Weekly Vulnerabilities Reports > May 19 to 25, 2008
Overview
71 new vulnerabilities reported during this period, including 11 critical vulnerabilities and 32 high severity vulnerabilities. This weekly summary report vulnerabilities in 72 products from 57 vendors including Cisco, Redhat, Icon Labs, News Manager, and IBM. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Permissions, Privileges, and Access Controls", and "Path Traversal".
- 66 reported vulnerabilities are remotely exploitables.
- 26 reported vulnerabilities have public exploit available.
- 36 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 69 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 5 reported vulnerabilities.
- Ceruleanstudios has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
11 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2008-05-23 | CVE-2008-2424 | Icdevgroup | Denial-Of-Service vulnerability in Interchange Unspecified vulnerability in the 404 error page for the "Standard demo" in Interchange before 5.6.0 and before 5.5.2 has unknown impact and attack vectors. | 10.0 |
| 2008-05-23 | CVE-2008-2423 | Interchange Development Group | Denial Of Service vulnerability in Interchange Unspecified vulnerability in Interchange before 5.6.0 and before 5.5.2 allows remote attackers to cause a denial of service via crafted HTTP requests. | 10.0 |
| 2008-05-22 | CVE-2008-2240 | IBM | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Domino Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header. | 10.0 |
| 2008-05-21 | CVE-2008-2241 | Broadcom CA | Path Traversal vulnerability in multiple products Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. | 10.0 |
| 2008-05-19 | CVE-2008-2345 | Typo3 | Code Injection vulnerability in Typo3 AIR Filemanager Unspecified vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering." | 10.0 |
| 2008-05-23 | CVE-2008-2409 | Cerulean Studios | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cerulean Studios Trillian Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message. | 9.3 |
| 2008-05-23 | CVE-2008-2408 | Ceruleanstudios | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ceruleanstudios Trillian PRO Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag. | 9.3 |
| 2008-05-23 | CVE-2008-2407 | Ceruleanstudios | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ceruleanstudios Trillian Stack-based buffer overflow in AIM.DLL in Cerulean Studios Trillian before 3.1.10.0 allows user-assisted remote attackers to execute arbitrary code via a long attribute value in a FONT tag in a message. | 9.3 |
| 2008-05-21 | CVE-2008-1104 | Foxitsoftware | Buffer Errors vulnerability in Foxitsoftware Foxit Reader 2.0/2.2/2.3 Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file, related to the util.printf JavaScript function and floating point specifiers in format strings. | 9.3 |
| 2008-05-22 | CVE-2008-2053 | Cisco | Privilege Escalation vulnerability in Cisco Unified Customer Voice Portal 4.0/4.1/7.0 Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) 4.0.x before 4.0(2)_ES14, 4.1.x before 4.1(1)_ES11, and 7.x before 7.0(1) allows remote authenticated users with administrator role privileges to create, modify, or delete a superuser account. | 9.0 |
| 2008-05-21 | CVE-2008-2392 | Wordpress | Improper Input Validation vulnerability in Wordpress Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier might allow remote authenticated administrators to upload and execute arbitrary PHP files via the Upload section in the Write Tabs area of the dashboard. | 9.0 |
32 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2008-05-22 | CVE-2008-0536 | Cisco Icon Labs | Improper Authentication vulnerability in multiple products Unspecified vulnerability in the SSH server in (1) Cisco Service Control Engine (SCE) 3.0.x before 3.0.7 and 3.1.x before 3.1.0, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (management interface outage) via SSH traffic that occurs during management operations and triggers "illegal I/O operations," aka Bug ID CSCsh49563. | 7.8 |
| 2008-05-22 | CVE-2008-0535 | Cisco Icon Labs | Credentials Management vulnerability in multiple products Unspecified vulnerability in the SSH server in (1) Cisco Service Control Engine (SCE) before 3.1.6, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (device instability) via "SSH credentials that attempt to change the authentication method," aka Bug ID CSCsm14239. | 7.8 |
| 2008-05-22 | CVE-2008-0534 | Cisco Icon Labs | Improper Input Validation vulnerability in multiple products The SSH server in (1) Cisco Service Control Engine (SCE) before 3.1.6, and (2) Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service (device restart or daemon outage) via a high rate of login attempts, aka Bug ID CSCsi68582. | 7.8 |
