Weekly Vulnerabilities Reports > April 14 to 20, 2008

Overview

139 new vulnerabilities reported during this period, including 29 critical vulnerabilities and 34 high severity vulnerabilities. This weekly summary report vulnerabilities in 130 products from 81 vendors including Oracle, Prozilla, Clam Anti Virus, Microsoft, and HP. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Resource Management Errors", and "Path Traversal".

  • 128 reported vulnerabilities are remotely exploitables.
  • 46 reported vulnerabilities have public exploit available.
  • 55 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 117 reported vulnerabilities are exploitable by an anonymous user.
  • Oracle has the most reported vulnerabilities, with 21 reported vulnerabilities.
  • Oracle has the most reported critical vulnerabilities, with 15 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

29 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-04-16 CVE-2008-1842 HP Numeric Errors vulnerability in HP Openview Network Node Manager

Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 8.01, and 7.53 and earlier, allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a long request to TCP port 8886 that begins with a certain negative integer, which passes a signed comparison and triggers a heap-based buffer overflow.

10.0
2008-04-16 CVE-2008-1155 Cisco Information Exposure vulnerability in Cisco Network Admission Control

Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.

10.0
2008-04-16 CVE-2008-1831 Oracle Unspecified vulnerability in Oracle Siebel Enterprise 7.8.2/7.8.5

Multiple unspecified vulnerabilities in the Siebel SimBuilder component in Oracle Siebel Enterprise 7.8.2 and 7.8.5 have unknown impact and remote or local attack vectors, aka (1) SEBL01, (2) SEBL02, (3) SEBL03, (4) SEBL04, (5) SEBL05, and (6) SEBL06.

10.0
2008-04-16 CVE-2008-1827 Oracle Unspecified vulnerability in Oracle E-Business Suite 11I and E-Business Suite 12

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 and 12.0.4 have unknown impact and attack vectors related to (a) Advanced Pricing component, aka (1) APP02, (2) APP03, and (3) APP09; (b) Application Object Library component, aka (4) APP04, (5) APP07, and (6) APP11; (c) Applications Manager component, aka (7) APP06; (d) and Applications Technology Stack component, aka (8) APP08.

10.0
2008-04-16 CVE-2008-1826 Oracle Unspecified vulnerability in Oracle E-Business Suite 11.5.10.2

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and attack vectors related to (a) Advanced Pricing, aka (1) APP01 and (2) APP10; and (b) Applications Framework, aka (3) APP05.

10.0
2008-04-16 CVE-2008-1825 Oracle Unspecified vulnerability in Oracle Application Server 9I 9.0.4.3

Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 has unknown impact and remote attack vectors, aka AS03.

10.0
2008-04-16 CVE-2008-1824 Oracle Unspecified vulnerability in Oracle Application Server 10G and Application Server 9I

Unspecified vulnerability in the Oracle Dynamic Monitoring Service component in Oracle Application Server 9.0.4.3, 10.1.2.2, and 10.1.3.3 has unknown impact and remote attack vectors, aka AS02.

10.0
2008-04-16 CVE-2008-1823 Oracle Unspecified vulnerability in Oracle Jinitiator 1.3.1.14

Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.14 has unknown impact and remote attack vectors, aka AS01.

10.0
2008-04-16 CVE-2008-1822 Oracle Unspecified vulnerability in Oracle Application Express 3.0.1

Unspecified vulnerability in the Oracle Application Express component in Oracle Application Express 3.0.1 has unknown impact and remote attack vectors, aka APEX02.

10.0
2008-04-16 CVE-2008-1818 Oracle Unspecified vulnerability in Oracle Database Server 11.1.0.6

Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown impact and remote attack vectors, aka DB08.

10.0
2008-04-16 CVE-2008-1812 Oracle Unspecified vulnerability in Oracle Application Server and Database 9I

Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS+; Application Server 1.0.2.2; and Enterprise Manager for AS 1.0.2.2 and Database 9.0.1.5 has unknown impact and local attack vectors, aka EM01.

10.0
2008-04-14 CVE-2008-1100 Clam Anti Virus Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Clam Anti-Virus Clamav 0.92/0.92.1

Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.

10.0
2008-04-14 CVE-2008-0961 EMC Improper Authentication vulnerability in EMC Diskxtender 6.20.060

EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to bypass authentication via the RPC interface.

10.0
2008-04-18 CVE-2008-1887 Python Software Foundation Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Python Software Foundation Python

Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.

9.3
2008-04-17 CVE-2008-1860 Lokicms Code Injection vulnerability in Lokicms

Static code injection vulnerability in admin.php in LokiCMS 0.3.3 and earlier allows remote attackers to inject arbitrary PHP code into includes/Config.php via the default parameter.

