Introduction and recent updates
This is a non-commercial site providing information related to network security issues.
- More than 2350 entries at Networksecurity.fi Weblog - link to the English language section of the blog.
- Are you looking for the latest Excel 0-day or Word vulnerability (#2 CVE-2006-6456 and #3 CVE-2006-6561) information? Please check my blog.
Updated Microsoft Word 0-day Vulnerability FAQ (CVE-2006-5994) and several Office 0-day FAQ documents available
- More than 150 writings published at SecuriTeam Blogs, summaries written here
- Site was launched in August, 2004
This site was last updated on 20th August, 2007.
Recent Security Research
The following vulnerabilities have been researched by Juha-Matti Laurio, Finland.
Additionally, the author was written hundreds of news and articles about IT security, privacy and vulnerabilities.
Networksecurity.typepad.com Blog was opened in October, 2005.
2007-08-xx [ Waiting for release ]
2007-08-xx [ Waiting for release ]
Year 2006:
2006-11-23 Netscape Browser Passcard Manager credentials disclosure vulnerability
2006-11-16 Inktomi Search scripts system information disclosure vulnerability
2004-10-22 IBM Lotus Notes DUNZIP32.dll buffer overflow vulnerability [Release date 6-Sep-06]
2006-08-18 Netscape/K-Meleon/Flock XML handler memory corruption vulnerability
2006-07-30 Netscape/K-Meleon/Flock JavaScript Navigator object vulnerability
2006-06-23 Multiple browsers Network Security Services library memory leak vulnerability
2006-05-22 Netscape exception handling installation path disclosure vulnerability
2006-05-18 Netscape AddFavorite function DoS vulnerability
2006-05-07 Netscape and K-Meleon "View Image" local resources vulnerability
2006-04-14 Netscape Browser and Netscape 7 CSS border-rendering memory corruption vulnerability
2006-03-30 McAfee VirusScan DUNZIP32.dll buffer overflow vulnerability
2006-03-14 Netscape Flash Player code execution vulnerabilities
2006-02-01 Netscape '-moz-binding' property cross domain scripting vulnerability
2006-01-06 Windows NT4.0 Server and Workstation SP6a affected to WMF vulnerability
Year 2005:
2005-12-30 Lotus Notes WMF file handling code execution vulnerability
2005-12-21 dtSearch document search system DUNZIP32.dll buffer overflow vulnerability
2005-12-07 Netscape and K-Meleon overly long History.dat document.title field DoS vulnerability
2005-12-02 Total Commander WCX_FTP.INI Weak FTP account information encryption vulnerability
2005-11-24 Solvo.WMS (Warehouse Management System) GTK+ XPM image rendering overflow vulnerabilities
2005-11-24 Gnome Crystal GTK+ XPM image rendering overflow vulnerabilities
2005-11-22 Netscape JavaScript window() DoS vulnerability (original Microsoft Advisory #911302 issue)
2005-11-16 PitMon coal mining process visualization tool GTK+ XPM image rendering overflow vulnerabilities
2005-11-16 PHOEBE astronomical software GTK+ XPM image rendering overflow vulnerabilities
2005-11-15 TouchTunes Maestro/Rhapsody digital jukeboxes GdkPixbuf/GTK+ XPM image rendering overflow vulnerabilities
2005-11-15 Ardour digital audio workstation GdkPixbuf/GTK+ XPM image rendering overflow vulnerabilities
2005-11-07 Netscape Flash Player code execution vulnerability
2005-11-06 Netscape cookie hostname handling information disclosure vulnerability
2005-10-28 CheckMark MultiLedger accounting system DUNZIP32.dll buffer overflow vulnerability
2005-10-17 Netscape and K-Meleon HTML "sourcetext" element Denial of Service vulnerability
2005-10-10 CheckMark Payroll DUNZIP32.dll buffer overflow vulnerability
2005-09-24 Netscape and K-Meleon JavaScript engine integer overflow vulnerability
2005-09-24 Netscape zero-width non-joiner characters stack corruption vulnerability
2005-09-21 Netscape proxy Auto Config Script "eval" statement Denial of Service vulnerability
2005-09-14 Netscape weak authentication mechanism vulnerability
2005-09-09 Netscape "Host:" parameter (IDN) buffer overflow vulnerability
2005-08-12 MindAlign multiple vulnerabilities
2005-07-22 Multiple browsers XPCOM library race condition vulnerability
2005-07-13 Netscape Browser, Netscape 7 and K-Meleon 'Set As Background' code execution, XHTML DOM node name processing, XBL scripts JavaScript state bypass, content-generated untrusted events and JavaScript InstallVersion.compareTo function vulnerabilities
2005-07-12 Microsoft Outlook Express multiple crafted e-mail Subject handling and newsgroup message information disclosure vulnerabilities
2005-07-01 Multiple browsers empty JavaScript function Denial of Service vulnerability
2005-06-21 Multiple browsers dialog box origin spoofing vulnerability
2005-06-07 FortiGate Antivirus Firewall and FortiLog weak default root password vulnerability
2005-06-06 Mozilla, Mozilla Firefox and K-Meleon frame injection vulnerability
2005-06-06 Sawmill security bypass and cross-site scripting vulnerabilities
2005-06-03 Clavister Firewall multiple Denial of Service and password string filtering vulnerabilities
2005-06-01 Microsoft Internet Security and Acceleration (ISA) Server 2000 Firewall vulnerability
2005-05-28 Microsoft Windows XP Windows Management Instrumentation (WMI) Denial of Service vulnerability
2005-05-21 Gibraltar Firewall internal memory scan bypass vulnerability
2005-05-20 MailScanner scan result reporting vulnerability
2005-05-18 avast! antivirus 4.0 scan evasion vulnerability
2005-05-09 Netscape 7 and K-Meleon HTTP authentication prompt spoofing vulnerability
2005-04-28 Netscape 7 DOM nodes validation vulnerability
2005-04-23 Netscape 6/7, Mozilla, Firefox and K-Meleon GIF image processing library remote heap overflow vulnerability
2005-04-16 Netscape 7, Mozilla and Firefox XPInstall JavaScript object instance validation and search plug-in remote script code execution vulnerabilities
2005-04-04 Netscape 7, Mozilla, Firefox and K-Meleon JavaScript Lambda replace heap memory disclosure vulnerability
2005-03-28 Microsoft Outlook 2002 Connector for IBM Lotus Domino policy bypass vulnerability
2005-03-24 Verity Ultraseek search request Cross-Site Scripting vulnerability
2005-03-23 Microsoft Windows XP TSShutdn.exe remote Denial of Service vulnerability
2005-03-11 Xerox Document Centre ESS/Network Controller Web server remote authentication bypass vulnerability
2005-02-09 Netscape 7 Firetabbing/Firedragging/Fireflashing vulnerabilities
2005-01-04 Mozilla and Mozilla Firefox download dialog source spoofing vulnerability
Year 2004:
2004-12-08 Multiple browsers window injection vulnerability
2004-10-20 Multiple browsers tabbed browsing error vulnerability
2004-10-19 Multiple antivirus zip archive virus detection bypass vulnerability
2004-10-02 Important security update for Mozilla Firefox 1.0 Preview Release
2004-09-14 Security issues fixed in Mozilla 1.7.3 and Mozilla Firefox 1.0PR affecting to Netscape 7.2
2004-08-27 Netscape, Mozilla and Mozilla Firefox Apple Java plugin tab spoofing vulnerability
2004-08-25 Microsoft Outlook Express 6 "BCC:" recipient disclosure weakness
2004-07-08 Windows shell: vulnerability in multiple browsers
| Go to the top |
Netscape Browser Passcard Manager credentials disclosure vulnerability (2006-11-23) : CVE-2006-6077
- Netscapen Passcard Manager -toiminnon tunnistautumistiedot paljastava haavoittuvuus
In the news:
www.securityfocus.com/bid/21240
www.secunia.com/advisories/23108/
www.osvdb.org/displayvuln.php?osvdb_id=30641
www.secwatch.org/advisories/1016287/
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077
www.securityfocus.com/archive/1/archive/1/452463/100/0/threaded
mikropc.net/uutiset/index.jsp?categoryId=atk&day=20061130
www.sillydog.org/forum/sdt_12454.php
News related to Mozilla Firefox:
www.info-svc.com/news/11-21-2006/
www.secunia.com/advisories/23046/
www.frsirt.com/english/advisories/2006/4662
www.securitytracker.com/alerts/2006/Nov/1017271.html
xforce.iss.net/xforce/xfdb/30470
www.auscert.org.au/render.html?it=7007
www.secwatch.org/advisories/1016232/
bugzilla.mozilla.org/show_bug.cgi?id=360493
isc.sans.org/diary.php?storyid=1879
www.infoworld.com/article/06/11/22/HNfirefoxpasswordstealing_1.html
www.tietoviikko.fi/doc.do?f_id=1070943
www.sillydog.org/forum/sdt_12423.php
CVSS Severity: 2.3 (Low)
Solution:
- Use "Never save login information for this site" option.
