Weekly Vulnerabilities Reports > December 24 to 30, 2007

Overview

78 new vulnerabilities reported during this period, including 7 critical vulnerabilities and 33 high severity vulnerabilities. This weekly summary report vulnerabilities in 65 products from 57 vendors including Runcms, Opera, IBM, SUN, and HP. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Code Injection", and "Path Traversal".

  • 75 reported vulnerabilities are remotely exploitables.
  • 37 reported vulnerabilities have public exploit available.
  • 42 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 77 reported vulnerabilities are exploitable by an anonymous user.
  • Runcms has the most reported vulnerabilities, with 6 reported vulnerabilities.
  • IBM has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

7 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2007-12-28 CVE-2007-6563 Winace Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Winace

Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly other versions before 2.69, allows user-assisted remote attackers to execute arbitrary code via a long filename in a compressed UUE archive.

10.0
2007-12-27 CVE-2007-6529 Tiki Remote Security vulnerability in TikiWiki

Multiple unspecified vulnerabilities in TikiWiki before 1.9.9 have unknown impact and attack vectors involving (1) tiki-edit_css.php, (2) tiki-list_games.php, or (3) tiki-g-admin_shared_source.php.

10.0
2007-12-27 CVE-2007-6525 IBM Scripting vulnerability in IBM DB2 Content Manager Toolkit 8.3

Unspecified vulnerability in eClient in IBM DB2 Content Manager (CM) Toolkit 8.3 before fix pack 7 for z/OS has unknown impact and attack vectors, related to "scripting."

10.0
2007-12-24 CVE-2007-6521 Opera Cryptographic Issues vulnerability in Opera Browser

Unspecified vulnerability in Opera before 9.25 allows remote attackers to execute arbitrary code via crafted TLS certificates.

10.0
2007-12-28 CVE-2007-6555 Phil Taylor Code Injection vulnerability in Phil Taylor Mosdirectory 2.3.2

PHP remote file inclusion vulnerability in modules/mod_pxt_latest.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter.

9.3
2007-12-27 CVE-2007-6530 Groove
HP
Persits
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function.

9.3
2007-12-27 CVE-2007-4474 IBM Buffer Errors vulnerability in IBM Domino web Access and Lotus Domino web Access

Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1.

9.3

33 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2007-12-28 CVE-2007-6593 IBM Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Notes

Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909.

8.8
2007-12-28 CVE-2007-6573 Qksoft Improper Input Validation vulnerability in Qksoft QK Smtp Server 3

QK SMTP Server 3 allows remote attackers to cause a denial of service (daemon crash) via a long (1) HELO, (2) MAIL FROM, or (3) RCPT TO command; or (4) a long string in the message sent after the DATA command; possibly a related issue to CVE-2006-5551.

7.8
2007-12-24 CVE-2007-6524 Opera Information Exposure vulnerability in Opera Browser

Opera before 9.25 allows remote attackers to obtain potentially sensitive memory contents via a crafted bitmap (BMP) file, as demonstrated using a CANVAS element and JavaScript in an HTML document for copying these contents from 9.50 beta, a related issue to CVE-2008-0420.

7.8
2007-12-24 CVE-2007-6523 Opera Resource Management Errors vulnerability in Opera Browser

Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service (CPU consumption) via a crafted bitmap (BMP) file that triggers a large number of calculations and checks.

7.8
2007-12-24 CVE-2007-6419 HP Remote Denial Of Service vulnerability in HP Hp-Ux 11.11/11.23/11.31

Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.

7.8
2007-12-28 CVE-2007-6587 Plogger SQL Injection vulnerability in Plogger 1.0

SQL injection vulnerability in plog-rss.php in Plogger 1.0 Beta 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2007-12-28 CVE-2007-6586 Niclor SQL Injection vulnerability in Niclor 160406

SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a sezione page action to index.php.

7.5
2007-12-28 CVE-2007-6583 1024 CMS SQL Injection vulnerability in 1024 CMS 1024 CMS 1.3.1

SQL injection vulnerability in admin/ops/findip/ajax/search.php in 1024 CMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via the ip parameter.

