Weekly Vulnerabilities Reports > December 24 to 30, 2007
Overview
77 new vulnerabilities reported during this period, including 7 critical vulnerabilities and 33 high severity vulnerabilities. This weekly summary report vulnerabilities in 64 products from 56 vendors including Runcms, Opera, IBM, SUN, and HP. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Code Injection", and "Path Traversal".
- 74 reported vulnerabilities are remotely exploitables.
- 37 reported vulnerabilities have public exploit available.
- 42 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 76 reported vulnerabilities are exploitable by an anonymous user.
- Runcms has the most reported vulnerabilities, with 6 reported vulnerabilities.
- IBM has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
7 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2007-12-28 | CVE-2007-6563 | Winace | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Winace Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly other versions before 2.69, allows user-assisted remote attackers to execute arbitrary code via a long filename in a compressed UUE archive. | 10.0 |
2007-12-27 | CVE-2007-6529 | Tiki | Remote Security vulnerability in TikiWiki Multiple unspecified vulnerabilities in TikiWiki before 1.9.9 have unknown impact and attack vectors involving (1) tiki-edit_css.php, (2) tiki-list_games.php, or (3) tiki-g-admin_shared_source.php. | 10.0 |
2007-12-27 | CVE-2007-6525 | IBM | Scripting vulnerability in IBM DB2 Content Manager Toolkit 8.3 Unspecified vulnerability in eClient in IBM DB2 Content Manager (CM) Toolkit 8.3 before fix pack 7 for z/OS has unknown impact and attack vectors, related to "scripting." | 10.0 |
2007-12-24 | CVE-2007-6521 | Opera | Cryptographic Issues vulnerability in Opera Browser Unspecified vulnerability in Opera before 9.25 allows remote attackers to execute arbitrary code via crafted TLS certificates. | 10.0 |
2007-12-28 | CVE-2007-6555 | Phil Taylor | Code Injection vulnerability in Phil Taylor Mosdirectory 2.3.2 PHP remote file inclusion vulnerability in modules/mod_pxt_latest.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter. | 9.3 |
2007-12-27 | CVE-2007-6530 | Groove HP Persits | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function. | 9.3 |
2007-12-27 | CVE-2007-4474 | IBM | Buffer Errors vulnerability in IBM Domino web Access and Lotus Domino web Access Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1. | 9.3 |
33 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2007-12-28 | CVE-2007-6593 | IBM | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Notes Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909. | 8.8 |
2007-12-28 | CVE-2007-6573 | Qksoft | Improper Input Validation vulnerability in Qksoft QK Smtp Server 3 QK SMTP Server 3 allows remote attackers to cause a denial of service (daemon crash) via a long (1) HELO, (2) MAIL FROM, or (3) RCPT TO command; or (4) a long string in the message sent after the DATA command; possibly a related issue to CVE-2006-5551. | 7.8 |
2007-12-24 | CVE-2007-6524 | Opera | Information Exposure vulnerability in Opera Browser Opera before 9.25 allows remote attackers to obtain potentially sensitive memory contents via a crafted bitmap (BMP) file, as demonstrated using a CANVAS element and JavaScript in an HTML document for copying these contents from 9.50 beta, a related issue to CVE-2008-0420. | 7.8 |
2007-12-24 | CVE-2007-6523 | Opera | Resource Management Errors vulnerability in Opera Browser Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service (CPU consumption) via a crafted bitmap (BMP) file that triggers a large number of calculations and checks. | 7.8 |
2007-12-24 | CVE-2007-6419 | HP | Remote Denial Of Service vulnerability in HP Hp-Ux 11.11/11.23/11.31 Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | 7.8 |
2007-12-28 | CVE-2007-6587 | Plogger | SQL Injection vulnerability in Plogger 1.0 SQL injection vulnerability in plog-rss.php in Plogger 1.0 Beta 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2007-12-28 | CVE-2007-6586 | Niclor | SQL Injection vulnerability in Niclor 160406 SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a sezione page action to index.php. | 7.5 |
2007-12-28 | CVE-2007-6583 | 1024 CMS | SQL Injection vulnerability in 1024 CMS 1024 CMS 1.3.1 SQL injection vulnerability in admin/ops/findip/ajax/search.php in 1024 CMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via the ip parameter. | 7.5 |
