Weekly Vulnerabilities Reports > July 28 to August 3, 2008
Overview
108 new vulnerabilities reported during this period, including 13 critical vulnerabilities and 56 high severity vulnerabilities. This weekly summary report vulnerabilities in 120 products from 87 vendors including Myiosoft, Realnetworks, SUN, Epic Games, and Webwizguide. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Code Injection", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Path Traversal".
- 104 reported vulnerabilities are remotely exploitables.
- 51 reported vulnerabilities have public exploit available.
- 61 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 105 reported vulnerabilities are exploitable by an anonymous user.
- Myiosoft has the most reported vulnerabilities, with 7 reported vulnerabilities.
- Realnetworks has the most reported critical vulnerabilities, with 3 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
13 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2008-08-01 | CVE-2008-3175 | Broadcom CA | Numeric Errors vulnerability in multiple products Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow. | 10.0 |
| 2008-08-01 | CVE-2008-1662 | HP | Configuration vulnerability in HP Hp-Ux and System Administration Manager Unspecified vulnerability in the HP System Administration Manager (SAM) on HP-UX B.11.11 and B.11.23, when used to configure NFS, might allow remote attackers to read or modify arbitrary files, related to an "empty systems list." | 10.0 |
| 2008-07-31 | CVE-2008-3411 | Axesstel | Improper Authentication vulnerability in Axesstel Akw-D800 D2Eth10901Vebr The Axesstel AXW-D800 modem with D2_ETH_109_01_VEBR Jun-14-2006 software does not require authentication for (1) etc/config/System.html, (2) etc/config/Network.html, (3) etc/config/Security.html, (4) cgi-bin/sysconf.cgi, and (5) cgi-bin/route.cgi, which allows remote attackers to change the modem's configuration via direct requests. | 10.0 |
| 2008-07-30 | CVE-2008-3376 | Jamroom | Permissions, Privileges, and Access Controls vulnerability in Jamroom Multiple unspecified vulnerabilities in JamRoom before 3.4.0 have unknown impact and attack vectors. | 10.0 |
| 2008-07-30 | CVE-2008-3362 | Giulio Ganci Wordpress | Improper Input Validation vulnerability in multiple products Unrestricted file upload vulnerability in upload.php in the Giulio Ganci Wp Downloads Manager module 0.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension via the upfile parameter, then accessing it via a direct request to the file in wp-content/plugins/downloads-manager/upload/. | 10.0 |
| 2008-07-28 | CVE-2008-3349 | Netapp IBM | Permissions, Privileges, and Access Controls vulnerability in Netapp Data Ontap Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. | 10.0 |
| 2008-07-28 | CVE-2008-3064 | Realnetworks | Permissions, Privileges, and Access Controls vulnerability in Realnetworks Realplayer 10.0/10.5 Unspecified vulnerability in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 has unknown impact and attack vectors, probably related to accessing local files, aka a "Local resource reference vulnerability." RealPlayer has indicated that a version exists called "enterprise." Link: http://service.real.com/realplayer/security/07252008_player/en/ | 10.0 |
| 2008-08-01 | CVE-2007-2952 | Blue Coat Systems | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Blue Coat Systems Filter and K9 web Protection Multiple stack-based buffer overflows in the filter service (aka k9filter.exe) in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow (1) remote attackers to execute arbitrary code via a long HTTP Referer header to the K9 Web Protection Administration interface and (2) man-in-the-middle attackers to execute arbitrary code via an HTTP response with a long HTTP version field. | 9.3 |
