magmatic.com - Squawk Box

MAAS History

Entries by drStrangeP0rk (171)

Thursday

Jul222010

Firefox 3.6.7 Released

Thursday, July 22, 2010 at 07:54AM

In addition to improvements in stability the following vulnerabilities have been addressed. Administrators and user should update to the lasted stable version. Thunderbird and Firefox 3.5.111 have also been released. With the addition of Google Chrome, it is clear that Firefox may be losing some of it's popularity with users.

Fixed in Firefox 3.6.7

MFSA 2010-47 Cross-origin data leakage from script filename in error messages
MFSA 2010-46 Cross-domain data theft using CSS
MFSA 2010-45 Multiple location bar spoofing vulnerabilities
MFSA 2010-44 Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish
MFSA 2010-43 Same-origin bypass using canvas context
MFSA 2010-42 Cross-origin data disclosure via Web Workers and importScripts
MFSA 2010-41 Remote code execution using malformed PNG image
MFSA 2010-40 nsTreeSelection dangling pointer remote code execution vulnerability
MFSA 2010-39 nsCSSValue::Array index integer overflow
MFSA 2010-38 Arbitrary code execution using SJOW and fast native function
MFSA 2010-37 Plugin parameter EnsureCachedAttrParamArrays remote code execution vulnerability
MFSA 2010-36 Use-after-free error in NodeIterator
MFSA 2010-35 DOM attribute cloning remote code execution vulnerability
MFSA 2010-34 Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11)

Update on Tuesday, July 27, 2010 at 06:52AM by

drStrangeP0rk

The security update which fixed the plug-in parameter array crash was exhibiting behavior that resulted in memory curruption. the resulting is a dangling pointer which has the potential to be exploited. Mozilla has released an update which users and administrators should apply.

http://www.mozilla.org/security/announce/2010/mfsa2010-48.html

drStrangeP0rk |

Post a Comment |

1 Reference |

Client,

Firefox,

Mac OSX 10.5,

Mac OSX 10.6,

Updates

Tuesday

Jul202010

Apple Released iTunes 9.2.1

Tuesday, July 20, 2010 at 07:33AM

Apple has released an update to iTunes 9.2.1 which provides stability and security improvements. This includes addressing the buffer overflow reported in CVE-2010-1777. Users and administrators should apply this update immediately.

CVE-ID: CVE-2010-1777

Available for: Mac OS X v10.4.11 or later, Windows 7, Vista, XP SP2 or later

Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

Description: A buffer overflow exists in the handling of "itpc:" URLs. Accessing a maliciously crafted "itpc:" URL may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to Clint Ruoho of Laconic Security for reporting this issue.

drStrangeP0rk |

Post a Comment |

1 Reference |

Apple,

Client,

Server,

Updates,

iTunes,

iTunes Vulnerability

Wednesday

Jul072010

Google Chrome 5.0.375.99 Released

Wednesday, July 7, 2010 at 09:08PM

Google has released a update to Chrome Browser to the Stable channel to address serveral security issues. Users should select About Google Chrome and Select Update to check and install the update.

This release fixes the following security issues: (Directly from Stable Channel Update.)

[42396] Low OOB read with WebGL. Credit to Sergey Glazunov; Google Chrome Security Team (SkyLined).

[42575] [42980] Medium Isolate sandboxed iframes more strongly. Credit to sirdarckcat of Google Security Team.

[$500] [43488] High Memory corruption with invalid SVGs. Credit to Aki Hekin of OUSPG; wushi of team509.

[$500] [44424] High Memory corruption in bidi algorithm. Credit to wushi of team509.

[45164] Low Crash with invalid image. Credit to Jose A. Vazquez.

[$1000] [45983] High Memory corruption with invalid PNG (libpng bug). Credit to Aki Helin of OUSPG.

[$500] [46360] High Memory corruption in CSS style rendering. Credit to wushi of team509.

[46575] Low Annoyance with print dialogs. Credit to Mats Ahlgren.

[47056] Low Crash with modal dialogs. Credit to Aki Helin of OUSPG.

drStrangeP0rk |

Post a Comment |

1 Reference |

Chrome,

Google,

Updates

Friday

Jun252010

Google Chrome 5.0.375.86 Released

Friday, June 25, 2010 at 09:55AM

Google has released an update to Chrome which enables the intergrated Flash Player by default. It is difficult sometimes for users and administrators to balance security and Flash content. First up, make sure that you review and your Flash Player Settings. In Chrome you can open the Flash Settings Manager by selecting Clear Browser Data.

Issuess adressed include the following:

[38105] Medium XSS via application/json response (regression). Credit to Ben Davis for original discovery and Emanuele Gentili for regression discovery.
[43322] Medium Memory error in video handling. Credit to Mark Dowd under contract to Google Chrome Security Team.
[43967] High Subresource displayed in omnibox loading. Credit to Michal Zalewski of Google Security Team.
[45267] High Memory error in video handling. Credit to Google Chrome Security Team (Cris Neckar).
[$500] [46126] High Stale pointer in x509-user-cert response. Credit to Rodrigo Marcos of SECFORCE.

Users then should consider reading the following post releated to Flash settings.

Another way to manage the risk related to Flash content is to install the Chrome extension Flash Block, available here.

This is a short description from the download/installer page.

Short Description:
=============
The extension automatically blocks flash content on webpages.
Each flash element is being replaced with a placeholder that allows you to load only selected elements on a given page.
You can also manage a whitelist of allowed websites via a configuration panel.

In general, FlashBlock helps with lowering memory usage, reducing cpu cycles,
and can be used as an alternative to AdBlock.

drStrangeP0rk |

Post a Comment |

2 References |

Chrome,

Flash,

Google,

Updates

Friday

Jun252010

Security Advisory for Adobe Reader and Acrobat: APSB10-15

Friday, June 25, 2010 at 09:41AM

Adobe has released a security advisory related to upcoming release of Acrobat Reader 9.3.2 and Acrobat 9.3.2 to address various vulnerabilities including CVE-2010-1297 (AuthPlayLib.bundle related vulnerability). The update is scheduled for release on June 29,2010 which is accelerated release date due to the critical nature of the exploit.

It has been reported that Acrobat Reader is being exploited in the wild using several vulnerabilities including CVE-2010-1297 (AuthPlayLib.bundle related vulnerability). As always users should use Preview.app, in a sandbox to view any content from the Web or an untrusted source. This update is tagged as CRITICAL

Update on Tuesday, June 29, 2010 at 07:05PM by

drStrangeP0rk

Adobe has released an update for Acrobat Reader and Acrobat to address these issues. Visit http://blogs.adobe.com/adobereader/2010/06/adobe_reader_and_acrobat_933_a.html for more information. Users should select Check for updates in Acrobat and Reader.

Update on Wednesday, July 7, 2010 at 08:18AM by

drStrangeP0rk

There will be another update to apply to Acrobat and Reader. The update did fully address issues related to .exe files and autorun. Since these are Windows executable this does not affect MacOS. Visit the Reader Security blog for more information.

drStrangeP0rk |

Post a Comment |

3 References |

Acrobat,

Acrobat Exploits,

Adobe,

Vulnerability,

Wild