Weekly Vulnerabilities Reports > October 20 to 26, 2008
Overview
137 new vulnerabilities reported during this period, including 26 critical vulnerabilities and 50 high severity vulnerabilities. This weekly summary report vulnerabilities in 164 products from 93 vendors including Typo3, Wireshark, Wordpress, Opera, and IBM. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Path Traversal", "Code Injection", and "Improper Authentication".
- 131 reported vulnerabilities are remotely exploitables.
- 70 reported vulnerabilities have public exploit available.
- 81 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 126 reported vulnerabilities are exploitable by an anonymous user.
- Typo3 has the most reported vulnerabilities, with 7 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
26 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2008-10-24 | CVE-2008-4731 | Michael Christen | Multiple Unspecified vulnerability in YaCy Multiple unspecified vulnerabilities in YaCy before 0.61 have unknown impact and attack vectors. | 10.0 |
| 2008-10-23 | CVE-2008-4250 | Microsoft | Code Injection vulnerability in Microsoft products The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability." | 10.0 |
| 2008-10-23 | CVE-2008-3862 | Trend Micro | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Trend Micro Officescan 7.3/8.0 Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data, related to "parsing CGI requests." | 10.0 |
| 2008-10-23 | CVE-2008-2469 | Libspf | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Libspf Libspf2 Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 before 1.2.8 allows remote attackers to execute arbitrary code via a long DNS TXT record with a modified length field. | 10.0 |
| 2008-10-23 | CVE-2008-4704 | Mitre | Code Injection vulnerability in Mitre Sezhoo 0.1 PHP remote file inclusion vulnerability in SezHooTabsAndActions.php in SezHoo 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter. | 10.0 |
| 2008-10-22 | CVE-2008-4692 | IBM | Remote Security vulnerability in DB2 The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact and attack vectors. | 10.0 |
| 2008-10-22 | CVE-2008-4690 | Lynx | Unspecified vulnerability in Lynx lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. | 10.0 |
| 2008-10-22 | CVE-2008-4673 | Webbiscuits | Code Injection vulnerability in Webbiscuits Events Calendar 1.1 PHP remote file inclusion vulnerability in panel/common/theme/default/header_setup.php in WebBiscuits Software Events Calendar 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the (1) path[docroot] and (2) component parameters. | 10.0 |
| 2008-10-21 | CVE-2008-4641 | Sentex | Improper Input Validation vulnerability in Sentex Jhead The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input. | 10.0 |
| 2008-10-21 | CVE-2008-4631 | Myer Sound Laboratories | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Myer Sound Laboratories Muscle Stack-based buffer overflow in the Message::AddToString function in message/Message.cpp in MUSCLE before 4.40 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted message. | 10.0 |
| 2008-10-21 | CVE-2008-4630 | Midgard | Multiple Unspecified vulnerability in Midgard Components Framework 2.9/8.09.0 Multiple unspecified vulnerabilities in Midgard Components (MidCOM) Framework before 8.09.1 have unknown impact and attack vectors. | 10.0 |
| 2008-10-21 | CVE-2008-4619 | SUN | Unspecified vulnerability in SUN Sunos 5.9 The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8 in program 100000 (rpcbind), related to the XDR_DECODE operation and the taddr2uaddr function. | 10.0 |
| 2008-10-20 | CVE-2008-4615 | Portalapp | Remote Security vulnerability in Portalapp 4.0 Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors. | 10.0 |
| 2008-10-23 | CVE-2008-4695 | Opera | Information Exposure vulnerability in Opera Opera before 9.60 allows remote attackers to obtain sensitive information and have unspecified other impact by predicting the cache pathname of a cached Java applet and then launching this applet from the cache, leading to applet execution within the local-machine context. | 9.3 |