| 2008-07-31 | CVE-2008-3430 | Eyeball Networks | Buffer Errors vulnerability in Eyeball Networks Eyeball Messenger SDK 5.0.907.1 Buffer overflow in the CoVideoWindow.ocx ActiveX control 5.0.907.1 in Eyeball MessengerSDK, as used in products such as SiOL Komunikator 1.3, allows remote attackers to execute arbitrary code via a large argument supplied to the BGColor method. | 9.3 |
| 2008-07-30 | CVE-2008-3364 | Trend Micro | Buffer Errors vulnerability in Trend Micro Officescan 7.3 Buffer overflow in the ObjRemoveCtrl Class ActiveX control in OfficeScanRemoveCtrl.dll 7.3.0.1020 in Trend Micro OfficeScan Corp Edition (OSCE) Web-Deployment 7.0, 7.3 build 1343 Patch 4 and other builds, and 8.0; Client Server Messaging Security (CSM) 3.5 and 3.6; and Worry-Free Business Security (WFBS) 5.0 allows remote attackers to execute arbitrary code via a long string in the Server property, and possibly other properties. | 9.3 |
| 2008-07-29 | CVE-2008-3360 | Intellitamper | Buffer Errors vulnerability in Intellitamper 2.0.7 Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code via a long URL in the HREF attribute of an A element, a different vulnerability than CVE-2006-2494. | 9.3 |
| 2008-07-28 | CVE-2008-3066 | Realnetworks | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer 10.0/10.5 Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 allows remote attackers to execute arbitrary code by importing a file into a media library and then deleting this file. | 9.3 |
| 2008-07-28 | CVE-2007-5400 | Real Realnetworks | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file. | 9.3 |
56 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2008-08-01 | CVE-2008-3438 | Apple | Download of Code Without Integrity Check vulnerability in Apple mac OS X Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 8.1 |
| 2008-07-29 | CVE-2008-1667 | EPS HP | Numeric Errors vulnerability in multiple products The Probe Builder Service (aka PBOVISServer.exe) in European Performance Systems (EPS) Probe Builder 2.2 before A.02.20.901, as used in HP OpenView Internet Services (OVIS) on Windows, allows remote attackers to kill arbitrary processes via a process ID number in an unspecified opcode. | 7.8 |
| 2008-07-28 | CVE-2008-3323 | Redhat | Improper Input Validation vulnerability in Redhat Cygwin 1.5.19/1.5.7/1.5.71 setup.exe before 2.573.2.3 in Cygwin does not properly verify the authenticity of packages, which allows remote Cygwin mirror servers or man-in-the-middle attackers to execute arbitrary code via a package list containing the MD5 checksum of a Trojan horse package. | 7.6 |
| 2008-08-01 | CVE-2008-3442 | Winzip | Code Injection vulnerability in Winzip WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 7.5 |
| 2008-08-01 | CVE-2008-3441 | Nullsoft | Code Injection vulnerability in Nullsoft Winamp Nullsoft Winamp before 5.24 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 7.5 |
| 2008-08-01 | CVE-2008-3440 | SUN | Code Injection vulnerability in SUN Java 1.6.0 Sun Java 1.6.0_03 and earlier versions, and possibly later versions, does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 7.5 |
| 2008-08-01 | CVE-2008-3439 | Speedbit | Code Injection vulnerability in Speedbit Video Accelerator SpeedBit Video Acceleration before 2.2.1.8 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 7.5 |
| 2008-08-01 | CVE-2008-3437 | Openoffice | Code Injection vulnerability in Openoffice Openoffice.Org OpenOffice.org (OOo) before 2.1.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 7.5 |
| 2008-08-01 | CVE-2008-3436 | Notepad | Code Injection vulnerability in Notepad++ The GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 7.5 |
| 2008-08-01 | CVE-2008-3435 | Code Injection vulnerability in Linkedin Browser Toolbar LinkedIn Browser Toolbar 3.0.3.1100 and earlier does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 7.5 | |
| 2008-08-01 | CVE-2008-3434 | Apple | Code Injection vulnerability in Apple Itunes Apple iTunes before 10.5.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 7.5 |
