VRDA Feed : Provides information for vulnerability impact analysis

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

Vulnerability Analysis Result (Revision No : 1)

VRDA-090826-001 ( CVE-2009-0040 | CVE-2007-3847 | CVE-2007-1863 | CVE-2006-5752 | CVE-2007-3304 | CVE-2007-6388 | CVE-2007-5000 | CVE-2008-0005 )

VMware Hosted products update libpng and Apache HTTP Server

http://lists.vmware.com/pipermail/security-announce/2009/000062.html

Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.

About This Analysis Information

Analysis Information Provider:

JPCERT/CC

First Published:

2009-08-26

Source Information Category:

Other (news, forums, etc.)

Last Updated:

2009-08-26

Affected Product Tags

cpe:/a:vmware:ace (VMWare ACE)

cpe:/a:vmware:player (VMWare Player)

cpe:/a:vmware:workstation (VMWare VMWare)

Vulnerability Analysis Results

[Information Source Reliability]^[?]

Low^[?]

Medium^[?]

High^[?]

[Impact Level]^[?]

Low^[?]

Low-Medium^[?]

Medium-High^[?]

High^[?]

[Access Required]^[?]

Physical^[?]

Local^[?]

Non-routed^[?]

Routed^[?]

[Authentication]^[?]

Privileged^[?]

Standard^[?]

Limited^[?]

None or Unnecessary^[?]

[User Interaction Required]^[?]

Complex^[?]

Simple^[?]

None^[?]

[Technical Difficulty]^[?]

High^[?]

Medium-High^[?]

Low-Medium^[?]

Low^[?]

[Availability of Remediation]^[?]

Official Patch^[?]

Official Workaround^[?]

Unofficial Patch^[?]

None^[?]

[Incident Activity]^[?]

None^[?]

Exploit or PoC^[?]

Activity Observed^[?]

Alternatives

Common Vulnerabilities and Exposures (CVE) CVE-2009-0040

The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before1.2.35, as used in pngcrush and other applications, allowscontext-dependent attackers to cause a denial of service (applicationcrash) or possibly execute arbitrary code via a crafted PNG file thattriggers a free of an uninitialized pointer in (1) the png_read_pngfunction, (2) pCAL chunk handling, or (3) setup of 16-bit gammatables.

Common Vulnerabilities and Exposures (CVE) CVE-2007-3847

The date handling code in modules/proxy/proxy_util.c (mod_proxy) inApache 2.3.0, when using a threaded MPM, allows remote origin serversto cause a denial of service (caching forward proxy process crash) viacrafted date headers that trigger a buffer over-read.

Common Vulnerabilities and Exposures (CVE) CVE-2007-1863

cache_util.c in the mod_cache module in Apache HTTP Server (httpd),when caching is enabled and a threaded Multi-Processing Module (MPM)is used, allows remote attackers to cause a denial of service (childprocessing handler crash) via a request with the (1) s-maxage, (2)max-age, (3) min-fresh, or (4) max-stale Cache-Control headers withouta value.

Common Vulnerabilities and Exposures (CVE) CVE-2006-5752

Cross-site scripting (XSS) vulnerability in mod_status.c in themod_status module in Apache HTTP Server (httpd), when ExtendedStatusis enabled and a public server-status page is used, allows remoteattackers to inject arbitrary web script or HTML via unspecifiedvectors involving charsets with browsers that perform "charsetdetection" when the content-type is not specified.

Common Vulnerabilities and Exposures (CVE) CVE-2007-3304

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module,allows local users to cause a denial of service by modifying theworker_score and process_score arrays to reference an arbitraryprocess ID, which is sent a SIGUSR1 signal from the master process,aka "SIGUSR1 killer."

Common Vulnerabilities and Exposures (CVE) CVE-2007-6388

Cross-site scripting (XSS) vulnerability in mod_status in the ApacheHTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2through 1.3.39, when the server-status page is enabled, allows remoteattackers to inject arbitrary web script or HTML via unspecifiedvectors.

Common Vulnerabilities and Exposures (CVE) CVE-2007-5000

Cross-site scripting (XSS) vulnerability in the (1) mod_imap module inthe Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0through 2.2.6 allows remote attackers to inject arbitrary web scriptor HTML via unspecified vectors.

Common Vulnerabilities and Exposures (CVE) CVE-2008-0005

mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset,which allows remote attackers to conduct cross-site scripting (XSS)attacks using UTF-7 encoding.

References