Weekly Vulnerabilities Reports > April 28 to May 4, 2008
Overview
66 new vulnerabilities reported during this period, including 7 critical vulnerabilities and 23 high severity vulnerabilities. This weekly summary report vulnerabilities in 77 products from 65 vendors including Minibb, Apple, Wordpress, Linux, and Microsoft. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Permissions, Privileges, and Access Controls", and "Code Injection".
- 57 reported vulnerabilities are remotely exploitables.
- 16 reported vulnerabilities have public exploit available.
- 27 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 62 reported vulnerabilities are exploitable by an anonymous user.
- Minibb has the most reported vulnerabilities, with 5 reported vulnerabilities.
- Apple has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
7 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-05-02 | CVE-2008-2064 | Phpgedview | Remote vulnerability in PhpGedView Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to "a fundamental design flaw in the interface (API) to connect phpGedView with external programs like content management systems." | 10.0 |
2008-04-30 | CVE-2008-2041 | Egroupware | Code Injection vulnerability in Egroupware 1.4.001/1.4.002 Multiple unspecified vulnerabilities in eGroupWare before 1.4.004 have unspecified attack vectors and "grave" impact when the web server has write access to a directory under the web document root. | 10.0 |
2008-05-02 | CVE-2008-2069 | Novell | Buffer Errors vulnerability in Novell Groupwise 7.0 Buffer overflow in Novell GroupWise 7 allows remote attackers to cause a denial of service or execute arbitrary code via a long argument in a mailto: URI. | 9.3 |
2008-04-30 | CVE-2008-2015 | Watchfire | Path Traversal vulnerability in Watchfire Appscan 7.0 Multiple absolute path traversal vulnerabilities in certain ActiveX controls in WatchFire AppScan 7.0 allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) CompactSave and (2) SaveSession method in one control, and the (3) saveRecordedExploreToFile method in a different control. | 9.3 |
2008-04-30 | CVE-2008-2010 | Microsoft Apple | Remote Code Execution vulnerability in Apple QuickTime Unspecified vulnerability in Apple QuickTime Player on Windows XP SP2 and Vista SP1 allows remote attackers to execute arbitrary code via a crafted QuickTime media file. | 9.3 |
2008-04-29 | CVE-2008-2008 | Cerulean Studios | Buffer Errors vulnerability in Cerulean Studios Trillian 3.1.9.0 Buffer overflow in the Display Names message feature in Cerulean Studios Trillian Basic and Pro 3.1.9.0 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long nickname in an MSN protocol message. | 9.3 |
2008-04-28 | CVE-2008-1670 | KDE | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in KDE Heap-based buffer overflow in the progressive PNG Image loader (decoders/pngloader.cpp) in KHTML in KDE 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted image. | 9.3 |
23 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-04-28 | CVE-2008-1998 | Microsoft IBM | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 8.0/9.1/9.5 The NNSTAT (aka SYSPROC.NNSTAT) procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 on Windows allows remote authenticated users to overwrite arbitrary files via the log file parameter. | 8.5 |
2008-04-28 | CVE-2008-2002 | Motorola | Cross-Site Request Forgery (CSRF) vulnerability in Motorola Surfboard Sb5100 Multiple cross-site request forgery (CSRF) vulnerabilities on Motorola Surfboard with software SB5100-2.3.3.0-SCM00-NOSH allow remote attackers to (1) cause a denial of service (device reboot) via the "Restart Cable Modem" value in the BUTTON_INPUT parameter to configdata.html, and (2) cause a denial of service (hard reset) via the "Reset All Defaults" value in the BUTTON_INPUT parameter to configdata.html. | 7.8 |
2008-05-02 | CVE-2008-2067 | Minibb | SQL Injection vulnerability in Minibb 2.2A SQL injection vulnerability in bb_admin.php in miniBB 2.2a allows remote attackers to execute arbitrary SQL commands via the whatus parameter in a searchusers2 action. | 7.5 |
2008-05-02 | CVE-2008-2065 | Yourfreeworld | SQL Injection vulnerability in Yourfreeworld Jokes Site Script SQL injection vulnerability in jokes.php in YourFreeWorld Jokes Site Script allows remote attackers to execute arbitrary SQL commands via the catagorie parameter. | 7.5 |
