Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-09-02 | CVE-2011-3134 | Unspecified vulnerability in Tibco Spotfire Analytics Server and Spotfire Server Unspecified vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL. | 7.5 |
| 2011-09-02 | CVE-2011-3133 | Unspecified vulnerability in Tibco Spotfire Analytics Server and Spotfire Server Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to hijack web sessions via unspecified vectors. network tibco | 4.3 |
| 2011-09-02 | CVE-2011-3132 | Cross-Site Scripting vulnerability in Tibco Spotfire Analytics Server and Spotfire Server Cross-site scripting (XSS) vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-09-02 | CVE-2011-2903 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Rhythm Tcptrack Heap-based buffer overflow in tcptrack before 1.4.2 might allow attackers to execute arbitrary code via a long command line argument. | 6.8 |
| 2011-09-02 | CVE-2011-2763 | Improper Input Validation vulnerability in Lifesize Room Appliance Software 4.7.18/Lsrm13.5.3 The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and 4.7.18 allows remote attackers to execute arbitrary commands via a modified request to the LSRoom_Remoting.doCommand function in gateway.php. | 7.5 |
| 2011-09-02 | CVE-2011-2762 | Improper Authentication vulnerability in Lifesize Room Appliance Software Lsrm13.5.3 The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) allows remote attackers to bypass authentication via unspecified data associated with a "true" authentication status, related to AMF data and the LSRoom_Remoting.authenticate function in gateway.php. | 5.0 |
| 2011-09-02 | CVE-2011-2594 | Buffer Errors vulnerability in Kmplayer 3.0.0.1441 Heap-based buffer overflow in KMPlayer 3.0.0.1441, and possibly other versions, allows remote attackers to execute arbitrary code via a playlist (.KPL) file with a long Title field. | 9.3 |
| 2011-09-02 | CVE-2011-1944 | Numeric Errors vulnerability in Xmlsoft Libxml and Libxml2 Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions. | 9.3 |
| 2011-09-02 | CVE-2011-0342 | Buffer Errors vulnerability in Indusoft web Studio 7.0B2 Multiple buffer overflows in the InduSoft ISSymbol ActiveX control in ISSymbol.ocx 301.1104.601.0 in InduSoft Web Studio 7.0B2 hotfix 7.0.01.04 allow remote attackers to execute arbitrary code via a long parameter to the (1) Open, (2) Close, or (3) SetCurrentLanguage method. | 10.0 |
| 2011-08-31 | CVE-2011-2899 | Improper Input Validation vulnerability in Redhat System-Config-Printer pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the (1) NetBIOS or (2) workgroup name, which are not properly handled when searching for network printers. | 5.1 |