Weekly Vulnerabilities Reports > February 18 to 24, 2008
Overview
116 new vulnerabilities reported during this period, including 8 critical vulnerabilities and 53 high severity vulnerabilities. This weekly summary report vulnerabilities in 138 products from 73 vendors including Joomla, BEA Systems, BEA, Mambo, and Oracle. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Path Traversal", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".
- 110 reported vulnerabilities are remotely exploitables.
- 40 reported vulnerabilities have public exploit available.
- 75 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 109 reported vulnerabilities are exploitable by an anonymous user.
- Joomla has the most reported vulnerabilities, with 17 reported vulnerabilities.
- Drupal has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
8 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-02-22 | CVE-2008-0912 | Sybase | Buffer Errors vulnerability in Sybase Mobilink and SQL Anywhere Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer Edition 10.0.1.3415 and probably other products, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a long (1) username, (2) version, or (3) remote ID. | 10.0 |
2008-02-21 | CVE-2008-0882 | Cups | Buffer Errors vulnerability in Cups 1.3.5 Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. | 10.0 |
2008-02-21 | CVE-2008-0860 | Kerio | Multiple Unspecified vulnerability in Kerio AVG Plugin and Kerio Mailserver Unspecified vulnerability in the AVG plugin in Kerio MailServer before 6.5.0 has unspecified impact via unknown remote attack vectors related to null DACLs. | 10.0 |
2008-02-19 | CVE-2007-6319 | Lyris | Permissions, Privileges, and Access Controls vulnerability in Lyris List Manager Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating "new accounts that collide with existing accounts." | 10.0 |
2008-02-19 | CVE-2008-0824 | Caroline | Remote Security vulnerability in Caroline Unspecified vulnerability in the php2phps function in Claroline before 1.8.9 has unknown impact and attack vectors. | 10.0 |
2008-02-19 | CVE-2008-0823 | Drupal | Improper Authentication vulnerability in Drupal Header Image 5.X1.0 Unspecified vulnerability in the Header Image Module before 5.x-1.1 for Drupal allows remote attackers to access the administration pages via unknown attack vectors. | 10.0 |
2008-02-21 | CVE-2008-0638 | Symantec | Buffer Errors vulnerability in Symantec Veritas Storage Foundation 5.0 Heap-based buffer overflow in the Veritas Enterprise Administrator (VEA) service (aka vxsvc.exe) in Symantec Veritas Storage Foundation 5.0 allows remote attackers to execute arbitrary code via a packet with a crafted value of a certain size field, which is not checked for consistency with the actual buffer size. | 9.3 |
2008-02-19 | CVE-2008-0805 | Reality | Permissions, Privileges, and Access Controls vulnerability in Reality Medias PHPizabi 0.848B Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b C1 HFP1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension from the event page, then accessing it via a direct request to the file in system/cache/pictures. | 9.3 |
53 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-02-22 | CVE-2008-0897 | BEA | Permissions, Privileges, and Access Controls vulnerability in BEA Weblogic Server Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows remote authenticated users without "receive" permissions to bypass intended access restrictions and receive messages from a standalone JMS Topic or secured Distributed Topic member destination, related to durable subscriptions. | 7.9 |
2008-02-22 | CVE-2008-0904 | BEA Systems | Information Exposure vulnerability in BEA Systems Aqualogic Interaction and Plumtree Collaboration Unspecified vulnerability in the download servlet in BEA Plumtree Collaboration 4.1 through SP2 and AquaLogic Interaction 4.2 through MP1 allows remote attackers to read arbitrary files via a crafted URL. | 7.8 |
2008-02-21 | CVE-2007-6426 | EMC | Buffer Errors vulnerability in EMC Replistor 6.2Sp2 Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data. | 7.8 |
2008-02-22 | CVE-2008-0922 | PHP Nuke | SQL Injection vulnerability in PHP-Nuke Manuales 0.1 SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php. | 7.5 |
