Weekly Vulnerabilities Reports > July 14 to 20, 2008

Overview

128 new vulnerabilities reported during this period, including 17 critical vulnerabilities and 23 high severity vulnerabilities. This weekly summary report vulnerabilities in 113 products from 60 vendors including Oracle, Apple, Fedoraproject, Drupal, and Joomla. Vulnerabilities are notably categorized as "Improper Input Validation", "SQL Injection", "Cross-site Scripting", "Path Traversal", and "Permissions, Privileges, and Access Controls".

  • 121 reported vulnerabilities are remotely exploitables.
  • 31 reported vulnerabilities have public exploit available.
  • 32 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 95 reported vulnerabilities are exploitable by an anonymous user.
  • Oracle has the most reported vulnerabilities, with 44 reported vulnerabilities.
  • HP has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

17 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-07-18 CVE-2008-3225 Joomla Permissions, Privileges, and Access Controls vulnerability in Joomla

Joomla! before 1.5.4 allows attackers to access administration functionality, which has unknown impact and attack vectors related to a missing "LDAP security fix."

10.0
2008-07-18 CVE-2008-3224 Phpbb Remote Security vulnerability in PHPbb 3.0/3.0.0/3.0.1

Unspecified vulnerability in phpBB before 3.0.1 has unknown impact and attack vectors related to "urls gone through redirect() being used within login_box()."

10.0
2008-07-17 CVE-2008-1666 HP Remote Security vulnerability in Oracle for OpenView

Unspecified vulnerability in HP Oracle for OpenView (OfO) 8.1.7, 9.1.01, 9.2, 9.2.0, 10g, and 10gR2 has unknown impact and attack vectors, possibly related to the July 2008 Oracle Critical Patch Update.

10.0
2008-07-14 CVE-2008-3169 Empire Server Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Empire Server Empire Server

Multiple heap-based buffer overflows in Empire Server before 4.3.15 allow remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to a "coordinate normalization bug." NOTE: some of these details are obtained from third party information.

10.0
2008-07-14 CVE-2008-3160 IBM Multiple Unspecified vulnerability in IBM Data ONTAP

Multiple unspecified vulnerabilities in IBM Data ONTAP 7.1 before 7.1.3, as used by IBM System Storage N series Filer and IBM System Storage N series Gateway, have unknown impact and attack vectors.

10.0
2008-07-14 CVE-2008-3159 Novell Numeric Errors vulnerability in Novell Edirectory 8.7.3/8.8

Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."

10.0
2008-07-14 CVE-2008-2303 Apple Numeric Errors vulnerability in Apple Safari

Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript array indices that trigger an out-of-bounds access, a different vulnerability than CVE-2008-2307.

10.0
2008-07-14 CVE-2008-1809 Novell Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Edirectory 8.7.3/8.8

Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing "NULL search parameters."

10.0
2008-07-18 CVE-2008-3232 Dotclear Code Injection vulnerability in Dotclear

Unrestricted file upload vulnerability in ecrire/images.php in Dotclear 1.2.7.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images.

9.3
2008-07-18 CVE-2008-3209 Blackice Buffer Errors vulnerability in Blackice Black ICE Document Imaging SDK 10.95

Heap-based buffer overflow in the OpenGifFile function in BiGif.dll in Black Ice Document Imaging SDK 10.95 allows remote attackers to execute arbitrary code via a long string argument to the GetNumberOfImagesInGifFile method in the BIImgFrm Control ActiveX control in biimgfrm.ocx.

9.3
2008-07-18 CVE-2008-3207 Pragyan Code Injection vulnerability in Pragyan Praygan CMS 2.6.2

PHP remote file inclusion vulnerability in cms/modules/form.lib.php in Pragyan CMS 2.6.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the (1) sourceFolder or (2) moduleFolder parameter.

9.3
2008-07-15 CVE-2008-3182 Speedbit Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Speedbit Download Accelerator Plus 7.0.1.3/8/8.6.6.3

Stack-based buffer overflow in DAP.exe in Download Accelerator Plus (DAP) 7.0.1.3, 8.6.6.3, and other 8.x versions allows user-assisted remote attackers to execute arbitrary code via an M3U (.m3u) file containing a long MP3 URL.