7.5
2007-12-28 CVE-2007-6580 Wallpaper SQL Injection vulnerability in Wallpaper Complete Website 1.0.09

Multiple SQL injection vulnerabilities in Wallpaper Site 1.0.09 allow remote attackers to execute arbitrary SQL commands via (1) the catid parameter to category.php or (2) the groupid parameter to editadgroup.php.

7.5
2007-12-28 CVE-2007-6579 IP REG SQL Injection vulnerability in IP REG IP REG 0.3

Multiple SQL injection vulnerabilities in Ip Reg 0.3 allow remote attackers to execute arbitrary SQL commands via the vlan_id parameter to (1) vlanview.php, (2) vlanedit.php, and (3) vlandel.php; the (4) assetclassgroup_id parameter to assetclassgroupview.php; the (5) subnet_id parameter to nodelist.php; and unspecified other vectors.

7.5
2007-12-28 CVE-2007-6578 Zeak NET SQL Injection vulnerability in Zeak.Net PHP Zlink 0.3

SQL injection vulnerability in go.php in PHP ZLink 0.3 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2007-12-28 CVE-2007-6577 Zsuite SQL Injection vulnerability in Zsuite Zblog 1.2

Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action.

7.5
2007-12-28 CVE-2007-6576 Adultscript SQL Injection vulnerability in Adultscript

Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php.

7.5
2007-12-28 CVE-2007-6575 Brand039 SQL Injection vulnerability in Brand039 Mmslamp 1.0

SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action.

7.5
2007-12-28 CVE-2007-6568 Xzero Scripts Code Injection vulnerability in Xzero Scripts Xzero Community Classifieds

PHP remote file inclusion vulnerability in config.inc.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter.

7.5
2007-12-28 CVE-2007-6566 Xzero Scripts SQL Injection vulnerability in Xzero Scripts Xzero Community Classifieds 4.95.11

SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatid parameter to index.php.

7.5
2007-12-28 CVE-2007-6565 Blakord SQL Injection vulnerability in Blakord Portal

Multiple SQL injection vulnerabilities in Blakord Portal 1.3.A Beta and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to an arbitrary component.

7.5
2007-12-28 CVE-2007-6559 Logaholic SQL Injection vulnerability in Logaholic 0

Multiple SQL injection vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to execute arbitrary SQL commands via (1) the from parameter to index.php or (2) the page parameter to update.php.

7.5
2007-12-28 CVE-2007-6557 Megacheatz SQL Injection vulnerability in Megacheatz 1.1

Multiple SQL injection vulnerabilities in MeGaCheatZ 1.1 allow remote attackers to execute arbitrary SQL commands via the ItemID parameter to (1) comments.php, (2) view.php, (3) siteadmin/ViewItem.php, and unspecified other vectors.

7.5
2007-12-28 CVE-2007-6556 Websihirbazi SQL Injection vulnerability in Websihirbazi 5.1.1

Multiple SQL injection vulnerabilities in websihirbazi 5.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to default.asp in a news page action or (2) the pageid parameter to default.asp.

7.5
2007-12-28 CVE-2007-6554 George Lewe Path Traversal vulnerability in George Lewe Teamcal PRO

Multiple directory traversal vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to include and execute arbitrary local files via a ..

7.5
2007-12-28 CVE-2007-6551 Mailmachinepro SQL Injection vulnerability in Mailmachinepro Mailmachine PRO

SQL injection vulnerability in showMsg.php in MailMachine Pro 2.2.4, and other versions before 2.2.6, allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2007-12-28 CVE-2007-6550 Pmos Helpdesk Code Injection vulnerability in Pmos Helpdesk Pmos Helpdesk

form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter.

7.5
2007-12-28 CVE-2007-6549 Runcms Remote Security vulnerability in RunCMS

Unspecified vulnerability in RunCMS before 1.6.1 has unknown impact and attack vectors, related to "pagetype using."