2008-02-22 | CVE-2008-0921 | Becontent | SQL Injection vulnerability in Becontent 0.3.1 SQL injection vulnerability in news.php in beContent 0.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2008-02-22 | CVE-2008-0918 | Astats Joomla | SQL Injection vulnerability in multiple products SQL injection vulnerability in includes/count_dl_or_link.inc.php in the astatsPRO (com_astatspro) 1.0.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to getfile.php, a different vector than CVE-2008-0839. | 7.5 |
2008-02-22 | CVE-2008-0916 | Highwood Design | SQL Injection vulnerability in Highwood Design Hwdvideoshare SQL injection vulnerability in the Highwood Design hwdVideoShare (com_hwdvideoshare) 1.1.3 Alpha component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a viewcategory action to index.php. | 7.5 |
2008-02-22 | CVE-2008-0910 | F Secure | Permissions, Privileges, and Access Controls vulnerability in F-Secure products Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive. | 7.5 |
2008-02-22 | CVE-2008-0908 | Schoolwires | SQL Injection vulnerability in Schoolwires Academic Portal SQL injection vulnerability in browse.asp in Schoolwires Academic Portal allows remote attackers to execute arbitrary SQL commands via the c parameter. | 7.5 |
2008-02-22 | CVE-2008-0907 | PHP Nuke | SQL Injection vulnerability in PHP-Nuke Inhalt Module SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2008-02-22 | CVE-2008-0906 | PHP Nuke | SQL Injection vulnerability in PHP-Nuke Module Docum SQL injection vulnerability in the Docum module in PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle operation. | 7.5 |
2008-02-21 | CVE-2008-0881 | Phpnuke | SQL Injection vulnerability in PHPnuke Okul Module 1.0 SQL injection vulnerability in modules.php in the Okul 1.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the okulid parameter in an okullar action. | 7.5 |
2008-02-21 | CVE-2008-0880 | Phpnuke | SQL Injection vulnerability in PHPnuke Easycontent Module SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | 7.5 |
2008-02-21 | CVE-2008-0879 | Phpnuke | SQL Injection vulnerability in PHPnuke web Links Module SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action. | 7.5 |
2008-02-21 | CVE-2008-0878 | Runcms | SQL Injection vulnerability in Runcms Myannonces SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. | 7.5 |
2008-02-21 | CVE-2008-0874 | Xoops | SQL Injection vulnerability in Xoops Eempregos Module SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. | 7.5 |
2008-02-21 | CVE-2008-0873 | Jlmzone | SQL Injection vulnerability in Jlmzone Classifieds 1.0 SQL injection vulnerability in index.php in the jlmZone Classifieds module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in an Adsview action. | 7.5 |
2008-02-21 | CVE-2008-0870 | BEA Systems Oracle | Link Following vulnerability in multiple products BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session. | 7.5 |
2008-02-21 | CVE-2008-0858 | Kerio Visnetic | Code Injection vulnerability in multiple products Buffer overflow in the Visnetic anti-virus plugin in Kerio MailServer before 6.5.0 might allow remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
2008-02-21 | CVE-2008-0857 | Woltlab | SQL Injection vulnerability in Woltlab Burning Board 3.0.3Pl1 SQL injection vulnerability in index.php in WoltLab Burning Board 3.0.3 PL 1 allows remote attackers to execute arbitrary SQL commands via the sortOrder parameter to the PMList page. | 7.5 |
2008-02-21 | CVE-2008-0856 | E Vision | SQL Injection vulnerability in E-Vision CMS 2.02 Multiple SQL injection vulnerabilities in e-Vision CMS 2.02 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) iframe.php and (2) print.php. | 7.5 |
2008-02-21 | CVE-2008-0855 | Joomla Mambo | SQL Injection vulnerability in multiple products SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | 7.5 |
2008-02-21 | CVE-2008-0854 | Joomla Mambo | SQL Injection vulnerability in multiple products SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php. | 7.5 |
2008-02-21 | CVE-2008-0853 | Joomla Mambo | SQL Injection vulnerability in multiple products SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |
2008-02-21 | CVE-2008-0850 | Dokeos | SQL Injection vulnerability in Dokeos 1.8.4 Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to whoisonline.php, (2) tracking_list_coaches_column parameter to main/mySpace/index.php, (3) tutor_name parameter to main/create_course/add_course.php, the (4) Referer HTTP header to index.php, and the (5) X-Fowarded-For HTTP header to main/admin/class_list.php. | 7.5 |