9.3
2008-07-14 CVE-2008-3167 Boonex Code Injection vulnerability in Boonex Dolphin 6.1.2

Multiple PHP remote file inclusion vulnerabilities in BoonEx Dolphin 6.1.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) dir[plugins] parameter to (a) HTMLSax3.php and (b) safehtml.php in plugins/safehtml/ and the (2) sIncPath parameter to (c) ray/modules/global/inc/content.inc.php.

9.3
2008-07-14 CVE-2008-3166 Boonex Code Injection vulnerability in Boonex RAY 3.5

PHP remote file inclusion vulnerability in modules/global/inc/content.inc.php in BoonEx Ray 3.5, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the sIncPath parameter.

9.3
2008-07-14 CVE-2008-3162 Ffmpeg Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ffmpeg

Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors.

9.3
2008-07-14 CVE-2008-2317 Apple Resource Management Errors vulnerability in Apple Safari

WebCore in Apple Safari does not properly perform garbage collection of JavaScript document elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a reference to the ownerNode property of a copied CSSStyleSheet object of a STYLE element, as originally demonstrated on Apple iPhone before 2.0 and iPod touch before 2.0, a different vulnerability than CVE-2008-1590.

9.3
2008-07-17 CVE-2008-1665 HP Remote Unauthorized Access vulnerability in HP Select Identity Bidrectional LDAP Connector

Multiple unspecified vulnerabilities in HP Select Identity (HPSI) Active Directory Bidirectional LDAP Connector 2.20, 2.20.001, 2.20.002, and 2.30 allow remote attackers to execute arbitrary code via unspecified vectors.

9.0

23 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-07-18 CVE-2008-3214 Thekelleys Improper Input Validation vulnerability in Thekelleys Dnsmasq 2.25

dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.

7.8
2008-07-17 CVE-2008-3199 Resiprocate Improper Input Validation vulnerability in Resiprocate

Multiple unspecified vulnerabilities in ReSIProcate before 1.3.4 allow remote attackers to cause a denial of service (stack consumption) via unknown network traffic with a large "bytes-in-memory/bytes-on-wire ratio."

7.8
2008-07-16 CVE-2008-3196 Yacc Resource Management Errors vulnerability in Yacc

skeleton.c in yacc does not properly handle reduction of a rule with an empty right hand side, which allows context-dependent attackers to cause an out-of-bounds stack access when the yacc stack pointer points to the end of the stack.

7.8
2008-07-14 CVE-2008-3164 Fuzzylime Path Traversal vulnerability in Fuzzylime CMS 3.01

Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a ..

7.6
2008-07-18 CVE-2008-3228 Joomla Configuration vulnerability in Joomla

Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors.

7.5
2008-07-18 CVE-2008-3227 Joomla Link Following vulnerability in Joomla

Unspecified vulnerability in Joomla! before 1.5.4 has unknown impact and attack vectors related to a "User Redirect Spam fix," possibly an open redirect vulnerability.

7.5
2008-07-18 CVE-2008-3223 Drupal
Fedoraproject
SQL Injection vulnerability in multiple products

SQL injection vulnerability in the Schema API in Drupal 6.x before 6.3 allows remote attackers to execute arbitrary SQL commands via vectors related to "an inappropriate placeholder for 'numeric' fields."

7.5
2008-07-18 CVE-2008-3213 Webcms SQL Injection vulnerability in Webcms Portal Edition

SQL injection vulnerability in secciones/tablon/tablon.php in WebCMS Portal Edition allows remote attackers to execute arbitrary SQL commands via the id parameter to portal/index.php in a tablon action.

7.5
2008-07-18 CVE-2008-3212 Scripteen SQL Injection vulnerability in Scripteen Free Image Hosting Script 1.2.1

Multiple SQL injection vulnerabilities in Scripteen Free Image Hosting Script 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/login.php, or the (3) uname or (4) pass parameter to login.php.

7.5
2008-07-18 CVE-2008-3211 Scripteen Improper Authentication vulnerability in Scripteen Free Image Hosting Script 1.2/1.2.1

Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote attackers to bypass authentication and gain administrative access by setting the cookid cookie value to 1.

7.5
2008-07-18 CVE-2008-3206 Iamilkay SQL Injection vulnerability in Iamilkay Yuhhu Pubs Black CAT

SQL injection vulnerability in browse.groups.php in Yuhhu Pubs Black Cat allows remote attackers to execute arbitrary SQL commands via the category parameter.

