Weekly Vulnerabilities Reports > March 3 to 9, 2008
Overview
99 new vulnerabilities reported during this period, including 15 critical vulnerabilities and 16 high severity vulnerabilities. This weekly summary report vulnerabilities in 93 products from 72 vendors including SUN, IBM, Deslock, Linux, and Freebsd. Vulnerabilities are notably categorized as "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Code Injection", and "SQL Injection".
- 84 reported vulnerabilities are remotely exploitables.
- 21 reported vulnerabilities have public exploit available.
- 35 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 97 reported vulnerabilities are exploitable by an anonymous user.
- SUN has the most reported vulnerabilities, with 15 reported vulnerabilities.
- SUN has the most reported critical vulnerabilities, with 6 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
15 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-03-05 | CVE-2008-1167 | Sarg | Buffer Errors vulnerability in Sarg Squid Analysis Report Generator 2.2.3.1 Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Generator (Sarg) 2.2.3.1 allows remote attackers to execute arbitrary code via a long Squid proxy server User-Agent header. | 10.0 |
2008-03-04 | CVE-2007-6703 | Synce | Denial Of Service vulnerability in SynCE 'vdccm' Daemon Remote Unspecified vulnerability in vdccm before 0.10.1 in SynCE (SynCE-dccm) might allow attackers to cause a denial of service via unspecified vectors. | 10.0 |
2008-03-09 | CVE-2008-1217 | IBM | Code Injection vulnerability in IBM Lotus Notes 6.5/7.0.2/8.0.0 Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachment in an e-mail message sent over SMTP, a variant of CVE-2007-6706. | 9.3 |
2008-03-09 | CVE-2007-6706 | IBM | Code Injection vulnerability in IBM Lotus Notes Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP. | 9.3 |
2008-03-08 | CVE-2008-1210 | Pnotepad | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Pnotepad Programmers Notepad Stack-based buffer overflow in the ctags parsing code in Programmer's Notepad before 2.0.8.718 allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted .c file, when the victim selects the Jump To dialog. | 9.3 |
2008-03-06 | CVE-2008-1200 | Microsoft | Remote vulnerability in Microsoft Jet Database Engine MDB File Parsing Unspecified vulnerability in Microsoft Access allows remote user-assisted attackers to execute arbitrary code via a crafted .MDB file, possibly related to Jet Engine (msjet40.dll). | 9.3 |
2008-03-06 | CVE-2008-1195 | SUN Canonical | 7PK - Security Features vulnerability in multiple products Unspecified vulnerability in Sun JDK and Java Runtime Environment (JRE) 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to access arbitrary network services on the local host via unspecified vectors related to JavaScript and Java APIs. | 9.3 |
2008-03-06 | CVE-2008-1193 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN JDK and JRE Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application. | 9.3 |
2008-03-06 | CVE-2008-1190 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN Jdk, JRE and SDK Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue. | 9.3 |
2008-03-06 | CVE-2008-1188 | SUN | Buffer Errors vulnerability in SUN JDK and JRE Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka "The first two issues." | 9.3 |
2008-03-06 | CVE-2008-1186 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN Jdk, JRE and SDK Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue." | 9.3 |
2008-03-06 | CVE-2008-1185 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN Jdk, JRE and SDK Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186, aka "the first issue." | 9.3 |
2008-03-04 | CVE-2008-1136 | Synce | Improper Input Validation vulnerability in Synce 0.10.0/0.92 The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through 0.10.0 in SynCE (SynCE-dccm) allows remote attackers to execute arbitrary commands via shell metacharacters in a certain string to TCP port 5679. | 9.3 |
