VULNERABILITIES \ FIXES - November 9, 2008

Multiple Vendor NOS Microsystems getPlus Downloader Stack Buffer Overflow Vulnerability

9 Nov. 2008

Summary
The getPlus Download Manager is "a software management tool. It is used to download, install, and update other software through the browser. The getPlus Download Manager consists of an ActiveX control that is used to prompt users to install other vendor's software. Adobe uses this control for web based installations of Adobe Reader. If a client installed Adobe Reader through the Adobe website, they will have the control on their system". Remote exploitation of a stack based buffer overflow vulnerability in NOS Microsystems Ltd.'s getPlus Download Manager, potentially used by multiple vendors, could allow an attacker to execute arbitrary code with the privileges of the current user.

Credit:
The information has been provided by iDefense Labs Security Advisories.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=754

http://www.securiteam.com/windowsntfocus/6U0082KN5Y.html

9 Nov. 2008

ummary
The VLC media player contains a stack overflow vulnerability while parsing malformed RealText (rt) subtitle files. The vulnerability can be trivially exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player.

VLC handles subtitles automatically. It just checks the presence of a subtitle file with the same name of the loaded video. If such a subtitle file is found, VLC loads and parses the file.

Credit:
The information has been provided by Tobias Klein.
The original article can be found at: http://www.trapkit.de/advisories/TKADV2008-011.txt

http://www.securiteam.com/unixfocus/6S0062KN5U.html

9 Nov. 2008

Summary
Adobe Reader is "a program for viewing Portable Document Format (PDF) documents". Remote exploitation of a heap corruption vulnerability in Adobe Systems Inc.'s Acrobat Professional and Reader could allow an attacker to execute arbitrary code with the privileges of the current user.

Credit:
The information has been provided by iDefense Labs Security Advisories.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=756

http://www.securiteam.com/securitynews/6O0022KN5O.html

Adobe Reader Embedded Font Handling Out of Bounds Array Indexing Vulnerability

9 Nov. 2008

Summary
dobe Acrobat Reader is "a program for viewing Portable Document Format (PDF) documents". Remote exploitation of an out of bounds array access vulnerability in Adobe System Inc.'s Adobe Reader could allow an attacker to execute arbitrary code as the current user.

Credit:
The information has been provided by iDefense Labs Security Advisories.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=755

http://www.securiteam.com/securitynews/6P0032KN5M.html

9 Nov. 2008

Summary
The DSL connection of some 2wire routers is droped when a request to /xslt with the value %X where X is any non alfa numeric character.

Credit:
The information has been provided by hkm.
The original article can be found at: http://www.milw0rm.com/exploits/7060

http://www.securiteam.com/securitynews/6Q0042KN5K.html

Critical:
Highly critical
Impact: Exposure of sensitive information
System access
Where: From remote
Solution Status: Unpatched

Software: hMailServer 4.x

Description:
Nine:Situations:Group::strawdog has discovered some vulnerabilities in hMailServer PHPWebAdmin, which can be exploited by malicious people to disclose potentially sensitive information and compromise a vulnerable system.

Solution:
Edit the source code to ensure that input is properly verified.

Provided and/or discovered by:
Nine:Situations:Group::strawdog

Original Advisory:
http://milw0rm.com/exploits/7012