9.3
2008-04-17 CVE-2008-1380 Mozilla Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page.

9.3
2008-04-17 CVE-2008-0320 Openoffice Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openoffice Openoffice.Org

Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.

9.3
2008-04-16 CVE-2007-6713 Flip4Mac Security vulnerability in Flip4Mac WMV File Handling

Unspecified vulnerability in Flip4Mac WMV before 2.2.0.49 has unknown impact and attack vectors related to malformed WMV files.

9.3
2008-04-16 CVE-2008-1786 Computer Associates Code Injection vulnerability in Computer Associates products

The DSM gui_cm_ctrls ActiveX control (gui_cm_ctrls.ocx), as used in multiple CA products including BrightStor ARCServe Backup for Laptops and Desktops r11.5, Desktop Management Suite r11.1 through r11.2 C2; Unicenter r11.1 through r11.2 C2; and Desktop and Server Management r11.1 through r11.2 C2 allows remote attackers to execute arbitrary code via crafted function arguments.

9.3
2008-04-17 CVE-2008-1866 Pixel Motion Code Injection vulnerability in Pixel Motion Pixel Motion Blog

admin/modif_config.php in Blog Pixel Motion (aka PixelMotion) does not require admin authentication, which allows remote authenticated users to upload arbitrary PHP scripts in a ZIP archive, which is written to templateZip/ and then automatically extracted under templates/ for execution via a direct request.

9.0
2008-04-16 CVE-2008-0892 Redhat
RED HAT
Improper Input Validation vulnerability in multiple products

The replication monitor CGI script (repl-monitor-cgi.pl) in Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, allows remote attackers to execute arbitrary commands.

9.0
2008-04-16 CVE-2008-1830 Jdedwards
Oracle
Unspecified vulnerability in the PeopleSoft HCM ePerformance component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 and 9.0 has unknown impact and remote attack vectors, aka PSE03.
9.0
2008-04-16 CVE-2008-1829 Oracle Unspecified vulnerability in Oracle Enterpriseone and Peoplesoft Enterprise

Unspecified vulnerability in the PeopleSoft HCM Recruiting component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.8 SP1 has unknown impact and remote attack vectors, aka PSE02.

9.0
2008-04-16 CVE-2008-1828 Jdedwards
Oracle
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.19, 8.48.16, and 8.49.09 has unknown impact and remote authenticated attack vectors, aka PSE01.
9.0
2008-04-16 CVE-2008-1821 Oracle Unspecified vulnerability in Oracle Database Server 10.1.0.5/9.0.1.5

Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.0.1.5 FIPS+, and 10.1.0.5 has unknown impact and remote attack vectors related to SYS.DBMS_AQJMS_INTERNAL, aka DB15.

9.0
2008-04-16 CVE-2008-1817 Oracle Unspecified vulnerability in Oracle Database 9I and Database Server

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to (1) SDO_IDX in the Spatial component, aka DB07; and (2) Core RDBMS, aka DB10.

9.0
2008-04-16 CVE-2008-1814 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3 and 10.1.2.2; and Oracle Collaboration Suite 10.1.2; has unknown impact and remote attack vectors, aka DB04.

9.0
2008-04-14 CVE-2008-0963 EMC USE of Externally-Controlled Format String vulnerability in EMC Diskxtender 6.20.060

Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface.

9.0
2008-04-14 CVE-2008-0962 EMC Buffer Errors vulnerability in EMC Diskxtender 6.20.060

Stack-based buffer overflow in the File System Manager for EMC DiskXtender 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted request to the RPC interface.

9.0

34 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-04-16 CVE-2008-1852 HP Resource Management Errors vulnerability in HP Openview Network Node Manager 7.51/7.53

ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and possibly other versions allows remote attackers to cause a denial of service (crash) via certain requests that specify a large number of sub-arguments, which triggers a NULL pointer dereference due to memory allocation failure.

7.8
2008-04-18 CVE-2008-1895 Carboncommunities SQL Injection vulnerability in Carboncommunities Carbon Communities

Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to events.asp, the (2) UserName parameter to getpassword.asp, and possibly an unspecified parameter to (3) option_Update.asp in an edit action.

7.5
2008-04-18 CVE-2008-1893 W2B Code Injection vulnerability in W2B Online Banking

PHP remote file inclusion vulnerability in index.php in W2B Online Banking allows remote attackers to execute arbitrary PHP code via a URL in the ilang parameter.