7.5
2008-07-17 CVE-2008-3204 E Topbiz SQL Injection vulnerability in E-Topbiz Million Pixels 3

SQL injection vulnerability in tops_top.php in E-topbiz Million Pixels 3 allows remote attackers to execute arbitrary SQL commands via the id_cat parameter.

7.5
2008-07-17 CVE-2008-3203 Auracms Improper Authentication vulnerability in Auracms 2.2/2.2.1/2.2.2

js/pages/pages_data.php in AuraCMS 2.2 through 2.2.2 does not perform authentication, which allows remote attackers to add, edit, and delete web content via a modified id parameter.

7.5
2008-07-17 CVE-2008-3200 Easy Script SQL Injection vulnerability in Easy-Script Avlc Forum

SQL injection vulnerability in vlc_forum.php in Avlc Forum as of 20080715 allows remote attackers to execute arbitrary SQL commands via the id parameter in an affich_message action.

7.5
2008-07-17 CVE-2008-3198 Mozilla Code Injection vulnerability in Mozilla Firefox 3.0

Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject arbitrary web script into a chrome document via unspecified vectors, as demonstrated by injection into a XUL error page.

7.5
2008-07-16 CVE-2008-3193 Sclek SQL Injection vulnerability in Sclek Jsite 1.0

SQL injection vulnerability in jSite 1.0 OE allows remote attackers to execute arbitrary SQL commands via the page parameter to the default URI.

7.5
2008-07-16 CVE-2008-3189 Dreamlevels SQL Injection vulnerability in Dreamlevels Dreamnews Manager

SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2008-07-15 CVE-2008-2599 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2597 and CVE-2008-2598.

7.5
2008-07-15 CVE-2008-2598 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2597 and CVE-2008-2599.

7.5
2008-07-15 CVE-2008-2597 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2598 and CVE-2008-2599.

7.5
2008-07-15 CVE-2008-3183 Gapi CMS Code Injection vulnerability in Gapi CMS Gapicms 9.0.2

PHP remote file inclusion vulnerability in ktmlpro/includes/ktedit/toolbar.php in gapicms 9.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the dirDepth parameter.

7.5
2008-07-15 CVE-2008-3179 W2B Path Traversal vulnerability in W2B PHPdatingclub 3.7

Directory traversal vulnerability in website.php in Web 2 Business (W2B) phpDatingClub (aka Dating Club) 3.7 allows remote attackers to include and execute arbitrary local files via a ..

7.5
2008-07-15 CVE-2008-3178 Webxell Improper Input Validation vulnerability in Webxell Editor 0.1.3

Unrestricted file upload vulnerability in upload_pictures.php in WebXell Editor 0.1.3 allows remote attackers to execute arbitrary code by uploading a .php file with a jpeg content type, then accessing it via a direct request to the file in upload/.

7.5

82 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-07-18 CVE-2008-3229 Swapoff Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Swapoff OP

Stack-based buffer overflow in op before Changeset 563, when xauth support is enabled, allows local users to gain privileges via a long XAUTHORITY environment variable.

6.9
2008-07-18 CVE-2008-3217 Powerdns Numeric Errors vulnerability in Powerdns Recursor

PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning.

6.8
2008-07-18 CVE-2008-2934 Apple
Mozilla
Code Injection vulnerability in Mozilla Firefox 3.0

Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer.

6.8
2008-07-16 CVE-2008-3194 Pluck Path Traversal vulnerability in Pluck 4.5.1

Multiple directory traversal vulnerabilities in data/inc/themes/predefined_variables.php in pluck 4.5.1 allow remote attackers to include and execute arbitrary local files via a ..

6.8
2008-07-16 CVE-2008-3192 Sclek Path Traversal vulnerability in Sclek Jsite 1.0

Directory traversal vulnerability in index.php in jSite 1.0 OE allows remote attackers to include and execute arbitrary local files via a ..

6.8
2008-07-16 CVE-2008-3191 Marcioforum SQL Injection vulnerability in Marcioforum Mforum 0.1A

Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) City, (2) Interest, (3) Email, (4) Icq, (5) msn, or (6) Yahoo Messenger field in an edit_profile action.