| Go to the top |
Inktomi Search scripts system information disclosure vulnerabilities (2006-11-16) : CVE-2006-5970
- Inktomi search engine vulnerable to Verity Ultraseek scripts vulnerabilities
Inktomi-hakukoneen järjestelmätietojen paljastumiseen johtavat haavoittuvuudet
In the news:
www.securitytracker.com/alerts/2006/Nov/1017242.html
News related to Autonomy (Verity) Ultraseek:
www.zerodayinitiative.com/advisories/ZDI-06-042.html
www.secunia.com/advisories/22892/
www.securityfocus.com/bid/21120
www.securitytracker.com/alerts/2006/Nov/1017235.html
xforce.iss.net/xforce/xfdb/30314
www.osvdb.org/displayvuln.php?osvdb_id=30287
www.auscert.org.au/render.html?it=6987
www.kb.cert.org/vuls/id/559616
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5970
CVSS Severity: 2.3 (Low)
Solution:
- Update to version Ultraseek 5.7 released by the same vendor.
| Go to the top |
IBM Lotus Notes DUNZIP32.dll buffer overflow vulnerability (2004-10-22) : CVE-2004-1094
- Lotus Notesin pakattujen tiedostojen käsittelyn ylivuotohaavoittuvuus
Release Date: 6th September, 2006
Researcher's advisory:
www.networksecurity.fi/advisories/lotus-notes.html
IBM Technote document #1229932:
www-1.ibm.com/support/docview.wss?rs=899&uid=swg21229932
In the news: (Published security advisories and updated media coverage)
Internet Storm Center Diary entry: DUNZIP32.dll Buffer Overflow
www.kb.cert.org/vuls/id/582498
www.securityfocus.com/bid/11555
www.secunia.com/advisories/18328/
www.frsirt.com/english/advisories/2006/0081
www.securiteam.com/windowsntfocus/5QP0320JPU.html
www.securitytracker.com/alerts/2006/Sep/1016817.html
xforce.iss.net/xforce/xfdb/17879
www.auscert.org.au/render.html?it=6715
www.security.nnov.ru/news4087.html
wws.cert-ist.com/fast-cgi/AV/Details.cgi?lang=fra&action=1&format=3&ref=CERT-IST/AV-2006.363 (for Cert-IST members only)
www-06.ibm.com/jp/domino04/lotus/support/faqs/faqs.nsf/all/729910
www.addict3d.org/index.php?page=viewarticle&type=security&ID=7443
www.heise-security.co.uk/news/77900
www.heise.de/security/news/meldung/77891
www.packetstormsecurity.org/0609-advisories/lotusDUNZIP32dll.txt
www.idx.at:18080/news/indec/printer_html?identnr=10295
www.opennet.ru/base/ms/1157647167_6492.txt.html
IBM varoittaa vanhoista Notes-aukoista (Finnish language article)
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1094
CVSS Severity: 10 (High)
This issue was not released at IBM Release Note document on January 2006:
Fix List for Lotus Notes and Lotus Domino Release 6.5.5 Maintenance Release (MR)
Solution:
- Update to version 6.5.5 or 7.0.
- Users of unsupported R5 versions: See researcher's advisory for workaround.
| Go to the top |
Netscape/K-Meleon/Flock XML handler memory corruption vulnerability (2006-08-18) : CVE-2006-4253, CVE-2006-4261
Netscapen, K-Meleonin ja Flockin XML-käsittelyn muistinkorruptoitumishaavoittuvuus
In the news:
www.securityfocus.com/bid/19534
www.securiteam.com/securitynews/5VP0M0AJFW.html
www.security.nnov.ru/Gnews519.html
www.addict3d.org/index.php?page=viewarticle&type=security&ID=7303
securitydot.net/vuln/exploits/vulnerabilities/articles/18474/vuln.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4253
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4261
CVSS Severity: 7.0 (High)
News related to Mozilla Firefox:
www.secunia.com/advisories/21513/
www.secwatch.org/advisories/1015131/
Solution:
- Disable JavaScript support:
K-Meleon 1.x: Edit/Preferences/General -> Enhancements
Flock 0.7.x: Tools/Options.../Content
Netscape 8.x: Tools/Options.../Site Control
| Go to the top |
Netscape/K-Meleon/Flock JavaScript Navigator object vulnerability (2006-07-30) : CVE-2006-3677
Netscapen, K-Meleonin ja Flockin JavaScript Navigator -haavoittuvuus
In the news:
www.securityfocus.com/bid/19192
www.security.nnov.ru/Gnews414.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3677
CVSS Severity: 7.0 (High)
News related to Mozilla Firefox:
www.mozilla.org/security/announce/2006/mfsa2006-45.html
www.secunia.com/advisories/19873
www.securityfocus.com/bid/19181
xforce.iss.net/xforce/xfdb/27981
Solution:
- Upgrade to Flock version 0.7.4.1: http://www.flock.com/
| Go to the top |
Multiple browsers Network Security Services (NSS) library memory leak vulnerability (2006-06-23) : CVE-2006-3127
- Affected products: Mozilla Firefox, Mozilla Suite, Netscape Browser, K-Meleon, Mozilla Thunderbird, AOL Instant Messenger
Useita selaimia ja AIM:ä koskeva Network Security Services -kirjaston DoS-haavoittuvuus
In the news:
www.securityfocus.com/bid/18604
www.securiteam.com/securitynews/5ZP0M1PIUI.html
www.addict3d.org/index.php?page=viewarticle&type=security&ID=6707
www.addict3d.org/index.php?page=viewarticle&type=security&ID=6727
www.security.nnov.ru/Gnews290.html
bugzilla.mozilla.org/show_bug.cgi?id=336335
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3127
CVSS Severity: 3.3 (Low)
| Go to the top |
Netscape exception handling installation path disclosure vulnerability (2006-05-22) : CVE-2006-2613
- Netscapen JavaScript-poikkeusten käsittelyn asennuspolun paljastava haavoittuvuus
In the news:
www.addict3d.org/index.php?page=viewarticle&type=security&ID=6450
www.security.nnov.ru/Gnews171.html
www.secunia.com/advisories/20255/
www.securityfocus.com/bid/18083
www.secwatch.org/advisories/1014149/
bugzilla.mozilla.org/show_bug.cgi?id=267645
www.sillydog.org/forum/sdt_11428.php
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2613
CVSS Severity: 1.9 (Low)
Solution:
- Disable JavaScript from Options menu.
| Go to the top |
Netscape AddFavorite function DoS vulnerability (2006-05-18) : CVE-2006-xxxx
- Netscapen AddFavorite-funktion DoS-haavoittuvuus
In the news:
www.securiteam.com/securitynews/5ZP0M0AIKU.html
www.addict3d.org/index.php?page=viewarticle&type=security&ID=6418
www.addict3d.org/index.php?page=viewarticle&type=security&ID=6423
networksecurity.typepad.com/networksecurity/2006/05/netscapen_addfa.html
CVSS Severity: N/A
News related to Mozilla Firefox:
www.milw0rm.com/exploits/1802
www.secwatch.org/exploits/2006/05/Firefox_AddFavorite()_dos.html.info
Solution:
- Do not visit untrusted Web pages.