| 2008-10-23 | CVE-2008-4694 | Opera | Link Following vulnerability in Opera Browser Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a redirect that specifies a crafted URL. | 9.3 |
| 2008-10-23 | CVE-2008-4720 | Arzdev | Code Injection vulnerability in Arzdev Gemini Portal 4.7 Multiple PHP remote file inclusion vulnerabilities in The Gemini Portal 4.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) page/forums/bottom.php and (2) page/forums/category.php. | 9.3 |
| 2008-10-23 | CVE-2008-4719 | Openengine | Code Injection vulnerability in Openengine 2.0 PHP remote file inclusion vulnerability in cms/classes/openengine/filepool.php in openEngine 2.0 beta2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the oe_classpath parameter, a different vector than CVE-2008-4329. | 9.3 |
| 2008-10-22 | CVE-2008-4699 | Microsoft | Insecure Method vulnerability in Microsoft Peachtree Accounting 2004 Insecure method vulnerability in the ActiveX control (PAWWeb11.ocx) in Peachtree Accounting 2004 allows remote attackers to execute arbitrary programs via the ExecutePreferredApplication method. | 9.3 |
| 2008-10-22 | CVE-2008-4664 | Qvod | Buffer Errors vulnerability in Qvod Player 1.0.1/2.0.1/2.5.1 Heap-based buffer overflow in QvodInsert.QvodCtrl.1 ActiveX control (QvodInsert.dll) in QVOD Player before 2.1.5 build 0053 allows remote attackers to execute arbitrary code via a long URL property. | 9.3 |
| 2008-10-22 | CVE-2008-4652 | Dart | Buffer Errors vulnerability in Dart Powertcp FTP for Activex 2.0.2.0 Buffer overflow in the ActiveX control (DartFtp.dll) in Dart Communications PowerTCP FTP for ActiveX 2.0.2 0 allows remote attackers to execute arbitrary code via a long SecretKey property. | 9.3 |
| 2008-10-21 | CVE-2008-4624 | Ftrsoft | Code Injection vulnerability in Ftrsoft Fast Click SQL Lite 1.1.7 PHP remote file inclusion vulnerability in init.php in Fast Click SQL Lite 1.1.7, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the CFG[CDIR] parameter. | 9.3 |
| 2008-10-24 | CVE-2008-4726 | Goodtechsystems | Buffer Errors vulnerability in Goodtechsystems Goodtech SSH 6.4 Stack-based buffer overflow in the SFTP subsystem in GoodTech SSH 6.4 allows remote authenticated users to execute arbitrary code via a long string to the (1) open (aka SSH_FXP_OPEN), (2) unlink, (3) opendir, and other unspecified parameters. | 9.0 |
| 2008-10-23 | CVE-2008-4722 | SUN | Improper Authentication vulnerability in SUN products Unspecified vulnerability in Sun Integrated Lights-Out Manager (ILOM) 2.0.1.5 through 2.0.4.26 allows remote authenticated users to (1) access the service processor (SP) and cause a denial of service (shutdown or reboot), or (2) access the host operating system and have an unspecified impact, via unknown vectors. | 9.0 |
| 2008-10-22 | CVE-2008-4687 | Mantis | Code Injection vulnerability in Mantis manage_proj_page.php in Mantis before 1.1.4 allows remote authenticated users to execute arbitrary code via a sort parameter containing PHP sequences, which are processed by create_function within the multi_sort function in core/utility_api.php. | 9.0 |
| 2008-10-22 | CVE-2008-4668 | Joomla | Path Traversal vulnerability in Joomla COM Imagebrowser 0.1.5 Directory traversal vulnerability in the Image Browser (com_imagebrowser) 0.1.5 component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. | 9.0 |
| 2008-10-22 | CVE-2008-4645 | Phpwebgallery | Code Injection vulnerability in PHPwebgallery plugins/event_tracer/event_list.php in PhpWebGallery 1.7.2 and earlier allows remote authenticated administrators to execute arbitrary PHP code via PHP sequences in the sort parameter, which is processed by create_function. | 9.0 |
50 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2008-10-24 | CVE-2008-4735 | Coastal | Code Injection vulnerability in Coastal Coast 0.95 PHP remote file inclusion vulnerability in header.php in Concord Asset, Software, and Ticket system (CoAST) 0.95 allows remote attackers to execute arbitrary PHP code via a URL in the sections_file parameter. | 8.5 |