7.5
2008-04-18 CVE-2008-1890 Joomla
Azrul
SQL Injection vulnerability in Azrul JOM Comment 2.0

SQL injection vulnerability in the Jom Comment 2.0 build 345 component for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2008-04-18 CVE-2008-1889 Xplodphp SQL Injection vulnerability in Xplodphp Autotutorials 2.1

SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials 2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-04-18 CVE-2008-1886 Cdnetworks Cryptographic Issues vulnerability in Cdnetworks Download Client

The NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in CDNetworks Nefficient Download uses weak cryptography for a KeyCode that blocks unauthorized use of the control, which allows remote attackers to bypass this protection mechanism by calculating the required KeyCode.

7.5
2008-04-17 CVE-2008-1878 Xine Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xine Xine-Lib

Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine-lib 1.1.12 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long NSF title.

7.5
2008-04-17 CVE-2008-1875 Terong SQL Injection vulnerability in Terong Advanced web Photo Gallery 1.0

SQL injection vulnerability in index.php in Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 allows remote attackers to execute arbitrary SQL commands via the photo_id parameter.

7.5
2008-04-17 CVE-2008-1872 Comdev SQL Injection vulnerability in Comdev News Publisher 4.1.2

SQL injection vulnerability in home.news.php in Comdev News Publisher 4.1.2 allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter.

7.5
2008-04-17 CVE-2008-1870 Geek247 SQL Injection vulnerability in Geek247 Pigmy-Sql 1.4

SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-04-17 CVE-2008-1869 Site Sift Media SQL Injection vulnerability in Site Sift Media Site Sift Listings

SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.

7.5
2008-04-17 CVE-2008-1868 Pixel Motion Improper Authentication vulnerability in Pixel Motion Pixel Motion Blog

admin/sauvBase.php in Blog Pixel Motion (aka Blog PixelMotion) does not require authentication, which allows remote attackers to trigger a database backup dump, and obtain the resulting blogPM.sql file that contains sensitive information.

7.5
2008-04-17 CVE-2008-1867 Pixel Motion SQL Injection vulnerability in Pixel Motion Pixel Motion Blog

SQL injection vulnerability in Blog Pixel Motion (aka Blog PixelMotion) allows remote attackers to execute arbitrary SQL commands via the categorie parameter to index.php, possibly related to include/requetesIndex.php.

7.5
2008-04-17 CVE-2008-1864 Prozilla SQL Injection vulnerability in Prozilla Freelancers

SQL injection vulnerability in project.php in Prozilla Freelancers allows remote attackers to execute arbitrary SQL commands via the project parameter.

7.5
2008-04-17 CVE-2008-1863 Prozilla SQL Injection vulnerability in Prozilla Cheats 2.0

SQL injection vulnerability in view_reviews.php in Prozilla Cheat Script (aka Cheats) 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-04-16 CVE-2008-1859 Iscripts SQL Injection vulnerability in Iscripts Socialware

SQL injection vulnerability in events.php in iScripts SocialWare allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.

7.5
2008-04-16 CVE-2008-1858 724Cms SQL Injection vulnerability in 724Cms

SQL injection vulnerability in index.php in 724Networks 724CMS 4.01 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter.

7.5
2008-04-16 CVE-2008-0893 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat Directory Server 8.0

Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions.

7.5
2008-04-16 CVE-2008-1847 Coronamatrix SQL Injection vulnerability in Coronamatrix PHPaddressbook 2.11

SQL injection vulnerability in view.php in CoronaMatrix phpAddressBook 2.11 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-04-16 CVE-2008-1844 W2B SQL Injection vulnerability in W2B PHPhotresources

SQL injection vulnerability in cat.php in W2B phpHotResources allows remote attackers to execute arbitrary SQL commands via the kind parameter.

7.5
2008-04-16 CVE-2008-1843 W2B SQL Injection vulnerability in W2B Dating Club

SQL injection vulnerability in browse.php in W2B DatingClub (aka Dating Club) allows remote attackers to execute arbitrary SQL commands via the age_to parameter in a browsebyCat action.

7.5
2008-04-16 CVE-2008-1838 Bosdev SQL Injection vulnerability in Bosdev Bosclassifieds ADS Systems 3.0

SQL injection vulnerability in BosClassifieds Classified Ads System 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php.

7.5
2008-04-16 CVE-2008-1833 Clam Anti Virus Buffer Errors vulnerability in Clam Anti-Virus Clamav 0.92.1

Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary.

7.5
2008-04-16 CVE-2008-1771 Fireflymediaserver Numeric Errors vulnerability in Fireflymediaserver 0.2.4.1

Integer overflow in the ws_getpostvars function in Firefly Media Server (formerly mt-daapd) 0.2.4.1 (0.9~r1696-1.2 on Debian) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a large Content-Length.

7.5
2008-04-16 CVE-2008-0314 Clam Anti Virus Buffer Errors vulnerability in Clam Anti-Virus Clamav 0.92.1

Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary with a modified length value.