2008-05-02 | CVE-2008-2063 | Joovili | SQL Injection vulnerability in Joovili 3.1 SQL injection vulnerability in browse.videos.php in Joovili 3.1 allows remote attackers to execute arbitrary SQL commands via the category parameter. | 7.5 |
2008-05-01 | CVE-2008-2047 | Aspindir | SQL Injection vulnerability in Aspindir Angelo-Emlak 1.0 Multiple SQL injection vulnerabilities in Angelo-Emlak 1.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hpz/profil.asp and (2) hpz/prodetail.asp. | 7.5 |
2008-05-01 | CVE-2008-2044 | Netoffice | Code Injection vulnerability in Netoffice Dwins 1.3 includes/library.php in netOffice Dwins 1.3 p2 compares the demoSession variable to the 'true' string literal instead of the true boolean literal, which allows remote attackers to bypass authentication and execute arbitrary code by setting this variable to 1, as demonstrated by uploading a PHP script via an add action to projects_site/uploadfile.php. | 7.5 |
2008-05-01 | CVE-2008-1381 | Zoneminder | Code Injection vulnerability in Zoneminder ZoneMinder before 1.23.3 allows remote authenticated users, and possibly unauthenticated attackers in some installations, to execute arbitrary commands via shell metacharacters in a crafted URL. | 7.5 |
2008-04-30 | CVE-2008-2040 | Peercast | Buffer Errors vulnerability in Peercast 0.1218 Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password. | 7.5 |
2008-04-30 | CVE-2008-2036 | Dream4 | SQL Injection vulnerability in Dream4 Koobi 6.25 SQL injection vulnerability in index.php in dream4 Koobi Pro 6.25 allows remote attackers to execute arbitrary SQL commands via the poll_id parameter in a poll action. | 7.5 |
2008-04-30 | CVE-2008-2034 | Wordpress | SQL Injection vulnerability in Wordpress Download Monitor Plugin 2.0.6 SQL injection vulnerability in wp-download_monitor/download.php in the Download Monitor 2.0.6 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2008-04-30 | CVE-2008-2023 | PD9 Software | SQL Injection vulnerability in PD9 Software Megabbs 2.2 Multiple SQL injection vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) invisible and (2) timeoffset parameters to profile/controlpanel.asp and the (3) attachmentid parameter to forums/attach-file.asp. | 7.5 |
2008-04-30 | CVE-2008-2021 | Lhaplus | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Lhaplus Heap-based buffer overflow in Lhaplus before 1.57 allows remote attackers to execute arbitrary code via a long comment field in a ZOO archive. | 7.5 |
2008-04-30 | CVE-2008-2020 | My123Tkshop Phpmybittorrent Webze E107 Labgab Phpnuke Torrentflux Project Opendb | Use of Insufficiently Random Values vulnerability in multiple products The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 and 8.1, (2) my123tkShop e-Commerce-Suite (aka 123tkShop) 0.9.1, (3) phpMyBitTorrent 1.2.2, (4) TorrentFlux 2.3, (5) e107 0.7.11, (6) WebZE 0.5.9, (7) Open Media Collectors Database (aka OpenDb) 1.5.0b4, and (8) Labgab 1.1 uses a code_bg.jpg background image and the PHP ImageString function in a way that produces an insufficient number of different images, which allows remote attackers to pass the CAPTCHA test via an automated attack using a table of all possible image checksums and their corresponding digit strings. | 7.5 |
2008-04-30 | CVE-2008-2019 | Simple Machines | Permissions, Privileges, and Access Controls vulnerability in Simple Machines SMF 1.1.4 Simple Machines Forum (SMF), probably 1.1.4, relies on "randomly generated static" to hinder brute-force attacks on the WAV file (aka audio) CAPTCHA, which allows remote attackers to pass the CAPTCHA test via an automated attack that considers Hamming distances. | 7.5 |
2008-04-30 | CVE-2008-2017 | Chilkat Software | Path Traversal vulnerability in Chilkat Software Chicomas 2.0.4 Directory traversal vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2008-04-30 | CVE-2008-2016 | Chilkat Software | Code Injection vulnerability in Chilkat Software Chicomas 2.0.4 PHP remote file inclusion vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter to the default URI under install/. | 7.5 |
