Thread-topic: Setslice patch, 0day for FF and vuln in TrendMicro
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sat, 30 Sep 2006 11:47:27 -0500 (CDT)
> From: Gadi Evron <ge@xxxxxxxxxxxx>
> Subject: [Full-disclosure] ZERT patch for setSlice()
> To: bugtraq@xxxxxxxxxxxxxxxxx
> Cc: funsec@xxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
> Message-ID: <Pine.LNX.4.21.0609301147000.29516-100000@xxxxxxxxxxxx>
> Content-Type: TEXT/PLAIN; charset=US-ASCII
>
> A ZERT patch has now been released and is avilable on our site (
> ).
>
> A full patch (for limited Windows versions, which is built
> very nicely) is
> available from Determina.
>
> Our patch automates the Microsoft suggested workaround.
>
> Thanks,
>
> Gadi.
>
>
>
>
>
> ------------------------------
>
> Message: 9
> Date: Sun, 01 Oct 2006 21:20:20 +0200
> From: Thor Larholm <thor@xxxxxxxxxxxx>
> Subject: [Full-disclosure] 0day in Firefox from ToorCon '06
> To: full-disclosure@xxxxxxxxxxxxxxxxx
> Cc: funsec@xxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
> Message-ID: <452014F4.6010901@xxxxxxxxxxxx>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> CNet is writing about some 0day vulnerabilities in Firefox that were
> demonstrated at ToorCon '06 by Mischa Spiegelmock and Andrew Wbeelsoi:
>
>
>
> Mischa and Andrew also claim to have found about 30 0day
> vulnerabilities
> in Firefox. The article mention that the vulnerabilities from the
> presentation are specific to Firefox's implementation of
> Javascript and
> hints that they are stack overflows. On the other hand, the recent
> security-related Mozilla commits following the presentation deal with
> improper validation of scope chain lookups in jsxml.c, jsinterp.c and
> jsiter.c, which could allow injecting content into the Chrome
> context.
> We'll probably see a security release of Firefox in the next
> week, but
> in the mean time I have put a couple of links to the code diff's that
> fix these vulnerabilities at
>
>
>
>
> --
> Thor Larholm
>
>
>
> ------------------------------
>
> Message: 11
> Date: Sun, 01 Oct 2006 18:10:11 -0400
> From: Deral Heiland <dh@xxxxxxxxxxxxxxxxxx>
> Subject: [Full-disclosure] Layered Defense Advisory: TrendMicro
> OfficesScan Corporate Edition Format String Vulnerability
> To: ull-disclosure@xxxxxxxxxxxxxxxxx
> Message-ID: <7.0.1.0.0.20061001180650.021ff140@xxxxxxxxxxxxx>
> Content-Type: text/plain; charset="us-ascii"; format=flowed
>
> ==================================================
> Layered Defense Research Advisory 1 October 2006
> ==================================================
> 1) Affected Software
> TrendMicro OfficeScan Corporate Edition 7.3
> ==================================================
> 2) Severity
> Rating: Medium risk
> Impact: Execution of arbitrary code, potential remote exploit, and
> denial of service.
> ==================================================
> 3) Description of Vulnerability
> A format string vulnerability was discovered within Trendmicro
> OfficeScan Corporate Edition 7.3. The vulnerability is due to
> improper processing of format strings within OfficeScan Management
> consoles ActiveX Control "ATXCONSOLE.OCX". Specially crafted format
> string passed back to the Management consoles Remote Client Install
> name search would allow access to the process stack. If successfully
> exploited, this could allow the user to execute code of the attackers
> choice on the system running the ActiveX management Console.
> ==================================================
> 4) Solution
> The solutions to fix this vulnerability is addressed by OfficeScan
> Corporate Edition 7.3 Patch 1
>
> ==================================================
> 5) Time Table
> 06/27/2006 -- Reported Vulnerability to Vendor.
> 06/30/2006 -- Vendor supplied hot fix to Layered Defense for testing.
> 09/21/2006 -- Vendor releases fix in Patch 1 to public.
> ==================================================
> 6) Credits
> Discovered by Deral Heiland, www.LayeredDefense.com
> ==================================================
> 7) About Layered Defense Research
> Layered Defense Research, Is a group of security professionals that
> work together on ethical Research, Testing and Training within the
> information security arena.
>
> ==================================================
>
>