| 2008-10-23 | CVE-2008-3817 | Cisco | Resource Management Errors vulnerability in Cisco products Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets, related to the "initialization code for the hardware crypto accelerator." | 7.8 |
| 2008-10-23 | CVE-2008-3816 | Cisco | Denial of Service vulnerability in Cisco products Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet. | 7.8 |
| 2008-10-22 | CVE-2008-4678 | IBM | Resource Management Errors vulnerability in IBM Websphere Application Server The HTTP_Request_Parser method in the HTTP Transport component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 allows remote attackers to cause a denial of service (controller 0C4 abend and application hang) via a long HTTP Host header, related to "storage overlay" on the stack and a "parse failure." | 7.8 |
| 2008-10-23 | CVE-2008-3863 | GNU | Buffer Errors vulnerability in GNU Enscript 1.6.1/1.6.4 Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command. | 7.6 |
| 2008-10-24 | CVE-2008-4738 | Tufat | SQL Injection vulnerability in Tufat Mycard 1.0.2 SQL injection vulnerability in gallery.php in MyCard 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-10-24 | CVE-2008-4736 | Aves | SQL Injection vulnerability in Aves RPG Board 0.0.8/0.8 SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the showtopic parameter. | 7.5 |
| 2008-10-24 | CVE-2008-4734 | Pressography Wordpress | Cross-Site Request Forgery (CSRF) vulnerability in Pressography WP Comment Remix Plugin 1.4 Cross-site request forgery (CSRF) vulnerability in the wpcr_do_options_page function in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to perform unauthorized actions as administrators via a request that sets the wpcr_hidden_form_input parameter. | 7.5 |
| 2008-10-24 | CVE-2008-4732 | Pressography Wordpress | SQL Injection vulnerability in Pressography WP Comment Remix Plugin 1.4 SQL injection vulnerability in ajax_comments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter. | 7.5 |
| 2008-10-23 | CVE-2008-4721 | PHP Jabbers | Information Exposure vulnerability in PHP Jabbers Post Comment 2.0 PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to "logged." | 7.5 |
| 2008-10-23 | CVE-2008-4718 | X7 Group | Path Traversal vulnerability in X7 Group X7 Chat Directory traversal vulnerability in help/mini.php in X7 Chat 2.0.1 A1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the help_file parameter, a different vector than CVE-2006-2156. | 7.5 |
| 2008-10-23 | CVE-2008-4717 | Zeeways | SQL Injection vulnerability in Zeeways Zeelyrics 2.0 SQL injection vulnerability in bannerclick.php in ZEELYRICS 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter. | 7.5 |
| 2008-10-23 | CVE-2008-4716 | Scriptdemo | SQL Injection vulnerability in Scriptdemo PHP-Lance 1.52 SQL injection vulnerability in show.php in BitmixSoft PHP-Lance 1.52 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |
| 2008-10-23 | CVE-2008-4715 | Jpad Project | SQL Injection vulnerability in Jpad Project Jpad 1.0 SQL injection vulnerability in the Jpad (com_jpad) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. | 7.5 |
| 2008-10-23 | CVE-2008-4714 | Atomic Photo Album | Improper Authentication vulnerability in Atomic Photo Album Atomic Photo Album 1.1.0 Atomic Photo Album 1.1.0 pre4 does not properly handle the apa_cookie_login and apa_cookie_password cookies, which probably allows remote attackers to bypass authentication and gain administrative access via modified cookies. | 7.5 |
| 2008-10-23 | CVE-2008-4713 | 212Cafe | SQL Injection vulnerability in 212Cafe 212Cafeboard 0.07 SQL injection vulnerability in view.php in 212cafe Board 0.07 allows remote attackers to execute arbitrary SQL commands via the qID parameter. | 7.5 |
| 2008-10-23 | CVE-2008-4709 | Pilot Group | SQL Injection vulnerability in Pilot Group Etraining SQL injection vulnerability in news_read.php in Pilot Group (PG) eTraining allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-10-23 | CVE-2008-4708 | Sylvain Pasquet | Improper Authentication vulnerability in Sylvain Pasquet Bbzl.PHP 0.92 BbZL.PhP 0.92 allows remote attackers to bypass authentication and gain administrative access by setting the phorum_admin_session cookie to 1. | 7.5 |