6.8
2008-07-16 CVE-2008-3190 1Scripts Path Traversal vulnerability in 1Scripts Codedb 1.1.1

Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 allows remote attackers to include and execute arbitrary local files via a ..

6.8
2008-07-15 CVE-2008-2579 Apache
Oracle
SUN
Microsoft
Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
6.8
2008-07-15 CVE-2008-3185 Vclcomponents SQL Injection vulnerability in Vclcomponents Relative Real Estate Systems

SQL injection vulnerability in index.php in Relative Real Estate Systems 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action.

6.8
2008-07-14 CVE-2008-3173 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer allows web sites to set cookies for domains that have a public suffix with more than one dot character, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking." NOTE: this issue may exist because of an insufficient fix for CVE-2004-0866.

6.8
2008-07-14 CVE-2008-3172 Opera Permissions, Privileges, and Access Controls vulnerability in Opera

Opera allows web sites to set cookies for country-specific top-level domains that have DNS A records, such as co.tv, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking."

6.8
2008-07-14 CVE-2008-3170 Apple Permissions, Privileges, and Access Controls vulnerability in Apple Safari

Apple Safari allows web sites to set cookies for country-specific top-level domains, such as co.uk and com.au, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking," a related issue to CVE-2004-0746, CVE-2004-0866, and CVE-2004-0867.

6.8
2008-07-14 CVE-2008-3165 Fuzzylime Path Traversal vulnerability in Fuzzylime CMS

Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a ..

6.8
2008-07-14 CVE-2008-3163 Regretless Path Traversal vulnerability in Regretless Dodos Mail 2.5

Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote attackers to include and execute arbitrary local files via a ..

6.8
2008-07-14 CVE-2008-2304 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Core Image FUN House

Buffer overflow in Apple Core Image Fun House 2.0 and earlier in CoreImage Examples in Xcode tools before 3.1 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a .funhouse file with a string XML element that contains many characters.

6.8
2008-07-14 CVE-2008-1590 Apple
Webkit
Resource Management Errors vulnerability in Webkit Javascriptcore

JavaScriptCore in WebKit on Apple iPhone before 2.0 and iPod touch before 2.0 does not properly perform runtime garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger memory corruption, a different vulnerability than CVE-2008-2317.

6.8
2008-07-18 CVE-2008-3234 Openbsd
Debian
Permissions, Privileges, and Access Controls vulnerability in Openbsd Openssh 4.0

sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username.

6.5
2008-07-15 CVE-2008-2622 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2616, CVE-2008-2617, CVE-2008-2618, CVE-2008-2620, and CVE-2008-2621.

6.5
2008-07-15 CVE-2008-2620 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2616, CVE-2008-2617, CVE-2008-2618, CVE-2008-2621, and CVE-2008-2622.

6.5
2008-07-15 CVE-2008-2618 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2616, CVE-2008-2617, CVE-2008-2620, CVE-2008-2621, and CVE-2008-2622.

6.5
2008-07-15 CVE-2008-2617 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2616, CVE-2008-2618, CVE-2008-2620, CVE-2008-2621, and CVE-2008-2622.

6.5
2008-07-15 CVE-2008-2616 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2617, CVE-2008-2618, CVE-2008-2620, CVE-2008-2621, and CVE-2008-2622.

6.5
2008-07-15 CVE-2008-2615 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2616, CVE-2008-2617, CVE-2008-2618, CVE-2008-2620, CVE-2008-2621, and CVE-2008-2622.

6.5
2008-07-15 CVE-2008-2613 Oracle Unspecified vulnerability in Oracle Database Scheduler and Database Server

Unspecified vulnerability in the Database Scheduler component in Oracle Database 10.2.0.4 and 11.1.0.6 has unknown impact and local attack vectors.

6.5
2008-07-15 CVE-2008-2610 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors.

6.5
2008-07-15 CVE-2008-2607 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_AQELM.

6.5
2008-07-15 CVE-2008-2606 Oracle Unspecified vulnerability in Oracle Application Object Library and E-Business Suite

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2586.

6.5
2008-07-15 CVE-2008-2604 Oracle Unspecified vulnerability in Oracle Authentication Component and Database Server

Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2605.

6.5
2008-07-15 CVE-2008-2600 Oracle Unspecified vulnerability in Oracle Database Server, Oracle Database and Spatial Component

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to MDSYS.SDO_TOPO_MAP.