2008-03-03 | CVE-2008-1120 | ICQ | USE of Externally-Controlled Format String vulnerability in ICQ Mirabilis ICQ 6 Format string vulnerability in the embedded Internet Explorer component for Mirabilis ICQ 6 build 6043 allows remote servers to execute arbitrary code or cause a denial of service (crash) via unspecified vectors related to HTML code generation. | 9.3 |
2008-03-03 | CVE-2008-1116 | Rising Antivirus International | Remote Code Execution vulnerability in Rising Antivirus International Rising web Scan Object 18.0.7 Insecure method vulnerability in the Web Scan Object ActiveX control (OL2005.dll) in Rising Antivirus Online Scanner allows remote attackers to force the download and execution of arbitrary code by setting the BaseURL property and invoking the UpdateEngine method. | 9.3 |
16 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-03-05 | CVE-2008-1169 | Simm Comm | Path Traversal vulnerability in Simm-Comm SCI Photo Chat Directory traversal vulnerability in the embedded HTTP server in SCI Photo Chat Server 3.4.9 and earlier allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) or "../" (dot dot forward slash) in the GET command. | 7.8 |
2008-03-03 | CVE-2008-1113 | Cisco Vocera Communications | Information Exposure vulnerability in Vocera Communications Vocera Communications Badge Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks. | 7.8 |
2008-03-08 | CVE-2008-1214 | Linux Numara | Code Injection vulnerability in Numara Footprints 8.1 MRcgi/MRProcessIncomingForms.pl in Numara FootPrints 8.1 on Linux allows remote attackers to execute arbitrary code via shell metacharacters in the PROJECTNUM parameter. | 7.5 |
2008-03-06 | CVE-2008-1177 | Affiliate Market | SQL Injection vulnerability in Affiliate Market Affiliate Market 0.1Beta SQL injection vulnerability in shop/detail.php in Affiliate Market (affmarket) 0.1 BETA allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2008-03-06 | CVE-2008-0986 | Numeric Errors vulnerability in Google Android SDK M5Rc14 Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field. | 7.5 | |
2008-03-05 | CVE-2008-1164 | Phpcomasy | SQL Injection vulnerability in PHPcomasy 0.8 SQL injection vulnerability in index.php in phpComasy 0.8 allows remote attackers to execute arbitrary SQL commands via the mod_project_id parameter in a project_detail action. | 7.5 |
2008-03-05 | CVE-2008-1163 | Phparcadescript | SQL Injection vulnerability in PHParcadescript 1.0/2.0/3.0 SQL injection vulnerability in index.php in phpArcadeScript 1.0 through 3.0 RC2 allows remote attackers to execute arbitrary SQL commands via the userid parameter in a profile action. | 7.5 |
2008-03-05 | CVE-2008-1162 | PHP WEB Scripts | SQL Injection vulnerability in PHP web Scripts Dynamic Photo Gallery 1.0.2 SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote attackers to execute arbitrary SQL commands via the albumID parameter. | 7.5 |
2008-03-04 | CVE-2008-1137 | Joomla Mambo | SQL Injection vulnerability in multiple products SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | 7.5 |
2008-03-04 | CVE-2008-1079 | Beehive Software | Unspecified vulnerability in Beehive Software Sendfile.Net The outboxWriteUnsent function in FTPThread.class in SendFile.jar for Beehive Software SendFile.NET uses hard-coded credentials for an FTP server, which allows remote attackers to gain privileges. | 7.5 |
2008-03-03 | CVE-2008-1122 | Dream4 | SQL Injection vulnerability in Dream4 Koobi PRO 5.7 SQL injection vulnerability in the downloads module in Koobi Pro 5.7 allows remote attackers to execute arbitrary SQL commands via the categ parameter to index.php. | 7.5 |
2008-03-03 | CVE-2008-1121 | Eazyportal | SQL Injection vulnerability in Eazyportal SQL injection vulnerability in index.php in eazyPortal 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the session_vars cookie. | 7.5 |
2008-03-04 | CVE-2008-1140 | Deslock | Permissions, Privileges, and Access Controls vulnerability in Deslock DLMFDISK.sys 1.2.0.27 in DESlock+ 3.2.6 and earlier allows local users to gain privileges via a certain DLKFDISK_IOCTL request to \\.\DLKFDisk_Control that overwrites a data structure associated with a mounted pseudo-filesystem, aka the "ring0 SYSTEM" vulnerability. | 7.2 |