7.5
2007-12-28 CVE-2007-6548 Runcms Code Injection vulnerability in Runcms

Multiple direct static code injection vulnerabilities in RunCMS before 1.6.1 allow remote authenticated administrators to inject arbitrary PHP code via the (1) header and (2) footer parameters to modules/system/admin.php in a meta-generator action, (3) the disclaimer parameter to modules/system/admin.php in a disclaimer action, (4) the disclaimer parameter to modules/mydownloads/admin/index.php in a mydownloadsConfigAdmin action, (5) the disclaimer parameter to modules/newbb_plus/admin/forum_config.php, (6) the disclaimer parameter to modules/mylinks/admin/index.php in a myLinksConfigAdmin action, or (7) the intro parameter to modules/sections/admin/index.php in a secconfig action, which inject PHP sequences into (a) sections/cache/intro.php, (b) mylinks/cache/disclaimer.php, (c) mydownloads/cache/disclaimer.php, (d) newbb_plus/cache/disclaimer.php, (e) system/cache/disclaimer.php, (f) system/cache/footer.php, (g) system/cache/header.php, or (h) system/cache/maintenance.php in modules/.

7.5
2007-12-28 CVE-2007-6544 Runcms SQL Injection vulnerability in Runcms 1.6

Multiple SQL injection vulnerabilities in RunCMS before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the lid parameter to (1) brokenfile.php, (2) visit.php, or (3) ratefile.php in modules/mydownloads/; or (4) ratelink.php, (5) modlink.php, or (6) brokenlink.php in modules/mylinks/.

7.5
2007-12-28 CVE-2007-6543 Esyndicat SQL Injection vulnerability in Esyndicat Link Exchange

SQL injection vulnerability in suggest-link.php in eSyndiCat Link Exchange Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2007-12-27 CVE-2007-6542 Agares Media Code Injection vulnerability in Agares Media Arcadem

PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter.

7.5
2007-12-27 CVE-2007-6540 Neuron SQL Injection vulnerability in Neuron News 1.0

SQL injection vulnerability in neuron news 1.0 allows remote attackers to execute arbitrary SQL commands via the q parameter to the default URI in patch/.

7.5
2007-12-27 CVE-2007-6538 Mrbs
Moodle
SQL Injection vulnerability in Mrbs 1.2.3/1.2.5

SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2007-12-27 CVE-2007-6533 Inmatrix Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Inmatrix Zoom Player 5/6.00Beta2

Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-assisted remote attackers to execute arbitrary code via an HTTP link to a PLS file in a crafted ZPL file, which causes an overflow in Unicode handling when generating an error message.

7.5
2007-12-24 CVE-2007-6518 Woltlab SQL Injection vulnerability in Woltlab Burning Board Lite 1.0.2/1.0.2Pl3E

Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3) sortorder parameters.

7.5
2007-12-24 CVE-2007-6517 Aeries SQL Injection vulnerability in Aeries Browser Interface 3.7.9.17

SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter.

7.5

38 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2007-12-28 CVE-2007-6594 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Lotus Notes

IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is created by setup.sh, which allows local users to gain privileges via a Trojan horse file.

6.9
2007-12-28 CVE-2007-6585 Nmnnewsletter Code Injection vulnerability in Nmnnewsletter 1.0.7

PHP remote file inclusion vulnerability in confirmUnsubscription.php in NmnNewsletter 1.0.7 allows remote attackers to execute arbitrary PHP code via a URL in the output parameter.

6.8
2007-12-28 CVE-2007-6553 George Lewe Code Injection vulnerability in George Lewe Teamcal PRO

Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandler.class.php, (5) functions.tcpro.php, (6) header.html.inc.php, (7) joomlajack.tcpro.php, (8) menu.inc.php, (9) other.inc.php, (10) tcabsence.class.php, (11) tcabsencegroup.class.php, (12) tcallowance.class.php, (13) tcannouncement.class.php, (14) tcconfig.class.php, (15) tcdaynote.class.php, (16) tcgroup.class.php, (17) tcholiday.class.php, (18) tclogin.class.php, (19) tcmonth.class.php, (20) tctemplate.class.php, (21) tcusergroup.class.php, or (22) tcuseroption.class.php in includes/, possibly a related issue to CVE-2006-4845.

6.8
2007-12-28 CVE-2007-6547 Runcms Input Validation vulnerability in RunCMS

RunCMS before 1.6.1 does not require entry of the old password during a password change, which allows context-dependent attackers to change passwords upon obtaining temporary access to a session.

6.8
2007-12-27 CVE-2007-6539 Idevspot Code Injection vulnerability in Idevspot Isupport 1.8

PHP local file inclusion vulnerability in index.php in IDevspot iSupport 1.8 allows remote attackers to include local files via the include_file parameter.