2007-12-28 | CVE-2007-6580 | Wallpaper | SQL Injection vulnerability in Wallpaper Complete Website 1.0.09 Multiple SQL injection vulnerabilities in Wallpaper Site 1.0.09 allow remote attackers to execute arbitrary SQL commands via (1) the catid parameter to category.php or (2) the groupid parameter to editadgroup.php. | 7.5 |
2007-12-28 | CVE-2007-6579 | IP REG | SQL Injection vulnerability in IP REG IP REG 0.3 Multiple SQL injection vulnerabilities in Ip Reg 0.3 allow remote attackers to execute arbitrary SQL commands via the vlan_id parameter to (1) vlanview.php, (2) vlanedit.php, and (3) vlandel.php; the (4) assetclassgroup_id parameter to assetclassgroupview.php; the (5) subnet_id parameter to nodelist.php; and unspecified other vectors. | 7.5 |
2007-12-28 | CVE-2007-6578 | Zeak NET | SQL Injection vulnerability in Zeak.Net PHP Zlink 0.3 SQL injection vulnerability in go.php in PHP ZLink 0.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2007-12-28 | CVE-2007-6577 | Zsuite | SQL Injection vulnerability in Zsuite Zblog 1.2 Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action. | 7.5 |
2007-12-28 | CVE-2007-6576 | Adultscript | SQL Injection vulnerability in Adultscript Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php. | 7.5 |
2007-12-28 | CVE-2007-6575 | Brand039 | SQL Injection vulnerability in Brand039 Mmslamp 1.0 SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action. | 7.5 |
2007-12-28 | CVE-2007-6568 | Xzero Scripts | Code Injection vulnerability in Xzero Scripts Xzero Community Classifieds PHP remote file inclusion vulnerability in config.inc.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter. | 7.5 |
2007-12-28 | CVE-2007-6566 | Xzero Scripts | SQL Injection vulnerability in Xzero Scripts Xzero Community Classifieds 4.95.11 SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatid parameter to index.php. | 7.5 |
2007-12-28 | CVE-2007-6565 | Blakord | SQL Injection vulnerability in Blakord Portal Multiple SQL injection vulnerabilities in Blakord Portal 1.3.A Beta and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to an arbitrary component. | 7.5 |
2007-12-28 | CVE-2007-6559 | Logaholic | SQL Injection vulnerability in Logaholic 0 Multiple SQL injection vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to execute arbitrary SQL commands via (1) the from parameter to index.php or (2) the page parameter to update.php. | 7.5 |
2007-12-28 | CVE-2007-6557 | Megacheatz | SQL Injection vulnerability in Megacheatz 1.1 Multiple SQL injection vulnerabilities in MeGaCheatZ 1.1 allow remote attackers to execute arbitrary SQL commands via the ItemID parameter to (1) comments.php, (2) view.php, (3) siteadmin/ViewItem.php, and unspecified other vectors. | 7.5 |
2007-12-28 | CVE-2007-6556 | Websihirbazi | SQL Injection vulnerability in Websihirbazi 5.1.1 Multiple SQL injection vulnerabilities in websihirbazi 5.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to default.asp in a news page action or (2) the pageid parameter to default.asp. | 7.5 |
2007-12-28 | CVE-2007-6554 | George Lewe | Path Traversal vulnerability in George Lewe Teamcal PRO Multiple directory traversal vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2007-12-28 | CVE-2007-6551 | Mailmachinepro | SQL Injection vulnerability in Mailmachinepro Mailmachine PRO SQL injection vulnerability in showMsg.php in MailMachine Pro 2.2.4, and other versions before 2.2.6, allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2007-12-28 | CVE-2007-6550 | Pmos Helpdesk | Code Injection vulnerability in Pmos Helpdesk Pmos Helpdesk form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter. | 7.5 |
2007-12-28 | CVE-2007-6549 | Runcms | Remote Security vulnerability in RunCMS Unspecified vulnerability in RunCMS before 1.6.1 has unknown impact and attack vectors, related to "pagetype using." | 7.5 |