6.5
2008-07-15 CVE-2008-2596 Oracle Unspecified vulnerability in Oracle E-Business Suite and Mobile Application Server

Unspecified vulnerability in the Mobile Application Server component in Oracle E-Business Suite 12.0.3 has unknown impact and remote authenticated attack vectors.

6.5
2008-07-15 CVE-2008-2591 Oracle Unspecified vulnerability in Oracle Database 9I and Database Server

Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors.

6.5
2008-07-15 CVE-2008-2585 Oracle Remote Security vulnerability in E-Business Suite 12

Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors.

6.5
2008-07-15 CVE-2008-3181 Content NOW Improper Input Validation vulnerability in Content NOW Content NOW 1.4.1

Unrestricted file upload vulnerability in upload.php in ContentNow CMS 1.4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/.

6.5
2008-07-15 CVE-2008-2609 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors.

6.4
2008-07-15 CVE-2008-2594 Oracle Unspecified vulnerability in Oracle Application Server 10.1.2.3/10.1.4.2

Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2593.

6.4
2008-07-15 CVE-2008-2589 Oracle Unspecified vulnerability in Oracle Application Server and Oracle Portal Component

Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3, 10.1.2.2, and 10.1.4.1 has unknown impact and remote attack vectors.

6.4
2008-07-18 CVE-2008-3222 Drupal
Fedoraproject
Session Fixation vulnerability in multiple products

Session fixation vulnerability in Drupal 5.x before 5.9 and 6.x before 6.3, when contributed modules "terminate the current request during a login event," allows remote attackers to hijack web sessions via unknown vectors.

5.8
2008-07-15 CVE-2008-2601 Oracle Unspecified vulnerability in Oracle E-Business Suite 12.0.4

Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors.

5.5
2008-07-15 CVE-2008-2592 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_DEFER_SYS.

5.5
2008-07-15 CVE-2008-2581 Oracle Unspecified vulnerability in Oracle BEA Product Suite and Weblogic Server Component

Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer.

5.1
2008-07-18 CVE-2008-3226 Joomla Permissions, Privileges, and Access Controls vulnerability in Joomla

The file caching implementation in Joomla! before 1.5.4 allows attackers to access cached pages via unknown attack vectors.

5.0
2008-07-18 CVE-2008-3215 Clam Anti Virus Resource Management Errors vulnerability in Clam Anti-Virus Clamav

libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access.

5.0
2008-07-18 CVE-2008-3210 Resiprocate Improper Input Validation vulnerability in Resiprocate 1.3.2

rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service (daemon crash) via a SIP (1) INVITE or (2) OPTIONS message with a long domain name in a request URI, which triggers an assert error.

5.0
2008-07-18 CVE-2008-3208 Simpledns Improper Input Validation vulnerability in Simpledns Simple DNS Plus 4.1/5.0

Simple DNS Plus 4.1, 5.0, and possibly other versions before 5.1.101 allows remote attackers to cause a denial of service via multiple DNS reply packets.

5.0
2008-07-17 CVE-2008-3205 Easy Script Path Traversal vulnerability in Easy-Script Wysi Wiki WYG 1.0

Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a ..

5.0
2008-07-16 CVE-2008-3145 Wireshark Improper Input Validation vulnerability in Wireshark

The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read.

5.0
2008-07-15 CVE-2008-2595 Oracle Unspecified vulnerability in Oracle Database 10G and Database 9I

Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors.

5.0
2008-07-15 CVE-2008-2582 Oracle Unspecified vulnerability in Oracle BEA Product Suite and Weblogic Server Component

Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors.

5.0
2008-07-15 CVE-2008-2580 Oracle Unspecified vulnerability in Oracle BEA Product Suite and Weblogic Server Component

Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 has unknown impact and remote attack vectors.

5.0
2008-07-15 CVE-2008-3177 Sophos Configuration vulnerability in Sophos products

Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of service (engine crash) via zero-length MIME attachments.

5.0
2008-07-14 CVE-2008-3171 Apple Information Exposure vulnerability in Apple Safari

Apple Safari sends Referer headers containing https URLs to different https web sites, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.

5.0
2008-07-14 CVE-2008-3168 Empire Server Information Exposure vulnerability in Empire Server Empire Server

The files utility in Empire Server before 4.3.15 discloses the world creation time, which makes it easier for attackers to determine the PRNG seed.