Version 8.1.x is expected to be released soon.
| Go to the top |
Netscape Browser, Netscape 7 and K-Meleon "View Image" local resources vulnerability (2006-05-07) : CVE-2006-1942
- Netscapen ja K-Meleonin View Image -toiminnon paikallisiin resursseihin pääsyn mahdollistava haavoittuvuus
Researcher's advisory:
www.networksecurity.fi/advisories/netscape-view-image.html
In the news:
www.addict3d.org/index.php?page=viewarticle&type=security&ID=6314
www.osvdb.org/displayvuln.php?osvdb_id=24713
bugzilla.mozilla.org/show_bug.cgi?id=334341
Related Networksecurity.fi Weblog entry in Finnish
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1942
www.secunia.com/advisories/19988
www.secwatch.org/advisories/1013978/
CVSS Severity: 5.6 (Medium)
News related to Mozilla Firefox:
www.secunia.com/advisories/19698/
www.secwatch.org/advisories/1013726
Solution:
- Do not use View Image function to untrusted image files.
Version 8.1.x is expected to be released soon.
| Go to the top |
Netscape Browser and Netscape 7 CSS border-rendering memory corruption vulnerability (2006-04-14) : CVE-2006-1739
- Netscapen CSS-käsittelyn muistinkorruptoitumishaavoittuvuus (@ nsCSSRendering::DrawTableBorderSegment)
In the news:
www.securityfocus.com/bid/17516
www.zone-h.org/advisories/read/id=8916
www.security.nnov.ru/Gnews11.html
www.cert.hr/advs.php?lang=hr&page=3&id=6652
Related Networksecurity.fi Weblog entry in Finnish
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1739
CVSS Severity: 7.0 (High)
News related to Mozilla Firefox:
www.secunia.com/advisories/19631/
www.frsirt.com/english/advisories/2006/1356
www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34052
www.secwatch.org/advisories/1013695
www.ciac.org/ciac/bulletins/q-176.shtml
www.cert.hr/advs.php?lang=hr&id=6607
wws.cert-ist.com/fast-cgi/AV/Details.cgi?lang=fra&action=1&format=3&ref=CERT-IST/AV-2006.146 (for Cert-IST members only)
www.kb.cert.org/vuls/id/935556
news.zdnet.com/2100-1009_22-6061155.html
www.eweek.com/article2/0,1895,1949471,00.asp
www.informationweek.com/news/showArticle.jhtml?articleID=185302870
www.vnunet.com/vnunet/news/2154129/firefox-browser-releases-bug
searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1180286,00.html
www.slashdot.org/article.pl?sid=06/04/14/1349212
www.sillydog.org/forum/sdt_11233.php
www.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2006-23.htm
Solution:
- Wait for release of Netscape version 8.1.x (expected to be released soon).
| Go to the top |
McAfee VirusScan DUNZIP32.dll buffer overflow vulnerability (2006-03-30) : CVE-2004-1094
- McAfee VirusScan -ohjelmiston DUNZIP32.dll-kirjaston ylivuotohaavoittuvuus
Researcher's advisory:
www.networksecurity.fi/advisories/mcafee-virusscan.html
In the news:
www.secunia.com/advisories/19451/
www.frsirt.com/english/advisories/2006/1176
www.securityfocus.com/bid/11555
xforce.iss.net/xforce/xfdb/17879
www.securiteam.com/windowsntfocus/5XP010KIAA.html
www.osvdb.org/displayvuln.php?osvdb_id=19906
www.security.nnov.ru/news4087.html
www.security.nnov.ru/Mdocument32.html
www.kpn-cert.nl/index.php?page=advisory.view&advisory_id=1517&PHPSESSID=37cc9...abb5
www.cert.dk/perl/publicsystem/PublicSystem.cgi?context=dedzm8jUJs4CWbgYqN5D7FJh....6/OldRk=
www.secwatch.org/advisories/1013551
www.frsirt.com/bulletins/4531
www.zone-h.org/advisories/read/id=8879
www.addict3d.org/index.php?page=viewarticle&type=security&ID=5975
www.securityreason.com/securityalert/653
www.scip.ch/cgi-bin/smss/showadv.pl?id=2121
www.it-observer.com/news/5974/mcafee_virusscan_buffer_overflow_vulnerability/
esgweb.uvic.ca/index.php?option=com_joomlaboard&func=view&catid=20&id=750
www.wowhacker.com/BoArD/view.php?id=security&page=1&....headnum&desc=asc&no=1050
tong.nate.com/toyoumiss/15827641
www.checksum.org/cso/message/24228.html
www.rosiello.org/modules/AMS/article.php?storyid=137
solutions.journaldunet.com/failles/failles.shtml
www.cpsav.de/index.php?sc=infakt&pv=1143814108
www.interest.de/secbase/client/show.php?xid=6414
www.tecchannel.de/sicherheit/aktuell/435968/index.html
boards.aol.de/aol_de/index_aol.de/art_threaded.mbl?boardId=439724&artNum=1557&sort=r_date
www.alground.com/bug/bug.php?page=60
contact.weka.fr/ressources/itsecurite/revue_38.htm
www.lupa.cz/clanky/chyby-v-produktech-microsoftu-a-mcafee-virusscan/
www.thaiadmin.org/board/index.php?topic=21588.0
infosec.sran.org/modules.php?op=modload&name=News&file=index&catid=&topic=3&allstories=1
Related Networksecurity.fi Weblog entry
Related Networksecurity.fi Weblog entry in Finnish
Related discussion thread at Mcafeehelp.com forum:
forums.mcafeehelp.com/viewtopic.php?t=77241
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1094
US-CERT Cyber Security Bulletin's #SB06-096 warning
CVSS Severity: 10 (High)
[SA19451] was reported as 5th in Top Ten Most Read Secunia Advisories during week 14/2006
Solution:
- Apply an updated product version or update product via SecurityCenter.
| Go to the top |
Netscape Flash Player code execution vulnerabilities (2006-03-14) : CVE-2006-0024
- Netscapen Flash Playerin koodinsuorittamisen mahdollistavat haavoittuvuudet
In the news:
www.securityfocus.com/bid/17106
www.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2006-15.htm
www.sillydog.org/forum/viewtopic.php?t=11058
CVSS Severity: 5.6 (Medium)
News related to Flash Player as a separate product:
www.secunia.com/advisories/19218/
www.frsirt.com/english/advisories/2006/0952
www.securitytracker.com/alerts/2006/Mar/1015770.html
www.osvdb.org/displayvuln.php?osvdb_id=23908
xforce.iss.net/xforce/xfdb/25005
www.ciac.org/ciac/bulletins/q-147.shtml
www.secwatch.org/advisories/1013378/
www.auscert.org.au/render.html?it=6120
www.auscert.org.au/render.html?it=6127
www.sitic.se/rad_och_rekommendationer/SR06-039.html
www.hkcert.org/salert/english/s060315_flash_code_exe.html
www.secunia.com/advisories/19328/
www.frsirt.com/english/advisories/2006/1032
www.frsirt.com/english/advisories/2006/1023
www.gentoo.org/security/en/glsa/glsa-200603-20.xml
lists.suse.com/archive/suse-security-announce/2006-Mar/0004.html
www.macromedia.com/devnet/security/security_zone/apsb06-03.html
www.microsoft.com/technet/security/advisory/916208.mspx
www.kb.cert.org/vuls/id/945060
www.us-cert.gov/cas/techalerts/TA06-075A.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0024
www.eweek.com/article2/0,1895,1938443,00.asp
www.heise.de/security/news/meldung/70857
www.mikropc.net/uutiset/index.jsp?categoryId=atk&day=20060315
www.digitoday.fi/showPage.php?page_id=14&news_id=54390
Solution:
- Update to fixed version 8.0.24.0 with browser's Plugin Finder Service manually.