7.5
2008-04-15 CVE-2008-1798 Dragoon Path Traversal vulnerability in Dragoon 0.1

Directory traversal vulnerability in forum/kietu/libs/calendrier.php in Dragoon 0.1 allows remote attackers to include and execute arbitrary local files via a ..

7.5
2008-04-15 CVE-2008-1791 Mygamingladder SQL Injection vulnerability in Mygamingladder

SQL injection vulnerability in ladder.php in My Gaming Ladder 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the ladderid parameter.

7.5
2008-04-15 CVE-2008-1788 Prozilla SQL Injection vulnerability in Prozilla Entertainers 1.1

SQL injection vulnerability in directory.php in Prozilla Entertainers 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter.

7.5
2008-04-15 CVE-2008-1784 Prozilla Permissions, Privileges, and Access Controls vulnerability in Prozilla Topsites 1.0

Prozilla Topsites 1.0 allows remote attackers to perform administrative actions via a direct request to (1) addu.php, (2) editu.php, and (3) uidx.php in siteadmin/.

7.5
2008-04-14 CVE-2008-1774 Pligg SQL Injection vulnerability in Pligg CMS 9.9.0

SQL injection vulnerability in editlink.php in Pligg 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-04-14 CVE-2008-1382 Libpng Numeric Errors vulnerability in Libpng

libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory.

7.5
2008-04-16 CVE-2008-1845 Mirbsd Local Privilege Escalation vulnerability in Mirbsd Miros 33

The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does not flush the tty's I/O when invoking mksh in a new terminal, which allows local users to gain privileges by opening a virtual terminal and entering command sequences, which might later be executed in opportunistic circumstances by a different user who launches mksh and specifies that terminal with the -T option.

7.2
2008-04-16 CVE-2008-1819 Oracle Unspecified vulnerability in Oracle Database 9I and Database Server

Unspecified vulnerability in the Oracle Net Services component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors, aka DB09.

7.2
2008-04-15 CVE-2008-1797 Secure Computing Remote Denial of Service vulnerability in Secure Computing Webwasher Malformed URL

Unspecified vulnerability in Secure Computing Webwasher 5.30 before build 3159 and 6.3.0 before build 3150 allows remote attackers to cause a denial of service (freeze) via a crafted URL.

7.1

71 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-04-16 CVE-2007-5758 IBM Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM DB2 Universal Database 8/9.1/9.5

Stack-based buffer overflow in db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to execute arbitrary code via a long DASPROF environment variable.

6.9
2008-04-16 CVE-2007-5664 IBM Link Following vulnerability in IBM DB2 Universal Database 8/9.1/9.5

db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization.

6.9
2008-04-18 CVE-2008-1885 Cdnetworks Path Traversal vulnerability in Cdnetworks Download Client

Directory traversal vulnerability in the NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in CDNetworks Nefficient Download allows remote attackers to download arbitrary code onto a client system via a ..

6.8
2008-04-18 CVE-2008-1883 Blackboard Improper Authentication vulnerability in Blackboard Academic Suite

The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easier for remote attackers to access accounts via a modified client that skips the javascript/md5.js hash calculation, and instead sends an arbitrary MD5 string.

6.8
2008-04-18 CVE-2008-1693 Poppler Improper Input Validation vulnerability in Poppler

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object.

6.8
2008-04-17 CVE-2008-1881 Videolan Buffer Errors vulnerability in Videolan VLC 0.8.6E

Stack-based buffer overflow in the ParseSSA function (modules/demux/subtitle.c) in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file.

6.8
2008-04-17 CVE-2007-6714 Dbmail Improper Authentication vulnerability in Dbmail 2.2.6/2.2.7/2.2.8

DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication.

6.8
2008-04-17 CVE-2008-1876 Snarky Code Injection vulnerability in Snarky Visualpic 0.3.1

PHP remote file inclusion vulnerability in index.php in VisualPic 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the _CONFIG[files][functions_page] parameter.

6.8
2008-04-17 CVE-2008-1862 Exbb Improper Input Validation vulnerability in Exbb Italia

ExBB Italia 0.22 and earlier only checks GET requests that use the QUERY_STRING for certain path manipulations, which allows remote attackers to bypass this check via (1) POST or (2) COOKIE variables, a different vector than CVE-2006-4488.

6.8
2008-04-17 CVE-2008-1026 Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari 3/3.1

Integer overflow in the PCRE regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to execute arbitrary code via a regular expression with large, nested repetition counts, which triggers a heap-based buffer overflow.