2008-03-04 | CVE-2008-1139 | Deslock | Permissions, Privileges, and Access Controls vulnerability in Deslock DESlock+ 3.2.6 and earlier, when DLMFENC.sys 1.0.0.26 and DLMFDISK.sys 1.2.0.27 are present, allows local users to gain privileges via a certain DLMFENC_IOCTL request to \\.\DLKPFSD_Device that overwrites a pointer, aka the "ring0 link list zero SYSTEM" vulnerability. | 7.2 |
2008-03-04 | CVE-2008-0930 | Debian Freshmeat | Link Following vulnerability in Freshmeat Xwine 1.0.1 w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. | 7.2 |
2008-03-06 | CVE-2008-1198 | Redhat | Unspecified vulnerability in Redhat Enterprise Linux 3.0/4.0/5.0 The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash. | 7.1 |
63 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-03-09 | CVE-2008-1216 | IBM | Improper Input Validation vulnerability in IBM Lotus Quickr Server 8.0 IBM Lotus Quickr 8.0 server, and possibly QuickPlace 7.x, does not properly identify URIs containing cross-site scripting (XSS) attack strings, which allows remote attackers to inject arbitrary web script or HTML via a Calendar OpenDocument action to main.nsf with a Count parameter containing a JavaScript event in a malformed element, as demonstrated by an onload event in an IFRAME element. | 6.8 |
2008-03-06 | CVE-2008-1196 | SUN | Buffer Errors vulnerability in SUN Jdk, JRE and SDK Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file. | 6.8 |
2008-03-06 | CVE-2008-1192 | SUN | 7PK - Security Features vulnerability in SUN Jdk, JRE and SDK Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors. | 6.8 |
2008-03-06 | CVE-2008-1191 | SUN | Unspecified vulnerability in SUN JDK and JRE Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka "The fifth issue." | 6.8 |
2008-03-06 | CVE-2008-1189 | SUN | Buffer Errors vulnerability in SUN Jdk, JRE and SDK Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue. | 6.8 |
2008-03-06 | CVE-2008-1187 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN Jdk, JRE and SDK Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier allows remote attackers to cause a denial of service (JRE crash) and possibly execute arbitrary code via unknown vectors related to XSLT transforms. | 6.8 |
2008-03-06 | CVE-2008-0985 | Buffer Errors vulnerability in Google Android SDK M3Rc37A Heap-based buffer overflow in the GIF library in the WebKit framework for Google Android SDK m3-rc37a and earlier allows remote attackers to execute arbitrary code via a crafted GIF file whose logical screen height and width are different than the actual height and width. | 6.8 | |
2008-03-06 | CVE-2008-0072 | Linux Gnome | USE of Externally-Controlled Format String vulnerability in Gnome Evolution Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field. | 6.8 |
2008-03-05 | CVE-2008-1170 | Kcwiki | Code Injection vulnerability in Kcwiki 1.0 Multiple PHP remote file inclusion vulnerabilities in KCWiki 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the page parameter to (1) minimal/wiki.php and (2) simplest/wiki.php. | 6.8 |
2008-03-05 | CVE-2008-1097 | Imagemagick | Resource Management Errors vulnerability in Imagemagick Graphicsmagick and Imagemagick Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption. | 6.8 |
2008-03-05 | CVE-2008-1096 | Imagemagick | Buffer Errors vulnerability in Imagemagick Graphicsmagick and Imagemagick The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function. | 6.8 |
2008-03-04 | CVE-2008-1148 | Apple Dragonflybsd Freebsd Netbsd Openbsd Cosmicperl Darwin Navision | A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. | 6.8 |
2008-03-04 | CVE-2008-1146 | Apple Dragonflybsd Freebsd Netbsd Openbsd Cosmicperl Darwin Navision | A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 3-bit random hops (aka "Algorithm X3"), as used in OpenBSD 2.8 through 4.2, allows remote attackers to guess sensitive values such as DNS transaction IDs by observing a sequence of previously generated values. | 6.8 |
