[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Wed Aug 25 05:20:12 PDT 2010
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 215 Published: Tue, 24 Aug 2010 22:22:54 GMT
New Fixlets:
============
***************************************************************
Title: A denial of service caused via an animated PNG image in Opera before 10.61.
Severity: Medium
Fixlet ID: 1193301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11933.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3021
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Unspecified vulnerability in Opera before 10.61 allows remote attackers to cause a denial of service (CPU consumption and application hang) via an animated PNG image.
***************************************************************
Title: A denial of service vulnerability in Mozilla Firefox via JavaScript code that appends long strings to the content of a P element
Severity: Medium
Fixlet ID: 1201301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12013.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1987
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory consumption, out-of-bounds read, and application crash) via JavaScript code that appends long strings to the content of a P element, and performs certain other string concatenation and substring operations, related to the DoubleWideCharMappedString class in USP10.dll and the gfxWindowsFontGroup::GetUnderlineOffset function in xul.dll, a different vulnerability than CVE-2009-1571.
***************************************************************
Title: A denial of service vulnerability in Mozilla Firefox via JavaScript code that performs certain string concatenation and substring operations
Severity: High
Fixlet ID: 1205001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12050.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1988
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring operations, a different vulnerability than CVE-2009-1571.
***************************************************************
Title: Heap-based buffer overflow in Opera before 10.61
Severity: High
Fixlet ID: 1206601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12066.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3019
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Heap-based buffer overflow in Opera before 10.61 allows remote attackers to execute arbitrary code or cause a denial of service (application crash or hang) via vectors related to HTML5 canvas painting operations that occur during the application of transformations.
***************************************************************
Title: Vulnerability in news-feed preview feature in Opera before 10.61
Severity: Medium
Fixlet ID: 1207301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12073.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3020
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The news-feed preview feature in Opera before 10.61 does not properly remove scripts, which allows remote attackers to force subscriptions to arbitrary feeds via crafted content.
***************************************************************
Title: Opera before 10.61 does not properly suppress clicks on download dialogs
Severity: Medium
Fixlet ID: 1208401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12084.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2576
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Opera before 10.61 does not properly suppress clicks on download dialogs that became visible after a recent tab change, which allows remote attackers to conduct clickjacking attacks, and consequently execute arbitrary code, via vectors involving (1) closing a tab or (2) hiding a tab, a related issue to CVE-2005-2407.
More information about the WinVulns-Announcements
mailing list