2008-04-30 | CVE-2008-2012 | Postnuke Software Foundation | SQL Injection vulnerability in Postnuke Software Foundation Postschedule 1.0 SQL injection vulnerability in index.php in the PostSchedule 1.0 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the eid parameter in an event action. | 7.5 |
2008-04-28 | CVE-2008-2003 | Badblue | Permissions, Privileges, and Access Controls vulnerability in Badblue 2.72 BadBlue 2.72 Personal Edition stores multiple programs in the web document root with insufficient access control, which allows remote attackers to (1) cause a denial of service via multiple invocations of uninst.exe, and have an unknown impact via (2) badblue.exe and (3) dyndns.exe. | 7.5 |
2008-04-28 | CVE-2008-1930 | Wordpress | Improper Authentication vulnerability in Wordpress 2.5 The cookie authentication method in WordPress 2.5 relies on a hash of a concatenated string containing USERNAME and EXPIRY_TIME, which allows remote attackers to forge cookies by registering a username that results in the same concatenated string, as demonstrated by registering usernames beginning with "admin" to obtain administrator privileges, aka a "cryptographic splicing" issue. | 7.5 |
2008-04-28 | CVE-2008-1995 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN Java System Directory Server 6.0/6.1/6.2 Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the "bind-dn" criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server. | 7.5 |
2008-05-02 | CVE-2008-1675 | Linux | Resource Management Errors vulnerability in Linux Kernel The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory. | 7.2 |
2008-04-30 | CVE-2008-1736 | Comodo | Local vulnerability in Comodo Firewall Pro SSDT Hooks Comodo Firewall Pro before 3.0 does not properly validate certain parameters to hooked System Service Descriptor Table (SSDT) functions, which allows local users to cause a denial of service (system crash) via (1) a crafted OBJECT_ATTRIBUTES structure in a call to the NtDeleteFile function, which leads to improper validation of a ZwQueryObject result; and unspecified calls to the (2) NtCreateFile and (3) NtSetThreadContext functions, different vectors than CVE-2007-0709. | 7.2 |
34 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-05-02 | CVE-2008-1375 | Linux Canonical Opensuse Suse Debian Fedoraproject | Race Condition vulnerability in multiple products Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors. | 6.9 |
2008-04-30 | CVE-2008-1737 | Sophos | Improper Input Validation vulnerability in Sophos Anti-Virus 7.0.5 Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) function. | 6.9 |
2008-04-28 | CVE-2008-1103 | Blender | Link Following vulnerability in Blender Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues." | 6.9 |
2008-05-01 | CVE-2007-6339 | Akamai Technologies | Code Injection vulnerability in Akamai Technologies Download Manager The Akamai Download Manager (aka DLM or dlmanager) ActiveX control (DownloadManagerV2.ocx) before 2.2.3.5 allows remote attackers to force the download and execution of arbitrary code via unspecified "undocumented object parameters." | 6.8 |
2008-04-30 | CVE-2008-2029 | Minibb | SQL Injection vulnerability in Minibb Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php. | 6.8 |
2008-04-30 | CVE-2008-2013 | Pnflashgames | SQL Injection vulnerability in Pnflashgames 1.5/2.5 SQL injection vulnerability in index.php in the pnFlashGames 1.5 through 2.5 module for PostNuke, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a display action. | 6.8 |
2008-04-30 | CVE-2008-2038 | Turnkey Solutions | SQL Injection vulnerability in Turnkey Solutions Sunshop Shopping Cart 4.1.0 Multiple SQL injection vulnerabilities in admin/adminindex.php in Turnkey Web Tools SunShop Shopping Cart 4.1.0 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) orderby and (2) sort parameters. | 6.5 |
2008-05-02 | CVE-2008-2052 | Bitrix24 | Open Redirect vulnerability in Bitrix24 Bitrix Site Manager 6.5 Open redirect vulnerability in redirect.php in Bitrix Site Manager 6.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the goto parameter. | 6.1 |
2008-04-30 | CVE-2008-2027 | RSA | Information Exposure vulnerability in RSA Authentication Agent 5.3.0.258 Open redirect vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258 for Web for IIS, when accessed via certain browsers such as Mozilla Firefox, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an ftp URL in the url parameter to a Redirect action. | 5.8 |
