Vulnerability News

Execution of arbitrary code in PHP

Date of publication: 02/03/2012
Modification date: 02/06/2012
Danger: High
Availability of fix: Yes
Number of vulnerabilities: 1
CVSSv2 Rating: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:P/RL:O/RC:C) = Base:10/Temporal:7.8
CVE ID: CVE-2012-0830
The vector operation: Remote
Impact: Compromise of system
CWE ID: No Data
Be exploited: PoC code
Affected products: PHP 5.3.x

Affected versions: PHP 5.3.9

Description:
The vulnerability allows a remote user to execute arbitrary code on the target system.

Manufacturer URL: www.php.net

Solution: Install the latest version 5.3.10 from the manufacturer.

References:
http://www.php.net/archive/2012.php # id2012-02-02-1
https://gist.github.com/1725489

Source: www.securitylab.ru


Multiple vulnerabilities in FreeBSD

Date of publication: 12/26/2011
Modification date: 28/12/2011
Danger: High
Availability of fix: Yes
Number of vulnerabilities: 5
CVSSv2 Rating:  (AV:N/AC:M/Au:N/C:C/I:C/A:C/E:H/RL:O/RC:C) = Base:9.3/Temporal:8.1
 (AV:N/AC:M/Au:N/C:N/I:N/A:C/E:H/RL:O/RC:C) = Base:7.1/Temporal:6.2
 (AV:N/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:O/RC:C) = Base:9/Temporal:6.7
 (AV:N/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:O/RC:C) = Base:9/Temporal:6.7
 (AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:O/RC:C) = Base:7.5/Temporal:5.5
CVE ID:     CVE-2011-4862
 CVE-2011-4313
 CVE-2011-4122

The vector operation: Remote
Impact: Denial of service
  Elevation of Privilege
  Security Bypass
  Compromise of system
CWE ID: No Data
Be exploited: No Data
Affected products: FreeBSD 7.2
FreeBSD 7.4
FreeBSD 8.1
FreeBSD 8.2
FreeBSD 9.0

Program:
FreeBSD 7.3
FreeBSD 7.4
FreeBSD 8.1
FreeBSD 8.2
FreeBSD 9.0

Which can be exploited by malicious people to bypass certain security restrictions, cause a denial of service, escalated privileges or compromise a vulnerable system.

Manufacturer URL: http://www.freebsd.org/

Solution: To install the patch eliminate the vulnerability from the manufacturer.

References:
FreeBSD-SA-11:10.pam: pam_start() does not validate service names
FreeBSD-SA-11:09.pam_ssh: pam_ssh improperly grants access when user account has unencrypted SSH private keys
FreeBSD-SA-11:08.telnetd: telnetd code execution vulnerability
FreeBSD-SA-11:07.chroot: Code execution via chrooted ftpd
FreeBSD-SA-11:06.bind: Remote packet Denial of Service against named(8) servers

Source: www.securitylab.ru


Execution of arbitrary code in Adobe Reader / Acrobat

Date of publication: 07/12/2011
Modification date: 01/11/2012
Danger: Critical
Availability of fix: Yes
Number of vulnerabilities: 2
CVSSv2 rating:         (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:H/RL:O/RC:C) = Base:10/Temporal:8.7
(AV:N/AC:L/Au:N/C:C/I:C/A:C/E:H/RL:O/RC:C) = Base:10/Temporal:8.7
CVE ID:     CVE-2011-2462
CVE-2011-4369
CVE-2011-2445
CVE-2011-2450
CVE-2011-2451
CVE-2011-2452
CVE-2011-2453
CVE-2011-2454
CVE-2011-2455
CVE-2011-2456
CVE-2011-2457
CVE-2011-2458
CVE-2011-2459
CVE-2011-2490
The vector operation: Remote
Impact: Compromise of
CWE ID: No Data
Be exploited by active exploitation of vulnerabilities
Affected Products: Adobe Acrobat 9.x
Adobe Acrobat X 10.x
Adobe Reader 9.x
Adobe Reader X 10.x

Vulnerable versions:
Adobe Reader X 10.1.1 and earlier versions for Windows and Macintosh
Adobe Reader 9.4.6 and earlier versions for Windows, Macintosh and UNIX
Adobe Acrobat X 10.1.1 and earlier versions for Windows and Macintosh
Adobe Acrobat 9.4.6 and earlier versions for Windows and Macintosh

Description:
1. An unspecified error when handling U3D data. This can be exploited to corrupt memory and execute arbitrary code on the target system.

Note: The vulnerability is actively exploited right now.

2. An error in a component of RPC. This can be exploited to corrupt memory and execute arbitrary code on the target system.

Note: The vulnerability is actively exploited right now.

3. The application uses a vulnerable version of Adobe Flash Player.

A detailed description of the vulnerabilities in Adobe Flash Player can be found here:

http://www.securitylab.ru/vulnerability/409995.php

Manufacturer URL: http://www.adobe.com/products/reader.html

Solution: To fix a vulnerability in Windows install version 9.4.7 from the manufacturer. Fix Adobe Reader / Acrobat X and Adobe Reader for Unix 9.x will be available January 10, 2012.

References:
APSA11-04:Security Advisory for Adobe Reader and Acrobat
APSB11-30: Security updates available for Adobe Reader and Acrobat 9.x for Windows
APSB12-01: Security updates available for Adobe Reader and Acrobat

Source: www.securitylab.ru



 Contacts:
 Phone: (994 12) 5104253
 E-mail: info at cert dot az
2010 ©  Institute of Information Technology of ANAS
All rights reserved.
Any use of information in the website should be accompanied by an acknowledgement of cert.az as the source.