic WinCC WebNavigator Version: 7.0 SP3 and earlier Application link: http://www.siemens.com/ Vulnerabilities description The specialists...

PT-2012-05: Multiple Vulnerabilities in Quercus

PT-2012-05: Multiple Vulnerabilities in Quercus Vulnerable software Quercus on Resin Version 4.0.28 and earlier Application link: http://www.caucho.com/ Software description Quercus on Resin is a Quercus implementation of PHP included in the Resin web server. 1. HTTP Parameter Contamination...

Caucho's Quercus on Resin contains multiple vulnerabilities

Overview Caucho's Quercus on Resin contains multiple vulnerabilities which could allow an attacker to execute arbitrary code with the privileges of the application. Description It has been reported that Caucho's Quercus on Resin contains multiple vulnerabilities which could allow an attacker to...

Microsoft: Fake Skype For Android App Linked To SMS Scams

Microsoft researchers are warning about a new Trojan horse program for Android mobile devices that sends out premium SMS messages once installed. The Trojan is just the latest example of malware that is installed by unwitting users who frequent phony mobile application marketplaces designed to...

Security fix for the ALT Linux 9 package clamav version 0.97.5-alt1

June 25, 2012 Sergey Y. Afonin 0.97.5-alt1 - 0.97.5 (CVE-2012-1457, CVE-2012-1458, CVE-2012-1459) - added check of database to "restart" and "reload" functions of init...

Security fix for the ALT Linux 10 package clamav version 0.97.5-alt1

June 25, 2012 Sergey Y. Afonin 0.97.5-alt1 - 0.97.5 (CVE-2012-1457, CVE-2012-1458, CVE-2012-1459) - added check of database to "restart" and "reload" functions of init...

Security fix for the ALT Linux 8 package clamav version 0.97.5-alt1

June 25, 2012 Sergey Y. Afonin 0.97.5-alt1 - 0.97.5 (CVE-2012-1457, CVE-2012-1458, CVE-2012-1459) - added check of database to "restart" and "reload" functions of init...

PT-2012-11: Multiple Cross-Site Scripting in WinCC (SCADA)

PT-2012-11: Multiple Cross-Site Scripting in WinCC (SCADA) Vulnerable software WinCC Version: 7.0 SP3 before Update 2 and earlier Application link: http://www.siemens.com/ Severity level Severity level: Medium Impact: Cross-Site Scripting Access Vector: Network exploitable CVSS v2: Base...

PT-2012-08: XPath Injection in WinCC (SCADA)

PT-2012-08: XPath Injection in WinCC (SCADA) Vulnerable software WinCC Version: 7.0 SP3 before Update 2 and earlier Application link: http://www.siemens.com/ Severity level Severity level: Medium Impact: XPath Injection Access Vector: Network exploitable CVSS v2: Base Score: 5.5 Vector:...

PT-2012-12: Multiple Cross-Site Scripting in WinCC (SCADA)

PT-2012-12: Multiple Cross-Site Scripting in WinCC (SCADA) Vulnerable software WinCC Version: 7.0 SP3 before Update 2 and earlier Application link: http://www.siemens.com/ Severity level Severity level: Medium Impact: Cross-Site Scripting Access Vector: Network exploitable CVSS v2: Base...

PT-2012-10: Buffer overflow in the DiagAgent web server in WinCC (SCADA)

PT-2012-10: Buffer overflow in the DiagAgent web server in WinCC (SCADA) Vulnerable software WinCC Version: 7.0 SP3 before Update 2 and earlier Application link: http://www.siemens.com/ Severity level Severity level: Medium Impact: Buffer overflow Access Vector: Network exploitable CVSS...

PT-2012-09: Multiple File Path Traversal in WinCC (SCADA)

PT-2012-09: Multiple File Path Traversal in WinCC (SCADA) Vulnerable software WinCC Version: 7.0 SP3 before Update 2 and earlier Application link: http://www.siemens.com/ Severity level Severity level: Medium Impact: Multiple File Path Traversal (Arbitrary File Reading) Access Vector: Network...

PT-2012-22: Format String Vulnerability in SQLite

PT-2012-22: Format String Vulnerability in SQLite Vulnerable software SQLite Version: 3.7.13 and earlier Operation system: OS/2 (eComStation) Application link: http://sqlite.org/ Severity level Severity level: Medium Impact: Denial of Service Access Vector: Local CVSS v2: Base Score: 5.5 ...

Debian Security Advisory DSA 2466-1 (rails)

The remote host is missing an update to rails announced via advisory DSA...