| 2008-05-21 | CVE-2008-2391 | Codeplex | Improper Input Validation vulnerability in Codeplex Subsonic SubSonic allows remote attackers to bypass pagesize limits and cause a denial of service (CPU consumption) via a pageindex (aka data page number) of -1. | 7.8 |
| 2008-05-23 | CVE-2008-2425 | Fichive | SQL Injection vulnerability in Fichive 1.0 SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the letter parameter in a Search action, a different vector than CVE-2008-2416. | 7.5 |
| 2008-05-23 | CVE-2008-2422 | Webslider | SQL Injection vulnerability in Webslider 0.6 SQL injection vulnerability in index.php in Web Slider 0.6 allows remote attackers to execute arbitrary SQL commands via the slide parameter in a slides action. | 7.5 |
| 2008-05-23 | CVE-2008-1767 | Redhat | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Redhat products Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps. | 7.5 |
| 2008-05-22 | CVE-2008-2417 | How2Asp | SQL Injection vulnerability in How2Asp Webboard 4.1 SQL injection vulnerability in showQAnswer.asp in How2ASP.net Webboard 4.1 allows remote attackers to execute arbitrary SQL commands via the qNo parameter. | 7.5 |
| 2008-05-22 | CVE-2008-2416 | Fichive | SQL Injection vulnerability in Fichive 1.0 SQL injection vulnerability in index.php in FicHive 1.0 allows remote attackers to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.class.php. | 7.5 |
| 2008-05-22 | CVE-2008-2412 | Acgv Free | SQL Injection vulnerability in Acgv.Free Acgv News 0.9.1 SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-05-21 | CVE-2008-2396 | Wajox Software | Code Injection vulnerability in Wajox Software Mircrossys CMS PHP remote file inclusion vulnerability in index.php in Wajox Software microSSys CMS 1.5 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in an arbitrary element of the PAGES array parameter. | 7.5 |
| 2008-05-21 | CVE-2008-2395 | Alkalinephp | SQL Injection vulnerability in Alkalinephp SQL injection vulnerability in thread.php in AlkalinePHP 0.80.00 beta and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-05-21 | CVE-2008-2394 | Tagworx | SQL Injection vulnerability in Tagworx CMS 3.00.02 Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter to contact.php and the (2) nid parameter to news.php. | 7.5 |
| 2008-05-21 | CVE-2008-2393 | Entertainmentscript | SQL Injection vulnerability in Entertainmentscript 1.4.0 SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-05-21 | CVE-2008-2242 | Broadcom CA | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function. | 7.5 |
| 2008-05-20 | CVE-2008-2356 | Archangelmgt | SQL Injection vulnerability in Archangelmgt Archangel Weblog SQL injection vulnerability in index.php in Archangel Weblog 0.90.02 and earlier allows remote attackers to execute arbitrary SQL commands via the post_id parameter. | 7.5 |
| 2008-05-20 | CVE-2008-2353 | Gnugallery | Path Traversal vulnerability in Gnugallery Directory traversal vulnerability in admin.php in GNU/Gallery 1.1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2008-05-20 | CVE-2008-2351 | Webmanager PRO | SQL Injection vulnerability in Webmanager-Pro CMS Webmanager-Pro Multiple SQL injection vulnerabilities in index.php in CMS WebManager-Pro allow remote attackers to execute arbitrary SQL commands via the (1) lang_id and (2) menu_id parameters. | 7.5 |
| 2008-05-20 | CVE-2008-2349 | Zomp | Permissions, Privileges, and Access Controls vulnerability in Zomp Zomplog Zomplog 3.8.2 and earlier allows remote attackers to gain administrative access by creating an admin account via a direct request to install/newuser.php with the admin parameter set to 1. | 7.5 |
| 2008-05-20 | CVE-2008-2348 | Meltingicefs | Permissions, Privileges, and Access Controls vulnerability in Meltingicefs Meltingice File System 1.0 MeltingIce File System 1.0 allows remote attackers to bypass application authentication, create new user accounts, and exceed application quotas via a direct request to admin/adduser.php. | 7.5 |
| 2008-05-20 | CVE-2008-2347 | Mypicgallery | Improper Authentication vulnerability in Mypicgallery 1.0 MyPicGallery 1.0 allows remote attackers to bypass application authentication and gain administrative access by setting the userID parameter to "admin" in a direct request to admin/addUser.php. | 7.5 |
| 2008-05-20 | CVE-2008-2346 | Alkalinephp | Permissions, Privileges, and Access Controls vulnerability in Alkalinephp AlkalinePHP 0.77.35 and earlier allows remote attackers to bypass authentication and gain administrative access by creating an admin account via a direct request to adduser.php. | 7.5 |
| 2008-05-19 | CVE-2008-2343 | News Manager | Permissions, Privileges, and Access Controls vulnerability in News Manager News Manager 2.0 News Manager 2.0 allows remote attackers to bypass restrictions and obtain sensitive information via a direct request to (1) db/connect_str.php and (2) login/info.php. | 7.5 |