- Update: Update to new Gentoo package net-www/netscape-flash version 7.0.63:
http://www.gentoo.org/security/en/glsa/glsa-200603-20.xml
- Update #2: Update to new SuSE package:
http://lists.suse.com/archive/suse-security-announce/2006-Mar/0004.html
- Visit Macromedia Flash Player Download Center:
http://www.macromedia.com/go/getflashplayer/
| Go to the top |
Netscape '-moz-binding' Property cross domain scripting vulnerability (2006-02-01) : CVE-2006-0496
Netscapen evästeiden paljastumisen mahdollistava '-moz-binding'-haavoittuvuus
In the news:
www.securitytracker.com/alerts/2006/Feb/1015563.html
www.securiteam.com/securitynews/5LP051FHPE.html
www.osvdb.org/displayvuln.php?osvdb_id=22924
www.cert.dk/perl/publicsystem/PublicSystem.cgi?context=jMv8B4iqbrS1jUa....mzmGt04w=
www.heise.de/security/news/meldung/69159
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0496
CVSS Severity: 2.3 (Low)
News related to Mozilla Firefox:
www.frsirt.com/english/advisories/2006/0403
www.securityfocus.com/bid/16427
xforce.iss.net/xforce/xfdb/24427
Solution:
- Wait for release of Netscape 8.1.x.
| Go to the top |
Windows NT4.0 Server and Workstation SP6a confirmed affected to WMF vulnerability (2006-01-06) : CVE-2005-4560
In the news:
www.securityfocus.com/bid/16074
CVSS Severity: 7.0 (High)
Solution:
- Apply MS06-001 patch: http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx
| Go to the top |
Lotus Notes WMF file handling code execution vulnerability (2005-12-30) : CVE-2005-4560
- workarounds offered to vendor and security community
Lotus Notesin WMF-kuvankäsittelyn koodinsuorittamisen mahdollistava haavoittuvuus
In the news:
Lotus Technote #1227004: Is Lotus Notes affected by the Windows Meta File vulnerability reported in Microsoft Security Advisory # 912840?:
www-1.ibm.com/support/docview.wss?rs=475&uid=swg21227004
SANS - Internet Storm Center Diary: Lotus Notes Vulnerable to WMF 0-Day Exploit:
isc.sans.org/diary.php?storyid=981
www.security.nnov.ru/Fnews578.html
www.security.nnov.ru/Kdocument842.html
www.securityfocus.com/bid/16074
www.osvdb.org/displayvuln.php?osvdb_id=21987
www.kb.cert.org/vuls/id/181038
securityresponse.symantec.com/avcenter/security/Content/16074.html
www.sitic.se/rad_och_rekommendationer/SR05-158.html
www.secwatch.org/advisories/1012644/
www.gcn.com/vol1_no1/daily-updates/37850-1.html
blogs.zdnet.com/Spyware/?p=735
www.averyjparker.com/2005/12/30/lotus-notes-wmf-vulnerability/
www.sahw.com/wp/archivos/2006/01/07/la-historia-de-lotus-notes-y-domino/
www.addict3d.org/index.php?page=viewarticle&type=security&ID=5753
Lotus Notes haavoittuva WMF-aukolle
www.digitoday.fi/showPage.php?page_id=14&news_id=51701
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4560
US-CERT Cyber Security Bulletin's #SB06-005 High Risk warning
@Risk: The Consensus Security Alert - Volume 1, January 5, 2006: 'Widely Deployed Software' Critical warning
gtoc.iss.net/issEn/delivery/gtoc/index.jsp (4th Jan)
CVSS Severity: 8 (High)
Solution:
- Update: Apply a MS06-001 patch: http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx
- 1. Filter all common picture file extensions at the network perimeter.
The following file extensions are recommended:
BMP, DIB, EMF, GIF, ICO, JFIF, JPE, JPEG, JPG, PNG, RLE, TIF, TIFF and WMF, because Microsoft Windows handles picture files by information of the file header information, not by file extension used.
- 2. Do not Open... or View... picture files from untrusted sources.
| Go to the top |
dtSearch document search system DUNZIP32.dll buffer overflow vulnerability (2005-12-21) : CVE-2004-1094
- dtSearch-dokumenttienhaku- ja indeksointijärjestelmän DUNZIP32.dll-kirjaston ylivuotohaavoittuvuus
Researcher's advisory:
www.networksecurity.fi/advisories/dtsearch.html
In the news:
www.secunia.com/advisories/18194/
www.securiteam.com/windowsntfocus/6W00S1PEUO.html
www.securityfocus.com/bid/11555
www.osvdb.org/displayvuln.php?osvdb_id=19906
www.security.nnov.ru/news4087.html
www.security.nnov.ru/Kdocument773.html
www.addict3d.org/index.php?page=viewarticle&type=security&ID=5683
www.secwatch.org/advisories/1012647/
www.zone-h.com/advisories/read/id=8542
www.securityreason.com/securityalert/296
www.criticalwatch.com/resources/advisory/advisory.htm?AID=12833
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1094
CVSS Severity: 10 (High)
Solution:
- Update to fixed version 7.20 Build 7136: http://www.dtsearch.com/download.html#upgrades
| Go to the top |
Netscape and K-Meleon overly long History.dat document.title field DoS vulnerability (2005-12-07) : CVE-2005-4134
- Netscapen ja K-Meleonin History.dat-tiedoston puskuriylivuotohaavoittuvuus
Researcher's advisory:
www.networksecurity.fi/advisories/netscape-history.html
In the news:
K-Meleon 0.9.12 Release Notes:
kmeleon.sourceforge.net/wiki/index.php?id=ReleaseNotes0912#new
www.osvdb.org/displayvuln.php?osvdb_id=21533
www.secunia.com/advisories/17946/
www.securityfocus.com/bid/15773
www.cert.hr/advs.php?lang=hr&id=6053
wws.cert-ist.com/fast-cgi/AV/Details.cgi?lang=eng&action=1&format=3&ref=CERT-IST/AV-2006.042 (for Cert-IST members only)
www.secwatch.org/advisories/1012401/
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4134
www.addict3d.org/index.php?page=viewarticle&type=security&ID=5946
www.addict3d.org/index.php?page=viewarticle&type=security&ID=5509
www.matriks.info/2006/01/27/netscape_browser_8_1_fixes_large_history_file_dos_vulnerability/
www.sillydog.org/forum/viewtopic.php?t=10371
www.sillydog.org/forum/viewtopic.php?t=10725
US-CERT Cyber Security Bulletin's #SB05-348 Low Risk warning
CVSS Severity: 5 (Medium)
News related to Mozilla Firefox:
www.frsirt.com/english/advisories/2005/2805
www.secunia.com/advisories/17934/
www.securiteam.com/securitynews/6A0012AEUM.html
www.securitytracker.com/alerts/2005/Dec/1015328.html
www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33689
www.secwatch.org/advisories/1012389/
www.cert.dk/perl/publicsystem/PublicSystem.cgi?context=8qpGDssZl/i1KoS6efvvNl....VSeLvzTMuc=
www.mozilla.org/security/announce/mfsa2006-03.html
bugzilla.mozilla.org/show_bug.cgi?id=319004
www.packetstormsecurity.org/0512-exploits/firefox-1.5-buffer-overflow.txt
www.eweek.com/article2/0,1895,1898253,00.asp
news.zdnet.com/2102-1009_22-5987401.html
www.mozillazine.org/talkback.html?article=7768
www.newsfactor.com/story.xhtml?story_id=03100000QML1
[SA15601] was reported as 7th and [SA17946] as 9th in Top Ten Most Read Secunia Advisories during week 50/2005
Solution:
- Update: Add the following line to prefs.js file in profile folder:
user_pref("capability.policy.default.HTMLDocument.title.set","noAccess");
- Update #2: Update to version K-Meleon 0.9.12:
http://prdownloads.sourceforge.net/kmeleon/K-Meleon0.9.12-installer.exe?download
- Update #3: Update to version Netscape Browser 8.1:
http://browser.netscape.com/ns8/download/default.jsp
- Disable JavaScript support from Options or Preferences.
- Do not visit untrusted Web sites.
| Go to the top |
Total Commander WCX_FTP.INI Weak FTP account information encryption vulnerability (2005-12-02) : CAN-2005-4066
- Total Commander -ohjelmiston FTP-käyttäjätietojen heikon salauksen haavoittuvuus
Researcher's advisory:
www.networksecurity.fi/advisories/total-commander.html
In the news:
www.frsirt.com/english/advisories/2005/2780
www.securitytracker.com/alerts/2005/Dec/1015311.html
xforce.iss.net/xforce/xfdb/23497
www.osvdb.org/displayvuln.php?osvdb_id=21543
www.addict3d.org/index.php?page=viewarticle&type=security&ID=5478
www.frsirt.com/bulletins/3037
www.sides.de/blog/?cat=22
www.lupa.cz/clanky/bezpecnost-v-uplynulem-tydnu/ (13.12.2005 6:25)
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4066
CVSS Severity: 2.3 (Low)
Solution:
- 1. Do not save FTP connections.
- 2. Uninstall the application and confirm the deleting of WCX_FTP.INI file. Install Total Commander application again and stop using the FTP account saving feature (workaround method #1).