2008-02-21 | CVE-2008-0849 | Joomla Mambo | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652. | 7.5 |
2008-02-21 | CVE-2008-0847 | Xoops | SQL Injection vulnerability in Xoops Mytopics SQL injection vulnerability in print.php in the myTopics module for XOOPS allows remote attackers to execute arbitrary SQL commands via the articleid parameter. | 7.5 |
2008-02-20 | CVE-2008-0846 | Joomla Mambo | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter. | 7.5 |
2008-02-20 | CVE-2008-0845 | Wordpress | SQL Injection vulnerability in Wordpress Dean Logan Wp-People Plugin 1.6.1 SQL injection vulnerability in wp-people-popup.php in Dean Logan WP-People plugin 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the person parameter. | 7.5 |
2008-02-20 | CVE-2008-0844 | Joomla | SQL Injection vulnerability in Joomla COM Pccookbook SQL injection vulnerability in index.php in the PccookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | 7.5 |
2008-02-20 | CVE-2008-0842 | Joomla | SQL Injection vulnerability in Joomla COM Clasifier SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | 7.5 |
2008-02-20 | CVE-2008-0841 | Joomla Mambo | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Giorgio Nordo Ricette (com_ricette) 1.0 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2008-02-20 | CVE-2008-0839 | Astats Joomla | SQL Injection vulnerability in multiple products SQL injection vulnerability in refer.php in the astatsPRO (com_astatspro) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2008-02-20 | CVE-2008-0835 | Simple CMS | SQL Injection vulnerability in Simple CMS Simple CMS 1.0.3 SQL injection vulnerability in indexen.php in Simple CMS 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the area parameter. | 7.5 |
2008-02-20 | CVE-2008-0833 | Joomla | SQL Injection vulnerability in Joomla COM Galeria SQL injection vulnerability in index.php in the com_galeria component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | 7.5 |
2008-02-20 | CVE-2008-0832 | Joomla Mambo | SQL Injection vulnerability in multiple products SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action. | 7.5 |
2008-02-20 | CVE-2008-0831 | Joomla | SQL Injection vulnerability in Joomla Rapid Recipe Multiple SQL injection vulnerabilities in the Rapid Recipe (com_rapidrecipe) 1.6.5 and earlier component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) user_id or (2) category_id parameter. | 7.5 |
2008-02-19 | CVE-2008-0830 | Apple | Improper Input Validation vulnerability in Apple Iphoto 4.0.3 The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 allows remote attackers to cause a denial of service (crash) via a malformed dpap: URI, a different vulnerability than CVE-2008-0043. | 7.5 |
2008-02-19 | CVE-2008-0829 | Joomla Joomlapixel Mambo | SQL Injection vulnerability in multiple products SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task. | 7.5 |
2008-02-19 | CVE-2008-0827 | Phpnuke | SQL Injection vulnerability in PHPnuke Book SQL injection vulnerability in the Books module of PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2008-02-19 | CVE-2008-0825 | Caroline | SQL Injection vulnerability in Caroline SQL injection vulnerability in Claroline before 1.8.9 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2008-02-19 | CVE-2008-0821 | OSI Codes INC | SQL Injection vulnerability in OSI Codes Inc. PHPlive 3.2.2 SQL injection vulnerability in admin/traffic/knowledge_searchm.php in OSI Codes Inc. | 7.5 |
2008-02-19 | CVE-2008-0818 | Freephpgallery | Path Traversal vulnerability in Freephpgallery 0.6 Multiple directory traversal vulnerabilities in freePHPgallery 0.6 allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2008-02-19 | CVE-2008-0817 | Joomla Mambo | SQL Injection vulnerability in multiple products SQL injection vulnerability in the com_filebase component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. | 7.5 |
2008-02-19 | CVE-2008-0816 | COM SG | SQL Injection vulnerability in COM SG COM SG SQL injection vulnerability in the com_sg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task. | 7.5 |
2008-02-19 | CVE-2008-0815 | Egitimhost Joomla | SQL Injection vulnerability in multiple products SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task. | 7.5 |
2008-02-19 | CVE-2008-0811 | Auracms | SQL Injection vulnerability in Auracms 1.62 Multiple SQL injection vulnerabilities in AuraCMS 1.62 allow remote attackers to execute arbitrary SQL commands via (1) the kid parameter to (a) mod/dl.php or (b) mod/links.php, and (2) the query parameter to search.php. | 7.5 |