2008-05-01 | CVE-2008-2045 | Sugarcrm | Path Traversal vulnerability in Sugarcrm 4.5.1/5.0.0 Absolute path traversal vulnerability in SugarCRM Sugar Community Edition 4.5.1 and 5.0.0 allows remote attackers to read arbitrary files via a full path in the URL parameter to modules/Feeds/Feed.php, which places the contents into a related cache file in the .cache/feeds directory. | 5.0 |
2008-04-30 | CVE-2008-2032 | Acritum | Improper Input Validation vulnerability in Acritum Femitter Server 1.03 The FTP service in Acritum Femitter Server 1.03 allows remote attackers to cause a denial of service (crash) by sending multiple crafted RETR commands. | 5.0 |
2008-04-30 | CVE-2008-2031 | Vicftps | Improper Input Validation vulnerability in Vicftps 5.0 VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a crafted LIST command, which triggers a NULL pointer dereference. | 5.0 |
2008-04-30 | CVE-2008-2014 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox 3.0 Mozilla Firefox 3.0 beta 5 allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls document.write in an infinite loop. | 5.0 |
2008-04-28 | CVE-2008-1999 | Apple | Remote Security vulnerability in Apple Safari 3.1.1 Apple Safari 3.1.1 allows remote attackers to spoof the address bar by placing many "invisible" characters in the userinfo subcomponent of the authority component of the URL (aka the user field), as demonstrated by %E3%80%80 sequences. | 5.0 |
2008-04-28 | CVE-2008-1996 | Licq | Resource Management Errors vulnerability in Licq licq before 1.3.6 allows remote attackers to cause a denial of service (file-descriptor exhaustion and application crash) via a large number of connections. | 5.0 |
2008-04-30 | CVE-2008-1735 | Bitdefender | Denial of Service vulnerability in Bitdefender Antivirus 2008 BitDefender Antivirus 2008 20080118 and earlier allows local users to cause a denial of service (system crash) via an invalid pointer to the CLIENT_ID structure in a call to the NtOpenProcess hooked System Service Descriptor Table (SSDT) function. | 4.9 |
2008-04-29 | CVE-2008-1293 | Ltsp | Permissions, Privileges, and Access Controls vulnerability in Ltsp Linux Terminal Server Project 0.99/2 ldm in Linux Terminal Server Project (LTSP) 0.99 and 2 passes the -ac option to the X server on each LTSP client, which allows remote attackers to connect to this server via TCP port 6006 (aka display :6). | 4.8 |
2008-04-28 | CVE-2008-1671 | KDE | Configuration vulnerability in KDE start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via "user-influenceable input" (probably command-line arguments) that cause start_kdeinit to send SIGUSR1 signals to other processes. | 4.6 |
2008-05-02 | CVE-2008-2068 | Wordpress | Cross-Site Scripting vulnerability in Wordpress 2.5 Cross-site scripting (XSS) vulnerability in WordPress 2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-05-02 | CVE-2008-2066 | Minibb | Cross-Site Scripting vulnerability in Minibb 2.2A Cross-site scripting (XSS) vulnerability in bb_admin.php in miniBB 2.2a allows remote attackers to inject arbitrary web script or HTML via the whatus parameter in a searchusers2 action. | 4.3 |
2008-05-01 | CVE-2008-2049 | E Post Corporation | Information Exposure vulnerability in E-Post Corporation Mail Server 4.10/Enterprise4.10 The POP3 server (EPSTPOP3S.EXE) 4.22 in E-Post Mail Server 4.10 allows remote attackers to obtain sensitive information via multiple crafted APOP commands for a known POP3 account, which displays the password in a POP3 error message. | 4.3 |
2008-05-01 | CVE-2008-2048 | Aspindir | Cross-Site Scripting vulnerability in Aspindir Angelo-Emlak 1.0 Cross-site scripting (XSS) vulnerability in hpz/admin/Default.asp in Angelo-Emlak 1.0 allows remote attackers to inject arbitrary web script or HTML via the sayfa parameter. | 4.3 |
2008-05-01 | CVE-2008-2046 | Softpedia | Cross-Site Scripting vulnerability in Softpedia Sitexs CMS 0.1.1 Cross-site scripting (XSS) vulnerability in index.php in Softpedia SiteXS CMS 0.1.1 Pre-Alpha allows remote attackers to inject arbitrary web script or HTML via the user parameter. | 4.3 |