6.8
2008-04-17 CVE-2008-1024 Microsoft
Apple
Resource Management Errors vulnerability in Apple Safari 3/3.1

Apple Safari before 3.1.1, when running on Windows XP or Vista, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file download with a crafted file name, which triggers memory corruption.

6.8
2008-04-17 CVE-2007-5747 SUN Numeric Errors vulnerability in SUN Openoffice.Org

Integer underflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted values that trigger an excessive loop and a stack-based buffer overflow.

6.8
2008-04-17 CVE-2007-5746 Openoffice Numeric Errors vulnerability in Openoffice Openoffice.Org

Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.

6.8
2008-04-17 CVE-2007-5745 Openoffice Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openoffice

Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description records.

6.8
2008-04-16 CVE-2008-1857 Mole Path Traversal vulnerability in Mole Make OUR Life Easy 2.1.0

Multiple directory traversal vulnerabilities in viewsource.php in Make our Life Easy (Mole) 2.1.0 allow remote attackers to read arbitrary files via directory traversal sequences in the (1) dirn and (2) fname parameters.

6.8
2008-04-16 CVE-2008-1841 Coppermine SQL Injection vulnerability in Coppermine Photo Gallery

SQL injection vulnerability in the session handling functionality in bridge/coppermine.inc.php in Coppermine Photo Gallery (CPG) 1.4.17 and earlier allows remote attackers to execute arbitrary SQL commands via an input field associated with the session_id variable, as exploited in the wild in April 2008.

6.8
2008-04-15 CVE-2008-1789 Prozilla SQL Injection vulnerability in Prozilla Forum

SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter.

6.8
2008-04-14 CVE-2008-1779 SUN Resource Management Errors vulnerability in SUN Solaris 10/8/9

Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via unknown vectors related to self encapsulated IP packets.

6.8
2008-04-14 CVE-2008-1776 Phpblock Code Injection vulnerability in PHPblock A8.4

PHP remote file inclusion vulnerability in modules/basicfog/basicfogfactory.class.php in PhpBlock A8.4 allows remote attackers to execute arbitrary PHP code via a URL in the PATH_TO_CODE parameter.

6.8
2008-04-14 CVE-2008-1773 Dragoon Code Injection vulnerability in Dragoon 0.1

PHP remote file inclusion vulnerability in includes/header.inc.php in Dragoon 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.

6.8
2008-04-14 CVE-2008-1778 SUN Configuration vulnerability in SUN Sunos 5.10/5.9

Unspecified vulnerability in the floating point context switch implementation in Sun Solaris 9 and 10 on x86 platforms might allow local users to cause a denial of service (application exit), corrupt data, or trigger incorrect calculations via unknown vectors.

6.6
2008-04-17 CVE-2008-1874 Xpoze SQL Injection vulnerability in Xpoze PRO

SQL injection vulnerability in account/user/mail.html in Xpoze Pro 3.05 and earlier allows remote authenticated users to execute arbitrary SQL commands via the reed parameter.

6.5
2008-04-17 CVE-2008-1871 Scriptsagent SQL Injection vulnerability in Scriptsagent Links Directory 1.1

SQL injection vulnerability in links.php in Scriptsagent.com Links Directory 1.1 allows remote authenticated users to execute arbitrary SQL commands via the cat_id parameter in a list action.

6.5
2008-04-16 CVE-2008-1840 Coppermine SQL Injection vulnerability in Coppermine Photo Gallery

SQL injection vulnerability in upload.php in Coppermine Photo Gallery (CPG) 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload.

6.5
2008-04-16 CVE-2008-1813 Oracle Unspecified vulnerability in Oracle Database 9I and Database Server

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote unauthenticated or authenticated attack vectors related to (1) SYS.DBMS_AQ in the Advanced Queuing component, aka DB01; (2) Core RDBMS, aka DB03; (3) SDO_GEOM in Oracle Spatial, aka DB06; (4) Export, aka DB12; and (5) DBMS_STATS in Query Optimizer, aka DB13.

6.5
2008-04-15 CVE-2008-1790 Iscripts Permissions, Privileges, and Access Controls vulnerability in Iscripts Socialware

Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality.

6.5
2008-04-15 CVE-2008-1783 Prozilla Permissions, Privileges, and Access Controls vulnerability in Prozilla Reviews 1.0

Prozilla Reviews 1.0 allows remote attackers to delete arbitrary users via a modified UserID parameter in a direct request to siteadmin/DeleteUser.php.

6.4
2008-04-16 CVE-2008-1816 Oracle Unspecified vulnerability in Oracle Database Server 10.1.0.5/10.2.0.3

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 have unknown impact and remote authenticated attack vectors related to (1) SDO_UTIL in the Oracle Spatial component, aka DB05; or (2) fine grained auditing in the Audit component, aka DB14.