| 2008-08-01 | CVE-2008-3433 | Speedbit | Code Injection vulnerability in Speedbit Download Accelerator Plus 8.0/8.1/8.5 SpeedBit Download Accelerator Plus (DAP) before 8.6.3.9 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 7.5 |
| 2008-08-01 | CVE-2008-3142 | Python Canonical Debian | Classic Buffer Overflow vulnerability in multiple products Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. | 7.5 |
| 2008-08-01 | CVE-2008-2935 | Xmlsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xmlsoft Libxslt Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input." | 7.5 |
| 2008-08-01 | CVE-2008-1376 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat NFS Utils 1.0.9 A certain Red Hat build script for nfs-utils before 1.0.9-35z.el5_2 on Red Hat Enterprise Linux (RHEL) 5 omits TCP wrappers support, which might allow remote attackers to bypass intended access restrictions. | 7.5 |
| 2008-07-31 | CVE-2008-3420 | Willo | SQL Injection vulnerability in Willo Mobius web Publishing Software Multiple SQL injection vulnerabilities in Mobius for Mimsy XG 1 1.4.4.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to browse.php or (2) the s parameter in an exhibitions action to detail.php. | 7.5 |
| 2008-07-31 | CVE-2008-3419 | Greatclone | SQL Injection vulnerability in Greatclone Youtuber Clone SQL injection vulnerability in ugroups.php in Youtuber Clone allows remote attackers to execute arbitrary SQL commands via the UID parameter. | 7.5 |
| 2008-07-31 | CVE-2008-3418 | Willo | SQL Injection vulnerability in Willo Trio SQL injection vulnerability in browse.php in TriO 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-07-31 | CVE-2008-3417 | Fipsasp | SQL Injection vulnerability in Fipsasp Fipscms Light SQL injection vulnerability in home/index.asp in fipsCMS light 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the r parameter, a different vector than CVE-2006-6115 and CVE-2007-2561. | 7.5 |
| 2008-07-31 | CVE-2008-3416 | Icebb | SQL Injection vulnerability in Icebb 1.0 SQL injection vulnerability in modules/members.php in IceBB before 1.0-rc9.3 allows remote attackers to execute arbitrary SQL commands via the username parameter in a members action to index.php, related to an incorrect protection mechanism in the clean_string function in includes/functions.php. | 7.5 |
| 2008-07-31 | CVE-2008-3415 | Cmscout | Path Traversal vulnerability in Cmscout 2.05 Directory traversal vulnerability in common.php in CMScout 2.05, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bit parameter, as demonstrated by an upload to avatar/ of a .jpg file containing PHP sequences. | 7.5 |
| 2008-07-31 | CVE-2008-3414 | Siteadmin | SQL Injection vulnerability in Siteadmin CMS SQL injection vulnerability in line2.php in SiteAdmin allows remote attackers to execute arbitrary SQL commands via the art parameter. | 7.5 |
| 2008-07-31 | CVE-2008-3413 | Greatclone | SQL Injection vulnerability in Greatclone Auction Platinum SQL injection vulnerability in category.php in Greatclone GC Auction Platinum allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. | 7.5 |
| 2008-07-31 | CVE-2008-3412 | Ecshop | SQL Injection vulnerability in Ecshop Epshop SQL injection vulnerability in Comsenz EPShop (aka ECShop) before 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a (1) pro_show or (2) disppro action to the default URI. | 7.5 |
| 2008-07-31 | CVE-2008-3409 | Epic Games | Buffer Errors vulnerability in Epic Games Unreal Tournament 3 1.1/1.2 Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a UDP packet containing a large value in a certain size field, followed by a data string of that size, aka attack 1 in ut3mendo.c. | 7.5 |
| 2008-07-31 | CVE-2008-3406 | Phplinkat | SQL Injection vulnerability in PHPlinkat 0.1 SQL injection vulnerability in showcat.php in phpLinkat 0.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |
| 2008-07-31 | CVE-2008-3403 | Mojoscripts | SQL Injection vulnerability in Mojoscripts Mojopersonals SQL injection vulnerability in mojoClassified.cgi in MojoPersonals allows remote attackers to execute arbitrary SQL commands via the cat parameter. | 7.5 |
| 2008-07-31 | CVE-2008-3402 | Hscripts | Code Injection vulnerability in Hscripts Hiox Random AD 2.0 Multiple PHP remote file inclusion vulnerabilities in HIOX Browser Statistics (HBS) 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the hm parameter to (1) hioxupdate.php and (2) hioxstats.php. | 7.5 |
| 2008-07-31 | CVE-2008-3401 | Hscripts | Code Injection vulnerability in Hscripts Hiox Random AD 1.3 PHP remote file inclusion vulnerability in hioxRandomAd.php in HIOX Random Ad (HRA) 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the hm parameter. | 7.5 |
| 2008-07-31 | CVE-2008-3393 | Infomining | SQL Injection vulnerability in Infomining Bookmine SQL injection vulnerability in events.cfm in BookMine allows remote attackers to execute arbitrary SQL commands via the events_id parameter. | 7.5 |
| 2008-07-30 | CVE-2008-3388 | Easy Script | SQL Injection vulnerability in Easy-Script DEF Blog 1.0.3 Multiple SQL injection vulnerabilities in Def-Blog 1.0.3 allow remote attackers to execute arbitrary SQL commands via the article parameter to (1) comaddok.php and (2) comlook.php. | 7.5 |
| 2008-07-30 | CVE-2008-3387 | Phpfootball | SQL Injection vulnerability in PHPfootball 1.6 SQL injection vulnerability in show.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the dbtable parameter. | 7.5 |
| 2008-07-30 | CVE-2008-3386 | Alstrasoft | SQL Injection vulnerability in Alstrasoft Video Share Enterprise 4.51 SQL injection vulnerability in album.php in AlstraSoft Video Share Enterprise 4.51 allows remote attackers to execute arbitrary SQL commands via the UID parameter, a different vector than CVE-2007-4086. | 7.5 |
| 2008-07-30 | CVE-2008-3384 | CCE Interact | Path Traversal vulnerability in Cce-Interact Interact 2.4.1 Multiple directory traversal vulnerabilities in help/help.php in Interact Learning Community Environment Interact 2.4.1 allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2008-07-30 | CVE-2008-3383 | Mojoscripts | SQL Injection vulnerability in Mojoscripts Mojoauto SQL injection vulnerability in mojoAuto.cgi in MojoAuto allows remote attackers to execute arbitrary SQL commands via the cat_a parameter in a browse action. | 7.5 |
| 2008-07-30 | CVE-2008-3382 | Mojoscripts | SQL Injection vulnerability in Mojoscripts Mojoclassifieds 2.0 SQL injection vulnerability in mojoClassified.cgi in MojoClassifieds 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_a parameter. | 7.5 |
| 2008-07-30 | CVE-2008-3378 | Fizzmedia Negativekarma | SQL Injection vulnerability in Fizzmedia Negativekarma Fizzmedia 1.51.2 SQL injection vulnerability in comment.php in Fizzmedia 1.51.2 allows remote attackers to execute arbitrary SQL commands via the mid parameter. | 7.5 |
| 2008-07-30 | CVE-2008-3377 | Brandon Tallent | SQL Injection vulnerability in Brandon Tallent PHPtest 0.6.3 SQL injection vulnerability in picture.php in phpTest 0.6.3 allows remote attackers to execute arbitrary SQL commands via the image_id parameter. | 7.5 |
| 2008-07-30 | CVE-2008-3375 | Jamroom | Improper Authentication vulnerability in Jamroom The jrCookie function in includes/jamroom-misc.inc.php in JamRoom before 3.4.0 allows remote attackers to bypass authentication and gain administrative access via a boolean value within serialized data in a JMU_Cookie cookie. | 7.5 |
| 2008-07-30 | CVE-2008-3374 | Gregarius | SQL Injection vulnerability in Gregarius SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action. | 7.5 |
| 2008-07-30 | CVE-2008-3372 | Greatclone | SQL Injection vulnerability in Greatclone Getacoder Clone SQL injection vulnerability in search_form.php in Getacoder Clone allows remote attackers to execute arbitrary SQL commands via the sb_protype parameter. | 7.5 |