2008-02-19 | CVE-2008-0810 | Joomla Mambo | SQL Injection vulnerability in multiple products SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2008-02-19 | CVE-2008-0556 | Openca | Cross-Site Request Forgery (CSRF) vulnerability in Openca PKI Cross-site request forgery (CSRF) vulnerability in OpenCA PKI 0.9.2.5, and possibly earlier versions, allows remote attackers to perform unauthorized actions as authorized users via a link or IMG tag to RAServer. | 7.5 |
2008-02-19 | CVE-2007-6258 | Apache F5 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header. | 7.5 |
2008-02-18 | CVE-2008-0674 | Pcre | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Pcre Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255. | 7.5 |
2008-02-22 | CVE-2008-0162 | Debian SAM Lantinga | Permissions, Privileges, and Access Controls vulnerability in SAM Lantinga Splitvt misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges. | 7.2 |
2008-02-22 | CVE-2008-0901 | BEA BEA Systems | Information Exposure vulnerability in multiple products BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force password guessing attacks, even when account lockout has been activated, via crafted URLs that indicate whether a guessed password is successful or not. | 7.1 |
52 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-02-21 | CVE-2008-0894 | Apple | Remote Denial of Service and Information Disclosure vulnerability in Apple Safari BMP and GIF Files Apple Safari might allow remote attackers to obtain potentially sensitive memory contents or cause a denial of service (crash) via a crafted (1) bitmap (BMP) or (2) GIF file, a related issue to CVE-2008-0420. | 6.8 |
2008-02-21 | CVE-2008-0871 | NOW | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in NOW SMS MMS Gateway Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service. | 6.8 |
2008-02-19 | CVE-2008-0804 | Thecus | Code Injection vulnerability in Thecus N5200Pro NAS Server Control Panel PHP remote file inclusion vulnerability in usrgetform.html in Thecus N5200Pro NAS Server allows remote attackers to execute arbitrary PHP code via a URL in the name parameter. | 6.8 |
2008-02-22 | CVE-2008-0920 | Open Source Security Information Management | SQL Injection vulnerability in Open Source Security Information Management Os-Sim SQL injection vulnerability in port/modifyportform.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 allows remote authenticated users to execute arbitrary SQL commands via the portname parameter, which is not properly handled by a validation regular expression. | 6.5 |
2008-02-22 | CVE-2008-0911 | Iscripts | SQL Injection vulnerability in Iscripts Multicart 2.0 SQL injection vulnerability in productdetails.php in iScripts MultiCart 2.0 allows remote authenticated users to execute arbitrary SQL commands via the productid parameter. | 6.5 |
2008-02-18 | CVE-2007-6313 | Mysql | Permissions, Privileges, and Access Controls vulnerability in Mysql Community Server MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements. | 6.5 |
2008-02-22 | CVE-2008-0915 | Ipdiva | Cross-Site Scripting vulnerability in IPdiva SSL VPN The Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 stores the number of remaining allowed login attempts in a cookie, which makes it easier for remote attackers to conduct brute force attacks by manipulating this cookie's value. | 6.4 |
2008-02-22 | CVE-2008-0895 | BEA | Improper Authentication vulnerability in BEA Weblogic Server BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass authentication for application servlets via crafted request headers. | 6.4 |
2008-02-20 | CVE-2008-0843 | Statcountex | Permissions, Privileges, and Access Controls vulnerability in Statcountex 3.0/3.1 StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive information and edit configuration scripts via a direct request to admin.asp. | 6.4 |
2008-02-19 | CVE-2008-0814 | Truc | Path Traversal vulnerability in Truc 0.11 Directory traversal vulnerability in download.php in Tracking Requirements & Use Cases (TRUC) 0.11.0 allows remote attackers to read arbitrary files via a .. | 6.4 |
2008-02-19 | CVE-2008-0812 | Banpro | Path Traversal vulnerability in Banpro NET Banpro DMS 1.0 Directory traversal vulnerability in DMS/index.php in BanPro DMS 1.0 allows remote attackers to include and execute arbitrary files via a .. | 6.4 |