2007-12-28 | CVE-2007-6548 | Runcms | Code Injection vulnerability in Runcms Multiple direct static code injection vulnerabilities in RunCMS before 1.6.1 allow remote authenticated administrators to inject arbitrary PHP code via the (1) header and (2) footer parameters to modules/system/admin.php in a meta-generator action, (3) the disclaimer parameter to modules/system/admin.php in a disclaimer action, (4) the disclaimer parameter to modules/mydownloads/admin/index.php in a mydownloadsConfigAdmin action, (5) the disclaimer parameter to modules/newbb_plus/admin/forum_config.php, (6) the disclaimer parameter to modules/mylinks/admin/index.php in a myLinksConfigAdmin action, or (7) the intro parameter to modules/sections/admin/index.php in a secconfig action, which inject PHP sequences into (a) sections/cache/intro.php, (b) mylinks/cache/disclaimer.php, (c) mydownloads/cache/disclaimer.php, (d) newbb_plus/cache/disclaimer.php, (e) system/cache/disclaimer.php, (f) system/cache/footer.php, (g) system/cache/header.php, or (h) system/cache/maintenance.php in modules/. | 7.5 |
2007-12-28 | CVE-2007-6544 | Runcms | SQL Injection vulnerability in Runcms 1.6 Multiple SQL injection vulnerabilities in RunCMS before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the lid parameter to (1) brokenfile.php, (2) visit.php, or (3) ratefile.php in modules/mydownloads/; or (4) ratelink.php, (5) modlink.php, or (6) brokenlink.php in modules/mylinks/. | 7.5 |
2007-12-28 | CVE-2007-6543 | Esyndicat | SQL Injection vulnerability in Esyndicat Link Exchange SQL injection vulnerability in suggest-link.php in eSyndiCat Link Exchange Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2007-12-27 | CVE-2007-6542 | Agares Media | Code Injection vulnerability in Agares Media Arcadem PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter. | 7.5 |
2007-12-27 | CVE-2007-6540 | Neuron | SQL Injection vulnerability in Neuron News 1.0 SQL injection vulnerability in neuron news 1.0 allows remote attackers to execute arbitrary SQL commands via the q parameter to the default URI in patch/. | 7.5 |
2007-12-27 | CVE-2007-6538 | Mrbs Moodle | SQL Injection vulnerability in Mrbs 1.2.3/1.2.5 SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2007-12-27 | CVE-2007-6533 | Inmatrix | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Inmatrix Zoom Player 5/6.00Beta2 Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-assisted remote attackers to execute arbitrary code via an HTTP link to a PLS file in a crafted ZPL file, which causes an overflow in Unicode handling when generating an error message. | 7.5 |
2007-12-24 | CVE-2007-6518 | Woltlab | SQL Injection vulnerability in Woltlab Burning Board Lite 1.0.2/1.0.2Pl3E Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3) sortorder parameters. | 7.5 |
2007-12-24 | CVE-2007-6517 | Aeries | SQL Injection vulnerability in Aeries Browser Interface 3.7.9.17 SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. | 7.5 |
37 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2007-12-28 | CVE-2007-6594 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Lotus Notes IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is created by setup.sh, which allows local users to gain privileges via a Trojan horse file. | 6.9 |
2007-12-28 | CVE-2007-6585 | Nmnnewsletter | Code Injection vulnerability in Nmnnewsletter 1.0.7 PHP remote file inclusion vulnerability in confirmUnsubscription.php in NmnNewsletter 1.0.7 allows remote attackers to execute arbitrary PHP code via a URL in the output parameter. | 6.8 |
2007-12-28 | CVE-2007-6553 | George Lewe | Code Injection vulnerability in George Lewe Teamcal PRO Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandler.class.php, (5) functions.tcpro.php, (6) header.html.inc.php, (7) joomlajack.tcpro.php, (8) menu.inc.php, (9) other.inc.php, (10) tcabsence.class.php, (11) tcabsencegroup.class.php, (12) tcallowance.class.php, (13) tcannouncement.class.php, (14) tcconfig.class.php, (15) tcdaynote.class.php, (16) tcgroup.class.php, (17) tcholiday.class.php, (18) tclogin.class.php, (19) tcmonth.class.php, (20) tctemplate.class.php, (21) tcusergroup.class.php, or (22) tcuseroption.class.php in includes/, possibly a related issue to CVE-2006-4845. | 6.8 |
2007-12-28 | CVE-2007-6547 | Runcms | Input Validation vulnerability in RunCMS RunCMS before 1.6.1 does not require entry of the old password during a password change, which allows context-dependent attackers to change passwords upon obtaining temporary access to a session. | 6.8 |
2007-12-27 | CVE-2007-6539 | Idevspot | Code Injection vulnerability in Idevspot Isupport 1.8 PHP local file inclusion vulnerability in index.php in IDevspot iSupport 1.8 allows remote attackers to include local files via the include_file parameter. | 6.8 |