| 2008-07-30 | CVE-2008-3371 | Talkback | Path Traversal vulnerability in Talkback 2.3.5 Directory traversal vulnerability in install/help.php in TalkBack 2.3.5, and other versions before 2.3.6.2, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter. | 7.5 |
| 2008-07-30 | CVE-2008-3370 | EMC | SQL Injection vulnerability in EMC Centera Universal Access 4.04735 SQL injection vulnerability in the CUA Login Module in EMC Centera Universal Access (CUA) 4.0_4735.p4 allows remote attackers to execute arbitrary SQL commands via the user (user name) field. | 7.5 |
| 2008-07-30 | CVE-2008-3369 | Viart | SQL Injection vulnerability in Viart Shop SQL injection vulnerability in products_rss.php in ViArt Shop 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | 7.5 |
| 2008-07-30 | CVE-2008-3366 | Pligg | SQL Injection vulnerability in Pligg CMS 9.9.0 SQL injection vulnerability in story.php in Pligg CMS Beta 9.9.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-07-30 | CVE-2008-3363 | Dokeos | Path Traversal vulnerability in Dokeos E-Learning System 1.8.5 Directory traversal vulnerability in user_portal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote attackers to include and execute arbitrary local files via a ..\ (dot dot backslash) in the include parameter. | 7.5 |
| 2008-07-29 | CVE-2008-3361 | Intellitamper | Buffer Errors vulnerability in Intellitamper 2.0.7 Stack-based buffer overflow in IntelliTamper 2.07 allows remote web sites to execute arbitrary code via a long HTTP Server header. | 7.5 |
| 2008-07-29 | CVE-2008-3359 | OWL | SQL Injection vulnerability in OWL Intranet Knowledgebase 0.94 SQL injection vulnerability in register.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
| 2008-07-28 | CVE-2008-3355 | Camera Life | SQL Injection vulnerability in Camera Life Camera Life 2.6.2 SQL injection vulnerability in sitemap.xml.php in Camera Life 2.6.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. | 7.5 |
| 2008-07-28 | CVE-2008-3354 | Runcms | Code Injection vulnerability in Runcms Newbb Plus Module and Runcms Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus (newbb_plus) module 0.93 in RunCMS 1.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) bbPath[path] parameter to votepolls.php and the (2) bbPath[root_theme] parameter to config.php, different vectors than CVE-2006-0659. | 7.5 |
| 2008-07-28 | CVE-2008-3352 | Nersoft | SQL Injection vulnerability in Nersoft Live Music Plus 1.1.0 SQL injection vulnerability in index.php in Live Music Plus 1.1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a Singer action. | 7.5 |
| 2008-07-28 | CVE-2008-3351 | Atomphotoblog | SQL Injection vulnerability in Atomphotoblog 1.0.9.1/1.1.5 SQL injection vulnerability in atomPhotoBlog.php in Atom PhotoBlog 1.0.9.1 and 1.1.5b1 allows remote attackers to execute arbitrary SQL commands via the photoId parameter in a show action. | 7.5 |
| 2008-07-28 | CVE-2008-3347 | Myiosoft | SQL Injection vulnerability in Myiosoft Easydynamicpages 3.0 SQL injection vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to execute arbitrary SQL commands via the read parameter. | 7.5 |
| 2008-07-28 | CVE-2008-3346 | E Topbiz | SQL Injection vulnerability in E-Topbiz Shopcart DX SQL injection vulnerability in product_detail.php in ShopCart DX allows remote attackers to execute arbitrary SQL commands via the pid parameter. | 7.5 |
| 2008-07-28 | CVE-2008-3343 | Myiosoft | SQL Injection vulnerability in Myiosoft Easypublish 3.0 SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr (trial edition) allows remote attackers to execute arbitrary SQL commands via the read parameter in a search action. | 7.5 |