Combining of these methods prevents Gudeb.32 to spread, but doesn't remove the vulnerability itself.
| Go to the top |
Solvo.WMS (Warehouse Management System) GTK+ XPM image rendering overflow vulnerabilities (2005-11-24) : CAN-2005-3186
- Solvo.WMS-varastonhallintajärjestelmän (Solvo.ru) GTK+ -kirjaston XPM-kuvankäsittelyhaavoittuvuudet
Combined security advisory:
www.networksecurity.fi/advisories/gtk-multiple-products.html
News related to GTK+ library:
www.secunia.com/advisories/17522/
etc. See PHOEBE issue #47
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186
Solution:
- Update to fixed GTK version 2.8.7.
| Go to the top |
Gnome Crystal GTK+ XPM image rendering overflow vulnerabilities (2005-11-24) : CAN-2005-3186
- Gnome Crystal -ohjelmiston (Jean Bréfort) GTK+ -kirjaston XPM-kuvankäsittelyhaavoittuvuudet
Combined security advisory:
www.networksecurity.fi/advisories/gtk-multiple-products.html
News related to GTK+ library:
www.secunia.com/advisories/17522/
etc. See PHOEBE issue #47
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186
Solution:
- Update to fixed GTK version 2.8.7.
Netscape JavaScript window() DoS vulnerability - original Microsoft Advisory #911302 issue (2005-11-22) : CAN-2005-3896
- Internet Explorerin OnLoad-tapahtumien window()-haavoittuvuus Netscapessa
In the news:
www.cert.dk/perl/publicsystem/PublicSystem.cgi?context=vGMtvyBXpuhoyHVJrOth...gZc=
xforce.iss.net/xforce/alerts/id/209
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3896
News related to Microsoft Internet Explorer:
www.secunia.com/advisories/15546/
www.frsirt.com/english/advisories/2005/2509
www.securityfocus.com/bid/13799
www.osvdb.org/displayvuln.php?osvdb_id=17094
xforce.iss.net/xforce/xfdb/20783
www.securitytracker.com/alerts/2005/Nov/1015251.html
www.ciac.org/ciac/bulletins/q-059.shtml
www.kb.cert.org/vuls/id/887861
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1790
Solution:
- Disable JavaScript support from Options / Site Controls or via Preferences (version 7.2).
- Do not visit untrusted web sites.
| Go to the top |
PitMon coal mining process visualization tool XPM image rendering overflow vulnerabilities (2005-11-16) : CAN-2005-3186
- PitMon-visualisointiohjelmiston (BHP Billiton Mitsubishi Alliance -kaivosyhtiö) GTK+ -kirjaston XPM-kuvankäsittelyhaavoittuvuudet
Combined security advisory:
www.networksecurity.fi/advisories/gtk-multiple-products.html
News related to GTK+ library:
www.secunia.com/advisories/17522/
etc. See PHOEBE issue #47
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186
Solution:
- Update to fixed GTK version 2.8.7.
PHOEBE astronomical software GTK+ XPM image rendering overflow vulnerabilities (2005-11-16) : CAN-2005-3186
- PHOEBE-ohjelmiston (Ljubljanin yliopisto) GTK+ -kirjaston XPM-kuvankäsittelyhaavoittuvuudet
Combined security advisory:
www.networksecurity.fi/advisories/gtk-multiple-products.html
In the news:
list.fmf.uni-lj.si/pipermail/phoebe-announce/2005/000019.html
News related to GTK+ library:
www.secunia.com/advisories/17522/
etc.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186
Solution:
- Update to fixed GTK version 2.8.7.
Information about updated Linux distributions:
www.secunia.com/advisories/17770/
www.secunia.com/advisories/17657/
www.secunia.com/advisories/17594/
www.secunia.com/advisories/17615/
www.secunia.com/advisories/17591/
www.secunia.com/advisories/17562/
www.secunia.com/advisories/17592/
www.secunia.com/advisories/17791/
www.uniras.gov.uk/niscc/docs/br-20051130-01055.html
| Go to the top |
TouchTunes Maestro/Rhapsody digital jukeboxes GdkPixbuf/GTK+ XPM image rendering overflow vulnerabilities (2005-11-15) : CAN-2005-2976, -2975, -3186
- TouchTunes Maestro- ja Rhapsody-jukeboksien Pixbuf/GTK+ -kirjaston XPM-kuvankäsittelyhaavoittuvuudet
In the news:
www.securityfocus.com/bid/15428
www.securityfocus.com/bid/15429
www.securityfocus.com/bid/15435
US-CERT Cyber Security Bulletin's #SB05-320 High Risk warning
News related to GTK+ library:
www.secunia.com/advisories/17522/
www.frsirt.com/english/advisories/2005/2433
www.securitytracker.com/alerts/2005/Nov/1015216.html
xforce.iss.net/xforce/xfdb/23083
www.osvdb.org/displayvuln.php?osvdb_id=20840
www.osvdb.org/displayvuln.php?osvdb_id=20841
www.osvdb.org/displayvuln.php?osvdb_id=20842
www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33606
www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33608
www.secwatch.org/advisories/1012115/
www.security.nnov.ru/news4009.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186
Solution:
- Update to fixed GTK version 2.8.7.
See PHOEBE issue #47
- Workaround: Restrict access to device's internet connection (modem or NIC) to prevent untrusted XPM files accessing the device.
| Go to the top |
Ardour digital audio workstation GdkPixbuf/GTK+ XPM image rendering overflow vulnerabilities (2005-11-15) : CAN-2005-2976, -2975, -3186
- Ardour-audiotyöaseman GdkPixbuf/GTK+ -kirjaston XPM-kuvankäsittelyhaavoittuvuudet
Combined security advisory:
www.networksecurity.fi/advisories/gtk-multiple-products.html
In the news:
www.securityfocus.com/bid/15428
www.securityfocus.com/bid/15429
www.securityfocus.com/bid/15435
www.osvdb.org/displayvuln.php?osvdb_id=20842
www.addict3d.org/index.php?page=viewarticle&type=security&ID=5315
US-CERT Cyber Security Bulletin's #SB05-320 High Risk warning
News related to GTK+ library:
www.secunia.com/advisories/17522/
www.frsirt.com/english/advisories/2005/2433
www.securitytracker.com/alerts/2005/Nov/1015216.html
xforce.iss.net/xforce/xfdb/23083
www.osvdb.org/displayvuln.php?osvdb_id=20840
www.osvdb.org/displayvuln.php?osvdb_id=20841
www.securiteam.com/securitynews/6I0072AEWW.html
www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33606
www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33608
www.secwatch.org/advisories/1012115/
www.security.nnov.ru/news4009.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186
Solution:
- Update to fixed GTK version 2.8.7.
See PHOEBE issue #47
- Workaround: Allow only trusted users use the application to prevent malicious XPM files accessing the application.
| Go to the top |
Netscape Flash Player code execution vulnerability (2005-11-07) : CAN-2005-2628
- Netscape Browser 8:n ja Netscape 7:n Flash Playerin koodinsuorittamisen mahdollistava haavoittuvuus
In the news:
www.security.nnov.ru/Fnews426.html
www.securityfocus.com/bid/15332
www.addict3d.org/index.php?page=viewarticle&type=security&ID=5947
www.secunia.com/advisories/17738/
www.secunia.com/advisories/17626/
www.sillydog.org/forum/viewtopic.php?t=10176
www.sillydog.org/forum/viewtopic.php?t=10175
News related to Flash Player as a separate product:
www.secunia.com/advisories/17430/
www.frsirt.com/english/advisories/2005/2317
www.securitytracker.com/alerts/2005/Nov/1015156.html
xforce.iss.net/xforce/xfdb/22959
www.secwatch.org/advisories/1012031/
www.osvdb.org/displayvuln.php?osvdb_id=18825
www.hkcert.org/salert/english/s051108_flash_swf.html
www.kb.cert.org/vuls/id/146284
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2628
www.macromedia.com/devnet/security/security_zone/mpsb05-07.html
news.zdnet.com/2110-1009_22-5937625.html
www.theregister.co.uk/2005/11/08/flash_security_bug/
www.eweek.com/article2/0,1895,1883059,00.asp
www.venustech.com.cn/tech/announce/20051107/5009.htm
Solution:
- Update to fixed version 8.0.22 with browser's Plugin Finder Service manually.
