Weekly Vulnerabilities Reports > October 13 to 19, 2008
Overview
117 new vulnerabilities reported during this period, including 28 critical vulnerabilities and 28 high severity vulnerabilities. This weekly summary report vulnerabilities in 94 products from 55 vendors including Oracle, Microsoft, Cisco, HP, and Broadcom. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Permissions, Privileges, and Access Controls", "SQL Injection", "Cross-site Scripting", and "Improper Input Validation".
- 106 reported vulnerabilities are remotely exploitables.
- 27 reported vulnerabilities have public exploit available.
- 21 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 88 reported vulnerabilities are exploitable by an anonymous user.
- Oracle has the most reported vulnerabilities, with 36 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 8 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
28 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-10-17 | CVE-2008-4595 | Slaytanic Scripts | Multiple Unspecified vulnerability in Slaytanic Scripts Content Plus 2.1.1 Multiple unspecified vulnerabilities in Slaytanic Scripts Content Plus 2.1.1 have unknown impact and remote attack vectors. | 10.0 |
2008-10-17 | CVE-2008-4594 | Linksys Marvell | Unspecified vulnerability in Linksys Wap400N 1.2.14 Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote. | 10.0 |
2008-10-17 | CVE-2008-4401 | Adobe | Permissions, Privileges, and Access Controls vulnerability in Adobe Flash Player ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not require user interaction in conjunction with (1) the FileReference.browse operation in the FileReference upload API or (2) the FileReference.download operation in the FileReference download API, which allows remote attackers to create a browse dialog box, and possibly have unspecified other impact, via an SWF file. | 10.0 |
2008-10-16 | CVE-2008-4592 | Sportspanel | Path Traversal vulnerability in Sportspanel Sports Clubs web Portal 0.0.1 Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote attackers to include and execute arbitrary local files via a .. | 10.0 |
2008-10-15 | CVE-2008-4588 | Etype | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Etype Eserv 3.0/3.25/3.26 Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, possibly 3.26, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to the ABOR command. | 10.0 |
2008-10-15 | CVE-2008-4572 | Guildftpd | Buffer Errors vulnerability in Guildftpd 0.999.14 GuildFTPd 0.999.14, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the CWD and LIST commands, which triggers heap corruption related to an improper free call, and possibly triggering a heap-based buffer overflow. | 10.0 |
2008-10-15 | CVE-2008-4023 | Microsoft | Resource Management Errors vulnerability in Microsoft Windows 2000 Active Directory in Microsoft Windows 2000 SP4 does not properly allocate memory for (1) LDAP and (2) LDAPS requests, which allows remote attackers to execute arbitrary code via a crafted request, aka "Active Directory Overflow Vulnerability." | 10.0 |
2008-10-15 | CVE-2008-3479 | Microsoft | Improper Input Validation vulnerability in Microsoft Windows 2000 Heap-based buffer overflow in the Microsoft Message Queuing (MSMQ) service (mqsvc.exe) in Microsoft Windows 2000 SP4 allows remote attackers to read memory contents and execute arbitrary code via a crafted RPC call, related to improper processing of parameters to string APIs, aka "Message Queuing Service Remote Code Execution Vulnerability." | 10.0 |
2008-10-15 | CVE-2008-3466 | Microsoft | Improper Authentication vulnerability in Microsoft products Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS Command Execution Vulnerability." | 10.0 |
2008-10-14 | CVE-2008-4557 | Cutephp | Code Injection vulnerability in Cutephp Cutenews 1.1.1 plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 (aka Strawberry) allows remote attackers to execute arbitrary PHP code via the text parameter, which is inserted into an executable regular expression. | 10.0 |
2008-10-14 | CVE-2008-4556 | SUN | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in SUN Solaris 8/9 Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request. | 10.0 |
2008-10-14 | CVE-2008-4480 | Novell | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Edirectory Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that under-allocates a heap buffer. | 10.0 |
2008-10-14 | CVE-2008-4479 | Novell | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Edirectory Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header. | 10.0 |