2008-02-22 | CVE-2008-0900 | BEA BEA Systems | Permissions, Privileges, and Access Controls vulnerability in multiple products Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors. | 6.0 |
2008-02-22 | CVE-2008-0898 | BEA | Permissions, Privileges, and Access Controls vulnerability in BEA Weblogic Server The distributed queue feature in JMS in BEA WebLogic Server 9.0 through 10.0, in certain configurations, does not properly handle when a client cannot send a message to a member of a distributed queue, which allows remote authenticated users to bypass intended access restrictions for protected distributed queues. | 5.8 |
2008-02-22 | CVE-2008-0905 | MEO | Path Traversal vulnerability in MEO Globsy 1.0 Directory traversal vulnerability in globsy_edit.php in Globsy 1.0 allows remote attackers to read arbitrary files via a .. | 5.0 |
2008-02-21 | CVE-2008-0875 | Hitachi | Remote Denial of Service vulnerability in Hitachi EUR Print Manager 0506/0506B/0508 Unspecified vulnerability in Hitachi EUR Print Manager, and related Client and Local Server products, 05-06 through 05-06-/B and 05-08 allows remote attackers to cause a denial of service (service hang or termination) via unspecified vectors related to "unexpected data." | 5.0 |
2008-02-21 | CVE-2008-0865 | BEA Systems Oracle | Permissions, Privileges, and Access Controls vulnerability in multiple products Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 allows remote attackers to bypass entitlements for instances of a floatable WLP portlet via unknown vectors. | 5.0 |
2008-02-21 | CVE-2008-0864 | BEA Systems Oracle | Permissions, Privileges, and Access Controls vulnerability in multiple products Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertently remove entitlements for pages when an administrator edits the page definition label, which might allow remote attackers to bypass intended access restrictions. | 5.0 |
2008-02-21 | CVE-2008-0863 | BEA | Information Exposure vulnerability in BEA Weblogic Server 9.0/9.1 BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web service's WSDL and security policies, which allows remote attackers to obtain sensitive information and potentially launch further attacks. | 5.0 |
2008-02-21 | CVE-2008-0859 | Kerio | Resource Management Errors vulnerability in Kerio Mailserver Unspecified vulnerability in Kerio MailServer before 6.5.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to decoding of uuencoded input, which triggers memory corruption. | 5.0 |
2008-02-21 | CVE-2008-0852 | Freesshd | Remote Denial of Service vulnerability in freeSSHd 'SSH2_MSG_NEWKEYS' Packet freeSSHd 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a SSH2_MSG_NEWKEYS packet to TCP port 22, which triggers a NULL pointer dereference. | 5.0 |
2008-02-19 | CVE-2008-0813 | Xpweb | Path Traversal vulnerability in Xpweb 3.0.1/3.3.2 Directory traversal vulnerability in Download.php in XPWeb 3.0.1, 3.3.2, and possibly other versions, allows remote attackers to read arbitrary files via a .. | 5.0 |
2008-02-22 | CVE-2008-0896 | BEA Systems | Permissions, Privileges, and Access Controls vulnerability in BEA Systems Weblogic Portal 10.0/9.2 BEA WebLogic Portal 10.0 and 9.2 through MP1, when an administrator deletes a single instance of a content portlet, removes entitlement policies for other content portlets, which allows attackers to bypass intended access restrictions. | 4.9 |
2008-02-20 | CVE-2008-0836 | SUN | Denial-Of-Service vulnerability in SUN Solaris 10/9 Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectures allows local users to cause a denial of service (panic) via unspecified vectors that trigger a NULL pointer dereference in the vuid3ps2 module, a different issue than CVE-2007-5319. | 4.9 |
2008-02-19 | CVE-2008-0807 | Debian Horde | Permissions, Privileges, and Access Controls vulnerability in Horde products lib/Driver/sql.php in Turba 2 (turba2) Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, as used in products such as Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition before 1.0.5, does not properly check access rights, which allows remote authenticated users to modify address data via a modified object_id parameter to edit.php, as demonstrated by modifying a personal address book entry when there is write access to a shared address book. | 4.9 |