| 2008-10-23 | CVE-2008-4706 | Vbulletin | SQL Injection vulnerability in Vbulletin Vbgooglemap 1.0.3 SQL injection vulnerability in VBGooglemap Hotspot Edition 1.0.3, a vBulletin module, allows remote attackers to execute arbitrary SQL commands via the mapid parameter in a showdetails action to (1) vbgooglemaphse.php and (2) mapa.php. | 7.5 |
| 2008-10-23 | CVE-2008-4705 | Phponlinedatingsoftware | SQL Injection vulnerability in PHPonlinedatingsoftware Myphpdating 1.0 SQL injection vulnerability in success_story.php in php Online Dating Software MyPHPDating allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-10-23 | CVE-2008-4703 | Bosdev | SQL Injection vulnerability in Bosdev Bosnews 4 SQL injection vulnerability in news.php in BosDev BosNews 4.0 allows remote attackers to execute arbitrary SQL commands via the article parameter. | 7.5 |
| 2008-10-22 | CVE-2008-4702 | Phpwebgallery | Path Traversal vulnerability in PHPwebgallery 1.3.4 Multiple directory traversal vulnerabilities in PhpWebGallery 1.3.4 allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2008-10-22 | CVE-2008-4689 | Mantis | Improper Authentication vulnerability in Mantis Mantis before 1.1.3 does not unset the session cookie during logout, which makes it easier for remote attackers to hijack sessions. | 7.5 |
| 2008-10-22 | CVE-2008-4675 | Phpcounter | SQL Injection vulnerability in PHPcounter SQL injection vulnerability in index.php in PHPcounter 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | 7.5 |
| 2008-10-22 | CVE-2008-4667 | Arabcms | Path Traversal vulnerability in Arabcms 2.0 Directory traversal vulnerability in rss.php in ArabCMS 2.0 beta 1 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2008-10-22 | CVE-2008-4665 | Datingpro | SQL Injection vulnerability in Datingpro Matchmaking SQL injection vulnerability in PG Matchmaking allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) news_read.php and (2) gifts_show.php. | 7.5 |
| 2008-10-22 | CVE-2008-4660 | Typo3 | SQL Injection vulnerability in Typo3 M1 Intern 1.0.0 SQL injection vulnerability in the M1 Intern (m1_intern) 1.0.0 extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2008-10-22 | CVE-2008-4659 | Typo3 | SQL Injection vulnerability in Typo3 Mannschaftsliste SQL injection vulnerability in the Mannschaftsliste (kiddog_playerlist) 1.0.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2008-10-22 | CVE-2008-4658 | Typo3 | SQL Injection vulnerability in Typo3 Jobcontrol SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2008-10-22 | CVE-2008-4657 | Typo3 | SQL Injection vulnerability in Typo3 Econda Plugin 0.0.1 SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2008-10-22 | CVE-2008-4656 | Typo3 | SQL Injection vulnerability in Typo3 Frontend Users View 0.1.2/0.1.3 SQL injection vulnerability in the Frontend Users View (feusersview) 0.1.6 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2008-10-22 | CVE-2008-4655 | Typo3 | SQL Injection vulnerability in Typo3 Simplesurvey SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2008-10-22 | CVE-2008-4653 | Xoops | SQL Injection vulnerability in Xoops Makale 0.26 SQL injection vulnerability in makale.php in Makale 0.26 and possibly other versions, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-10-22 | CVE-2008-4650 | Mywebland | SQL Injection vulnerability in Mywebland Myevent 1.6 SQL injection vulnerability in viewevent.php in myEvent 1.6 allows remote attackers to execute arbitrary SQL commands via the eventdate parameter. | 7.5 |
| 2008-10-22 | CVE-2008-4649 | Elxis | Improper Authentication vulnerability in Elxis CMS 2008.1 Session fixation vulnerability in Elxis CMS 2008.1 revision 2204 allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | 7.5 |