2008-10-14 | CVE-2008-4478 | Novell | Numeric Errors vulnerability in Novell Edirectory Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer overflow. | 10.0 |
2008-10-14 | CVE-2008-4008 | Oracle | Unspecified vulnerability in Oracle BEA Product Suite Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 10.0 |
2008-10-14 | CVE-2008-4397 | Broadcom CA | Improper Input Validation vulnerability in multiple products Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. | 10.0 |
2008-10-13 | CVE-2008-4541 | SUN | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in SUN Java System web Proxy Server Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request. | 10.0 |
2008-10-17 | CVE-2008-4473 | Adobe Microsoft | Buffer Errors vulnerability in Adobe Flash Player Cs3/Mx2004 Multiple heap-based buffer overflows in Adobe Flash CS3 Professional on Windows and Flash MX 2004 allow remote attackers to execute arbitrary code via an SWF file containing long control parameters. | 9.3 |
2008-10-15 | CVE-2008-4587 | Acresso | Arbitrary File Download vulnerability in Acresso Flexnet Connect 6.1 Insecure method vulnerability in the MSVNClientDownloadManager61Lib.DownloadManager.1 ActiveX control (ISDM.exe 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the AddFile and RunScheduledJobs methods. | 9.3 |
2008-10-15 | CVE-2008-4586 | Acresso | Arbitrary File Download vulnerability in Acresso Flexnet Connect 6.1 Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ActiveX control (isusweb.dll 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the DownloadAndExecute method. | 9.3 |
2008-10-15 | CVE-2008-4019 | Microsoft | Integer Overflow or Wraparound vulnerability in Microsoft products Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office SharePoint Server 2007 Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file containing a formula within a cell, aka "Formula Parsing Vulnerability." | 9.3 |
2008-10-15 | CVE-2008-3473 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer 5.01/6/7 Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive information, via a crafted HTML document, aka "Event Handling Cross-Domain Vulnerability." | 9.3 |
2008-10-15 | CVE-2008-3471 | Microsoft | Out-of-bounds Write vulnerability in Microsoft products Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a BIFF file with a malformed record that triggers a user-influenced size calculation, aka "File Format Parsing Vulnerability." | 9.3 |
2008-10-14 | CVE-2008-4385 | Systemrequirementslab | Code Injection vulnerability in Systemrequirementslab System Requirements LAB 3 Husdawg, LLC Systems Requirements Lab 3, as used by Instant Expert Analysis, allows remote attackers to force the download and execution of arbitrary programs via by specifiying a malicious website argument to the Init method in (1) a certain ActiveX control (sysreqlab2.cab, sysreqlab.dll, sysreqlabsli.dll, or sysreqlab2.dll) and (2) a certain Java applet in RLApplet.class in sysreqlab2.jar or sysreqlab.jar. | 9.3 |
2008-10-14 | CVE-2008-4548 | Rtssentry | Buffer Errors vulnerability in Rtssentry 2.1.0.2 Stack-based buffer overflow in the PTZCamPanelCtrl ActiveX control (CamPanel.dll) in RTS Sentry 2.1.0.2 allows remote attackers to execute arbitrary code via a long second argument to the ConnectServer method. | 9.3 |
2008-10-14 | CVE-2008-4547 | Dvrstation | Buffer Errors vulnerability in Dvrstation CMS 1.0.1.25 Heap-based buffer overflow in the PdvrAtl.PdvrOcx.1 ActiveX control (pdvratl.dll) in DVRHOST Web CMS OCX 1.0.1.25 allows remote attackers to execute arbitrary code via a long second argument to the TimeSpanFormat method. | 9.3 |
2008-10-15 | CVE-2008-1446 | Microsoft | Integer Overflow OR Wraparound vulnerability in Microsoft Internet Information Services Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability." | 9.0 |
2008-10-13 | CVE-2008-3544 | HP | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Openview Network Node Manager Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, and possibly 7.01, 7.50, and 7.53, allow remote attackers to execute arbitrary code via a long (1) REQUEST_SEV_CHANGE (aka number 47), (2) REQUEST_SAVE_STATE (aka number 61), or (3) REQUEST_RESTORE_STATE (aka number 62) request to TCP port 2954. | 9.0 |