2008-02-20 | CVE-2008-0840 | Publicwarehouse | Path Traversal vulnerability in Publicwarehouse Lightblog 9.6 Directory traversal vulnerability in view_member.php in Public Warehouse LightBlog 9.6 allows remote attackers to include and execute arbitrary local files via a .. | 4.4 |
2008-02-22 | CVE-2008-0919 | Open Source Security Information Management | Cross-Site Scripting vulnerability in Open Source Security Information Management Os-Sim Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 and earlier allows remote attackers to inject arbitrary web script or HTML via the dest parameter. | 4.3 |
2008-02-22 | CVE-2008-0917 | TOR World | Cross-Site Scripting vulnerability in TOR World products Cross-site scripting (XSS) vulnerability in Tor World Tor Search 1.1 and earlier, I-Navigator 4.0, Mobile Frontier 2.1 and earlier, Diary.cgi (aka Quotes of the Day) 1.5 and earlier, Tor News 1.21 and earlier, Simple BBS 1.3 and earlier, Interactive BBS 1.3 and earlier, Tor Board 1.1 and earlier, Simple Vote 1.1 and earlier, and Com Vote 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-02-22 | CVE-2008-0914 | Ipdiva | Cross-Site Scripting vulnerability in Ipdiva 2.2/2.3 Multiple cross-site scripting (XSS) vulnerabilities in the Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-02-22 | CVE-2008-0913 | Invision Power Services | Cross-Site Scripting vulnerability in Invision Power Services Invision Power Board 2.3.4 Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via crafted BBCodes in an unspecified context. | 4.3 |
2008-02-22 | CVE-2008-0909 | Schoolwires | Cross-Site Scripting vulnerability in Schoolwires Academic Portal Cross-site scripting (XSS) vulnerability in browse.asp in Schoolwires Academic Portal allows remote attackers to inject arbitrary web script or HTML via the c parameter. | 4.3 |
2008-02-22 | CVE-2008-0903 | BEA Systems | Denial-Of-Service vulnerability in BEA Systems Weblogic Express and Weblogic Server Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of service (web server crash) via a crafted URL. | 4.3 |
2008-02-22 | CVE-2008-0902 | BEA BEA Systems | Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 through 10.0 MP1 allow remote attackers to inject arbitrary web script or HTML via unspecified samples. | 4.3 |
2008-02-22 | CVE-2008-0899 | BEA | Cross-Site Scripting vulnerability in BEA Weblogic Server Cross-site scripting (XSS) vulnerability in the Administration Console in BEA WebLogic Server and Express 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via URLs that are not properly handled by the Unexpected Exception Page. | 4.3 |
2008-02-21 | CVE-2007-4516 | Symantec Veritas | Improper Input Validation vulnerability in Symantec Veritas Storage Foundation 5.0 The Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation 5.0 for Windows allows remote attackers to cause a denial of service (daemon crash or hang) via malformed packets. | 4.3 |
2008-02-21 | CVE-2008-0877 | Jinzora | Cross-Site Scripting vulnerability in Jinzora Media Jukebox 2.7.5 Multiple cross-site scripting (XSS) vulnerabilities in Jinzora Media Jukebox 2.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) frontend, (2) set_frontend, (3) jz_path, (4) theme, and (5) set_theme parameters to (a) index.php; the frontend, theme, and (6) language parameters to (b) ajax_request.php; the jz_path parameter to (c) slim.php; the frontend, theme, and jz_path parameters to (d) popup.php; the (13) PATH_INFO to index.php and (e) slim.php; and the (14) query parameter in a playlistedit action and (15) siteNewsData parameter in a sitenews action to (f) popup.php. | 4.3 |
2008-02-21 | CVE-2008-0876 | Hitachi | Improper Input Validation vulnerability in Hitachi Sewb3 Mi-Platform and Sewb3 Platform Unspecified vulnerability in the SEWB3 messaging service in Hitachi SEWB3/PLATFORM and SEWB3/MI-PLATFORM 01-00 through 02-14-/A allows remote attackers to cause a denial of service (service outage) via "invalid data." | 4.3 |
2008-02-21 | CVE-2008-0872 | Smartertools | Cross-Site Scripting vulnerability in Smartertools Smartermail Enterprise 4.3 Cross-site scripting (XSS) vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute of an element in the Subject field of an e-mail message. | 4.3 |
2008-02-21 | CVE-2008-0869 | BEA BEA Systems | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic Workshop or Apache Beehive NetUI framework with page flows. | 4.3 |