2008-03-03 | CVE-2008-1128 | Phpmytourney | Code Injection vulnerability in PHPmytourney 2 PHP remote file inclusion vulnerability in tourney/index.php in phpMyTourney 2 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | 6.8 |
2008-03-03 | CVE-2008-1126 | Barryvan Compo | Code Injection vulnerability in Barryvan Compo Barryvan Compo Manager 0.3 PHP remote file inclusion vulnerability in main.php in Barryvan Compo Manager 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the pageURL parameter. | 6.8 |
2008-03-03 | CVE-2008-1124 | Podcast Generator | Code Injection vulnerability in Podcast Generator Podcast Generator Multiple PHP remote file inclusion vulnerabilities in Podcast Generator 1.0 BETA 2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absoluteurl parameter to (1) components/xmlparser/loadparser.php; (2) admin.php, (3) categories.php, (4) categories_add.php, (5) categories_remove.php, (6) edit.php, (7) editdel.php, (8) ftpfeature.php, (9) login.php, (10) pgRSSnews.php, (11) showcat.php, and (12) upload.php in core/admin/; and (13) archive_cat.php, (14) archive_nocat.php, and (15) recent_list.php in core/. | 6.8 |
2008-03-03 | CVE-2008-1123 | Sitebuilder | Code Injection vulnerability in Sitebuilder Elite 1.2 Multiple PHP remote file inclusion vulnerabilities in SiteBuilder Elite 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the CarpPath parameter to (1) files/carprss.php and (2) files/amazon-bestsellers.php. | 6.8 |
2008-03-03 | CVE-2007-6252 | Learn2 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Learn2 Strunner Multiple stack-based buffer overflows in the Learn2 Corporation STRunner (aka Street Technologies) ActiveX control in iestm32.dll allow remote attackers to execute arbitrary code via unspecified vectors. | 6.8 |
2008-03-04 | CVE-2008-1130 | IBM | Improper Authentication vulnerability in IBM Websphere MQ 5.3/6 Unspecified vulnerability in IBM WebSphere MQ 6.0.x before 6.0.2.2 and 5.3 before Fix Pack 14 allows attackers to bypass access restrictions for a queue manager via a SVRCONN (MQ client) channel. | 6.6 |
2008-03-04 | CVE-2008-1134 | Omegasoft | Improper Authentication vulnerability in Omegasoft Interneserviceslosungen 7 OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 supports authentication with a cookie that lacks a shared secret, which allows remote attackers to login as an arbitrary user via a modified cookie. | 6.4 |
2008-03-04 | CVE-2008-0931 | Debian Xwine | Permissions, Privileges, and Access Controls vulnerability in Xwine 1.0.1 w_export.c in XWine 1.0.1 on Debian GNU/Linux sets insecure permissions (0666) for /etc/wine/config, which might allow local users to execute arbitrary commands or cause a denial of service by modifying the file. | 6.3 |
2008-03-03 | CVE-2008-1127 | Crytek | USE of Externally-Controlled Format String vulnerability in Crytek Crysis 1.1.1.5879 Format string vulnerability in the cryactio function in Crysis 1.1.1.5879 allows remote authenticated users to execute arbitrary code via format string specifiers in the user name, which is triggered when the game character is killed. | 6.0 |
2008-03-04 | CVE-2008-1149 | Phpmyadmin | Cross-Site Request Forgery (CSRF) vulnerability in PHPmyadmin phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by using crafted cookies. | 5.1 |
2008-03-08 | CVE-2008-1207 | Fujitsu | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Fujitsu products Multiple unspecified vulnerabilities in Fujitsu Interstage Smart Repository, as used in multiple Fujitsu Interstage products, allow remote attackers to cause a denial of service (daemon crash) via (1) an invalid request or (2) a large amount of data sent to the registered attribute value. | 5.0 |
2008-03-06 | CVE-2008-1184 | Dnssec Tools | Credentials Management vulnerability in Dnssec-Tools The DNSSEC validation library (libval) library in dnssec-tools before 1.3.1 does not properly check that the signing key is the APEX trust anchor, which might allow attackers to conduct unspecified attacks. | 5.0 |