28 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-10-15 | CVE-2008-3475 | Microsoft | Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer 5.01/6/7.0 Microsoft Internet Explorer 6 does not properly handle errors related to using the componentFromPoint method on xml objects that have been (1) incorrectly initialized or (2) deleted, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Uninitialized Memory Corruption Vulnerability." | 8.8 |
2008-10-14 | CVE-2008-4555 | Graphviz | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Graphviz Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements. | 8.5 |
2008-10-15 | CVE-2008-4576 | Linux | Improper Authentication vulnerability in Linux Kernel sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires. | 7.8 |
2008-10-13 | CVE-2008-3545 | HP | Denial of Service vulnerability in HP OpenView Network Node Manager 'ovtopmd' Variant Unspecified vulnerability in ovtopmd in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3536, CVE-2008-3537, and CVE-2008-3544. | 7.8 |
2008-10-18 | CVE-2008-4606 | IP REG | SQL Injection vulnerability in IP REG IP REG 0.3 Multiple SQL injection vulnerabilities in IP Reg 0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) location_id parameter to locationdel.php and (2) vlan_id parameter to vlanedit.php. | 7.5 |
2008-10-18 | CVE-2008-4605 | Cafeengine | SQL Injection vulnerability in Cafeengine Easycafeengine 1.1 SQL injection vulnerability in CafeEngine allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) dish.php and (2) menu.php. | 7.5 |
2008-10-18 | CVE-2008-4604 | Cafeengine | SQL Injection vulnerability in Cafeengine Easycafeengine 1.1 SQL injection vulnerability in index.php in Easy CafeEngine 1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter. | 7.5 |
2008-10-18 | CVE-2008-4603 | Igaming | SQL Injection vulnerability in Igaming CMS 2.0 SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action. | 7.5 |
2008-10-18 | CVE-2008-4600 | Steve Dawson | Permissions, Privileges, and Access Controls vulnerability in Steve Dawson Pokermax Poker League Tournament Script 0.13 configure.php in PokerMax Poker League Tournament Script 0.13 allows remote attackers to bypass authentication and gain administrative access by setting the ValidUserAdmin cookie. | 7.5 |
2008-10-18 | CVE-2008-4599 | Mosaic Commerce | SQL Injection vulnerability in Mosaic Commerce Mosaic Commerce SQL injection vulnerability in category.php in Mosaic Commerce allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2008-10-17 | CVE-2008-4598 | Drupal | Cross-Site Scripting vulnerability in Drupal Shindig-Integrator 5 Unspecified vulnerability in Shindig-Integrator 5.x, a module for Drupal, has unspecified impact and remote attack vectors related to "numerous flaws" that are not related to XSS or access control, a different vulnerability than CVE-2008-4596 and CVE-2008-4597. | 7.5 |
2008-10-17 | CVE-2008-4597 | Drupal | Permissions, Privileges, and Access Controls vulnerability in Drupal Shindig-Integrator 5 Shindig-Integrator 5.x, a module for Drupal, does not properly restrict generated page access, which allows remote attackers to gain privileges via unspecified vectors. | 7.5 |
2008-10-16 | CVE-2008-4590 | Stash | SQL Injection vulnerability in Stash 1.0.3 Multiple SQL injection vulnerabilities in Stash 1.0.3 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to admin/login.php and (2) the post parameter to admin/news.php. | 7.5 |
2008-10-15 | CVE-2008-4585 | Belong Software | Permissions, Privileges, and Access Controls vulnerability in Belong Software Site Builder 0.1 Belong Software Site Builder 0.1 beta allows remote attackers to bypass intended access restrictions and perform administrative actions via a direct request to admin/home.php. | 7.5 |
2008-10-15 | CVE-2008-4583 | Chilkat Software | Insecure Method vulnerability in Chilkat Software FTP 2.0 Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX component (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname in the SavePkcs8File method. | 7.5 |
2008-10-15 | CVE-2008-4577 | Dovecot Fedoraproject Opensuse Canonical | Incorrect Authorization vulnerability in multiple products The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions. | 7.5 |
2008-10-15 | CVE-2008-4574 | Aspindir | SQL Injection vulnerability in Aspindir Ayco Okul Portali SQL injection vulnerability in default.asp in Ayco Okul Portali allows remote attackers to execute arbitrary SQL commands via the linkid parameter. | 7.5 |
2008-10-15 | CVE-2008-4573 | Aspindir | SQL Injection vulnerability in Aspindir Munzursoft web Portal W3 SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal W3 allows remote attackers to execute arbitrary SQL commands via the kat parameter. | 7.5 |
