Cybersecurity threats 2015: new security vulnerabilities has been found by security researchers

Posted: August 22, 2015 in Vulnerabilities
Tags: , , , , , , ,


New security vulnerabilities 2015Several new security vulnerabilities of varying severity has been found by security researchers

Several new security vulnerabilities of varying severity has been found by security researchers:

  • System compromise in Android (high severity vulnerability)
  • Bypassing security restrictions on Apache Tomcat (middle severity vulnerability)
  • Multiple vulnerabilities in CMS Drupal (low severity vulnerability)
  • Compromising the system in Apple QuickTime for Windows (high severity vulnerability)

1. Operating-systems Android system-compromise

AndroidDanger level: High
Availability of correction: None
The number of vulnerabilities: 1

Vector of operation: Remote
Impact: System Compromise

Affected Products: Android 5.x
Affected versions: Android 5.x

Description:

The vulnerability allows a remote user to compromise a vulnerable system.

The vulnerability is caused due to an error in the component Android, associated with functional simultaneously run multiple applications. This can be exploited to compromise a vulnerable system.

More information about this vulnerability in Android on video below

Manufacturer URL: www.android.com

Solution: The way to eliminate the vulnerability does not exist at the moment.

Links: https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-ren-chuangang.pdf

2. Bypassing security restrictions on Apache Tomcat

Apache TomcatDanger level: Middle
Availability of fixes: Yes
The number of vulnerabilities: 1

CVE ID: CVE-2014-0227
Vector of operation: Remote
Impact: Bypassing security restrictions

Affected Products: Apache Tomcat 6.x, Apache Tomcat 7.x
Affected versions: Apache Tomcat 6.0.0 to 6.0.41, Apache Tomcat 7.0.0 to 7.0.54, Apache Tomcat 8.0.0-RC1 to 8.0.8

Description:

[CVE-2014-0227] The vulnerability allows a remote user to bypass certain security restrictions.
The vulnerability is caused due to an error in the processing of requests to the “java / org / apache / coyote / http11 / filters / ChunkedInputFilter.java”. This can be exploited to modify certain data or cause a denial of service.

Manufacturer URL: apache.org

Solution: Install the latest version from the manufacturer.

Links: http://tomcat.apache.org/security-7.html

3. Multiple vulnerabilities in Drupal

DrupalSecurity risk: Critical
Availability of fixes: Yes
The number of vulnerabilities: 5

Vector of operation: Remote
Impact: Cross-site scripting, Disclosure of sensitive data, Unauthorized modification of data

Affected Products: Drupal 6.x, Drupal 7.x
Affected versions: Drupal 6.x, Drupal 7.x

Description:

The vulnerability allows a remote user to SQL-injection.

1. The vulnerability is caused due to an error when processing the input data in the function “Drupal.ajax ()”. This can be exploited via a specially crafted link to execute arbitrary script code in a user’s browser session in context of an affected site.
2. The vulnerability is caused due to an error when processing the input data associated with the functional auto-fill fields. This can be exploited via a specially crafted link to execute arbitrary script code in a user’s browser session in context of an affected site.
3. The vulnerability is caused due to an unspecified error when processing the input data. A remote user can execute arbitrary commands in the application database.
4. The vulnerability is caused due to lack of authentication of HTTP requests. This can be exploited via a specially crafted link implement CSRF attack.
5. The vulnerability is due to improper distribution of privileges “access content” among users. This can be exploited to disclose the names of sensitive sites.

Manufacturer URL: drupal.org

Solution: Install the latest version from the manufacturer.

Links: https://www.drupal.org/SA-CORE-2015-003

4. Compromising the system in Apple QuickTime for Windows

Apple QuickTimeDanger level: High
Availability of fixes: Yes
The number of vulnerabilities: 2

CVE ID: CVE-2015-5785, CVE-2015-5786

Vector of operation: Remote
Impact: System Compromise

Affected Products: Apple QuickTime 7.x
Affected versions: Apple QuickTime for Windows versions prior to 7.7.8

Description:

The vulnerability allows a remote user to compromise a vulnerable system.

[CVE-2015-5785 and CVE-2015-5786] Multiple vulnerabilities are found in Apple QuickTime. The vulnerabilities is caused due to a memory corruption error when processing your media. A remote attacker could exploit the vulnerabilities by enticing a user to open a specially crafted media file.

Manufacturer URL: apple.com

Solution: Install the latest version from the manufacturer.

Links: https://support.apple.com/en-us/HT205046


 

Comments
  1. Sergey Gor says:

    Apple has released update 7.7.8 for the QuickTime app for Windows, which eliminated a total of 9 Memory Corruption Vulnerabilities (CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE- 2015-3792, CVE-2015-5751, CVE-2015-5779, CVE-2015-5785, CVE-2015-5786)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s