2008-03-06 | CVE-2008-1181 | Juniper | Information Exposure vulnerability in Juniper Secure Access 2000 5.5 Juniper Networks Secure Access 2000 5.5 R1 (build 11711) allows remote attackers to obtain sensitive information via a direct request for remediate.cgi without certain parameters, which reveals the path in an "Execute failed" error message. | 5.0 |
2008-03-05 | CVE-2008-1166 | Flyspray | Information Exposure vulnerability in Flyspray Flyspray 0.9.9.4 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames. | 5.0 |
2008-03-05 | CVE-2008-1099 | Moinmoin | Permissions, Privileges, and Access Controls vulnerability in Moinmoin _macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not properly enforce ACLs, which allows remote attackers to read protected pages. | 5.0 |
2008-03-04 | CVE-2008-1111 | Lighttpd | Information Exposure vulnerability in Lighttpd 1.4.18 mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information. | 5.0 |
2008-03-04 | CVE-2008-1135 | Omegasoft | Information Exposure vulnerability in Omegasoft Interneserviceslosungen 7 OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 generates different responses depending on whether or not a username is valid in a failed login attempt, which allows remote attackers to enumerate valid usernames. | 5.0 |
2008-03-04 | CVE-2007-6702 | Goahead Software | Information Exposure vulnerability in Goahead Software Fs4104-Aw Device and Goahead Webserver goform/QuickStart_c0 on the GoAhead Web Server on the FS4104-AW (aka rooter) VDSL device contains a password in the typepassword field, which allows remote attackers to obtain this password by reading the HTML source, a different vulnerability than CVE-2002-1603. | 5.0 |
2008-03-03 | CVE-2008-1125 | Podcast Generator | Path Traversal vulnerability in Podcast Generator Podcast Generator Multiple directory traversal vulnerabilities in Podcast Generator 1.0 BETA 2 and earlier allow remote attackers to read arbitrary files via a .. | 5.0 |
2008-03-03 | CVE-2008-1119 | Centreon | Path Traversal vulnerability in Centreon Directory traversal vulnerability in include/doc/get_image.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2008-03-08 | CVE-2008-1205 | SUN | Local Denial of Service vulnerability in SUN Solaris 10 Unspecified vulnerability in the ipsecah kernel module in Sun Solaris 10, when a key management daemon for IPsec security associations is running, allows local users to cause a denial of service (panic) via unspecified vectors. | 4.9 |
2008-03-04 | CVE-2008-1141 | Deslock | Resource Management Errors vulnerability in Deslock Memory leak in DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (kernel memory consumption) via a series of DLMFENC_IOCTL requests to \\.\DLKPFSD_Device that allocate "link list structures." | 4.9 |
2008-03-04 | CVE-2008-1138 | Deslock | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Deslock DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (system crash) via a certain ZERO_MEM DLMFENC_IOCTL request to \\.\DLKPFSD_Device, aka the "ring0 link list zero" vulnerability. | 4.9 |
2008-03-03 | CVE-2008-1115 | SUN | Local Denial of Service vulnerability in SUN Solaris 8 Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a denial of service (panic) via an unspecified sequence of system calls or commands. | 4.9 |
2008-03-04 | CVE-2008-1132 | NET Activity Viewer | Permissions, Privileges, and Access Controls vulnerability in NET Activity Viewer NET Activity Viewer 0.2.1 Untrusted search path vulnerability in src/mainwindow.c in Net Activity Viewer 0.2.1 allows local users with Net Activity Viewer privileges to execute arbitrary code via a malicious gksu program, which is invoked during the Restart As Root action. | 4.7 |
2008-03-03 | CVE-2008-0928 | Qemu | Permissions, Privileges, and Access Controls vulnerability in Qemu Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine. | 4.7 |
2008-03-09 | CVE-2008-1215 | Freebsd Netbsd Openbsd | Permissions, Privileges, and Access Controls vulnerability in multiple products Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters. | 4.6 |