5.5
2008-04-16 CVE-2008-1815 Oracle Unspecified vulnerability in Oracle Database 10G and Database 11G

Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to DBMS_CDC_UTILITY, aka DB02.

5.5
2008-04-16 CVE-2008-1811 Oracle Unspecified vulnerability in Oracle Application Express 3.0.1

Unspecified vulnerability in Oracle Application Express 3.0.1 has unspecified impact and remote authenticated attack vectors related to flows_030000.wwv_execute_immediate, aka APEX01.

5.5
2008-04-15 CVE-2008-1785 Prozilla Improper Input Validation vulnerability in Prozilla TOP 100 1.2

delete.php in Prozilla Top 100 1.2 allows remote authenticated users to delete statistics and accounts of arbitrary users via a modified s parameter.

5.5
2008-04-17 CVE-2008-1861 Exbb Path Traversal vulnerability in Exbb Italia

Directory traversal vulnerability in modules/threadstop/threadstop.php in ExBB Italia 0.22 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a ..

5.1
2008-04-16 CVE-2008-1856 Linpha Improper Input Validation vulnerability in Linpha

plugins/maps/db_handler.php in LinPHA 1.3.3 and earlier does not require authentication for a settings action that modifies the configuration file, which allows remote attackers to conduct directory traversal attacks and execute arbitrary local files by placing directory traversal sequences into the maps_type configuration setting, and then sending a request to maps_view.php, which causes plugins/maps/map.main.class.php to use the modified configuration.

5.1
2008-04-18 CVE-2008-1891 Ruby Lang Path Traversal vulnerability in Ruby-Lang Ruby

Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing (1) + (plus), (2) %2b (encoded plus), (3) .

5.0
2008-04-18 CVE-2008-1884 Wikepage Path Traversal vulnerability in Wikepage Opus 132007.2

Directory traversal vulnerability in index.php in Wikepage Opus 13 2007.2 allows remote attackers to read arbitrary files via directory traversal sequences in the wiki parameter, a different vector than CVE-2006-4418.

5.0
2008-04-16 CVE-2008-1855 Mcafee Resource Management Errors vulnerability in Mcafee CMA

FrameworkService.exe in McAfee Common Management Agent (CMA) 3.6.0.574 Patch 3 and earlier, as used by ePolicy Orchestrator (ePO) and ProtectionPilot (PrP), allows remote attackers to corrupt memory and cause a denial of service (CMA Framework service crash) via a long invalid method in requests for the /spin//AVClient//AVClient.csp URI, a different vulnerability than CVE-2006-5274.

5.0
2008-04-16 CVE-2008-1854 Smartertools Denial Of Service vulnerability in Smartertools Smartermail 5.0.2999

Unspecified vulnerability in SmarterMail Web Server (SMWebSvr.exe) in SmarterMail 5.0.2999 allows remote attackers to cause a denial of service (service termination) via a long HTTP (1) GET, (2) HEAD, (3) PUT, (4) POST, or (5) TRACE request.

5.0
2008-04-16 CVE-2008-1851 HP Resource Management Errors vulnerability in HP Openview Network Node Manager 7.51/7.53

ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and possibly other versions allows remote attackers to cause a denial of service (hang) via certain requests that do not provide all required arguments.

5.0
2008-04-16 CVE-2008-0068 HP Path Traversal vulnerability in HP Openview Network Node Manager 7.51/7.53

Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter.

5.0
2008-04-16 CVE-2008-1849 Joomlacode
Joomla
Mambo
Path Traversal vulnerability in Joomlacode Joomlaexplorer

Directory traversal vulnerability in index.php in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to list arbitrary directories via a ..

5.0
2008-04-16 CVE-2008-1837 Clam Anti Virus Resource Management Errors vulnerability in Clam Anti-Virus Clamav

libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via crafted RAR files that trigger "memory problems," as demonstrated by the PROTOS GENOME test suite for Archive Formats.

5.0
2008-04-16 CVE-2008-1835 Clam Anti Virus Improper Input Validation vulnerability in Clam Anti-Virus Clamav

ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an invalid version number, which cannot be parsed by ClamAV but can be extracted by Winrar.

5.0
2008-04-15 CVE-2008-1799 Sabros US Path Traversal vulnerability in Sabros.Us 1.75

Directory traversal vulnerability in thumbnails.php in sabros.us 1.75 allows remote attackers to read arbitrary files via a ..

5.0
2008-04-15 CVE-2008-1782 Advanced Software Engineering Information Exposure vulnerability in Advanced Software Engineering Chartdirector 4.1

phpdemo/viewsource.php in Advanced Software Engineering ChartDirector 4.1 allows remote attackers to read sensitive files via the file parameter.