PT-2013-51: Open Redirect Vulnerability in Siemens Simatic WinCC TIA Portal

PT-2013-51: Open Redirect Vulnerability in Siemens Simatic WinCC TIA Portal Vulnerable software Siemens Simatic WinCC TIA Portal Version: 12.0 and earlier Application link: http://www.siemens.com/ Severity level Severity level: Medium Impact: Redirect users to arbitrary web sites Access...

[SECURITY] [DSA 2466-1] rails security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Debian Security Advisory DSA-2466-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 09, 2012 http://www.debian.org/security/faq Package : rails...

Debian DSA-2466-1 : rails - XSS

Sergey Nartimov discovered that in Rails, a Ruby based framework for web development, when developers generate html options tags manually, user input concatenated with manually built tags may not be escaped and an attacker can inject arbitrary HTML into the...

[SECURITY] [DSA 2466-1] rails security update

Debian Security Advisory DSA-2466-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 09, 2012 http://www.debian.org/security/faq Package : rails Vulnerability : cross site scripting Problem type ...

rails - cross site scripting

Sergey Nartimov discovered that in Rails, a Ruby based framework for web development, when developers generate html options tags manually, user input concatenated with manually built tags may not be escaped and an attacker can inject arbitrary HTML into the document. For the stable distribution...

APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update iOS 5.1.1 Software Update is now available and addresses the following: Safari Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A maliciously...

Apple Fixes Serious Flaws in iOS 5.1.1

Apple has patched several serious security bugs in iOS with the release of version 5.1.1 of the mobile operating system. The most serious of the security vulnerabilities could be used for remote code execution. The highest severity vulnerability that’s fixed in iOS 5.1.1 is a WebKit flaw that can.....

FreeBSD : chromium -- multiple vulnerabilities (057130e6-7f61-11e1-8a43-00262d5ed8ee)

Google Chrome Releases reports : [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping. Credit to miaubiz. [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to Sergey Glazunov. [117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to miaubiz....

Google Patches 12 Flaws in Chrome

Google has 12 vulnerabilities in Chrome, including seven high-risk flaws. The new release of Chrome also includes an updated version of the Adobe Flash player. This is the second update for Chrome in the last few days from Google. The company updates its browser on a rolling basis, pushing out a...

Stable and Beta Channel Updates

The Chrome Stable and Beta channels have been updated to 18.0.1025.151 on Windows, Mac, Linux and Chrome Frame. This release fixes issues including: black screen on Hybrid Graphics system with GPU accelerated compositing enabled (Issue: 117371) CSS not applied to <content> element (Issue:...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping. Credit to miaubiz. [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to Sergey Glazunov. [117698] High CVE-2011-3068: Use-after-free in run-in handling. ...

Google Releases Chrome 18, Fixes Nine Security Flaws

Google has released version 18 of its Chrome browser and has fixed a number of serious security vulnerabilities in the process. The latest version of Chrome also includes an updated release of the Flash player that now includes the background updated that enables users to set the software to...

FreeBSD : chromium -- multiple vulnerabilities (b8f0a391-7910-11e1-8a43-00262d5ed8ee)

Google Chrome Releases reports : [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in EUC-JP. Credit to Masato Kinugawa. [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling. Credit to Arthur Gerkis. [114056] Medium CVE-2011-3060: Out-of-bounds read in text...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in EUC-JP. Credit to Masato Kinugawa. [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling. Credit to Arthur Gerkis. [114056] Medium CVE-2011-3060: Out-of-bounds...

Stable Channel Release and Beta Channel Update

The Chrome team is excited to announce the release of Chrome 18 to the Stable Channel for Windows, Mac, Linux and Chrome Frame. 18.0.1025.142 contains a number of new features including faster and fancier graphics. More detailed updates are available on the Chrome Blog and the Chromium Blog. ...

PT-2011-48: Multiple Vulnerabilities in AtMail

PT-2011-48: Multiple Vulnerabilities in AtMail Vulnerable software Webmail Interface AtMail Version: 1.04 and earlier Application link: http://atmail.org/ Severity level Severity level: High Impact: Multiple vulnerabilities Access Vector: Network exploitable CVSS v2: Base Score: 9.0 ...

FreeBSD : chromium -- multiple vulnerabilities (330106da-7406-11e1-a1d7-00262d5ed8ee)

Google Chrome Releases reports : [113902] High CVE-2011-3050: Use-after-free with first-letter handling. Credit to miaubiz. [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit to Glenn Randers-Pehrson of the libpng project. [116461] High CVE-2011-3051: Use-after-free in CSS...