2008-03-06 | CVE-2008-1199 | Dovecot | Configuration vulnerability in Dovecot Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack. | 4.4 |
2008-03-08 | CVE-2008-1213 | Linux Numara | Cross-Site Scripting vulnerability in Numara Footprints 8.1 Cross-site scripting (XSS) vulnerability in Numara FootPrints for Linux 8.1 allows remote attackers to inject arbitrary web script or HTML via the Title form field when setting an appointment. | 4.3 |
2008-03-08 | CVE-2008-1212 | Podcast Generator | Cross-Site Scripting vulnerability in Podcast Generator Podcast Generator 0.96.2 Cross-site scripting (XSS) vulnerability in set_permissions.php in Podcast Generator 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the scriptlang parameter. | 4.3 |
2008-03-08 | CVE-2008-1211 | Bosdev | Cross-Site Scripting vulnerability in Bosdev Bosdates Cross-site scripting (XSS) vulnerability in BosDates 3.x and 4.x allows remote attackers to inject arbitrary web script or HTML via (1) the type parameter in calendar.php and (2) the category parameter in calendar_search.php. | 4.3 |
2008-03-08 | CVE-2008-1209 | Xitex | Cross-Site Scripting vulnerability in Xitex Webcontent M1 Cross-site scripting (XSS) vulnerability in redirect.do in Xitex WebContent M1 allows remote attackers to inject arbitrary web script or HTML via the sid parameter. | 4.3 |
2008-03-08 | CVE-2008-1208 | Checkpoint | Cross-Site Scripting vulnerability in Checkpoint Vpn-1 UTM Edge W Embedded NGX 7.0.48 Cross-site scripting (XSS) vulnerability in the login page in Check Point VPN-1 UTM Edge W Embedded NGX 7.0.48x allows remote attackers to inject arbitrary web script or HTML via the user parameter. | 4.3 |
2008-03-08 | CVE-2008-1204 | SUN | Cross-Site Scripting vulnerability in SUN Java System Access Manager 7.0/7.02005Q4/7.1 Multiple cross-site scripting (XSS) vulnerabilities in the Administration Console in Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) Help and (2) Version windows. | 4.3 |
2008-03-06 | CVE-2008-1194 | SUN | Unspecified vulnerability in SUN JDK and JRE Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors. | 4.3 |
2008-03-06 | CVE-2008-1183 | Crafty Syntax Live Help | Cross-Site Scripting vulnerability in Crafty Syntax Live Help Crafty Syntax Live Help 2.4.13/2.4.14/2.4.15 Multiple cross-site scripting (XSS) vulnerabilities in Crafty Syntax Live Help (CSLH) before 2.14.6 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) livehelp.php, (2) user_questions.php, and (3) leavemessage.php. | 4.3 |
2008-03-06 | CVE-2008-1182 | BSD Perimeter | Cross-Site Scripting vulnerability in BSD Perimeter Pfsense 1.0.1/1.2 Cross-site scripting (XSS) vulnerability in BSD Perimeter pfSense before 1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-03-06 | CVE-2008-1180 | Juniper | Cross-Site Scripting vulnerability in Juniper Secure Access 2000 5.5 Cross-site scripting (XSS) vulnerability in dana-na/auth/rdremediate.cgi in Juniper Networks Secure Access 2000 5.5 R1 build 11711 allows remote attackers to inject arbitrary web script or HTML via the delivery_mode parameter. | 4.3 |
2008-03-06 | CVE-2008-1179 | Centreon | Cross-Site Scripting vulnerability in Centreon Multiple cross-site scripting (XSS) vulnerabilities in include/common/javascript/color_picker.php in Centreon 1.4.2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) title parameters. | 4.3 |
2008-03-06 | CVE-2008-1178 | Centreon | Path Traversal vulnerability in Centreon Directory traversal vulnerability in include/doc/index.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. | 4.3 |
2008-03-06 | CVE-2008-1175 | Flicks Software | Cross-Site Scripting vulnerability in Flicks Software Authentix 6.3B1 Cross-site scripting (XSS) vulnerability in AuthentiX 6.3b1 Trial allows remote attackers to inject arbitrary web script or HTML via the username parameter to aspAdmin/deleteUser.asp, a different vector than CVE-2008-1174. | 4.3 |
2008-03-06 | CVE-2008-1174 | Flicks Software | Cross-Site Scripting vulnerability in Flicks Software Authentix 6.3B1 Cross-site scripting (XSS) vulnerability in editUser.asp in AuthentiX 6.3b1 Trial allows remote attackers to inject arbitrary web script or HTML via the username parameter. | 4.3 |