2008-10-15 | CVE-2008-4570 | Real Estate Scripts | SQL Injection vulnerability in Real-Estate-Scripts SQL injection vulnerability in index.php in Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter. | 7.5 |
2008-10-15 | CVE-2008-4569 | Xigla | SQL Injection vulnerability in Xigla Absolute Poll Manager XE 4.1 SQL injection vulnerability in xlacomments.asp in XIGLA Software Absolute Poll Manager XE 4.1 allows remote attackers to execute arbitrary SQL commands via the p parameter. | 7.5 |
2008-10-14 | CVE-2008-3639 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Cups Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count. | 7.5 |
2008-10-14 | CVE-2008-4552 | NFS | Permissions, Privileges, and Access Controls vulnerability in NFS Nfs-Utils The good_client function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hosts_ctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions. | 7.5 |
2008-10-15 | CVE-2008-4589 | Lenovo | Buffer Errors vulnerability in Lenovo Resuce and Recovery 4.20/4.20.0511/4.20.0512 Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo Rescue and Recovery 4.20, including 4.20.0511 and 4.20.0512, allows local users to execute arbitrary code via a long file name. | 7.2 |
2008-10-15 | CVE-2008-4553 | Qemu Debian | Link Following vulnerability in Qemu 0.9.15 qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories. | 7.2 |
2008-10-15 | CVE-2008-3464 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows 2003 Server and Windows XP afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, as demonstrated using crafted pointers and lengths that bypass intended ProbeForRead and ProbeForWrite restrictions, aka "AFD Kernel Overwrite Vulnerability." | 7.2 |
2008-10-15 | CVE-2008-2252 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft products The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate parameters sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability." | 7.2 |
2008-10-14 | CVE-2008-4441 | Linksys Marvell | Improper Input Validation vulnerability in Linksys Wap400N 1.2.14 The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of service (reboot or hang-up) via a malformed association request containing the WEP flag, as demonstrated by a request that is too short, a different vulnerability than CVE-2008-1144 and CVE-2008-1197. | 7.1 |
2008-10-13 | CVE-2008-4543 | Cisco | Resource Management Errors vulnerability in Cisco Unity Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to cause a denial of service (session exhaustion) via a large number of connections. | 7.1 |
49 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-10-15 | CVE-2008-4584 | Chilkat Software | Insecure Method vulnerability in Chilkat Software Mail 7.8 Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname to the SaveLastError method. | 6.8 |
2008-10-15 | CVE-2008-4558 | Videolan | Resource Management Errors vulnerability in Videolan VLC Media Player 0.9.2 Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison. | 6.8 |
2008-10-14 | CVE-2008-4013 | Oracle | Unspecified vulnerability in Oracle BEA Product Suite Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 6.8 |
2008-10-14 | CVE-2008-4010 | Oracle | Unspecified vulnerability in Oracle BEA Product Suite Unspecified vulnerability in the WebLogic Workshop component in BEA Product Suite 10.3, 10.2, 10.0 MP1, 9.2 MP3, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to "some NetUI tags." | 6.8 |
2008-10-14 | CVE-2008-3640 | Apple | Numeric Errors vulnerability in Apple Cups Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow. | 6.8 |
2008-10-18 | CVE-2008-4602 | Qualityunit | Path Traversal vulnerability in Qualityunit Post Affiliate PRO 2.0 Directory traversal vulnerability in index.php in Post Affiliate Pro 2.0 allows remote authenticated users to read and possibly execute arbitrary local files via a .. | 6.5 |
2008-10-14 | CVE-2008-3989 | Oracle | Unspecified vulnerability in Oracle Database 10G 10.2.0.3 Unspecified vulnerability in the Oracle Data Mining component in Oracle Database 10.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability, related to DMSYS.ODM_MODEL_UTIL. | 6.5 |
2008-10-14 | CVE-2008-2624 | Oracle | Unspecified vulnerability in Oracle Database 10G 10.1.0.5 Unspecified vulnerability in the Oracle OLAP component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | 6.5 |