2007-12-27 | CVE-2007-6537 | Winuae | Buffer Errors vulnerability in Winuae 1.4.4 Stack-based buffer overflow in the zfile_gunzip function in zfile.c in WinUAE 1.4.4 and earlier allows user-assisted remote attackers to execute arbitrary code via a long filename in a gzipped archive, such as a (1) gz, (2) adz, (3) roz, or (4) hdz archive in a compressed floppy disk image. | 6.8 |
2007-12-27 | CVE-2007-6536 | Information Exposure vulnerability in Google Toolbar 4/5 The Custom Button Installer dialog in Google Toolbar 4 and 5 beta presents certain domain names in the (1) "Downloaded from" and (2) "Privacy considerations" sections without verifying domain names, which makes it easier for remote attackers to spoof domain names and trick users into installing malicious button XML files, as demonstrated by presenting www.google.com when the button was downloaded from an arbitrary site through an open redirector on www.google.com. | 6.8 | |
2007-12-27 | CVE-2007-6535 | Yahoo | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Yahoo Toolbar Buffer overflow in the YShortcut ActiveX control in YShortcut.dll 2006.8.15.1 in Yahoo! Toolbar might allow attackers to execute arbitrary code via a long string to the IsTaggedBM method. | 6.8 |
2007-12-27 | CVE-2007-6534 | Microsoft | Improper Input Validation vulnerability in Microsoft Publisher Multiple unspecified vulnerabilities in Microsoft Office Publisher allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted PUB file, possibly involving wordart. | 6.8 |
2007-12-28 | CVE-2007-6584 | 1024 CMS | Path Traversal vulnerability in 1024 CMS 1024 CMS 1.3.1/1.4.1/1.4.2 Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and execute arbitrary local files via a .. | 6.4 |
2007-12-28 | CVE-2007-6582 | C97Net | Path Traversal vulnerability in C97Net Mblog 1.2 Directory traversal vulnerability in index.php in mBlog 1.2 allows remote attackers to read arbitrary files via a .. | 6.4 |
2007-12-28 | CVE-2007-6581 | Social Engine | Path Traversal vulnerability in Social Engine Social Engine 2.0 Multiple directory traversal vulnerabilities in Social Engine 2.0 allow remote attackers to include and execute arbitrary local files via a .. | 6.4 |
2007-12-28 | CVE-2007-6567 | Xzero Scripts | Path Traversal vulnerability in Xzero Scripts Xzero Community Classifieds Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. | 6.4 |
2007-12-28 | CVE-2007-6546 | Runcms | Input Validation vulnerability in RunCMS RunCMS before 1.6.1 uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id. | 6.4 |
2007-12-28 | CVE-2007-6552 | Auracms | Path Traversal vulnerability in Auracms 2.2 Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a .. | 6.0 |
2007-12-27 | CVE-2007-6527 | Rickard Andersson | Improper Input Validation vulnerability in Rickard Andersson Punbb 1.3.3 uploadimg.php in the Automatic Image Upload with Thumbnails (imgUpload) module 1.3.2 for PunBB only verifies the Content-type field of uploaded files, which allows remote attackers to upload and execute arbitrary content via a file with a (1) JPG, (2) GIF, or (3) PNG MIME type. | 5.8 |
2007-12-28 | CVE-2007-6561 | Pdflib | Buffer Errors vulnerability in Pdflib 7.0.2 Multiple stack-based buffer overflows in PDFLib allow user-assisted remote attackers to execute arbitrary code via a long filename argument to the PDF_load_image function that results in an overflow in the pdc_fsearch_fopen function, and possibly other vectors. | 5.7 |
2007-12-28 | CVE-2007-6562 | Tcpreen | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Tcpreen Multiple stack-based buffer overflows in the use of FD_SET in TCPreen before 1.4.4 allow remote attackers to cause a denial of service via multiple concurrent connections, which result in overflows in the (1) SocketAddress::Connect function in libsolve/sockprot.cpp and (2) monitor_bridge function in src/bridge.cpp. | 5.0 |
2007-12-27 | CVE-2007-6528 | Tiki | Path Traversal vulnerability in Tiki Tikiwiki Cms/Groupware Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote attackers to read arbitrary files via a .. | 5.0 |
2007-12-24 | CVE-2007-6519 | HP | Local Denial Of Service vulnerability in HP Tru64 5.1B3/5.1B4 Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors. | 4.9 |
2007-12-28 | CVE-2007-6592 | Apple | Remote Security vulnerability in Apple Safari 2 Apple Safari 2, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site. | 4.3 |