| 2008-10-22 | CVE-2008-4647 | Sweetcms | SQL Injection vulnerability in Sweetcms 1.5.2 SQL injection vulnerability in index.php in sweetCMS 1.5.2 allows remote attackers to execute arbitrary SQL commands via the page parameter. | 7.5 |
| 2008-10-22 | CVE-2008-4644 | Mywebland | Permissions, Privileges, and Access Controls vulnerability in Mywebland Mystats hits.php in myWebland myStats allows remote attackers to bypass IP address restrictions via a modified X-Forwarded-For HTTP header. | 7.5 |
| 2008-10-22 | CVE-2008-4643 | Mywebland | SQL Injection vulnerability in Mywebland Mystats SQL injection vulnerability in hits.php in myWebland myStats allows remote attackers to execute arbitrary SQL commands via the sortby parameter. | 7.5 |
| 2008-10-21 | CVE-2008-4642 | Astrospaces | SQL Injection vulnerability in Astrospaces 1.1.1 SQL injection vulnerability in profile.php in AstroSPACES 1.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action. | 7.5 |
| 2008-10-21 | CVE-2008-4628 | Mywebland | SQL Injection vulnerability in Mywebland Minibloggie 1.0 SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 allows remote attackers to execute arbitrary SQL commands via the post_id parameter. | 7.5 |
| 2008-10-21 | CVE-2008-4627 | Rgallery Woltlab | SQL Injection vulnerability in Rgallery Plugin 1.09 SQL injection vulnerability in the rGallery plugin 1.09 for WoltLab Burning Board (WBB) allows remote attackers to execute arbitrary SQL commands via the itemID parameter in the RGalleryImageWrapper page in index.php. | 7.5 |
| 2008-10-21 | CVE-2008-4625 | Shiftthis Wordpress | SQL Injection vulnerability in Shiftthis Shifthis Newsletter SQL injection vulnerability in stnl_iframe.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter, a different vector than CVE-2008-0683. | 7.5 |
| 2008-10-21 | CVE-2008-4623 | Martin Diphoorn Joomla | SQL Injection vulnerability in Martin Diphoorn COM Ds-Syndicate 1.1.1 SQL injection vulnerability in the DS-Syndicate (com_ds-syndicate) component 1.1.1 for Joomla allows remote attackers to execute arbitrary SQL commands via the feed_id parameter to index2.php. | 7.5 |
| 2008-10-21 | CVE-2008-4622 | Phpfastnews | Improper Authentication vulnerability in PHPfastnews 1.0.0 The isLoggedIn function in fastnews-code.php in phpFastNews 1.0.0 allows remote attackers to bypass authentication and gain administrative access by setting the fn-loggedin cookie to 1. | 7.5 |
| 2008-10-21 | CVE-2008-4621 | Zeescripts | SQL Injection vulnerability in Zeescripts Zeeproperty SQL injection vulnerability in bannerclick.php in ZeeScripts Zeeproperty allows remote attackers to execute arbitrary SQL commands via the adid parameter. | 7.5 |
| 2008-10-21 | CVE-2008-4620 | Mrbs | SQL Injection vulnerability in Mrbs SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.php and (3) week.php. | 7.5 |
| 2008-10-20 | CVE-2008-4617 | Pyxicom Joomla Mambo Foundation | SQL Injection vulnerability in Pyxicom Actualite 1.0 SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2008-10-20 | CVE-2008-4614 | Portalapp | Improper Authentication vulnerability in Portalapp 4.0 PortalApp 4.0 does not require authentication for (1) forums.asp and (2) content.asp, which allows remote attackers to create and delete forums, topics, and replies. | 7.5 |
| 2008-10-20 | CVE-2008-4613 | Portalapp | SQL Injection vulnerability in Portalapp 4.0 SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter. | 7.5 |
| 2008-10-20 | CVE-2008-4611 | PHP Arsivimiz | SQL Injection vulnerability in PHP Arsivimiz PHP Ziyaretci Defteri SQL injection vulnerability in index.php in PHP Arsivimiz Php Ziyaretci Defteri allows remote attackers to execute arbitrary SQL commands via the sayfa parameter. | 7.5 |
58 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2008-10-24 | CVE-2008-4739 | Plugspace | Path Traversal vulnerability in Plugspace 0.1 Directory traversal vulnerability in index.php in PlugSpace 0.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