6.8
2007-12-27 CVE-2007-6537 Winuae Buffer Errors vulnerability in Winuae 1.4.4

Stack-based buffer overflow in the zfile_gunzip function in zfile.c in WinUAE 1.4.4 and earlier allows user-assisted remote attackers to execute arbitrary code via a long filename in a gzipped archive, such as a (1) gz, (2) adz, (3) roz, or (4) hdz archive in a compressed floppy disk image.

6.8
2007-12-27 CVE-2007-6536 Google Information Exposure vulnerability in Google Toolbar 4/5

The Custom Button Installer dialog in Google Toolbar 4 and 5 beta presents certain domain names in the (1) "Downloaded from" and (2) "Privacy considerations" sections without verifying domain names, which makes it easier for remote attackers to spoof domain names and trick users into installing malicious button XML files, as demonstrated by presenting www.google.com when the button was downloaded from an arbitrary site through an open redirector on www.google.com.

6.8
2007-12-27 CVE-2007-6535 Yahoo Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Yahoo Toolbar

Buffer overflow in the YShortcut ActiveX control in YShortcut.dll 2006.8.15.1 in Yahoo! Toolbar might allow attackers to execute arbitrary code via a long string to the IsTaggedBM method.

6.8
2007-12-27 CVE-2007-6534 Microsoft Improper Input Validation vulnerability in Microsoft Publisher

Multiple unspecified vulnerabilities in Microsoft Office Publisher allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted PUB file, possibly involving wordart.

6.8
2007-12-28 CVE-2007-6584 1024 CMS Path Traversal vulnerability in 1024 CMS 1024 CMS 1.3.1/1.4.1/1.4.2

Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and execute arbitrary local files via a ..

6.4
2007-12-28 CVE-2007-6582 C97Net Path Traversal vulnerability in C97Net Mblog 1.2

Directory traversal vulnerability in index.php in mBlog 1.2 allows remote attackers to read arbitrary files via a ..

6.4
2007-12-28 CVE-2007-6581 Social Engine Path Traversal vulnerability in Social Engine Social Engine 2.0

Multiple directory traversal vulnerabilities in Social Engine 2.0 allow remote attackers to include and execute arbitrary local files via a ..

6.4
2007-12-28 CVE-2007-6567 Xzero Scripts Path Traversal vulnerability in Xzero Scripts Xzero Community Classifieds

Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a ..

6.4
2007-12-28 CVE-2007-6546 Runcms Input Validation vulnerability in RunCMS

RunCMS before 1.6.1 uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id.

6.4
2007-12-27 CVE-2007-5342 Apache Permissions, Privileges, and Access Controls vulnerability in Apache Tomcat

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler.

6.4
2007-12-28 CVE-2007-6552 Auracms Path Traversal vulnerability in Auracms 2.2

Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a ..

6.0
2007-12-27 CVE-2007-6527 Rickard Andersson Improper Input Validation vulnerability in Rickard Andersson Punbb 1.3.3

uploadimg.php in the Automatic Image Upload with Thumbnails (imgUpload) module 1.3.2 for PunBB only verifies the Content-type field of uploaded files, which allows remote attackers to upload and execute arbitrary content via a file with a (1) JPG, (2) GIF, or (3) PNG MIME type.

5.8
2007-12-28 CVE-2007-6561 Pdflib Buffer Errors vulnerability in Pdflib 7.0.2

Multiple stack-based buffer overflows in PDFLib allow user-assisted remote attackers to execute arbitrary code via a long filename argument to the PDF_load_image function that results in an overflow in the pdc_fsearch_fopen function, and possibly other vectors.

5.7
2007-12-28 CVE-2007-6562 Tcpreen Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Tcpreen

Multiple stack-based buffer overflows in the use of FD_SET in TCPreen before 1.4.4 allow remote attackers to cause a denial of service via multiple concurrent connections, which result in overflows in the (1) SocketAddress::Connect function in libsolve/sockprot.cpp and (2) monitor_bridge function in src/bridge.cpp.

5.0
2007-12-27 CVE-2007-6528 Tiki Path Traversal vulnerability in Tiki Tikiwiki Cms/Groupware

Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote attackers to read arbitrary files via a ..