- Visit Macromedia Flash Player Download Center for Windows:
http://www.macromedia.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash
- Update: Update to Netscape Browser 8.1:
http://browser.netscape.com/ns8/download/default.jsp
| Go to the top |
Netscape cookie hostname handling information disclosure vulnerability (2005-11-06) : CAN-2005-xxxx
- Netscape Browser 8:n ja Netscape 7:n evästeidenkäsittelyn haavoittuvuus
In the news:
www.securityfocus.com/bid/15331
Solution:
- Use Cookie Manager to examine the content of stored cookies:
Netscape 8.x: Tools / Options... / Privacy / Cookies: View Cookies
Netscape 7.x: Edit / Preferences... / Privacy & Security / Cookies / Manage Cookies and Sites: Cookie Manager
In Netscape 7.2 it is possible to accept each cookie separately by enabling 'Ask for each cookie' setting and using information provided by View Details dialog.
| Go to the top |
CheckMark MultiLedger accounting system DUNZIP32.dll buffer overflow vulnerability (2005-10-28) : CVE-2004-1094
- CheckMark MultiLedger -ohjelmiston DUNZIP32.dll-kirjaston ylivuotohaavoittuvuus
Researcher's advisory:
www.networksecurity.fi/advisories/multiledger.html
In the news:
US-CERT Cyber Security Bulletin's #SB05-306 High Risk warning
www.secunia.com/advisories/17394/
www.securityfocus.com/bid/11555
www.securiteam.com/windowsntfocus/6Z00W00EAM.html
xforce.iss.net/xforce/xfdb/22737
www.osvdb.org/displayvuln.php?osvdb_id=19906
www.secwatch.org/advisories/1011985/
www.checkmark.com/support/patch_win_ml.php
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1094
www.kb.cert.org/vuls/id/582498
www.security.nnov.ru/news4087.html
www.fr33d0m.net/content-1828.html
CVSS Severity: 10 (High)
Solution:
- Update to fixed version 7.0.2: http://www.checkmark.com/order/updates.php.
| Go to the top |
Netscape and K-Meleon HTML "sourcetext" element Denial of Service vulnerability (2005-10-17) : CAN-2005-xxxx
- Netscape Browser 8:n, Netscape 7:n ja K-Meleonin sourcetext-haavoittuvuus
In the news:
www.securiteam.com/securitynews/6U00Q00EBW.html
www.osvdb.org/displayvuln.php?osvdb_id=20314
bugzilla.mozilla.org/show_bug.cgi?id=210658
www.addict3d.org/index.php?page=viewarticle&type=security&ID=5056
www.milw0rm.com/id.php?id=1253
www.heise.de/security/news/meldung/65012
Solution:
- Do not visit untrusted web sites.
| Go to the top |
CheckMark Payroll DUNZIP32.dll buffer overflow vulnerability (2005-10-10) : CAN-2004-1094
- CheckMark Payroll -palkanlaskentaohjelmiston DUNZIP32.dll-kirjaston ylivuotohaavoittuvuus
Researcher's advisory:
www.networksecurity.fi/advisories/payroll.html
In the news:
US-CERT Cyber Security Bulletin's #SB05-306 High Risk warning
www.secunia.com/advisories/17096/
www.frsirt.com/english/advisories/2005/2057
xforce.iss.net/xforce/xfdb/22737
www.securityfocus.com/bid/11555
www.osvdb.org/displayvuln.php?osvdb_id=19906
www.secwatch.org/advisories/1011849/
www.checkmark.com/support/prw_update.php
www.frsirt.com/bulletins/2310
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1094
www.kb.cert.org/vuls/id/582498
www.net-security.org/vulnerability.php?id=19906
www.securitylab.ru/vulnerability/241141.php
www.securitylab.ru/vulnerability/source/241137.php
www.hackerscenter.com/archive/view.asp?id=19169
www.hackers-news.com/viewtopic.php?t=8505
CVSS Severity: 10 (High)
Solution:
- Update to fixed version 3.9.7: http://www.checkmark.com/order/updates.php.
| Go to the top |
Netscape and K-Meleon JavaScript engine integer overflow vulnerability (2005-09-24) : CAN-2005-2705
- Netscape Browser 8:n, Netscape 7:n ja K-Meleonin JavaScript-käsittelyn ylivuotohaavoittuvuus
In the news:
www.securityfocus.com/bid/14917
www.osvdb.org/displayvuln.php?osvdb_id=19647
www.frsirt.com/english/advisories/2005/2147
www.cert.dk/perl/publicsystem/PublicSystem.cgi?context=ixr%2bGl4VpRouOBLemObmwFJhb...dFNeRc=
www.packetalarm.de/sec_notices/index.php?id=2587&delimit=1#detail
www.sans.org/newsletters/risk/display.php?v=4&i=39#05.39.21
www.sillydog.org/forum/viewtopic.php?t=9894
www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2705
www.mozilla.org/security/announce/mfsa2005-58.html
News related to Mozilla Firefox:
www.frsirt.com/english/advisories/2005/1824
www.securitytracker.com/alerts/2005/Sep/1014954.html
xforce.iss.net/xforce/xfdb/22377
www.cert-in.org.in/advisory/ciad-2005-21.htm
www.hkcert.org/salert/english/s050926_mozilla_suite_and_firefox_multiple_vulnerabilities.html
Solution:
Update: Update to version Netscape Browser 8.0.4: browser.netscape.com/ns8/download/default.jsp
- Do not visit untrusted web sites.
| Go to the top |
Netscape zero-width non-joiner characters stack corruption vulnerability (2005-09-24) : CAN-2005-2702
- Netscape Browser 8:n ja Netscape 7:n ZWNJ-merkistönkäsittelyn haavoittuvuus
In the news:
@Risk: The Consensus Security Alert - Volume 4, Issue #39: HIGH Risk warning
www.securiteam.com/securitynews/5AP0P1PGUE.html
www.secunia.com/advisories/16944/
www.osvdb.org/displayvuln.php?osvdb_id=19644
www.frsirt.com/english/advisories/2005/2147
www.packetalarm.de/sec_notices/index.php?id=2588&delimit=1#detail
www.security.nnov.ru/Fnews254.html
www.sans.org/newsletters/risk/display.php?v=4&i=39#05.39.22
www.secwatch.org/advisories/1011732/
www.sillydog.org/forum/viewtopic.php?t=9894
www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2702
News related to Mozilla Firefox:
www.frsirt.com/english/advisories/2005/1824
www.securitytracker.com/alerts/2005/Sep/1014954.html
www.securityfocus.com/bid/14918
xforce.iss.net/xforce/xfdb/22375
www.cert-in.org.in/advisory/ciad-2005-21.htm
www.hkcert.org/salert/english/s050926_mozilla_suite_and_firefox_multiple_vulnerabilities.html
www.mozilla.org/security/announce/mfsa2005-58.html
Other related Netscape news:
www.heise.de/newsticker/meldung/64314
Google's English Translation of Heise.de September article
blogs.washingtonpost.com/securityfix/2005/09/new_netscape_br.html
software.silicon.com/malware/0,3800003100,39152702,00.htm
Solution:
Update: Update to version Netscape Browser 8.0.4: browser.netscape.com/ns8/download/default.jsp
- Do not visit untrusted web sites.
Netscape proxy Auto Config Script "eval"
statement Denial of Service vulnerability (2005-09-21) : CAN-2005-3089
- Netscape Browser 8:n PAC-skriptihaavoittuvuus
In the news:
www.securityfocus.com/bid/14924
www.osvdb.org/displayvuln.php?osvdb_id=19615
www.sans.org/newsletters/risk/display.php?v=4&i=39#05.39.19
cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3089
News related to Mozilla Firefox:
www.securitytracker.com/alerts/2005/Sep/1014949.html
xforce.iss.net/xforce/xfdb/22371
Solution:
- Netscape: Wait for release of Netscape 8.1.x.
| Go to the top |
Netscape weak authentication mechanism vulnerability (2005-09-14) : CAN-2005-2395
- Netscape Browser 8:n tunnistautumismenetelmän valinnan haavoittuvuus
In the news:
www.securityfocus.com/bid/14325
www.osvdb.org/displayvuln.php?osvdb_id=19002
www.cert.dk/perl/publicsystem/PublicSystem.cgi?context=yUX9s%2b6VkxGvbT.....Ne9w=
News related to Mozilla Firefox:
www.securiteam.com/securitynews/5PP0L00GUQ.html
xforce.iss.net/xforce/xfdb/22272
www.us-cert.gov/cas/bulletins/SB05-208.html#firefoxweak
www.opennet.ru/base/usersoft/1127234285_114.txt.html
www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2395
www.security.nnov.ru/Fnews19.html
www.sans.org/newsletters/risk/display.php?v=4&i=29#05.29.21 (Related Firefox v1.0.5 information)
Solution:
- Netscape: Wait for release of Netscape 8.1.x.