| 2008-05-19 | CVE-2008-2341 | Avalonnet | Code Injection vulnerability in Avalonnet News Manager 2.0 PHP remote file inclusion vulnerability in ch_readalso.php in News Manager 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the read_xml_include parameter. | 7.5 |
| 2008-05-19 | CVE-2008-2340 | News Manager | SQL Injection vulnerability in News Manager News Manager 2.0 Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) lang parameter to (a) advsearch.php, (b) archive.php, and (c) index.php, and the (2) pid parameter to (d) list_tagitems.php. | 7.5 |
| 2008-05-19 | CVE-2008-2339 | Turnkeywebtools | SQL Injection vulnerability in Turnkeywebtools Sunshop Shopping Cart 3.5.1 SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and CVE-2007-2549. | 7.5 |
| 2008-05-19 | CVE-2008-2338 | Interspire | Permissions, Privileges, and Access Controls vulnerability in Interspire Activekb Interspire ActiveKB 1.5 and earlier allows remote attackers to gain privileges by setting the auth cookie to true when accessing unspecified scripts in /admin. | 7.5 |
| 2008-05-19 | CVE-2008-2337 | Imgallery | SQL Injection vulnerability in Imgallery 2.5 Multiple SQL injection vulnerabilities in IMGallery 2.5, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kategoria parameter to (a) galeria.php and the (2) id_phot parameter to (b) popup/koment.php and (c) popup/opis.php in, different vectors than CVE-2006-3163. | 7.5 |
| 2008-05-19 | CVE-2008-2336 | 68 Classifieds | SQL Injection vulnerability in 68 Classifieds 68 Classifieds 4.0.1 SQL injection vulnerability in category.php in 68 Classifieds 4.0.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | 7.5 |
| 2008-05-19 | CVE-2008-2334 | Aspindir | SQL Injection vulnerability in Aspindir Philboard 0.5 Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) admin/philboard_admin-forum.asp, and (c) W1L3D4_foruma_yeni_konu_ac.asp; the (2) id parameter to (d) W1L3D4_konuoku.asp and (e) W1L3D4_konuya_mesaj_yaz.asp; and the (3) topic parameter to W1L3D4_konuya_mesaj_yaz.asp, different vectors than CVE-2008-1939, CVE-2007-2641, and CVE-2007-0920. | 7.5 |
| 2008-05-22 | CVE-2008-2400 | Stunnel | Permissions, Privileges, and Access Controls vulnerability in Stunnel Unspecified vulnerability in stunnel before 4.23, when running as a service on Windows, allows local users to gain privileges via unknown attack vectors. | 7.2 |
| 2008-05-22 | CVE-2008-1159 | Cisco | Denial of Service vulnerability in Cisco IOS S, IOS T and IOS XR Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (device restart) via unknown vectors, aka Bug ID (1) CSCsk42419, (2) CSCsk60020, and (3) CSCsh51293. | 7.1 |
27 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2008-05-23 | CVE-2008-2420 | Stunnel | Permissions, Privileges, and Access Controls vulnerability in Stunnel The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates. | 6.8 |
| 2008-05-22 | CVE-2008-2415 | Digitalhive | Path Traversal vulnerability in Digitalhive 2.0 Directory traversal vulnerability in template/purpletech/base_include.php in DigitalHive (aka hive) 2.0 RC2 allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
| 2008-05-22 | CVE-2008-2411 | Sazcart | SQL Injection vulnerability in Sazcart 1.3/1.4 SQL injection vulnerability in index.php in SazCart 1.5.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a details action. | 6.8 |
| 2008-05-22 | CVE-2008-1804 | Snort | Unspecified vulnerability in Snort preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment. | 6.8 |
| 2008-05-21 | CVE-2008-2390 | HP | Code Injection vulnerability in HP Software Update 4.0.0.1 Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe (1) ExecuteAsync and (2) Execute methods, which allows remote attackers to execute arbitrary code via an absolute pathname in the first argument. | 6.8 |
| 2008-05-21 | CVE-2008-2357 | Matt Kimball AND Roger Wolff | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Matt Kimball and Roger Wolff MTR Stack-based buffer overflow in the split_redraw function in split.c in mtr before 0.73, when invoked with the -p (aka --split) option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. | 6.8 |
| 2008-05-20 | CVE-2008-2355 | WR Script | Path Traversal vulnerability in Wr-Script Wr-Meeting 1.0 Directory traversal vulnerability in index.php in WR-Meeting 1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
| 2008-05-20 | CVE-2008-2352 | Smeego | Path Traversal vulnerability in Smeego 1.0 Directory traversal vulnerability in index.php in Smeego 1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
| 2008-05-20 | CVE-2008-0957 | Photostockplus | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Photostockplus Uploader Tool Multiple stack-based buffer overflows in the PhotoStockPlus Uploader Tool ActiveX control (PSPUploader.ocx) allow remote attackers to execute arbitrary code via unspecified initialization parameters. | 6.8 |
