Posts Tagged ‘Security Bypass’

Vulnerabilities in Adobe ColdFusion

Vulnerabilities in Adobe ColdFusion

Vulnerabilities: Security Bypass, spoofing attack in Adobe ColdFusion

Danger: Average
The presence of fixes: Yes
The number of vulnerabilities: 2

CVE ID: CVE-2013-1387
CVE-2013-1388
Vector of operation: Remote
Impact: Security Bypass, spoofing attack

Affected Products: Adobe ColdFusion 10.с, Adobe ColdFusion 9.x (more…)

vulnerabilities in Adobe Flash Player

Vulnerabilities in Adobe Flash Player

Vulnerability: Multiple vulnerabilities in Adobe Flash Player

Severity Rating: Critical
Patch: Yes
Number of vulnerabilities: 3

CVE ID: CVE-2013-0643
CVE-2013-0648
CVE-2013-0504
Vector of operation: Remote
Impact: Security Bypass, System compromise

Affected Products: Adobe Flash Player 11.x

Affected versions:
Adobe Flash Player 11.6.602.168 and earlier versions for Windows
Adobe Flash Player 11.6.602.167 and earlier versions for Macintosh
Adobe Flash Player 11.2.202.270 and earlier versions for Linux. (more…)

Vulnerability

Vulnerabilities in Barracuda Products

Vulnerability: Multiple Vulnerabilities in Barracuda Products

Danger level: Average

Number of vulnerabilities: 2

Vector operation: Remote
Impact: Security Bypass, System compromise

Affected products:

– Barracuda SSL VPN 3.x;
– Barracuda Load Balancer 3.x;
– Barracuda Link Balancer 3.x;
– Barracuda Web Application Firewall 3.x;
– Barracuda Message Archiver 3.x;
– Barracuda Web Filter 3.x. (more…)

Security Bypass Zabbix

Posted: January 23, 2013 in Vulnerabilities
Tags: ,
Vulnerability

Security Bypass Zabbix

Vulnerability: Security Bypass Zabbix

Danger level: Average
Availability of fixes: Insturktsii to eliminate
Number of vulnerabilities: 1

CVE ID: CVE-2013-1364
Vector of operation: Local Network
Impact: Security Bypass

Affected products: Zabbix 2.x

Affected versions: Zabbix 2.0.4, perhaps the only one.

Description:

Vulnerability allows the removed user to bypass some restrictions of safety. (more…)

Wordpress VulnerabilityVulnerability: Security Bypass WordPress Portable phpMyAdmin

Danger: Average
Patch: Yes
Number of vulnerabilities: 1

Vector of operation: Remote
Impact: Bypass of Security

Affected products: WordPress Portable phpMyAdmin Plugin 1.x

Affected versions: WordPress Portable phpMyAdmin version to 1.3.1.

Description:

Which can be exploited by malicious people to bypass certain security restrictions. (more…)

Vulnerability

Vulnerabilities in Google Chrome

Vulnerability: Multiple vulnerabilities in Google Chrome

Danger: High
Patch: Yes
Number of vulnerabilities: 9

CVE ID: CVE-2012-5139, CVE-2012-5140, CVE-2012-5141, CVE-2012-5142, CVE-2012-5143, CVE-2012-5144, CVE-2012-5676, CVE-2012-5677, CVE-2012-5678

Vector of operation: Remote
Impact: Security Bypass, System compromise

Affected products: Google Chrome 23.x

Affected versions: Google Chrome to version 23.0.1271.97.

Description:

The vulnerability allows a remote user to execute arbitrary code on the target system.

1. The vulnerability is caused due to some errors in the embedded Adobe Flash Player. This can be exploited to compromise a vulnerable system. (more…)

Vulnerabilities in Microsoft Windows

Vulnerabilities in Microsoft Windows

Multiple vulnerabilities in Microsoft Windows

1. Vulnerability in the processing of checking revocation IP-HTTPS certificates in Microsoft Windows

Danger: Low
Patch: Yes
Number of vulnerabilities: 1

CVE ID: CVE-2012-2549
Vector of operation: Remote
Impact: Security Bypass

Affected Products: Microsoft Windows Server 2008, Windows Server 2012

Affected versions: Microsoft Windows 2008 R2, Windows 2012

Description:

Which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due to insufficient authentication certificates in IP-HTTPS component. A remote user can use the revoked certificate as valid.

Manufacturer URL: www.microsoft.com (more…)

Wordpress Vulnerability

Security Bypass in WordPress

Vulnerability: Security Bypass in WordPress vTiger CRM Lead Capture

Danger: Middle
Patch: Yes
Number of vulnerabilities: 1

Vector of operation: Remote
Impact: Security Bypass

Affected products: WordPress vTiger CRM Lead Capture Plugin 1.x

Affected versions: WordPress vTiger CRM Lead Capture 1.0, perhaps the only one.

Description:

Which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due to an unspecified error. Details were not disclosed. (more…)

Vulnerability

Vulnerabilities in Smartphone Pentest

Vulnerability: Multiple vulnerabilities in Smartphone Pentest Framework (SPF)

Danger: High
Number of vulnerabilities: 5
CVE ID:

– CVE-2012-5697;
– CVE-2012-5694;
– CVE-2012-5693;
– CVE-2012-5695;
– CVE-2012-5696.

Vector operation: Local Network (LAN)
Impact: Cross Site Scripting, Unauthorized manipulation of data, Elevation of Privilege, Security Bypass, System compromise

Affected Products: Smartphone Pentest Framework (SPF) 1.x

Affected versions: Smartphone Pentest Framework (SPF) 1.0 (more…)

Cisco logo

Security Bypass Cisco Secure ACS

Vulnerability: Security Bypass Cisco Secure

ACSDanger: Low
Patch: Yes
Quantity of vulnerabilities: 1

Vector operation: Remote
Impact: Security Bypass
Exploit: functional exploit

Affected Products: Cisco Secure ACS 5.x

Affected versions:
– Cisco Secure ACS 5.0;
– Cisco Secure ACS 5.1;
– Cisco Secure ACS 5.2;
– Cisco Secure ACS 5.3. (more…)