2008-10-14 | CVE-2008-4000 | Jdedwards Oracle | Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote attackers to affect confidentiality and integrity via unknown vectors. | 6.4 |
2008-10-14 | CVE-2008-3996 | Oracle | Unspecified vulnerability in Oracle Database 10G and Database 11I Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_CDC_IPUBLISH. | 5.5 |
2008-10-14 | CVE-2008-3995 | Oracle | Denial-Of-Service vulnerability in Oracle Database 10G and Database 11I Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_CDC_PUBLISH. | 5.5 |
2008-10-14 | CVE-2008-3994 | Oracle | Unspecified vulnerability in Oracle Database 10G, Database 11I and Database 9I Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM. | 5.5 |
2008-10-14 | CVE-2008-3992 | Oracle | Unspecified vulnerability in Oracle Database 10G 10.2.0.4 Unspecified vulnerability in the Oracle Data Mining component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to DMSYS.DBMS_DM_EXP_INTERNAL. | 5.5 |
2008-10-14 | CVE-2008-3984 | Oracle | Unspecified vulnerability in Oracle Database 10G, Database 11I and Database 9I Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3983. | 5.5 |
2008-10-14 | CVE-2008-3983 | Oracle | Unspecified vulnerability in Oracle Database 10G, Database 11I and Database 9I Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3984. | 5.5 |
2008-10-14 | CVE-2008-3982 | Oracle | Unspecified vulnerability in Oracle Database 10G, Database 11I and Database 9I Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3983 and CVE-2008-3984. | 5.5 |
2008-10-14 | CVE-2008-3976 | Oracle | Unspecified vulnerability in Oracle Database 10G and Database 9I Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-3413 and CVE-2009-3414. | 5.5 |
2008-10-14 | CVE-2008-4012 | Oracle | Unspecified vulnerability in Oracle Weblogic Workshop 8.1 Unspecified vulnerability in the WebLogic Workshop component in BEA Product Suite WLW 8.1SP5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to "some NetUI pageflows." | 5.1 |
2008-10-14 | CVE-2008-4009 | Oracle | Unspecified vulnerability in Oracle BEA Product Suite 9.1 Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.1, when configuring multiple authorizers, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 5.1 |
2008-10-17 | CVE-2008-4412 | HP | Information Exposure vulnerability in HP Systems Insight Manager Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2008-10-15 | CVE-2008-4578 | Dovecot | Permissions, Privileges, and Access Controls vulnerability in Dovecot The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes. | 5.0 |
2008-10-15 | CVE-2008-4575 | Sentex | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sentex Jhead Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to "a bunch of potential string overflows." | 5.0 |
2008-10-14 | CVE-2008-3988 | Oracle | Unspecified vulnerability in Oracle E-Business Suite 10.2/11.5/12.0.4 Unspecified vulnerability in the iSupplier Portal component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote attackers to affect confidentiality via unknown vectors. | 5.0 |
2008-10-14 | CVE-2008-3985 | Oracle | Unspecified vulnerability in Oracle E-Business Suite 12.0.4 Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 allows remote attackers to affect confidentiality via unknown vectors. | 5.0 |
2008-10-14 | CVE-2008-3977 | Oracle | Unspecified vulnerability in Oracle Application Server 10.1.2.3/9.0.4.3 Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 and 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2008-3975. | 5.0 |
2008-10-14 | CVE-2008-3975 | Oracle | Unspecified vulnerability in Oracle Application Server 10.1.2.3/9.0.4.3 Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 and 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2008-3977. | 5.0 |
2008-10-14 | CVE-2008-4400 | Broadcom CA | Improper Input Validation vulnerability in multiple products Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation." | 5.0 |
2008-10-14 | CVE-2008-4399 | Broadcom CA | Improper Input Validation vulnerability in multiple products Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation." | 5.0 |
2008-10-14 | CVE-2008-4398 | Broadcom CA | Improper Input Validation vulnerability in multiple products Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request. | 5.0 |
2008-10-14 | CVE-2008-4551 | Strongswan | Resource Management Errors vulnerability in Strongswan strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via an IKE_SA_INIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dereference for the return value of the mpz_export function in the GNU Multiprecision Library (GMP). | 5.0 |