| 2008-07-28 | CVE-2008-3341 | Jobbex | SQL Injection vulnerability in Jobbex Jobsite Multiple SQL injection vulnerabilities in search_result.cfm in Jobbex JobSite allow remote attackers to execute arbitrary SQL commands via the (1) jobcountryid and (2) jobstateid parameters. | 7.5 |
37 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2008-07-31 | CVE-2008-3429 | Httrack | Buffer Errors vulnerability in Httrack and Winhttrack Buffer overflow in URI processing in HTTrack and WinHTTrack before 3.42-3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL. | 6.8 |
| 2008-07-31 | CVE-2008-3408 | Coolplayer | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Coolplayer Stack-based buffer overflow in CoolPlayer 2.18, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a crafted m3u file. | 6.8 |
| 2008-07-31 | CVE-2008-3405 | Nazgulled | Path Traversal vulnerability in Nazgulled Nzfotolog 0.4.1 Directory traversal vulnerability in index.php in Ricardo Amaral nzFotolog 0.4.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action_file parameter. | 6.8 |
| 2008-07-31 | CVE-2008-3399 | Xrms | Code Injection vulnerability in Xrms CRM 1.99.2 PHP remote file inclusion vulnerability in activities/workflow-activities.php in XRMS CRM 1.99.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the include_directory parameter. | 6.8 |
| 2008-07-31 | CVE-2008-3390 | Minishowcase | Path Traversal vulnerability in Minishowcase Image Gallery 09B136 Directory traversal vulnerability in libraries/general.init.php in Minishowcase Image Gallery 09b136, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
| 2008-07-30 | CVE-2008-3385 | Linuxwebshop | Path Traversal vulnerability in Linuxwebshop PHP Help Agent 1.0/1.1 Directory traversal vulnerability in include/head_chat.inc.php in php Help Agent 1.0 and 1.1 Full allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
| 2008-07-30 | CVE-2008-3365 | Microsoft Pixelpost | Path Traversal vulnerability in Pixelpost 1.7.1 Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
| 2008-07-28 | CVE-2008-3345 | Myiosoft | SQL Injection vulnerability in Myiosoft Easye-Cards 3.10/3.5 SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the sid parameter in a pickup action. | 6.8 |
| 2008-07-28 | CVE-2008-3339 | Avidweb Technologies | Information Exposure vulnerability in Avidweb Technologies Jobbex Jobsite search_result.cfm in Jobbex JobSite allows remote attackers to obtain sensitive information via unspecified vectors that reveal the installation path in an error message. | 6.8 |
| 2008-07-31 | CVE-2008-3428 | Phpfreechat | Improper Authentication vulnerability in PHPfreechat 1.0/1.1 Session fixation vulnerability in phpFreeChat 1.1 allows remote authenticated users to hijack web sessions by setting the session_id parameter to match the victim's nickid parameter. | 6.5 |
| 2008-07-31 | CVE-2008-3425 | SUN | Improper Authentication vulnerability in SUN products Unspecified vulnerability in the Sun Java System Web Server 7.0 plugin in Sun N1 Service Provisioning System (SPS) 5.2 and 6.0 allows remote authenticated SPS users to gain administrative access to the web server via unknown attack vectors. | 6.5 |
| 2008-07-30 | CVE-2008-3368 | Atutor | Code Injection vulnerability in Atutor PHP remote file inclusion vulnerability in tools/packages/import.php in ATutor 1.6.1 pl1 and earlier allows remote authenticated administrators to execute arbitrary PHP code via a URL in the type parameter. | 6.5 |
| 2008-07-31 | CVE-2008-3392 | Webwizguide | Cross-Site Request Forgery (CSRF) vulnerability in Webwizguide web WIZ Forum 9.5 Cross-site request forgery (CSRF) vulnerability in Web Wiz Forum 9.5 allows remote attackers to log out a user via a link or IMG tag to log_off_user.asp. | 5.8 |
| 2008-07-31 | CVE-2008-3410 | Epic Games | Improper Input Validation vulnerability in Epic Games Unreal Tournament 3 1.1/1.2 Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a UDP packet in which the value of a certain size field is greater than the total packet length, aka attack 2 in ut3mendo.c. | 5.0 |