5.0
2008-04-14 CVE-2008-1777 Novell Resource Management Errors vulnerability in Novell Edirectory 8.8.2

The eDirectory Host Environment service (dhost.exe) in Novell eDirectory 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a long HTTP HEAD request to TCP port 8028.

5.0
2008-04-14 CVE-2008-1772 Iscripts Cryptographic Issues vulnerability in Iscripts Socialware

iScripts SocialWare stores passwords in cleartext in a database, which allows context-dependent attackers to obtain sensitive information.

5.0
2008-04-14 CVE-2008-0927 Novell
Microsoft
Resource Management Errors vulnerability in Microsoft Windows-Nt 2000/2003

dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values.

5.0
2008-04-15 CVE-2008-1796 Redhat
Comix
Denial-Of-Service vulnerability in Comix 3.6.4

Comix 3.6.4 creates temporary directories with predictable names, which allows local users to cause an unspecified denial of service.

4.9
2008-04-14 CVE-2008-1780 SUN Permissions, Privileges, and Access Controls vulnerability in SUN Solaris 10

Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors.

4.6
2008-04-18 CVE-2008-1896 Carboncommunities Cross-Site Scripting vulnerability in Carboncommunities Carbon Communities

Multiple cross-site scripting (XSS) vulnerabilities in Carbon Communities 2.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Redirect parameter to login.asp and the (2) OrderBy parameter to member_send.asp.

4.3
2008-04-18 CVE-2008-1894 Businessobjects Cross-Site Scripting vulnerability in Businessobjects Infoview Xir2

Cross-site scripting (XSS) vulnerability in desktoplaunch/InfoView/logon/logon.object in BusinessObjects InfoView XI R2 SP1, SP2, and SP3 Java version before FixPack 3.5 allows remote attackers to inject arbitrary web script or HTML via the cms parameter.

4.3
2008-04-18 CVE-2008-1892 Blogator Script Cross-Site Scripting vulnerability in Blogator Script Blogator Script 0.95/1.01

Cross-site scripting (XSS) vulnerability in bs_auth.php in Blogator-script 0.95 and 1.01 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

4.3
2008-04-18 CVE-2008-1888 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Server 2.0

Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 2.0 allows remote attackers to inject arbitrary web script or HTML via the Picture Source (aka picture object source) field in the Rich Text Editor.

4.3
2008-04-17 CVE-2007-6715 Mozilla Denial of Service vulnerability in Mozilla Firefox Malformed GIF File

Mozilla Firefox allows remote attackers to cause a denial of service (crash) via crafted image, as demonstrated by the zzuf lol-firefox.gif test case.

4.3
2008-04-17 CVE-2008-1873 TRU Zone
Microsoft
Cross-Site Scripting vulnerability in Tru-Zone Nukeet 3.2/3.4

Cross-site scripting (XSS) vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje parameter.

4.3
2008-04-17 CVE-2008-1025 Apple Cross-Site Scripting vulnerability in Apple Safari and Webkit

Cross-site scripting (XSS) vulnerability in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a colon in the hostname portion.

4.3
2008-04-16 CVE-2008-1853 HP Resource Management Errors vulnerability in HP Openview Network Node Manager 7.51/7.53

The ovtopmd service in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and possibly other versions allows remote attackers to cause a denial of service (exit) by sending a 0x36 packet (exit request).

4.3
2008-04-16 CVE-2008-1850 Osiaffiliate Cross-Site Scripting vulnerability in Osiaffiliate

Multiple cross-site scripting (XSS) vulnerabilities in login.php in Omnistar Interactive OSI Affiliate allow remote attackers to inject arbitrary web script or HTML via the (1) login, (2) profile, (3) profile2, and (4) ref parameters.

4.3
2008-04-16 CVE-2008-1848 Joomla
Joomlacode
Cross-Site Scripting vulnerability in Joomlacode Joomlaexplorer

Cross-site scripting (XSS) vulnerability in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter in a show_error action to index.php.

4.3
2008-04-16 CVE-2008-1846 SAP Cross-Site Scripting vulnerability in SAP Netweaver 7.0

The default configuration of SAP NetWeaver before 7.0 SP15 does not enable the "Always Use Secure HTML Editor" (aka Editor Security or Secure Editing) parameter, which allows remote attackers to conduct cross-site scripting (XSS) attacks by entering feedback for a file.

4.3
2008-04-16 CVE-2008-1839 Work System E Commerce Cross-Site Scripting vulnerability in Work System E-Commerce Work System E-Commerce 4.0.9

Multgiple cross-site scripting (XSS) vulnerabilities in module/main.php in WORK system e-commerce 4.0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) day, (2) month, and (3) year parameters.