Netscape "Host:" parameter (IDN) buffer overflow vulnerability (2005-09-09) : CVE-2005-2871
- Netscape Browser 8:n ja Netscape 7:n IDN-käsittelyn Host:-puskuriylivuotohaavoittuvuus
In the news:
US-CERT Cyber Security Bulletin's #SB05-257 High Risk warning
In Finnish: Viestintäviraston CERT-FI varoitus 62/2005
@Risk: The Consensus Security Alert - Volume 4, Issue #37: Critical warning
www.frsirt.com/english/advisories/2005/1691
www.frsirt.com/english/advisories/2005/2147
www.securityfocus.com/bid/14784
www.secunia.com/advisories/16766/
www.securiteam.com/securitynews/5RP0B0UGVW.html
www.securitytracker.com/alerts/2005/Sep/1014877.html
xforce.iss.net/xforce/xfdb/22207
www.osvdb.org/displayvuln.php?osvdb_id=19255
www.uni-cert.nl/index.php?page=advisory.view&advisory_id=1270&PHPSESSID=e16...1db
www.cert.dk/perl/publicsystem/PublicSystem.cgi?context=VniVp/AuMvFIVujN.....zVas=
www.cert.hr/advs.php?lang=hr&page=3&id=5597
www.cert.hu/hir/archive/hir_20050909_1.html
www.secwatch.org/advisories/1011599/
www.sans.org/newsletters/risk/display.php?v=4&i=37#05.37.18
www.addict3d.org/index.php?page=viewarticle&type=security&ID=4889
www.security.nnov.ru/Fnews190.html
www.zone-h.org/advisories/read/id=8106
www.sitic.se/rad_och_rekommendationer/SR05-110.html
www.juniper.net/security/auto/vulnerabilities/vuln2032.html
www.packetalarm.de/sec_notices/index.php?id=2503&delimit=1#detail
www.kb.cert.org/vuls/id/573857
cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2871
news.zdnet.com/2102-1009_22-5863451.html
www.windowsitpro.com/Article/ArticleID/47731/47731.html
blogs.washingtonpost.com/securityfix/2005/09/firefox_netscap.html
www.mozillazine.org/talkback.html?article=7307
blogs.washingtonpost.com/securityfix/2005/09/exploit_release.html
www.mozillazine.org/talkback.html?article=7400
www.securitypronews.com/news/securitynews/spn-45-20050915BuggingOutFirefox.html
www.us-cert.gov/current/archive/2005/09/26/archive.html#mozbuff
www.xpforum.co.uk/forum/archive.php/o_t__t_9132__firefox-patched-mozilla-netscape-url-domain-warning.html
www.digitoday.fi/showPage.php?page_id=14&news_id=48424
www.ficora.fi/suomi/tietoturva/cert.htm#2005-9-23_0845
www.sillydog.org/forum/viewtopic.php?t=9768
isc.sans.org/diary.php?date=2005-09-10
isc.sans.org/diary.php?date=2005-09-11
News related to Mozilla Firefox:
www.mozilla.org/security/announce/mfsa2005-57.html
addons.mozilla.org/messages/307259.html
bugzilla.mozilla.org/show_bug.cgi?id=307259
www.kb.cert.org/vuls/id/573857
www.ciac.org/ciac/bulletins/p-303.shtml
www.cert-in.org.in/vulnerability/civn-2005-87.htm
www.hkcert.org/salert/english/s050910_mozilla_remote_buffer_overflow.html
www.cert.pl/index2.html?action=show_news_more&nid=719
news.zdnet.com/2102-3513_22-5856201.html
news.com.com/2102-1002_3-5856201.html
www.computerworld.com/printthis/2005/0,4814,104504,00.html
www.infoworld.com/article/05/09/09/HNfirefoxflawfound_1.html
www.infoworld.com/article/05/09/09/hnfirefound_1.html
www.eweek.com/print_article2/0,1217,a=159776,00.asp
www.theregister.co.uk/2005/09/09/firefox_security_flap/print.html
www.theregister.co.uk/2005/09/12/mozilla_idn_fix/print.html
www.networkworld.com/news/2005/090905-firefox-flaw.html
www.newsfactor.com/story.xhtml?story_id=38170
isc.sans.org/diary.php?date=2005-09-09
isc.sans.org/diary.php?storyid=686
isc.sans.org/diary.php?storyid=700
it.slashdot.org/it/05/09/09/1336253.shtml?tid=128&tid=154
it.slashdot.org/it/05/09/10/1625241.shtml?tid=154&tid=1&tid=218
blogs.washingtonpost.com/securityfix/2005/09/mozilla_issues_.html
news.netcraft.com/archives/2005/09/09/new_vulnerability_in_firefox_browser.html
www.uniras.gov.uk/niscc/docs/br-20050921-00821.html?lang=en
www.auscert.org.au/render.html?it=5507
www.frsirt.com/exploits/20050922.PwnZilla.php
it.slashdot.org/it/05/09/22/1820251.shtml?tid=154&tid=172
www.mozillazine.org/talkback.html?article=7389
www.tietoviikko.fi/doc.te?f_id=772051
www.mikropc.net/uutiset/index.jsp?categoryId=atk&day=20050912
www.digitoday.fi/showPage.php?page_id=14&news_id=47858
www.digitoday.fi/showPage.php?page_id=14&news_id=47886
www.tietokone.fi/uutta/uutinen.asp?news_id=24782&tyyppi=1
www.heise.de/newsticker/meldung/63746
www.idg.se/ArticlePages/200509/09/20050909165542_SOS/20050909165542_SOS.dbp.asp
www.security-protocols.com/advisory/sp-x17-advisory.txt
www.security-protocols.com/advisory/sp-x18-advisory.txt
www.net-security.org/vuln.php?id=4077
Cyber Security Tip ST05-016: Understanding Internationalized Domain Names
Solution:
Update: Update to version Netscape Browser 8.0.4: browser.netscape.com/ns8/download/default.jsp
[Change network.enableIDN preference to false with about:config feature.
See instructions at addons.mozilla.org/messages/307259.html ("Manually Configuring the Browser")]
- Do not visit untrusted web sites.
| Go to the top |
MindAlign multiple vulnerabilities (2005-08-12) : CAN-2005-2590 etc.
- Report and summary written to security community
MindAlign Java Client -ohjelmiston haavoittuvuudet
Researcher's report:
www.networksecurity.fi/advisories/mindalign.html
US-CERT Cyber Security Bulletin's #SB05-229 warning
Security advisories:
www.secunia.com/advisories/16408/
www.securityfocus.com/bid/14562
xforce.iss.net/xforce/xfdb/21821
xforce.iss.net/xforce/xfdb/21837
xforce.iss.net/xforce/xfdb/21838
xforce.iss.net/xforce/xfdb/21840
www.osvdb.org/displayvuln.php?osvdb_id=18754
www.osvdb.org/displayvuln.php?osvdb_id=18755
www.osvdb.org/displayvuln.php?osvdb_id=18756
www.osvdb.org/displayvuln.php?osvdb_id=18757
www.net-security.org/vulnerability.php?id=18754
www.net-security.org/vulnerability.php?id=18755
www.net-security.org/vulnerability.php?id=18757
www.sans.org/newsletters/risk/display.php?v=4&i=33#05.33.9
www.secwatch.org/advisories/1011395/
cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2590
cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2591
cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2592
cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2593
www.niscc.gov.uk/niscc/docs/br-20050812-00673.html?lang=en
Solution:
- Upgrade to fixed version: www.parlano.com/support/default.aspx
Multiple browsers XPCOM library race condition vulnerability (2005-07-22) : CVE-2005-2414
- Netscape Browser, Netscape 7 and K-Meleon confirmed as affected
Netscape Browser 8:n, Netscape 7:n ja K-Meleonin XPCOM-kirjaston haavoittuvuus
In the news:
www.secwatch.org/advisories/1011225/
www.secwatch.org/advisories/1011226/
www.osvdb.org/displayvuln.php?osvdb_id=18226
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2414
www.gulftech.org/?node=research&article_id=00091-07212005
News related to Mozilla Firefox:
www.criticalwatch.com/resources/advisory/advisory.htm?AID=11277
CVSS Severity: 3.3 (Low)
Solution:
- Do not visit untrusted web sites.
| Go to the top |
Netscape Browser, Netscape 7 and K-Meleon 'Set As Background...' code execution, XHTML DOM node name processing, XBL scripts JavaScript state bypass, content-generated untrusted events and JavaScript InstallVersion.compareTo function vulnerabilities (2005-07-13) : CAN-2005-2260,CAN-2005-2261 etc.