2008-05-01 | CVE-2008-2043 | Cpanel | Cross-Site Request Forgery (CSRF) vulnerability in Cpanel 11.18.3/11.19.3 Multiple cross-site request forgery (CSRF) vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, allow remote attackers to (1) execute arbitrary code via the command1 parameter to frontend/x2/cron/editcronsimple.html, and perform various administrative actions via (2) frontend/x2/sql/adddb.html, (3) frontend/x2/sql/adduser.html, and (4) frontend/x2/ftp/doaddftp.html. | 4.3 |
2008-04-30 | CVE-2008-2035 | Bluemoon Xoops | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Bluemoon, Inc. | 4.3 |
2008-04-30 | CVE-2008-2030 | F5 | Cross-Site Scripting vulnerability in F5 Firepass 4100 and Firepass SSL VPN Cross-site scripting (XSS) vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 and 6.0-6.2 allows remote attackers to inject arbitrary web script or HTML via the query string. | 4.3 |
2008-04-30 | CVE-2008-2028 | Minibb | Information Exposure vulnerability in Minibb miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote attackers to obtain the full path via a direct request to the glang parameter in a registernew action to index.php, which leaks the path in an error message. | 4.3 |
2008-04-30 | CVE-2008-2026 | RSA | Cross-Site Scripting vulnerability in RSA Authentication Agent Cross-site scripting (XSS) vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258, and other versions before 5.3.3.378, allows remote attackers to inject arbitrary web script or HTML via a URL-encoded postdata parameter. | 4.3 |
2008-04-30 | CVE-2008-2024 | Minibb | Cross-Site Scripting vulnerability in Minibb Cross-site scripting (XSS) vulnerability in index.php in miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the glang[] parameter in a registernew action. | 4.3 |
2008-04-30 | CVE-2008-2022 | PD9 Software | Cross-Site Scripting vulnerability in PD9 Software Megabbs 2.2 Mulatiple cross-site scripting (XSS) vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) toid parameter to send-private-message.asp and the (2) redirect parameter to admin/impersonate.asp. | 4.3 |
2008-04-30 | CVE-2008-2011 | National Rail Enquiries | Cross-Site Scripting vulnerability in National Rail Enquiries National Rail Enquiries Live Departure Boards Cross-site scripting (XSS) vulnerability in the National Rail Enquiries Live Departure Boards gadget before 1.1 allows remote National Rail Enquiries servers or man-in-the-middle attackers to inject arbitrary web script or HTML, and execute arbitrary code, via a response body, as demonstrated by a SCRIPT element that references a vbscript: URI. | 4.3 |
2008-04-28 | CVE-2008-2001 | Apple | Buffer Errors vulnerability in Apple Safari 3.1.1 Apple Safari 3.1.1 allows remote attackers to cause a denial of service (application crash) via a file:///%E2 link that triggers an out-of-bounds access, possibly due to a NULL pointer dereference. | 4.3 |
2008-04-28 | CVE-2008-2000 | Apple | Resource Management Errors vulnerability in Apple Safari 3.1.1 Unspecified vulnerability in Apple Safari 3.1.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls document.write in an infinite loop. | 4.3 |
2008-04-30 | CVE-2008-2018 | Phpizabi | Information Exposure vulnerability in PHPizabi 0.848B The AssignUser function in template.class.php in PHPizabi 0.848b C1 HFP3 performs unsafe macro expansions on strings delimited by '{' and '}' characters, which allows remote authenticated users to obtain sensitive information via a comment containing a macro, as demonstrated by a "{user.password}" comment in the profile of the admin user. | 4.0 |
2 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-04-30 | CVE-2008-2037 | Editeurscripts | Cross-Site Scripting vulnerability in Editeurscripts Escontacts 1.0 Multiple cross-site scripting (XSS) vulnerabilities in EditeurScripts EsContacts 1.0 allow remote authenticated users to inject arbitrary web script or HTML via the msg parameter to (1) login.php, (2) importer.php, (3) add_groupe.php, (4) contacts.php, (5) groupes.php, and (6) search.php. | 3.5 |
2008-04-30 | CVE-2008-1738 | Rising Global | Improper Input Validation vulnerability in Rising-Global Rising Antivirus Rising Antivirus 2008 before 20.38.20 allows local users to cause a denial of service (system crash) via an invalid pointer to the _CLIENT_ID structure in a call to the NtOpenProcess hooked System Service Descriptor Table (SSDT) function. | 2.1 |