5.0
2008-07-14 CVE-2008-2318 Apple Information Exposure vulnerability in Apple Xcode and Xcode Tools

The WOHyperlink implementation in WebObjects in Apple Xcode tools before 3.1 appends local session IDs to generated non-local URLs, which allows remote attackers to obtain potentially sensitive information by reading the requests for these URLs.

5.0
2008-07-18 CVE-2008-3216 Debian Link Following vulnerability in Debian Projectl 1.001

The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack.

4.6
2008-07-17 CVE-2008-2232 Afuse Permissions, Privileges, and Access Controls vulnerability in Afuse 0.2

The expand_template function in afuse.c in afuse 0.2 allows local users to gain privileges via shell metacharacters in a pathname.

4.6
2008-07-15 CVE-2008-2602 Oracle Unspecified vulnerability in Oracle Data Pump Component and Database Server

Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to the IMP_FULL_DATABASE role.

4.6
2008-07-15 CVE-2008-2577 Oracle Unspecified vulnerability in Oracle BEA Product Suite and Webloic Server Component

Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2 MP1 has unknown impact and remote authenticated attack vectors.

4.6
2008-07-18 CVE-2008-3233 Wordpress Cross-Site Scripting vulnerability in Wordpress

Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN development versions only, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2008-07-18 CVE-2008-3231 Xine Improper Input Validation vulnerability in Xine Xine-Lib

xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via a crafted OGG file, as demonstrated by playing lol-ffplay.ogg with xine.

4.3
2008-07-18 CVE-2008-3221 Drupal
Fedoraproject
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of OpenID identities.

4.3
2008-07-18 CVE-2008-3220 Drupal
Fedoraproject
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

Cross-site request forgery (CSRF) vulnerability in Drupal 5.x before 5.8 and 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of "translated strings."

4.3
2008-07-18 CVE-2008-3219 Drupal
Fedoraproject
Cross-Site Scripting vulnerability in multiple products

The Drupal filter_xss_admin function in 5.x before 5.8 and 6.x before 6.3 does not "prevent use of the object HTML tag in administrator input," which has unknown impact and attack vectors, probably related to an insufficient cross-site scripting (XSS) protection mechanism.

4.3
2008-07-18 CVE-2008-3218 Drupal
Fedoraproject
Cross-Site Scripting vulnerability in multiple products

Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) free tagging taxonomy terms, which are not properly handled on node preview pages, and (2) unspecified OpenID values.

4.3
2008-07-17 CVE-2008-3202 Xomol Cross-Site Scripting vulnerability in Xomol CMS 1.2

Cross-site scripting (XSS) vulnerability in index.php in Xomol CMS 1.2 allows remote attackers to inject arbitrary web script or HTML via the current_url parameter in a tellafriend action.

4.3
2008-07-17 CVE-2008-3201 Pagefusion Cross-Site Scripting vulnerability in Pagefusion 1.5

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Pagefusion 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) acct_fname and (2) acct_lname parameters in an edit action, and the (3) PID, (4) PGID, and (5) rez parameters.

4.3
2008-07-15 CVE-2008-2614 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the Oracle HTTP Server component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.3.3 has unknown impact and remote attack vectors.

4.3
2008-07-15 CVE-2008-2612 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the Hyperion BI Plus component in Oracle Application Server 8.3.2.4, 8.5.0.3, 9.2.0.3, 9.2.1.0, and 9.3.1.0 has unknown impact and remote attack vectors.

4.3
2008-07-15 CVE-2008-2593 Oracle Unspecified vulnerability in Oracle Application Server 10.1.2.3.0/10.1.4.2.0

Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2594.

4.3
2008-07-15 CVE-2008-2583 Oracle Unspecified vulnerability in Oracle Application Server and Oracle Portal Component

Unspecified vulnerability in the sample Discussion Forum Portlet for the Oracle Portal component in Oracle Application Server, as available from OTN before 20080715, has unknown impact and remote attack vectors.

4.3
2008-07-15 CVE-2008-2578 Oracle Unspecified vulnerability in Oracle BEA Product Suite and Webloic Server Component

Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 and 9.2 MP1 has unknown impact and local attack vectors.

4.3
2008-07-15 CVE-2008-2576 Oracle Unspecified vulnerability in Oracle BEA Product Suite and Weblogic Server

Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2, 9.1, 9.0, and 8.1 SP6 has unknown impact and local attack vectors.