| 2008-05-21 | CVE-2008-1660 | HP | Unspecified vulnerability in HP Hp-Ux 11.11/11.23/11.31 Unspecified vulnerability in useradd on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unspecified vectors. | 6.3 |
| 2008-05-20 | CVE-2008-2354 | Testmaker | Remote Information Disclosure vulnerability in testMaker Data Export Unspecified vulnerability in the data export function in testMaker before 3.0p10 allows test authors to obtain access to export data via unknown vectors. | 5.0 |
| 2008-05-20 | CVE-2008-2350 | Bcoos | Path Traversal vulnerability in Bcoos Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via (1) .. | 5.0 |
| 2008-05-19 | CVE-2008-2342 | News Manager | Path Traversal vulnerability in News Manager News Manager 2.0 Directory traversal vulnerability in attachments.php in News Manager 2.0 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2008-05-23 | CVE-2008-2418 | SUN | Race Condition vulnerability in SUN Solaris 10 Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors. | 4.7 |
| 2008-05-23 | CVE-2007-5495 | Redhat Selinux | Link Following vulnerability in Selinux Setroubleshoot 2.0.5 sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file. | 4.4 |
| 2008-05-23 | CVE-2008-2421 | SAP | Cross-Site Scripting vulnerability in SAP web Application Server and web Dynpro Cross-site scripting (XSS) vulnerability in the Web GUI in SAP Web Application Server (WAS) 7.0, Web Dynpro for ABAP (aka WD4A or WDA), and Web Dynpro for BSP allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under bc/gui/sap/its/webgui/. | 4.3 |
| 2008-05-23 | CVE-2008-2419 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox 2.0.0.14 Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code by triggering an error condition during certain Iframe operations between a JSframe write and a JSframe close, as demonstrated by an error in loading an empty Java applet defined by a 'src="javascript:"' sequence. | 4.3 |
| 2008-05-23 | CVE-2008-2333 | Barracuda Networks | Cross-Site Scripting vulnerability in Barracuda Networks Barracuda Spam Firewall Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda Spam Firewall (BSF) before 3.5.11.025 allows remote attackers to inject arbitrary web script or HTML via the email parameter. | 4.3 |
| 2008-05-23 | CVE-2008-2302 | Django Project | Cross-Site Scripting vulnerability in Django Project Django 0.91/0.95/0.96 Cross-site scripting (XSS) vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request. | 4.3 |
| 2008-05-22 | CVE-2008-2414 | Aguestbook | Cross-Site Scripting vulnerability in Aguestbook AN Guestbook 0.4 Cross-site scripting (XSS) vulnerability in send_email.php in AN Guestbook (ANG) 0.4 allows remote attackers to inject arbitrary web script or HTML via the postid parameter. | 4.3 |
| 2008-05-22 | CVE-2008-2413 | Acgv Free | Cross-Site Scripting vulnerability in Acgv.Free Acgv News 0.9.1 Cross-site scripting (XSS) vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 4.3 |
| 2008-05-22 | CVE-2008-2410 | IBM | Cross-Site Scripting vulnerability in IBM Lotus Domino web Server Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-05-22 | CVE-2008-2006 | Apple | Improper Input Validation vulnerability in Apple Ical 3.0.1 Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a .ics file containing (1) a large 16-bit integer on a TRIGGER line, or (2) a large integer in a COUNT field on an RRULE line. | 4.3 |
| 2008-05-21 | CVE-2008-2398 | Appserv Open Project | Cross-Site Scripting vulnerability in Appserv Open Project Appserv Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter. | 4.3 |
| 2008-05-21 | CVE-2008-2397 | Dotcms | Cross-Site Scripting vulnerability in Dotcms Cross-site scripting (XSS) vulnerability in search-results.dot in dotCMS 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. | 4.3 |
| 2008-05-19 | CVE-2008-2344 | Typo3 | Cross-Site Scripting vulnerability in Typo3 AIR Filemanager 0.6.0 Cross-site scripting (XSS) vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-05-19 | CVE-2008-2335 | Vastal | Cross-Site Scripting vulnerability in Vastal PHPvid 1.1/1.2 Cross-site scripting (XSS) vulnerability in search_results.php in Vastal I-Tech phpVID 1.1 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter. | 4.3 |
1 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2008-05-23 | CVE-2007-5496 | Redhat Selinux | Cross-Site Scripting vulnerability in Selinux Setroubleshoot 2.0.5 Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitrary web script or HTML via a crafted (1) file or (2) process name, which triggers an Access Vector Cache (AVC) log entry in a log file used during composition of HTML documents for sealert. | 1.9 |