2008-10-13 | CVE-2008-4544 | Cisco | Remote vulnerability in Cisco Unity 7.0 Unspecified vulnerability in an unspecified Microsoft API, as used by Cisco Unity and possibly other products, allows remote attackers to cause a denial of service by sending crafted packets to dynamic UDP ports, related to a "processing error." | 5.0 |
2008-10-14 | CVE-2008-4001 | Oracle | Unspecified vulnerability in Oracle JD Edwards Enterpriseone EP and Peoplesoft Enterprise Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne EP 8.9 and EP 9.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | 4.9 |
2008-10-14 | CVE-2008-3998 | Oracle | Unspecified vulnerability in Oracle E-Business Suite 12.0.4 Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | 4.9 |
2008-10-14 | CVE-2008-3980 | Oracle | Unspecified vulnerability in Oracle Database 10G 10.1.0.5/10.2.0.3 Unspecified vulnerability in the Upgrade component in Oracle Database 10.1.0.5 and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | 4.9 |
2008-10-18 | CVE-2008-4601 | Habari | Cross-Site Scripting vulnerability in Habari CMS 0.5.1 Cross-site scripting (XSS) vulnerability in the login feature in Habari CMS 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the habari_username parameter. | 4.3 |
2008-10-17 | CVE-2008-4596 | Drupal | Cross-Site Scripting vulnerability in Drupal Shindig-Integrator 5 Cross-site scripting (XSS) vulnerability in Shindig-Integrator 5.x, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in generated pages. | 4.3 |
2008-10-16 | CVE-2008-4591 | Phpwebgallery | Cross-Site Scripting vulnerability in PHPwebgallery 1.3.4 Multiple cross-site scripting (XSS) vulnerabilities in admin/include/isadmin.inc.php in PhpWebGallery 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) lang[access_forbiden] and (2) lang[ident_title] parameters. | 4.3 |
2008-10-15 | CVE-2008-4582 | Debian Mozilla Microsoft Canonical | Permissions, Privileges, and Access Controls vulnerability in multiple products Mozilla Firefox 3.0.1 through 3.0.3, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13, when running on Windows, do not properly identify the context of Windows .url shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information via an HTML document that is directly accessible through a filesystem, as demonstrated by documents in (1) local folders, (2) Windows share folders, and (3) RAR archives, and as demonstrated by IFRAMEs referencing shortcuts that point to (a) about:cache?device=memory and (b) about:cache?device=disk, a variant of CVE-2008-2810. | 4.3 |
2008-10-15 | CVE-2008-4571 | Plone | Cross-Site Scripting vulnerability in Plone Cross-site scripting (XSS) vulnerability in the LiveSearch module in Plone before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the Description field for search results, as demonstrated using the onerror Javascript even in an IMG tag. | 4.3 |
2008-10-15 | CVE-2008-4020 | Microsoft | Cross-Site Scripting vulnerability in Microsoft Office XP Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 allows remote attackers to inject arbitrary web script or HTML via a document that contains a "Content-Disposition: attachment" header and is accessed through a cdo: URL, which renders the content instead of raising a File Download dialog box, aka "Vulnerability in Content-Disposition Header Vulnerability." | 4.3 |
2008-10-14 | CVE-2008-4005 | Oracle | Unspecified vulnerability in Oracle Database 11I 11.1.0.6 Unspecified vulnerability in the Oracle Application Express component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | 4.3 |
2008-10-14 | CVE-2008-4003 | Oracle | Unspecified vulnerability in Oracle JD Edwards Enterpriseone and Peoplesoft Enterprise Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote attackers to affect confidentiality via unknown vectors. | 4.3 |
2008-10-14 | CVE-2008-4546 | Adobe | Resource Management Errors vulnerability in Adobe Flash Player Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers. | 4.3 |
2008-10-13 | CVE-2008-4411 | HP | Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663. | 4.3 |
2008-10-15 | CVE-2008-4581 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Enovia Smarteam 5 The Editor in IBM ENOVIA SmarTeam 5 before release 18 SP5, and release 19 before SP01, allows remote authenticated users to bypass intended access restrictions and read Document objects via the Workflow Process (aka Flow Process) view. | 4.0 |