2008-03-06 | CVE-2008-1173 | Torrenttrader | Cross-Site Scripting vulnerability in Torrenttrader and Torrenttrader Classic Cross-site scripting (XSS) vulnerability in account-inbox.php in TorrentTrader Classic 1.08 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 4.3 |
2008-03-06 | CVE-2008-1172 | Torrenttrader | Cross-Site Request Forgery (CSRF) vulnerability in Torrenttrader and Torrenttrader Classic Cross-site request forgery (CSRF) vulnerabilities in account-inbox.php in TorrentTrader Classic 1.08 allow remote attackers to perform certain actions as other users, as demonstrated by sending messages. | 4.3 |
2008-03-05 | CVE-2008-1168 | Sarg | Cross-Site Scripting vulnerability in Sarg Squid Analysis Report Generator 2.2.3.1 Cross-site scripting (XSS) vulnerability in Squid Analysis Report Generator (Sarg) 2.2.3.1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent header, which is not properly handled when displaying the Squid proxy log. | 4.3 |
2008-03-05 | CVE-2008-1165 | Flyspray | Cross-Site Scripting vulnerability in Flyspray Multiple cross-site scripting (XSS) vulnerabilities in Flyspray 0.9.9 through 0.9.9.4 allow remote attackers to inject arbitrary web script or HTML via (1) a forced SQL error message or (2) old_value and new_value database fields in task summaries, related to the item_summary parameter in a details action in index.php. | 4.3 |
2008-03-05 | CVE-2008-1098 | Moinmoin | Cross-Site Scripting vulnerability in Moinmoin Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) certain input processed by formatter/text_gedit.py (aka the gui editor formatter); (2) a page name, which triggers an injection in PageEditor.py when the page is successfully deleted by a victim in a DeletePage action; or (3) the destination page name for a RenamePage action, which triggers an injection in PageEditor.py when a victim's rename attempt fails because of a duplicate name. | 4.3 |
2008-03-04 | CVE-2008-1133 | Drupal | Cross-Site Scripting vulnerability in Drupal The Drupal.checkPlain function in Drupal 6.0 only escapes the first instance of a character in ECMAScript, which allows remote attackers to conduct cross-site scripting (XSS) attacks. | 4.3 |
2008-03-04 | CVE-2008-1129 | Xrms CRM | Cross-Site Scripting vulnerability in Xrms CRM Xrms 1.99.2 Cross-site scripting (XSS) vulnerability in admin/users/self.php in XRMS CRM allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 4.3 |
2008-03-03 | CVE-2008-1114 | Vocera | Improper Input Validation vulnerability in Vocera Wireless Handset Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks. | 4.3 |
5 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-03-06 | CVE-2008-0883 | Suse Adobe | Link Following vulnerability in Adobe Acrobat Reader 8.1.2 acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling. | 3.7 |
2008-03-04 | CVE-2008-1131 | Drupal | Cross-Site Scripting vulnerability in Drupal 6.0 Cross-site scripting (XSS) vulnerability in Drupal 6.0 allows remote authenticated users to inject arbitrary web script or HTML via titles in content edit forms. | 3.5 |
2008-03-09 | CVE-2007-6705 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere MQ The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client for Windows, when running in an MTS or a COM+ environment, grants the PROCESS_DUP_HANDLE privilege to the Everyone group upon connection to a queue manager, which allows local users to duplicate an arbitrary handle and possibly hijack an arbitrary process. | 3.3 |
2008-03-06 | CVE-2008-1176 | Affiliate Market | Cross-Site Scripting vulnerability in Affiliate Market Affiliate Market 0.1Beta Cross-site scripting (XSS) vulnerability in function/sideblock.php in Affiliate Market (affmarket) 0.1 BETA allows remote attackers to inject arbitrary web script or HTML via the sideblock4 parameter. | 2.6 |
2008-03-05 | CVE-2007-6704 | F5 | Cross-Site Scripting vulnerability in F5 Firepass 4100 Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to (1) my.activation.php3 and (2) my.logon.php3. | 2.6 |