4.3
2008-04-16 CVE-2008-1836 Clam Anti Virus Multiple vulnerability in ClamAV 0.92.1

The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via a crafted message that produces a string that is not null terminated, which triggers a buffer over-read.

4.3
2008-04-16 CVE-2008-1834 Swfdec Permissions, Privileges, and Access Controls vulnerability in Swfdec

swfdec_load_object.c in Swfdec before 0.6.4 does not properly restrict local file access from untrusted sandboxes, which allows remote attackers to read arbitrary files via a crafted Flash file.

4.3
2008-04-16 CVE-2008-1387 Clam Anti Virus Denial Of Service vulnerability in ClamAV ARJ File

ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive, as demonstrated by the PROTOS GENOME test suite for Archive Formats.

4.3
2008-04-15 CVE-2008-1800 Divx Cross-Site Scripting vulnerability in Divx Divxdb 0.94B

Multiple cross-site scripting (XSS) vulnerabilities in index.php in DivXDB 2002 0.94b allow remote attackers to inject arbitrary web script or HTML via the (1) choice, (2) _page_, (3) zone_admin, (4) general_search, and (5) import parameters.

4.3
2008-04-15 CVE-2008-1795 Blackboard Cross-Site Scripting vulnerability in Blackboard Academic Suite

Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Academic Suite 7.x and earlier, and possibly some 8.0 versions, allow remote attackers to inject arbitrary web script or HTML via (1) the searchText parameter in a Course action to webapps/blackboard/execute/viewCatalog or (2) the data__announcements___pk1_pk2__subject parameter in an ADD action to bin/common/announcement.pl.

4.3
2008-04-15 CVE-2008-1794 Drupal Cross-Site Scripting vulnerability in Drupal Webform Module

Multiple cross-site scripting (XSS) vulnerabilities in the Webform Drupal module 5.x before 5.x-1.10, 5.x-2.x before 5.x-2.0-beta3, and 6.x before 6.x-1.0-beta3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2008-04-15 CVE-2008-1793 Hoffice Cross-Site Scripting vulnerability in Hoffice products

Multiple cross-site scripting (XSS) vulnerabilities in view.cgi in Smart Classified ADS Professional, Smart Photo ADS, and Smart Photo ADS Gold allow remote attackers to inject arbitrary web script or HTML via the (1) AdNum and (2) Department parameters.

4.3
2008-04-15 CVE-2008-1792 Drupal
Drupalr
Cross-Site Scripting vulnerability in Drupalr Flickr

Cross-site scripting (XSS) vulnerability in the insertion filter in the Flickr Drupal module 5.x before 5.x-1.3 and 6.x before 6.x-1.0-alpha allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2008-04-15 CVE-2008-1787 Poplar Gedcom Viewer Cross-Site Scripting vulnerability in Poplar Gedcom Viewer Poplar Gedcom Viewer 2.0

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Poplar Gedcom Viewer 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) text and (2) ul parameters.

4.3
2008-04-16 CVE-2008-1820 Oracle Unspecified vulnerability in Oracle Database 10G, Database 11G and Database 9I

Unspecified vulnerability in the Data Pump component in Oracle Database 9.2.0.8, 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote attack vectors related to KUPF$FILE_INT, aka DB11.

4.0

5 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-04-18 CVE-2008-1734 Gentoo Improper Input Validation vulnerability in Gentoo PHP Toolkit 1.0

Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause a denial of service (PHP outage) and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unquoted [a-z] argument as a matching shell glob for this name, rather than interpretation as the literal [a-z] regular-expression string, and consequently blocks the launch of the PHP interpreter within the Apache HTTP Server.

3.6
2008-04-14 CVE-2008-1775 Manageengine Cross-Site Scripting vulnerability in Manageengine Firewall Analyzer 4.0.3

Cross-site scripting (XSS) vulnerability in mindex.do in ManageEngine Firewall Analyzer 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the displayName parameter.

3.5
2008-04-16 CVE-2008-1832 Cecilia Link Following vulnerability in Cecilia 2.0.5

lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file.

3.3
2008-04-17 CVE-2008-1877 Debian Permissions, Privileges, and Access Controls vulnerability in Debian TSS 0.8.1/0.8.2/0.8.3

tss 0.8.1 allows local users to read arbitrary files via the -a parameter, which is processed while tss is running with privileges.

2.1
2008-04-17 CVE-2008-1865 Openmosix Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Openmosix Project Openmosix

Stack-based buffer overflow in the msx_readnode function in libmosix.c in openmosix-tools (aka userspace-tools) in openMosix might allow local users to cause a denial of service (application crash) via a third-party program that calls this function with a long item argument.

1.9