2008-02-21 | CVE-2008-0868 | BEA Systems Oracle | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in Groupspace in BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 1 allows remote authenticated users to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2008-02-21 | CVE-2008-0867 | BEA Systems | Cross-Site Scripting vulnerability in BEA Systems Aqualogic Interaction and Plumtree Foundation Cross-site scripting (XSS) vulnerability in portal/server.pt in BEA AquaLogic Interaction 6.1 through MP1 and Plumtree Foundation 6.0 through SP1 allows remote attackers to inject arbitrary web script or HTML via the name parameter. | 4.3 |
2008-02-21 | CVE-2008-0866 | BEA | Cross-Site Scripting vulnerability in BEA Weblogic Workshop 8.1 Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Workshop allow remote attackers to inject arbitrary web script or HTML via an invalid action URI, which is not properly handled by NetUI page flows. | 4.3 |
2008-02-21 | CVE-2008-0862 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Lotus Notes IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email message to another user, which allows user-assisted remote attackers to bypass Execution Control List (ECL) protection. | 4.3 |
2008-02-21 | CVE-2008-0861 | IBM | Cross-Site Scripting vulnerability in IBM Lotus Quickplace 7.0 Cross-site scripting (XSS) vulnerability in leg/Main.nsf in IBM Lotus Quickplace 7.0 allows remote attackers to inject arbitrary web script or HTML via an h_SearchString sub-parameter in the PreSetFields parameter of an EditDocument action. | 4.3 |
2008-02-21 | CVE-2008-0851 | Dokeos | Cross-Site Scripting vulnerability in Dokeos E-Learning System 1.8.4 Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to inscription.php, (2) courseCode parameter to main/calendar/myagenda.php, (3) category parameter to main/admin/course_category.php, (4) message parameter to main/admin/session_list.php in a show_message action, and (5) an avatar image to main/auth/profile.php. | 4.3 |
2008-02-21 | CVE-2008-0848 | Crafty Syntax Live Help | Cross-Site Scripting vulnerability in Crafty Syntax Live Help Crafty Syntax Live Help Cross-site scripting (XSS) vulnerability in lostsheep.php in Crafty Syntax Live Help (CSLH) before 2.14.16, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-02-20 | CVE-2008-0838 | Sophos | Cross-Site Scripting vulnerability in Sophos Es1000 and Es4000 Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface in Sophos ES1000 and ES4000 Email Security Appliance 2.1.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) error and (2) go parameters to the login page. | 4.3 |
2008-02-20 | CVE-2008-0837 | John Godley Wordpress | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the log feature in the John Godley Search Unleashed 0.2.10 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, which is not properly handled when the administrator views the log file. | 4.3 |
2008-02-20 | CVE-2008-0834 | IBM | Cross-Site Scripting vulnerability in IBM Lotus Quickr 8.0/8.0.2 Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-02-19 | CVE-2008-0828 | Atutor | Cross-Site Scripting vulnerability in Atutor Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) attributes such as style and onmouseover in (a) forum post or (b) mail; or (2) the website field of the profile. | 4.3 |
2008-02-19 | CVE-2008-0826 | Caroline | Cross-Site Scripting vulnerability in Caroline Cross-site scripting (XSS) vulnerability in Claroline before 1.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-02-19 | CVE-2008-0809 | Ikiwiki | Cross-Site Scripting vulnerability in Ikiwiki Cross-site scripting (XSS) vulnerability in the htmlscrubber in Ikiwiki before 1.1.46 allows remote attackers to inject arbitrary web script or HTML via title contents. | 4.3 |
2008-02-19 | CVE-2008-0808 | Ikiwiki | Cross-Site Scripting vulnerability in Ikiwiki Cross-site scripting (XSS) vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitrary web script or HTML via meta tags. | 4.3 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-02-19 | CVE-2008-0822 | Scribe | Path Traversal vulnerability in Scribe 0.2 Directory traversal vulnerability in index.php in Scribe 0.2 allows remote attackers to read arbitrary local files via a .. | 3.6 |
2008-02-19 | CVE-2008-0819 | Plutostatus | Path Traversal vulnerability in Plutostatus Locator 1.0Prealpha Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a .. | 3.6 |
2008-02-19 | CVE-2008-0806 | Paul Pelzl | Link Following vulnerability in Paul Pelzl Wyrd 1.4.3B3 wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file. | 3.6 |