| 2008-07-31 | CVE-2008-3407 | Phplinkat | Improper Authentication vulnerability in PHPlinkat 0.1 phpLinkat 0.1 allows remote attackers to bypass authentication and access unspecified pages under admin/ by sending a login=right cookie. | 5.0 |
| 2008-07-31 | CVE-2008-3396 | Epic Games | Improper Input Validation vulnerability in Epic Games Unreal Tournament 2004 3120/3334 Unreal Tournament 2004 (UT2004) 3369 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a certain sequence of malformed packets. | 5.0 |
| 2008-07-31 | CVE-2008-3395 | Linux Calacode | Permissions, Privileges, and Access Controls vulnerability in Calacode Atmail 5.41 Calacode @Mail 5.41 on Linux uses weak world-readable permissions for (1) webmail/libs/Atmail/Config.php and (2) webmail/webadmin/.htpasswd, which allows local users to obtain sensitive information by reading these files. | 5.0 |
| 2008-07-30 | CVE-2008-3373 | Grisoft | Numeric Errors vulnerability in Grisoft AVG Antivirus 7.1/7.5/8.0 The files parsing engine in Grisoft AVG Anti-Virus before 8.0.156 allows remote attackers to cause a denial of service (engine crash) via a crafted UPX compressed file, which triggers a divide-by-zero error. | 5.0 |
| 2008-07-28 | CVE-2008-3350 | THE Kelleys | Unspecified vulnerability in the Kelleys Dnsmasq 2.43 dnsmasq 2.43 allows remote attackers to cause a denial of service (daemon crash) by (1) sending a DHCPINFORM while lacking a DHCP lease, or (2) attempting to renew a nonexistent DHCP lease for an invalid subnet as an "unknown client," a different vulnerability than CVE-2008-3214. | 5.0 |
| 2008-08-01 | CVE-2008-2235 | Siemens Opensc Project | Cryptographic Issues vulnerability in Opensc-Project Opensc OpenSC before 0.11.5 uses weak permissions (ADMIN file control information of 00) for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4, which allows physically proximate attackers to change the PIN. | 4.9 |
| 2008-08-01 | CVE-2008-1810 | Linux SAP | Permissions, Privileges, and Access Controls vulnerability in SAP Maxdb 7.6.03.15 Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 on Linux allows local users to gain privileges via a modified PATH environment variable. | 4.4 |
| 2008-07-28 | CVE-2008-1946 | GNU | Permissions, Privileges, and Access Controls vulnerability in GNU Coreutils 5.2.1 The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command line, related to improper use of the pam_succeed_if.so module. | 4.4 |
| 2008-07-31 | CVE-2008-3422 | Mono Mono Project | Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in the ASP.net class libraries in Mono 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted attributes related to (1) HtmlControl.cs (PreProcessRelativeReference), (2) HtmlForm.cs (RenderAttributes), (3) HtmlInputButton (RenderAttributes), (4) HtmlInputRadioButton (RenderAttributes), and (5) HtmlSelect (RenderChildren). | 4.3 |
| 2008-07-31 | CVE-2008-3404 | Mdsjack | Cross-Site Scripting vulnerability in Mdsjack Mjguest 6.8 Cross-site scripting (XSS) vulnerability in guestbook.js.php in MJGuest 6.8 GT allows remote attackers to inject arbitrary web script or HTML via the link parameter. | 4.3 |
| 2008-07-31 | CVE-2008-3400 | Xrms | Information Exposure vulnerability in Xrms CRM 1.99.2 XRMS CRM 1.99.2 allows remote attackers to obtain configuration information via a direct request to tests/info.php, which calls the phpinfo function. | 4.3 |
| 2008-07-31 | CVE-2008-3397 | Runesoft | Cross-Site Scripting vulnerability in Runesoft Cerberus CMS Cross-site scripting (XSS) vulnerability in Runesoft Cerberus CMS before 3_1.4_0.9 allows remote attackers to inject arbitrary web script or HTML via a cerberus_user cookie. | 4.3 |
| 2008-07-31 | CVE-2008-3394 | Infomining | Cross-Site Scripting vulnerability in Infomining Bookmine Multiple cross-site scripting (XSS) vulnerabilities in search.cfm in BookMine allow remote attackers to inject arbitrary web script or HTML via the (1) gallery and (2) search_string parameters. | 4.3 |