5.0
2007-12-24 CVE-2007-6519 HP Local Denial Of Service vulnerability in HP Tru64 5.1B3/5.1B4

Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors.

4.9
2007-12-28 CVE-2007-6592 Apple Remote Security vulnerability in Apple Safari 2

Apple Safari 2, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.

4.3
2007-12-28 CVE-2007-6591 KDE Remote Security vulnerability in KDE Konqueror 3.5.5/3.95.00

KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSName fields, even though these fields cannot be examined in the product, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.

4.3
2007-12-28 CVE-2007-6589 Mozilla Cross-Site Scripting vulnerability in Mozilla Firefox and Seamonkey

The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 does not update the origin domain when retrieving the inner URL parameter yields an HTTP redirect, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a jar: URI, a different vulnerability than CVE-2007-5947.

4.3
2007-12-28 CVE-2007-6588 Phpcredo Cross-Site Scripting vulnerability in PHPcredo Phcdownload 1.10

Cross-site scripting (XSS) vulnerability in PHCDownload 1.10 allows remote attackers to inject arbitrary web script or HTML via the username field in an unspecified component.

4.3
2007-12-28 CVE-2007-6574 Dokeos Cross-Site Scripting vulnerability in Dokeos products

Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the origin parameter to work/work.php in a display_upload_form action, or the forum parameter to (2) forum/viewforum.php or (3) forum/viewthread.php.

4.3
2007-12-28 CVE-2007-6572 SUN Cross-Site Scripting vulnerability in SUN products

Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204.

4.3
2007-12-28 CVE-2007-6571 SUN Cross-Site Scripting vulnerability in SUN products

Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6611356.

4.3
2007-12-28 CVE-2007-6570 SUN Cross-Site Scripting vulnerability in SUN products

Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309.

4.3
2007-12-28 CVE-2007-6569 SUN Cross-Site Scripting vulnerability in SUN products

Cross-site scripting (XSS) vulnerability in the View Error Log functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566246.

4.3
2007-12-28 CVE-2007-6564 Limbo CMS Cross-Site Scripting vulnerability in Limbo CMS Limbo CMS 1.0.4.2

Cross-site scripting (XSS) vulnerability in admin.php in Limbo CMS 1.0.4.2 allows remote attackers to inject arbitrary web script or HTML via the com_option parameter.

4.3
2007-12-28 CVE-2007-6560 Logaholic Cross-Site Scripting vulnerability in Logaholic 0

Multiple cross-site scripting (XSS) vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to inject arbitrary web script or HTML via (1) the newconfname parameter to profiles.php or (2) the conf parameter to index.php.

4.3
2007-12-28 CVE-2007-6558 Totalplayer Improper Input Validation vulnerability in Totalplayer 3.0

TotalPlayer 3.0 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .m3u file.

4.3
2007-12-28 CVE-2007-6545 Runcms Cross-Site Scripting vulnerability in Runcms

Multiple cross-site scripting (XSS) vulnerabilities in RunCMS before 1.6.1 allow remote attackers to inject arbitrary web script or HTML via (1) the subject parameter to modules/news/submit.php; (2) the PATH_INFO to modules/news/index.php, possibly related to the XoopsPageNav class; or (3) an avatar image to edituser.php.

4.3
2007-12-27 CVE-2007-6541 Neuron News Cross-Site Scripting vulnerability in Neuron News Neuron News 1.0

Multiple cross-site scripting (XSS) vulnerabilities in neuron news 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the topic parameter in a viewtopic action, or the (2) newsyear or (3) newsmonth parameter in a newsarchive action to the default URI in patch/.

4.3
2007-12-27 CVE-2007-6526 Tiki Cross-Site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware

Cross-site scripting (XSS) vulnerability in tiki-special_chars.php in TikiWiki before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via the area_name parameter.

4.3
2007-12-24 CVE-2007-6522 Opera Cross-Site Scripting vulnerability in Opera Browser

The rich text editing functionality in Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks by using designMode to modify contents of pages in other domains.

4.3
2007-12-24 CVE-2007-6520 Opera Cross-Site Scripting vulnerability in Opera Browser

Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks via unknown vectors related to plug-ins.

4.3

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS