Weekly Vulnerabilities Reports > February 18 to 24, 2008

Overview

117 new vulnerabilities reported during this period, including 8 critical vulnerabilities and 53 high severity vulnerabilities. This weekly summary report vulnerabilities in 139 products from 74 vendors including Joomla, BEA Systems, BEA, Mambo, and Oracle. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Path Traversal", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 111 reported vulnerabilities are remotely exploitables.
  • 40 reported vulnerabilities have public exploit available.
  • 76 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 110 reported vulnerabilities are exploitable by an anonymous user.
  • Joomla has the most reported vulnerabilities, with 17 reported vulnerabilities.
  • Drupal has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

8 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-02-22 CVE-2008-0912 Sybase Buffer Errors vulnerability in Sybase Mobilink and SQL Anywhere

Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer Edition 10.0.1.3415 and probably other products, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a long (1) username, (2) version, or (3) remote ID.

10.0
2008-02-21 CVE-2008-0882 Cups Buffer Errors vulnerability in Cups 1.3.5

Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer.

10.0
2008-02-21 CVE-2008-0860 Kerio Multiple Unspecified vulnerability in Kerio AVG Plugin and Kerio Mailserver

Unspecified vulnerability in the AVG plugin in Kerio MailServer before 6.5.0 has unspecified impact via unknown remote attack vectors related to null DACLs.

10.0
2008-02-19 CVE-2007-6319 Lyris Permissions, Privileges, and Access Controls vulnerability in Lyris List Manager

Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating "new accounts that collide with existing accounts."

10.0
2008-02-19 CVE-2008-0824 Caroline Remote Security vulnerability in Caroline

Unspecified vulnerability in the php2phps function in Claroline before 1.8.9 has unknown impact and attack vectors.

10.0
2008-02-19 CVE-2008-0823 Drupal Improper Authentication vulnerability in Drupal Header Image 5.X1.0

Unspecified vulnerability in the Header Image Module before 5.x-1.1 for Drupal allows remote attackers to access the administration pages via unknown attack vectors.

10.0
2008-02-21 CVE-2008-0638 Symantec Buffer Errors vulnerability in Symantec Veritas Storage Foundation 5.0

Heap-based buffer overflow in the Veritas Enterprise Administrator (VEA) service (aka vxsvc.exe) in Symantec Veritas Storage Foundation 5.0 allows remote attackers to execute arbitrary code via a packet with a crafted value of a certain size field, which is not checked for consistency with the actual buffer size.

9.3
2008-02-19 CVE-2008-0805 Reality Permissions, Privileges, and Access Controls vulnerability in Reality Medias PHPizabi 0.848B

Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b C1 HFP1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension from the event page, then accessing it via a direct request to the file in system/cache/pictures.

9.3

53 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-02-22 CVE-2008-0897 BEA Permissions, Privileges, and Access Controls vulnerability in BEA Weblogic Server

Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows remote authenticated users without "receive" permissions to bypass intended access restrictions and receive messages from a standalone JMS Topic or secured Distributed Topic member destination, related to durable subscriptions.

7.9
2008-02-22 CVE-2008-0904 BEA Systems Information Exposure vulnerability in BEA Systems Aqualogic Interaction and Plumtree Collaboration

Unspecified vulnerability in the download servlet in BEA Plumtree Collaboration 4.1 through SP2 and AquaLogic Interaction 4.2 through MP1 allows remote attackers to read arbitrary files via a crafted URL.

7.8
2008-02-21 CVE-2007-6426 EMC Buffer Errors vulnerability in EMC Replistor 6.2Sp2

Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data.

7.8
2008-02-22 CVE-2008-0922 PHP Nuke SQL Injection vulnerability in PHP-Nuke Manuales 0.1

SQL injection vulnerability in the Manuales 0.1 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewdownload action to modules.php.

7.5
2008-02-22 CVE-2008-0921 Becontent SQL Injection vulnerability in Becontent 0.3.1

SQL injection vulnerability in news.php in beContent 0.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-02-22 CVE-2008-0918 Astats
Joomla
SQL Injection vulnerability in multiple products

SQL injection vulnerability in includes/count_dl_or_link.inc.php in the astatsPRO (com_astatspro) 1.0.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to getfile.php, a different vector than CVE-2008-0839.

7.5
2008-02-22 CVE-2008-0916 Highwood Design SQL Injection vulnerability in Highwood Design Hwdvideoshare

SQL injection vulnerability in the Highwood Design hwdVideoShare (com_hwdvideoshare) 1.1.3 Alpha component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a viewcategory action to index.php.

7.5
2008-02-22 CVE-2008-0910 F Secure Permissions, Privileges, and Access Controls vulnerability in F-Secure products

Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive.

7.5
2008-02-22 CVE-2008-0908 Schoolwires SQL Injection vulnerability in Schoolwires Academic Portal

SQL injection vulnerability in browse.asp in Schoolwires Academic Portal allows remote attackers to execute arbitrary SQL commands via the c parameter.

7.5
2008-02-22 CVE-2008-0907 PHP Nuke SQL Injection vulnerability in PHP-Nuke Inhalt Module

SQL injection vulnerability in the Inhalt module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.

7.5
2008-02-22 CVE-2008-0906 PHP Nuke SQL Injection vulnerability in PHP-Nuke Module Docum

SQL injection vulnerability in the Docum module in PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle operation.

7.5
2008-02-21 CVE-2008-0881 Phpnuke SQL Injection vulnerability in PHPnuke Okul Module 1.0

SQL injection vulnerability in modules.php in the Okul 1.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the okulid parameter in an okullar action.

7.5
2008-02-21 CVE-2008-0880 Phpnuke SQL Injection vulnerability in PHPnuke Easycontent Module

SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the page_id parameter.

7.5
2008-02-21 CVE-2008-0879 Phpnuke SQL Injection vulnerability in PHPnuke web Links Module

SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action.

7.5
2008-02-21 CVE-2008-0878 Runcms SQL Injection vulnerability in Runcms Myannonces

SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.

7.5
2008-02-21 CVE-2008-0874 Xoops SQL Injection vulnerability in Xoops Eempregos Module

SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action.

7.5
2008-02-21 CVE-2008-0873 Jlmzone SQL Injection vulnerability in Jlmzone Classifieds 1.0

SQL injection vulnerability in index.php in the jlmZone Classifieds module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in an Adsview action.

7.5
2008-02-21 CVE-2008-0870 BEA Systems
Oracle
Link Following vulnerability in multiple products

BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session.

7.5
2008-02-21 CVE-2008-0858 Kerio
Visnetic
Code Injection vulnerability in multiple products

Buffer overflow in the Visnetic anti-virus plugin in Kerio MailServer before 6.5.0 might allow remote attackers to execute arbitrary code via unspecified vectors.

7.5
2008-02-21 CVE-2008-0857 Woltlab SQL Injection vulnerability in Woltlab Burning Board 3.0.3Pl1

SQL injection vulnerability in index.php in WoltLab Burning Board 3.0.3 PL 1 allows remote attackers to execute arbitrary SQL commands via the sortOrder parameter to the PMList page.

7.5
2008-02-21 CVE-2008-0856 E Vision SQL Injection vulnerability in E-Vision CMS 2.02

Multiple SQL injection vulnerabilities in e-Vision CMS 2.02 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) iframe.php and (2) print.php.

7.5
2008-02-21 CVE-2008-0855 Joomla
Mambo
SQL Injection vulnerability in multiple products

SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.

7.5
2008-02-21 CVE-2008-0854 Joomla
Mambo
SQL Injection vulnerability in multiple products

SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php.

7.5
2008-02-21 CVE-2008-0853 Joomla
Mambo
SQL Injection vulnerability in multiple products

SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

7.5
2008-02-21 CVE-2008-0850 Dokeos SQL Injection vulnerability in Dokeos 1.8.4

Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to whoisonline.php, (2) tracking_list_coaches_column parameter to main/mySpace/index.php, (3) tutor_name parameter to main/create_course/add_course.php, the (4) Referer HTTP header to index.php, and the (5) X-Fowarded-For HTTP header to main/admin/class_list.php.

7.5
2008-02-21 CVE-2008-0849 Joomla
Mambo
SQL Injection vulnerability in multiple products

SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652.

7.5
2008-02-21 CVE-2008-0847 Xoops SQL Injection vulnerability in Xoops Mytopics

SQL injection vulnerability in print.php in the myTopics module for XOOPS allows remote attackers to execute arbitrary SQL commands via the articleid parameter.

7.5
2008-02-20 CVE-2008-0846 Joomla
Mambo
SQL Injection vulnerability in multiple products

SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter.

7.5
2008-02-20 CVE-2008-0845 Wordpress SQL Injection vulnerability in Wordpress Dean Logan Wp-People Plugin 1.6.1

SQL injection vulnerability in wp-people-popup.php in Dean Logan WP-People plugin 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the person parameter.

7.5
2008-02-20 CVE-2008-0844 Joomla SQL Injection vulnerability in Joomla COM Pccookbook

SQL injection vulnerability in index.php in the PccookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter.

7.5
2008-02-20 CVE-2008-0842 Joomla SQL Injection vulnerability in Joomla COM Clasifier

SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.

7.5
2008-02-20 CVE-2008-0841 Joomla
Mambo
SQL Injection vulnerability in multiple products

SQL injection vulnerability in index.php in the Giorgio Nordo Ricette (com_ricette) 1.0 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-02-20 CVE-2008-0839 Astats
Joomla
SQL Injection vulnerability in multiple products

SQL injection vulnerability in refer.php in the astatsPRO (com_astatspro) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-02-20 CVE-2008-0835 Simple CMS SQL Injection vulnerability in Simple CMS Simple CMS 1.0.3

SQL injection vulnerability in indexen.php in Simple CMS 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the area parameter.

7.5
2008-02-20 CVE-2008-0833 Joomla SQL Injection vulnerability in Joomla COM Galeria

SQL injection vulnerability in index.php in the com_galeria component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.

7.5
2008-02-20 CVE-2008-0832 Joomla
Mambo
SQL Injection vulnerability in multiple products

SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action.

7.5
2008-02-20 CVE-2008-0831 Joomla SQL Injection vulnerability in Joomla Rapid Recipe

Multiple SQL injection vulnerabilities in the Rapid Recipe (com_rapidrecipe) 1.6.5 and earlier component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) user_id or (2) category_id parameter.

7.5
2008-02-19 CVE-2008-0830 Apple Improper Input Validation vulnerability in Apple Iphoto 4.0.3

The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 allows remote attackers to cause a denial of service (crash) via a malformed dpap: URI, a different vulnerability than CVE-2008-0043.

7.5
2008-02-19 CVE-2008-0829 Joomla
Joomlapixel
Mambo
SQL Injection vulnerability in multiple products

SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task.

7.5
2008-02-19 CVE-2008-0827 Phpnuke SQL Injection vulnerability in PHPnuke Book

SQL injection vulnerability in the Books module of PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter.

7.5
2008-02-19 CVE-2008-0825 Caroline SQL Injection vulnerability in Caroline

SQL injection vulnerability in Claroline before 1.8.9 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2008-02-19 CVE-2008-0821 OSI Codes INC SQL Injection vulnerability in OSI Codes Inc. PHPlive 3.2.2

SQL injection vulnerability in admin/traffic/knowledge_searchm.php in OSI Codes Inc.

7.5
2008-02-19 CVE-2008-0818 Freephpgallery Path Traversal vulnerability in Freephpgallery 0.6

Multiple directory traversal vulnerabilities in freePHPgallery 0.6 allow remote attackers to include and execute arbitrary local files via a ..

7.5
2008-02-19 CVE-2008-0817 Joomla
Mambo
SQL Injection vulnerability in multiple products

SQL injection vulnerability in the com_filebase component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.

7.5
2008-02-19 CVE-2008-0816 COM SG SQL Injection vulnerability in COM SG COM SG

SQL injection vulnerability in the com_sg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task.

7.5
2008-02-19 CVE-2008-0815 Egitimhost
Joomla
SQL Injection vulnerability in multiple products

SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task.

7.5
2008-02-19 CVE-2008-0811 Auracms SQL Injection vulnerability in Auracms 1.62

Multiple SQL injection vulnerabilities in AuraCMS 1.62 allow remote attackers to execute arbitrary SQL commands via (1) the kid parameter to (a) mod/dl.php or (b) mod/links.php, and (2) the query parameter to search.php.

7.5
2008-02-19 CVE-2008-0810 Joomla
Mambo
SQL Injection vulnerability in multiple products

SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-02-19 CVE-2008-0556 Openca Cross-Site Request Forgery (CSRF) vulnerability in Openca PKI

Cross-site request forgery (CSRF) vulnerability in OpenCA PKI 0.9.2.5, and possibly earlier versions, allows remote attackers to perform unauthorized actions as authorized users via a link or IMG tag to RAServer.

7.5
2008-02-19 CVE-2007-6258 Apache
F5
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header.

7.5
2008-02-18 CVE-2008-0674 Pcre Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Pcre

Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.

7.5
2008-02-22 CVE-2008-0162 Debian
SAM Lantinga
Permissions, Privileges, and Access Controls vulnerability in SAM Lantinga Splitvt

misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.

7.2
2008-02-22 CVE-2008-0901 BEA
BEA Systems
Information Exposure vulnerability in multiple products

BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force password guessing attacks, even when account lockout has been activated, via crafted URLs that indicate whether a guessed password is successful or not.

7.1

53 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-02-21 CVE-2008-0894 Apple Remote Denial of Service and Information Disclosure vulnerability in Apple Safari BMP and GIF Files

Apple Safari might allow remote attackers to obtain potentially sensitive memory contents or cause a denial of service (crash) via a crafted (1) bitmap (BMP) or (2) GIF file, a related issue to CVE-2008-0420.

6.8
2008-02-21 CVE-2008-0871 NOW Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in NOW SMS MMS Gateway

Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service.

6.8
2008-02-19 CVE-2008-0804 Thecus Code Injection vulnerability in Thecus N5200Pro NAS Server Control Panel

PHP remote file inclusion vulnerability in usrgetform.html in Thecus N5200Pro NAS Server allows remote attackers to execute arbitrary PHP code via a URL in the name parameter.

6.8
2008-02-22 CVE-2008-0920 Open Source Security Information Management SQL Injection vulnerability in Open Source Security Information Management Os-Sim

SQL injection vulnerability in port/modifyportform.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 allows remote authenticated users to execute arbitrary SQL commands via the portname parameter, which is not properly handled by a validation regular expression.

6.5
2008-02-22 CVE-2008-0911 Iscripts SQL Injection vulnerability in Iscripts Multicart 2.0

SQL injection vulnerability in productdetails.php in iScripts MultiCart 2.0 allows remote authenticated users to execute arbitrary SQL commands via the productid parameter.

6.5
2008-02-18 CVE-2007-6313 Mysql Permissions, Privileges, and Access Controls vulnerability in Mysql Community Server

MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements.

6.5
2008-02-22 CVE-2008-0915 Ipdiva Cross-Site Scripting vulnerability in IPdiva SSL VPN

The Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 stores the number of remaining allowed login attempts in a cookie, which makes it easier for remote attackers to conduct brute force attacks by manipulating this cookie's value.

6.4
2008-02-22 CVE-2008-0895 BEA Improper Authentication vulnerability in BEA Weblogic Server

BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass authentication for application servlets via crafted request headers.

6.4
2008-02-20 CVE-2008-0843 Statcountex Permissions, Privileges, and Access Controls vulnerability in Statcountex 3.0/3.1

StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive information and edit configuration scripts via a direct request to admin.asp.

6.4
2008-02-19 CVE-2008-0814 Truc Path Traversal vulnerability in Truc 0.11

Directory traversal vulnerability in download.php in Tracking Requirements & Use Cases (TRUC) 0.11.0 allows remote attackers to read arbitrary files via a ..

6.4
2008-02-19 CVE-2008-0812 Banpro Path Traversal vulnerability in Banpro NET Banpro DMS 1.0

Directory traversal vulnerability in DMS/index.php in BanPro DMS 1.0 allows remote attackers to include and execute arbitrary files via a ..

6.4
2008-02-22 CVE-2008-0900 BEA
BEA Systems
Permissions, Privileges, and Access Controls vulnerability in multiple products

Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors.

6.0
2008-02-22 CVE-2008-0898 BEA Permissions, Privileges, and Access Controls vulnerability in BEA Weblogic Server

The distributed queue feature in JMS in BEA WebLogic Server 9.0 through 10.0, in certain configurations, does not properly handle when a client cannot send a message to a member of a distributed queue, which allows remote authenticated users to bypass intended access restrictions for protected distributed queues.

5.8
2008-02-22 CVE-2008-0905 MEO Path Traversal vulnerability in MEO Globsy 1.0

Directory traversal vulnerability in globsy_edit.php in Globsy 1.0 allows remote attackers to read arbitrary files via a ..

5.0
2008-02-21 CVE-2008-0875 Hitachi Remote Denial of Service vulnerability in Hitachi EUR Print Manager 0506/0506B/0508

Unspecified vulnerability in Hitachi EUR Print Manager, and related Client and Local Server products, 05-06 through 05-06-/B and 05-08 allows remote attackers to cause a denial of service (service hang or termination) via unspecified vectors related to "unexpected data."

5.0
2008-02-21 CVE-2008-0865 BEA Systems
Oracle
Permissions, Privileges, and Access Controls vulnerability in multiple products

Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 allows remote attackers to bypass entitlements for instances of a floatable WLP portlet via unknown vectors.

5.0
2008-02-21 CVE-2008-0864 BEA Systems
Oracle
Permissions, Privileges, and Access Controls vulnerability in multiple products

Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertently remove entitlements for pages when an administrator edits the page definition label, which might allow remote attackers to bypass intended access restrictions.

5.0
2008-02-21 CVE-2008-0863 BEA Information Exposure vulnerability in BEA Weblogic Server 9.0/9.1

BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web service's WSDL and security policies, which allows remote attackers to obtain sensitive information and potentially launch further attacks.

5.0
2008-02-21 CVE-2008-0859 Kerio Resource Management Errors vulnerability in Kerio Mailserver

Unspecified vulnerability in Kerio MailServer before 6.5.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to decoding of uuencoded input, which triggers memory corruption.

5.0
2008-02-21 CVE-2008-0852 Freesshd Remote Denial of Service vulnerability in freeSSHd 'SSH2_MSG_NEWKEYS' Packet

freeSSHd 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a SSH2_MSG_NEWKEYS packet to TCP port 22, which triggers a NULL pointer dereference.

5.0
2008-02-19 CVE-2008-0813 Xpweb Path Traversal vulnerability in Xpweb 3.0.1/3.3.2

Directory traversal vulnerability in Download.php in XPWeb 3.0.1, 3.3.2, and possibly other versions, allows remote attackers to read arbitrary files via a ..

5.0
2008-02-22 CVE-2008-0896 BEA Systems Permissions, Privileges, and Access Controls vulnerability in BEA Systems Weblogic Portal 10.0/9.2

BEA WebLogic Portal 10.0 and 9.2 through MP1, when an administrator deletes a single instance of a content portlet, removes entitlement policies for other content portlets, which allows attackers to bypass intended access restrictions.

4.9
2008-02-20 CVE-2008-0836 SUN Denial-Of-Service vulnerability in SUN Solaris 10/9

Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectures allows local users to cause a denial of service (panic) via unspecified vectors that trigger a NULL pointer dereference in the vuid3ps2 module, a different issue than CVE-2007-5319.

4.9
2008-02-19 CVE-2008-0807 Debian
Horde
Permissions, Privileges, and Access Controls vulnerability in Horde products

lib/Driver/sql.php in Turba 2 (turba2) Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, as used in products such as Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition before 1.0.5, does not properly check access rights, which allows remote authenticated users to modify address data via a modified object_id parameter to edit.php, as demonstrated by modifying a personal address book entry when there is write access to a shared address book.

4.9
2008-02-20 CVE-2008-0840 Publicwarehouse Path Traversal vulnerability in Publicwarehouse Lightblog 9.6

Directory traversal vulnerability in view_member.php in Public Warehouse LightBlog 9.6 allows remote attackers to include and execute arbitrary local files via a ..

4.4
2008-02-22 CVE-2008-0919 Open Source Security Information Management Cross-Site Scripting vulnerability in Open Source Security Information Management Os-Sim

Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 and earlier allows remote attackers to inject arbitrary web script or HTML via the dest parameter.

4.3
2008-02-22 CVE-2008-0917 TOR World Cross-Site Scripting vulnerability in TOR World products

Cross-site scripting (XSS) vulnerability in Tor World Tor Search 1.1 and earlier, I-Navigator 4.0, Mobile Frontier 2.1 and earlier, Diary.cgi (aka Quotes of the Day) 1.5 and earlier, Tor News 1.21 and earlier, Simple BBS 1.3 and earlier, Interactive BBS 1.3 and earlier, Tor Board 1.1 and earlier, Simple Vote 1.1 and earlier, and Com Vote 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2008-02-22 CVE-2008-0914 Ipdiva Cross-Site Scripting vulnerability in Ipdiva 2.2/2.3

Multiple cross-site scripting (XSS) vulnerabilities in the Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2008-02-22 CVE-2008-0913 Invision Power Services Cross-Site Scripting vulnerability in Invision Power Services Invision Power Board 2.3.4

Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via crafted BBCodes in an unspecified context.

4.3
2008-02-22 CVE-2008-0909 Schoolwires Cross-Site Scripting vulnerability in Schoolwires Academic Portal

Cross-site scripting (XSS) vulnerability in browse.asp in Schoolwires Academic Portal allows remote attackers to inject arbitrary web script or HTML via the c parameter.

4.3
2008-02-22 CVE-2008-0903 BEA Systems Denial-Of-Service vulnerability in BEA Systems Weblogic Express and Weblogic Server

Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of service (web server crash) via a crafted URL.

4.3
2008-02-22 CVE-2008-0902 BEA
BEA Systems
Cross-Site Scripting vulnerability in multiple products

Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 through 10.0 MP1 allow remote attackers to inject arbitrary web script or HTML via unspecified samples.

4.3
2008-02-22 CVE-2008-0899 BEA Cross-Site Scripting vulnerability in BEA Weblogic Server

Cross-site scripting (XSS) vulnerability in the Administration Console in BEA WebLogic Server and Express 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via URLs that are not properly handled by the Unexpected Exception Page.

4.3
2008-02-21 CVE-2007-4516 Symantec Veritas Improper Input Validation vulnerability in Symantec Veritas Storage Foundation 5.0

The Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation 5.0 for Windows allows remote attackers to cause a denial of service (daemon crash or hang) via malformed packets.

4.3
2008-02-21 CVE-2008-0877 Jinzora Cross-Site Scripting vulnerability in Jinzora Media Jukebox 2.7.5

Multiple cross-site scripting (XSS) vulnerabilities in Jinzora Media Jukebox 2.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) frontend, (2) set_frontend, (3) jz_path, (4) theme, and (5) set_theme parameters to (a) index.php; the frontend, theme, and (6) language parameters to (b) ajax_request.php; the jz_path parameter to (c) slim.php; the frontend, theme, and jz_path parameters to (d) popup.php; the (13) PATH_INFO to index.php and (e) slim.php; and the (14) query parameter in a playlistedit action and (15) siteNewsData parameter in a sitenews action to (f) popup.php.

4.3
2008-02-21 CVE-2008-0876 Hitachi Improper Input Validation vulnerability in Hitachi Sewb3 Mi-Platform and Sewb3 Platform

Unspecified vulnerability in the SEWB3 messaging service in Hitachi SEWB3/PLATFORM and SEWB3/MI-PLATFORM 01-00 through 02-14-/A allows remote attackers to cause a denial of service (service outage) via "invalid data."

4.3
2008-02-21 CVE-2008-0872 Smartertools Cross-Site Scripting vulnerability in Smartertools Smartermail Enterprise 4.3

Cross-site scripting (XSS) vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute of an element in the Subject field of an e-mail message.

4.3
2008-02-21 CVE-2008-0869 BEA
BEA Systems
Cross-Site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic Workshop or Apache Beehive NetUI framework with page flows.

4.3
2008-02-21 CVE-2008-0868 BEA Systems
Oracle
Cross-Site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in Groupspace in BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 1 allows remote authenticated users to inject arbitrary web script or HTML via unknown vectors.

4.3
2008-02-21 CVE-2008-0867 BEA Systems Cross-Site Scripting vulnerability in BEA Systems Aqualogic Interaction and Plumtree Foundation

Cross-site scripting (XSS) vulnerability in portal/server.pt in BEA AquaLogic Interaction 6.1 through MP1 and Plumtree Foundation 6.0 through SP1 allows remote attackers to inject arbitrary web script or HTML via the name parameter.

4.3
2008-02-21 CVE-2008-0866 BEA Cross-Site Scripting vulnerability in BEA Weblogic Workshop 8.1

Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Workshop allow remote attackers to inject arbitrary web script or HTML via an invalid action URI, which is not properly handled by NetUI page flows.

4.3
2008-02-21 CVE-2008-0862 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Lotus Notes

IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email message to another user, which allows user-assisted remote attackers to bypass Execution Control List (ECL) protection.

4.3
2008-02-21 CVE-2008-0861 IBM Cross-Site Scripting vulnerability in IBM Lotus Quickplace 7.0

Cross-site scripting (XSS) vulnerability in leg/Main.nsf in IBM Lotus Quickplace 7.0 allows remote attackers to inject arbitrary web script or HTML via an h_SearchString sub-parameter in the PreSetFields parameter of an EditDocument action.

4.3
2008-02-21 CVE-2008-0851 Dokeos Cross-Site Scripting vulnerability in Dokeos E-Learning System 1.8.4

Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to inscription.php, (2) courseCode parameter to main/calendar/myagenda.php, (3) category parameter to main/admin/course_category.php, (4) message parameter to main/admin/session_list.php in a show_message action, and (5) an avatar image to main/auth/profile.php.

4.3
2008-02-21 CVE-2008-0848 Crafty Syntax Live Help Cross-Site Scripting vulnerability in Crafty Syntax Live Help Crafty Syntax Live Help

Cross-site scripting (XSS) vulnerability in lostsheep.php in Crafty Syntax Live Help (CSLH) before 2.14.16, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2008-02-20 CVE-2008-0838 Sophos Cross-Site Scripting vulnerability in Sophos Es1000 and Es4000

Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface in Sophos ES1000 and ES4000 Email Security Appliance 2.1.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) error and (2) go parameters to the login page.

4.3
2008-02-20 CVE-2008-0837 John Godley
Wordpress
Cross-Site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in the log feature in the John Godley Search Unleashed 0.2.10 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, which is not properly handled when the administrator views the log file.

4.3
2008-02-20 CVE-2008-0834 IBM Cross-Site Scripting vulnerability in IBM Lotus Quickr 8.0/8.0.2

Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2008-02-19 CVE-2008-0828 Atutor Cross-Site Scripting vulnerability in Atutor

Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) attributes such as style and onmouseover in (a) forum post or (b) mail; or (2) the website field of the profile.

4.3
2008-02-19 CVE-2008-0826 Caroline Cross-Site Scripting vulnerability in Caroline

Cross-site scripting (XSS) vulnerability in Claroline before 1.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2008-02-19 CVE-2008-0820 Etomite Cross-Site Scripting vulnerability in Etomite 0.6.1.4

** DISPUTED ** Cross-site scripting (XSS) vulnerability in index.php in Etomite 0.6.1.4 Final allows remote attackers to inject arbitrary web script or HTML via $_SERVER['PHP_INFO'].

4.3
2008-02-19 CVE-2008-0809 Ikiwiki Cross-Site Scripting vulnerability in Ikiwiki

Cross-site scripting (XSS) vulnerability in the htmlscrubber in Ikiwiki before 1.1.46 allows remote attackers to inject arbitrary web script or HTML via title contents.

4.3
2008-02-19 CVE-2008-0808 Ikiwiki Cross-Site Scripting vulnerability in Ikiwiki

Cross-site scripting (XSS) vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitrary web script or HTML via meta tags.

4.3

3 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-02-19 CVE-2008-0822 Scribe Path Traversal vulnerability in Scribe 0.2

Directory traversal vulnerability in index.php in Scribe 0.2 allows remote attackers to read arbitrary local files via a ..

3.6
2008-02-19 CVE-2008-0819 Plutostatus Path Traversal vulnerability in Plutostatus Locator 1.0Prealpha

Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a ..

3.6
2008-02-19 CVE-2008-0806 Paul Pelzl Link Following vulnerability in Paul Pelzl Wyrd 1.4.3B3

wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file.

3.6