| 2008-07-31 | CVE-2008-3391 | Webwizguide | Cross-Site Scripting vulnerability in Webwizguide web WIZ Forum 9.5 Multiple cross-site scripting (XSS) vulnerabilities in Web Wiz Forum 9.5 allow remote attackers to inject arbitrary web script or HTML via the mode parameter to (1) admin_group_details.asp and (2) admin_category_details.asp. | 4.3 |
| 2008-07-30 | CVE-2008-3381 | Moinmoin | Cross-Site Scripting vulnerability in Moinmoin 1.6.3/1.7.0 Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin (and MoinMoin) 1.6.3 and 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-07-30 | CVE-2008-3380 | Myiosoft | Cross-Site Scripting vulnerability in Myiosoft Easybookmarker 4.0 Cross-site scripting (XSS) vulnerability in ajaxp_backend.php in MyioSoft EasyBookMarker 4.0 trial edition (tr) allows remote attackers to inject arbitrary web script or HTML via the rs parameter. | 4.3 |
| 2008-07-30 | CVE-2008-3379 | Snarky | Cross-Site Scripting vulnerability in Snarky Visualpic 0.3.1 Cross-site scripting (XSS) vulnerability in Snark VisualPic 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the pic parameter to the default URI. | 4.3 |
| 2008-07-30 | CVE-2008-3367 | Webwizguide | Cross-Site Scripting vulnerability in Webwizguide web WIZ Rich Text Editor 3/4.0/4.01 Cross-site scripting (XSS) vulnerability in RTE_popup_link.asp in Web Wiz Rich Text Editor (RTE) 3.x and 4.x before 4.03 allows remote attackers to inject arbitrary web script or HTML via the email parameter. | 4.3 |
| 2008-07-29 | CVE-2008-3100 | OWL | Cross-Site Scripting vulnerability in OWL Intranet Knowledgebase 0.94 Cross-site scripting (XSS) vulnerability in lib/owl.lib.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter in a getpasswd action to register.php. | 4.3 |
| 2008-07-28 | CVE-2008-3348 | Myiosoft | Cross-Site Scripting vulnerability in Myiosoft Easydynamicpages 3.0 Cross-site scripting (XSS) vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to inject arbitrary web script or HTML via the year parameter. | 4.3 |
| 2008-07-28 | CVE-2008-3344 | Myiosoft | Cross-Site Scripting vulnerability in Myiosoft Easye-Cards 3.10/3.5 Multiple cross-site scripting (XSS) vulnerabilities in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a allow remote attackers to inject arbitrary web script or HTML via the (1) ResultHtml, (2) dir, (3) SenderName, (4) RecipientName, (5) SenderMail, and (6) RecipientMail parameters. | 4.3 |
| 2008-07-28 | CVE-2008-3342 | Myiosoft | Cross-Site Scripting vulnerability in Myiosoft Easypublish 3.0 Cross-site scripting (XSS) vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr allows remote attackers to inject arbitrary web script or HTML via the read parameter in an edp_News action. | 4.3 |
| 2008-07-28 | CVE-2008-3340 | Jobbex | Cross-Site Scripting vulnerability in Jobbex Jobsite Cross-site scripting (XSS) vulnerability in search_result.cfm in Jobbex JobSite allows remote attackers to inject arbitrary web script or HTML via the searchFor variable (possibly the opt parameter.) | 4.3 |
2 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2008-07-31 | CVE-2008-3398 | Xrms | Cross-Site Scripting vulnerability in Xrms CRM 1.99.2 Multiple cross-site scripting (XSS) vulnerabilities in XRMS CRM 1.99.2 allow remote attackers to inject arbitrary web script or HTML via the msg parameter to unspecified components, possibly including login.php. | 2.6 |
| 2008-07-31 | CVE-2008-3426 | SUN | Local Denial of Service vulnerability in SUN Opensolaris, Solaris and Sunos Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld) in Sun Solaris 8 through 10, and OpenSolaris builds snv_01 through snv_95, allows local users to cause a denial of service via unknown vectors that prevent operation of utilities such as prtdiag, prtpicl, and prtfru. | 2.1 |