VRDAフィード：脆弱性脅威分析用情報の定型データ配信

VRDA Feed by

Vulnerability Response Decision Assistance Feed : 脆弱性脅威分析用情報の定型データ配信

分析対象脆弱性情報 (リビジョン番号 : 1)

VRDA-090826-001 ( CVE-2009-0040 | CVE-2007-3847 | CVE-2007-1863 | CVE-2006-5752 | CVE-2007-3304 | CVE-2007-6388 | CVE-2007-5000 | CVE-2008-0005 )

VMware Hosted products update libpng and Apache HTTP Server

http://lists.vmware.com/pipermail/security-announce/2009/000062.html

Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.

この情報について

分析情報提供元:

JPCERT/CC

初版公開日:

2009-08-26

分析対象脆弱性情報の分類:

その他(一般記事・報道記事など)

最終更新日:

2009-08-26

脆弱性の影響を受ける製品の識別子

cpe:/a:vmware:ace (VMWare ACE)

cpe:/a:vmware:player (VMWare Player)

cpe:/a:vmware:workstation (VMWare VMWare)

脆弱性の分析内容

[分析に利用した情報の信頼性]^[?]

低^[?]

中^[?]

高^[?]

[影響の大きさ]^[?]

小^[?]

小～中^[?]

中～大^[?]

大^[?]

[攻撃経路]^[?]

物理アクセス^[?]

ローカルマシン上^[?]

同一セグメント上^[?]

インターネット経由^[?]

[認証レベル]^[?]

管理者アカウント^[?]

一般ユーザアカウント^[?]

フリーアカウント^[?]

不要^[?]

[攻撃成立に必要なユーザの関与]^[?]

複雑^[?]

簡単^[?]

不要^[?]

[攻撃の難易度]^[?]

高^[?]

中～高^[?]

低～中^[?]

低^[?]

[対策の有無]^[?]

公式パッチ有り^[?]

公式回避策有り^[?]

非公式回避策・パッチ有り^[?]

なし^[?]

[インシデントの発生状況]^[?]

活動なし^[?]

Exploit/PoCあり^[?]

活動あり^[?]

The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before1.2.35, as used in pngcrush and other applications, allowscontext-dependent attackers to cause a denial of service (applicationcrash) or possibly execute arbitrary code via a crafted PNG file thattriggers a free of an uninitialized pointer in (1) the png_read_pngfunction, (2) pCAL chunk handling, or (3) setup of 16-bit gammatables.

Common Vulnerabilities and Exposures (CVE) CVE-2007-3847

The date handling code in modules/proxy/proxy_util.c (mod_proxy) inApache 2.3.0, when using a threaded MPM, allows remote origin serversto cause a denial of service (caching forward proxy process crash) viacrafted date headers that trigger a buffer over-read.

Common Vulnerabilities and Exposures (CVE) CVE-2007-1863

cache_util.c in the mod_cache module in Apache HTTP Server (httpd),when caching is enabled and a threaded Multi-Processing Module (MPM)is used, allows remote attackers to cause a denial of service (childprocessing handler crash) via a request with the (1) s-maxage, (2)max-age, (3) min-fresh, or (4) max-stale Cache-Control headers withouta value.

Common Vulnerabilities and Exposures (CVE) CVE-2006-5752

Cross-site scripting (XSS) vulnerability in mod_status.c in themod_status module in Apache HTTP Server (httpd), when ExtendedStatusis enabled and a public server-status page is used, allows remoteattackers to inject arbitrary web script or HTML via unspecifiedvectors involving charsets with browsers that perform "charsetdetection" when the content-type is not specified.

Common Vulnerabilities and Exposures (CVE) CVE-2007-3304

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module,allows local users to cause a denial of service by modifying theworker_score and process_score arrays to reference an arbitraryprocess ID, which is sent a SIGUSR1 signal from the master process,aka "SIGUSR1 killer."

Common Vulnerabilities and Exposures (CVE) CVE-2007-6388

Cross-site scripting (XSS) vulnerability in mod_status in the ApacheHTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2through 1.3.39, when the server-status page is enabled, allows remoteattackers to inject arbitrary web script or HTML via unspecifiedvectors.

Common Vulnerabilities and Exposures (CVE) CVE-2007-5000

Cross-site scripting (XSS) vulnerability in the (1) mod_imap module inthe Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0through 2.2.6 allows remote attackers to inject arbitrary web scriptor HTML via unspecified vectors.

Common Vulnerabilities and Exposures (CVE) CVE-2008-0005

mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset,which allows remote attackers to conduct cross-site scripting (XSS)attacks using UTF-7 encoding.

参考情報