2007-12-28 | CVE-2007-6591 | KDE | Remote Security vulnerability in KDE Konqueror 3.5.5/3.95.00 KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSName fields, even though these fields cannot be examined in the product, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site. | 4.3 |
2007-12-28 | CVE-2007-6589 | Mozilla | Cross-Site Scripting vulnerability in Mozilla Firefox and Seamonkey The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 does not update the origin domain when retrieving the inner URL parameter yields an HTTP redirect, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a jar: URI, a different vulnerability than CVE-2007-5947. | 4.3 |
2007-12-28 | CVE-2007-6588 | Phpcredo | Cross-Site Scripting vulnerability in PHPcredo Phcdownload 1.10 Cross-site scripting (XSS) vulnerability in PHCDownload 1.10 allows remote attackers to inject arbitrary web script or HTML via the username field in an unspecified component. | 4.3 |
2007-12-28 | CVE-2007-6574 | Dokeos | Cross-Site Scripting vulnerability in Dokeos products Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the origin parameter to work/work.php in a display_upload_form action, or the forum parameter to (2) forum/viewforum.php or (3) forum/viewthread.php. | 4.3 |
2007-12-28 | CVE-2007-6572 | SUN | Cross-Site Scripting vulnerability in SUN products Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204. | 4.3 |
2007-12-28 | CVE-2007-6571 | SUN | Cross-Site Scripting vulnerability in SUN products Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6611356. | 4.3 |
2007-12-28 | CVE-2007-6570 | SUN | Cross-Site Scripting vulnerability in SUN products Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309. | 4.3 |
2007-12-28 | CVE-2007-6569 | SUN | Cross-Site Scripting vulnerability in SUN products Cross-site scripting (XSS) vulnerability in the View Error Log functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566246. | 4.3 |
2007-12-28 | CVE-2007-6564 | Limbo CMS | Cross-Site Scripting vulnerability in Limbo CMS Limbo CMS 1.0.4.2 Cross-site scripting (XSS) vulnerability in admin.php in Limbo CMS 1.0.4.2 allows remote attackers to inject arbitrary web script or HTML via the com_option parameter. | 4.3 |
2007-12-28 | CVE-2007-6560 | Logaholic | Cross-Site Scripting vulnerability in Logaholic 0 Multiple cross-site scripting (XSS) vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to inject arbitrary web script or HTML via (1) the newconfname parameter to profiles.php or (2) the conf parameter to index.php. | 4.3 |
2007-12-28 | CVE-2007-6558 | Totalplayer | Improper Input Validation vulnerability in Totalplayer 3.0 TotalPlayer 3.0 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .m3u file. | 4.3 |
2007-12-28 | CVE-2007-6545 | Runcms | Cross-Site Scripting vulnerability in Runcms Multiple cross-site scripting (XSS) vulnerabilities in RunCMS before 1.6.1 allow remote attackers to inject arbitrary web script or HTML via (1) the subject parameter to modules/news/submit.php; (2) the PATH_INFO to modules/news/index.php, possibly related to the XoopsPageNav class; or (3) an avatar image to edituser.php. | 4.3 |
2007-12-27 | CVE-2007-6541 | Neuron News | Cross-Site Scripting vulnerability in Neuron News Neuron News 1.0 Multiple cross-site scripting (XSS) vulnerabilities in neuron news 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the topic parameter in a viewtopic action, or the (2) newsyear or (3) newsmonth parameter in a newsarchive action to the default URI in patch/. | 4.3 |
2007-12-27 | CVE-2007-6526 | Tiki | Cross-Site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware Cross-site scripting (XSS) vulnerability in tiki-special_chars.php in TikiWiki before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via the area_name parameter. | 4.3 |
2007-12-24 | CVE-2007-6522 | Opera | Cross-Site Scripting vulnerability in Opera Browser The rich text editing functionality in Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks by using designMode to modify contents of pages in other domains. | 4.3 |
2007-12-24 | CVE-2007-6520 | Opera | Cross-Site Scripting vulnerability in Opera Browser Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks via unknown vectors related to plug-ins. | 4.3 |
0 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|