- These issues are known as Netscape Multiple Arbitrary Script Code Execution Vulnerabilities too
- NOTE: K-Meleon is affected only in 3rd vulnerability (see researcher's advisory)
Netscape Browser 8:n, Netscape 7:n ja K-Meleonin Aseta taustakuvaksi -toiminnon, XHTML DOM node -käsittelyn, XBL-skriptien skriptisuorituksen, käyttöliittymää muokkaavien event-tapahtumien ja "InstallVersion.compareTo"-JavaScript-toiminnon haavoittuvuudet
Researcher's advisory:
www.networksecurity.fi/advisories/netscape-multiple-issues.html
In the news: (Published security advisories and updated media coverage)
US-CERT Cyber Security Bulletin's #SB05-201 High Risk warning
In Finnish: Viestintäviraston CERT-FI varoitus 51/2005
K-Meleon 0.9.12 Release Notes:
kmeleon.sourceforge.net/wiki/index.php?id=ReleaseNotes0912#new
www.secunia.com/advisories/16044/
www.secunia.com/advisories/16185/
www.frsirt.com/english/advisories/2005/1214
www.securityfocus.com/bid/14242
www.secwatch.org/advisories/1011137/
www.secwatch.org/advisories/1011244/
www.cert-in.org.in/advisory/ciad-2005-18.htm
www.securiteam.com/securitynews/5XP0K20GBQ.html
www.securiteam.com/securitynews/6K00C0UEUU.html
www.uni-cert.nl/index.php?page=advisory.view&advisory_id=1204&PHPSESSID=b29796...
www.osvdb.org/displayvuln.php?osvdb_id=17964
www.osvdb.org/displayvuln.php?osvdb_id=17965
www.osvdb.org/displayvuln.php?osvdb_id=17969
www.security.nnov.ru/Enews992.html
news.zdnet.com/2102-1009_22-5825342.html
www.heise.de/newsticker/meldung/62598
www.heise.de/security/news/meldung/61892
Google's English Translation of Heise.de July article
www.golem.de/0507/39363.html
www.entwickler.com/itr/news/psecom,id,23009,nodeid,82.html
www.php-mag.de/itr/news/psecom,id,23009,nodeid,61.html
www.linuxenterprise.de/itr/news/psecom,id,23009,nodeid,8.html
www.idx.at:18080/news/indec/printer_html?identnr=7764
www.interest.de/secbase_client/print.php?titel_nr=&xid=5273&ID=042553072527
www.joergkrusesweb.de/internet/sicherheit/news/netscape-78.html
www.breekpunt.net/nieuwsbericht.asp?id=10692
www.checkpoint.com/defense/advisories/public/2005/cpai-2005-108.html
www.addict3d.org/index.php?page=viewarticle&type=security&ID=4495
www.fr33d0m.net/content-639.html
www.cappoodoo.de/news.php?s=read&id=1646
packetstorm.blackroute.net/0507-advisories/sa16044.txt
www.mozilla.org/security/announce/mfsa2005-47.html
www.mozilla.org/security/announce/mfsa2005-55.html
www.mozilla.org/security/announce/mfsa2005-46.html
www.mozilla.org/security/announce/mfsa2005-45.html
www.mozilla.org/security/announce/mfsa2005-50.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2260
cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2261
cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2262
cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2265
cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2269
www.sillydog.org/forum/viewtopic.php?t=9376
www.sillydog.org/forum/viewtopic.php?t=9401
www.sillydog.org/forum/viewtopic.php?t=9490
www.windowsbbs.com/showthread.php?t=46269
kmeleon.sourceforge.net/forum/read.php?f=1&i=28313&t=28313
www.gladiator-antivirus.com/forum/index.php?showtopic=27765
hwww.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2005-51.htm
www.digitoday.fi/showPage.php?page_id=14&news_id=46287
News after releasing a fixed version:
moz.sillydog.org/archives/000799.php
www.sillydog.org/forum/viewtopic.php?t=9584
news.zdnet.com/2102-1009_22-5803901.html
news.com.com/2102-1002_3-5803901.html
www.heise.de/security/news/meldung/62067
www.infoworld.com/article/05/07/26/HNnetscapepatch_1.html
www.techworld.com/security/news/index.cfm?NewsID=4105
moz.sillydog.org/archives/000774.html
www.eweek.com/print_article2/0,1217,a=156755,00.asp
www.security.nl/article/11356/1/Update_voor_zeer_kritieke_lekken_in_Netscape.html
www.mikropc.net/uutiset/index.jsp?categoryId=atk&day=20050810
Solution:
Update: Update to version Netscape Browser 8.0.3.3: browser.netscape.com/ns8/download/default.jsp
- Update #2: Update to version K-Meleon 0.9.12:
http://prdownloads.sourceforge.net/kmeleon/K-Meleon0.9.12-installer.exe?download
- Workarounds: Do not use 'Set As Background...' functionality to save Windows Desktop wallpaper images from untrusted sources and
- Do not click untrusted or suspicious hyperlinks to avoid effects to browser UI (MFSA2005-45).
Issue #1 (MFSA 2005-47) fixed in Netscape 8.0.3.1 earlier
| Go to the top |
Microsoft Outlook Express multiple crafted e-mail Subject handling and newsgroup message information disclosure vulnerabilities (2005-07-12) : CAN-2005-2226
- Outlook Expressin viestin- ja uutisryhmäviestinkäsittelyn haavoittuvuudet
In the news:
US-CERT Cyber Security Bulletin's #SB05-194 Medium Risk warning
www.securityfocus.com/bid/14225
www.secwatch.org/advisories/1011113/
www.osvdb.org/displayvuln.php?osvdb_id=18241
www.packetalarm.de/sec_notices/index.php?id=2081
support.microsoft.com/kb/900930/EN-US/
cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2226
@RISK: The Consensus Security Vulnerability Alert - Issue 05.28.6 - Week 28 2005 Newsletter
Solution:
- Apply a hotfix from Microsoft Download Center: www.securityfocus.com/bid/14225/solution.
- Workaround: Do not open untrusted messages when composing important e-mail messages or adding contact adressess etc.
| Go to the top |
Multiple browsers empty JavaScript function Denial of Service vulnerability (2005-07-01) : CAN-2005-2114
- Netscape Browser and K-Meleon confirmed as affected
Useita selaimia koskeva JavaScript-funktioiden DoS-haavoittuvuus
In the news:
US-CERT Cyber Security Bulletin's #SB05-188 warning
www.securitytracker.com/alerts/2005/Jul/1014349.html
www.securiteam.com/securitynews/5OP0U00G1G.html
xforce.iss.net/xforce/xfdb/21188
www.osvdb.org/displayvuln.php?osvdb_id=17696
cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2114
www.addict3d.org/index.php?page=viewarticle&type=security&ID=4370
www.vsantivirus.com/vul-netscape-010705.htm
gladiator-antivirus.com/forum/index.php?showtopic=27317
www.securitylab.ru/55567.html
US-CERT Cyber Security Bulletin's #SB05-188 warning
www.securitytracker.com/alerts/2005/Jul/1014372.html
www.securiteam.com/securitynews/5OP0U00G1G.html
www.osvdb.org/displayvuln.php?osvdb_id=17696
www.securitylab.ru/55568.html
www.securitylab.ru/55606.html
www.cybertrion.com/Article2043.html (Related Gecko-browser news)
www.kurczaba.com/html/security/0506241.htm (including Kurczaba Associates PoC code)
Solution:
- Disable JavaScript support.
K-Meleon: Remove selection from Edit / Preferences / General / Enhancements: Enable JavaScript or via Tools / Privacy / 'Block' function.
| Go to the top |