2008-10-14 | CVE-2008-3991 | Oracle | Unspecified vulnerability in Oracle Database 10G and Database 9I Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3990. | 4.0 |
2008-10-14 | CVE-2008-3990 | Oracle | Unspecified vulnerability in Oracle Database 10G and Database 9I Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3991. | 4.0 |
2008-10-14 | CVE-2008-2625 | Oracle | Unspecified vulnerability in Oracle Database 10G and Database 9I Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. | 4.0 |
2008-10-13 | CVE-2008-4545 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Unity Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 uses weak permissions for the D:\CommServer\Reports directory, which allows remote authenticated users to obtain sensitive information by reading files in this directory. | 4.0 |
12 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-10-14 | CVE-2008-4002 | Oracle | Unspecified vulnerability in Oracle JD Edwards Enterpriseone and Peoplesoft Enterprise Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote authenticated users to affect confidentiality via unknown vectors. | 3.5 |
2008-10-14 | CVE-2008-3993 | Oracle | Unspecified vulnerability in Oracle E-Business Suite 10.2/11.5/12.0.4 Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote authenticated users to affect integrity via unknown vectors. | 3.5 |
2008-10-13 | CVE-2008-4542 | Cisco | Cross-Site Scripting vulnerability in Cisco Unity Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2(1)ES162, 5.x before 5.0(1)ES56, and 7.x before 7.0(2)ES8 allows remote authenticated administrators to inject arbitrary web script or HTML by entering it in the database (aka data store). | 3.5 |
2008-10-14 | CVE-2008-4004 | Jdedwards Oracle | Unspecified vulnerability in the JDE EnterpriseOne Business Service Server component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.2 and 8.98.0.1 allows local users to affect confidentiality and integrity via unknown vectors. | 3.2 |
2008-10-14 | CVE-2008-4549 | Imageshack | Improper Input Validation vulnerability in Imageshack Toolbar 4.5.7/4.5.7.69 The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in ImageShack Toolbar 4.5.7, possibly including 4.5.7.69, allows remote attackers to force the upload of arbitrary image files to the ImageShack site via a file: URI argument to the BuildSlideShow method. | 2.6 |
2008-10-14 | CVE-2008-4011 | Oracle | Unspecified vulnerability in Oracle BEA Product Suite Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote authenticated users to affect integrity via unknown vectors. | 2.1 |
2008-10-14 | CVE-2008-2588 | Oracle | Local Security vulnerability in Oracle Jdeveloper 10.1.2.2 Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 allows local users to affect confidentiality via unknown vectors. | 2.1 |
2008-10-13 | CVE-2008-4540 | HTC Microsoft | Credentials Management vulnerability in Microsoft Windows Mobile 6.0 Windows Mobile 6 on the HTC Hermes device makes WLAN passwords available to an auto-completion mechanism for the password input field, which allows physically proximate attackers to bypass password authentication and obtain WLAN access. | 2.1 |
2008-10-14 | CVE-2008-2619 | Oracle | Unspecified vulnerability in Oracle Application Server and E-Business Suite Unspecified vulnerability in the Oracle Reports Developer component in Oracle Application Server 1.0.2.2, 9.0.4.3, and 10.1.2.2, and E-Business Suite 11.5.10.2, allows remote authenticated users to affect availability via unknown vectors. | 1.7 |
2008-10-17 | CVE-2008-4593 | Apple | Information Exposure vulnerability in Apple Iphone 2.1 Apple iPhone 2.1 with firmware 5F136, when Require Passcode is enabled and Show SMS Preview is disabled, allows physically proximate attackers to obtain sensitive information by performing an Emergency Call tap and then reading SMS messages on the device screen, aka Apple bug number 6267416. | 1.2 |
2008-10-14 | CVE-2008-3987 | Oracle | Unspecified vulnerability in Oracle Application Server 10.1.2.3 Unspecified vulnerability in the Oracle Discoverer Desktop component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors. | 1.0 |
2008-10-14 | CVE-2008-3986 | Oracle | Unspecified vulnerability in Oracle Application Server 10.1.2.2/9.0.4.3 Unspecified vulnerability in the Oracle Discoverer Administrator component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows local users to affect confidentiality via unknown vectors. | 1.0 |