Six High-Risk Flaws Fixed in Google Chrome

Google has fixed nine new vulnerabilities in its Chrome browser, including six high-risk flaws. The most serious of the bugs include three separate use-after-free vulnerabilities in various parts of the browser. As part of its researcher reward program, Google paid out $5,500 in bounties for...

@Mail Open webmail client contains multiple vulnerabilities

Overview The @Mail Open 1.04 webmail client contains multiple vulnerabilities including; unrestricted upload of file with dangerous type (CWE-434), relative path traversal (CWE-23), external control of file name or path (CWE-73), and information exposure (CWE-200). Description The @Mail Open 1.04.....

chromium -- multiple vulnerabilities

Google Chrome Releases reports: [113902] High CVE-2011-3050: Use-after-free with first-letter handling. Credit to miaubiz. [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit to Glenn Randers-Pehrson of the libpng project. [116461] High CVE-2011-3051:...

Stable Channel Update

**The Chrome Stable channel has been updated to 17.0.963.83 on Windows, Mac, Linux and Chrome Frame. This release fixes issues with Flash games, along with the security fixes listed below. Security fixes and rewards: Please see the Chromium security page for more detail. Note that the...

Google Fixes Second Set of Chrome Bugs Used in Pwnium Contest

Google has pushed out a patch for the second full sandbox escape exploit used in the Pwnium contest at CanSecWest. The Chrome vulnerabilities that the exploit targeted were discovered by an anonymous researcher who used the name PinkiePie and claimed a $60,000 reward from Google. The attack that...

Finally Google Chrome gets hacked at Pwn2Own

Finally Google Chrome gets hacked at Pwn2Own Vupen Security and Sergey Glazunov independently managed to penetrate Google Chrome's security defenses at the Pwn2Own and 'Pwnium' contests respectively. The annual competition, which invites ethical hackers from around the world to attempt...

FreeBSD : chromium -- XSS vulnerability (1015e1fe-69ce-11e1-8288-00262d5ed8ee)

Google Chrome Releases reports : [117226] [117230] Critical CVE-2011-3046: UXSS and bad history navigation. Credit to Sergey...

APPLE-SA-2012-03-07-1 iTunes 10.6

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-03-07-1 iTunes 10.6 iTunes 10.6 is now available and addresses the following: WebKit Available for: Windows 7, Vista, XP SP2 or later Impact: A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an...

APPLE-SA-2012-03-07-2 iOS 5.1 Software Update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-03-07-2 iOS 5.1 Software Update iOS 5.1 Software Update is now available and addresses the following: CFNetwork Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a...

Google Patches Chrome Bugs Used in Pwnium Contest

VANCOUVER–Google has already patched the bugs used by researcher Sergey Glazunov to compromise Chrome on Wednesday as part of the company’s Pwnium contest at the CanSecWest conference here. The vulnerability that Glazunov was ablt to exploit is a universal XSS and bad history navigation bug in the....

Chrome Stable Channel Update

**The Chrome Stable channel has been updated to 17.0.963.78 on Windows, Mac, Linux and Chrome Frame. This release fixes issues with Flash games and videos, along with the security fix listed below. Security fixes and rewards: Congratulations again to community member Sergey Glazunov for the...

chromium -- cross-site scripting vulnerability

Google Chrome Releases reports: [117226] [117230] Critical CVE-2011-3046: UXSS and bad history navigation. Credit to Sergey...

Google Chrome Goes Down in Early Stage of Pwn2Own

VANCOUVER–A group of researchers from VUPEN, a French security firm, was able to compromise Google Chrome in the initial stages of the Pwn2Own contest. But because of the new rules this year, that doesn’t guarantee them a win in the contest. Rather, it just gives them a nice head start. The...

Google Hands out $60k Reward for Full Chrome Compromise in Pwnium Contest

VANCOUVER–Well, that didn’t take long. Before the first session of the CanSecWest conference here even started on Wednesday, a researcher had already succeeded in scoring a full compromise of Google Chrome, using two distinct bugs, and earning himself a $60,000 reward as part of the company’s...

FreeBSD : piwik -- xss and click-jacking issues (da317bc9-59a6-11e1-bc16-0023ae8e59f0)

The Piwik Team reports : We would like to thank the following security researchers for their responsible disclosure of XSS and click-jacking issues : Piotr Duszynski, Sergey Markov, Mauro...

piwik -- xss and click-jacking issues

The Piwik Team reports: We would like to thank the following security researchers for their responsible disclosure of XSS and click-jacking issues: Piotr Duszynski, Sergey Markov, Mauro...