4.3
2008-07-15 CVE-2008-3186 Chipmunk Scripts Cross-Site Scripting vulnerability in Chipmunk Scripts Chipmunk Blogger

Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog (Blogger) allow remote attackers to inject arbitrary web script or HTML via the membername parameter to (1) members.php, (2) comments.php, (3) photos.php, (4) archive.php, or (5) cat.php.

4.3
2008-07-15 CVE-2008-3184 Vbulletin Cross-Site Scripting vulnerability in Vbulletin

Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.6.10 PL2 and earlier, and 3.7.2 and earlier 3.7.x versions, allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO (PHP_SELF) or (2) the do parameter, as demonstrated by requests to upload/admincp/faq.php.

4.3
2008-07-15 CVE-2008-3180 CWH Underground Cross-Site Scripting vulnerability in CWH Underground Contentnow CMS 1.4.1

Multiple cross-site scripting (XSS) vulnerabilities in upload/file/language_menu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) pageid parameter or (2) PATH_INFO.

4.3
2008-07-14 CVE-2008-3161 IBM Cross-Site Scripting vulnerability in IBM Maximo 4.1/5.2

Multiple cross-site scripting (XSS) vulnerabilities in jsp/common/system/debug.jsp in IBM Maximo 4.1 and 5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Accept, (2) Accept-Language, (3) UA-CPU, (4) Accept-Encoding, (5) User-Agent, or (6) Cookie HTTP header.

4.3
2008-07-14 CVE-2008-1589 Apple Improper Input Validation vulnerability in Apple Safari

Safari on Apple iPhone before 2.0 and iPod touch before 2.0 misinterprets a menu button press as user confirmation for visiting a web site with a (1) self-signed or (2) invalid certificate, which makes it easier for remote attackers to spoof web sites.

4.3
2008-07-14 CVE-2008-1588 Apple Improper Input Validation vulnerability in Apple Safari

Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to spoof the address bar via Unicode ideographic spaces in the URL.

4.3
2008-07-15 CVE-2008-2621 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2615, CVE-2008-2616, CVE-2008-2617, CVE-2008-2618, CVE-2008-2620, and CVE-2008-2622.

4.0
2008-07-15 CVE-2008-2611 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors.

4.0
2008-07-15 CVE-2008-2608 Oracle Unspecified vulnerability in Oracle Data Pump Component and Database Server

Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote authenticated attack vectors related to SYS.KUPF$FILE_INT.

4.0
2008-07-15 CVE-2008-2605 Oracle Unspecified vulnerability in Oracle Authentication Component and Database Server

Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2604.

4.0
2008-07-15 CVE-2008-2586 Oracle Unspecified vulnerability in Oracle Application Object Library and E-Business Suite

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2606.

4.0

6 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-07-16 CVE-2008-3197 Phpmyadmin Cross-Site Request Forgery (CSRF) vulnerability in PHPmyadmin

Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) the convcharset and collation_connection parameters related to an unspecified program that modifies the connection character set.

3.5
2008-07-15 CVE-2008-2603 Oracle Unspecified vulnerability in Oracle Enterprise Manager 10.1.0.5/10.2.0.4/11.1.0.6

Unspecified vulnerability in the Resource Manager component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6, and Database Control in Enterprise Manager, has unknown impact and remote authenticated attack vectors.

3.5
2008-07-15 CVE-2008-2590 Oracle Unspecified vulnerability in Oracle products

Unspecified vulnerability in the Instance Management component in Oracle Database 10.1.0.5 and Enterprise Manager 10.1.0.6 has unknown impact and remote authenticated attack vectors.

3.5
2008-07-17 CVE-2008-2933 Mozilla Improper Input Validation vulnerability in Mozilla Firefox

Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely handled by a vector application, as exploited in conjunction with CVE-2008-2540.

2.6
2008-07-18 CVE-2008-3230 Ffmpeg Improper Input Validation vulnerability in Ffmpeg Lavf Demuxer

The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file, possibly related to gstreamer, as demonstrated by lol-giftopnm.gif.

1.9
2008-07-15 CVE-2008-2587 Oracle Unspecified vulnerability in Oracle Advanced Replication, Database 9I and Database Server

Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors.

1.5