| 2008-10-24 | CVE-2008-4729 | Hummingbird | Buffer Errors vulnerability in Hummingbird Exceed and Exceed Powersuite Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX control (hclxweb.dll) in Hummingbird Xweb ActiveX Control 13.0 and earlier allows remote attackers to execute arbitrary code via a long PlainTextPassword property. | 6.8 |
| 2008-10-23 | CVE-2008-4712 | Lnblog | Path Traversal vulnerability in Lnblog 0.8.0/0.8.1/0.8.2 Directory traversal vulnerability in pages/showblog.php in LnBlog 0.9.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
| 2008-10-23 | CVE-2008-4711 | Joovili | SQL Injection vulnerability in Joovili 2.1/3.0.6 SQL injection vulnerability in Joovili 3.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.blog.php, (2) view.event.php, (3) view.group.php, (4) view.music.php, (5) view.picture.php, and (6) view.video.php. | 6.8 |
| 2008-10-22 | CVE-2008-4701 | Liberiacms | SQL Injection vulnerability in Liberiacms Liberia CMS 1.00/1.10/1.11 SQL injection vulnerability in admin.php in Libera CMS 1.12, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_user cookie parameter, a different vector than CVE-2008-4700. | 6.8 |
| 2008-10-22 | CVE-2008-4700 | Liberiacms | SQL Injection vulnerability in Liberiacms Liberia CMS 1.00/1.10/1.11 SQL injection vulnerability in admin.php in Libera CMS 1.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the libera_staff_pass cookie parameter. | 6.8 |
| 2008-10-22 | CVE-2008-4679 | IBM | Improper Authentication vulnerability in IBM Websphere Application Server The Web Services Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when Certificate Store Collections is configured to use Certificate Revocation Lists (CRL), does not call the setRevocationEnabled method on the PKIXBuilderParameters object, which prevents the "Java security method" from checking the revocation status of X.509 certificates and allows remote attackers to bypass intended access restrictions via a SOAP message with a revoked certificate. | 6.8 |
| 2008-10-22 | CVE-2008-4676 | Citrix | Permissions, Privileges, and Access Controls vulnerability in Citrix Access Essentials, Presentation Server and Xenapp Unspecified vulnerability in Citrix XenApp (formerly Presentation Server) 4.5 Feature Pack 1 and earlier, Presentation Server 4.0, and Access Essentials 1.0, 1.5, and 2.0 allows local users to gain privileges via unknown attack vectors related to creating an unspecified file. | 6.8 |
| 2008-10-22 | CVE-2008-4674 | Conkurent | SQL Injection vulnerability in Conkurent Real Estate Manager SQL injection vulnerability in realestate-index.php in Conkurent Real Estate Manager 1.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in browse mode. | 6.8 |
| 2008-10-22 | CVE-2008-4666 | Deeserver | SQL Injection vulnerability in Deeserver Ultimate Webboard 3.00 SQL injection vulnerability in webboard.php in Ultimate Webboard 3.00 allows remote attackers to execute arbitrary SQL commands via the Category parameter. | 6.8 |
| 2008-10-22 | CVE-2008-4662 | Lokicms | Path Traversal vulnerability in Lokicms 0.3.4 Directory traversal vulnerability in admin.php in LokiCMS 0.3.4, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
| 2008-10-21 | CVE-2008-4632 | Kure | Path Traversal vulnerability in Kure 0.6.3 Multiple directory traversal vulnerabilities in index.php in Kure 0.6.3, when magic_quotes_gpc is disabled, allow remote attackers to read and possibly execute arbitrary local files via a .. | 6.8 |
| 2008-10-21 | CVE-2008-4626 | Zirkon BOX | Path Traversal vulnerability in Zirkon BOX Yappa-Ng 2.3.2 Directory traversal vulnerability in index.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 and possibly other versions through 2.3.3-beta0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
| 2008-10-22 | CVE-2008-4651 | Jetbox | SQL Injection vulnerability in Jetbox CMS 2.1 Multiple SQL injection vulnerabilities in Jetbox CMS 2.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) orderby parameter to admin/cms/images.php and the (2) nav_id parameter in an editrecord action to admin/cms/nav.php. | 6.0 |
| 2008-10-21 | CVE-2008-4633 | Drupal | SQL Injection vulnerability in Drupal Node Clone SQL injection vulnerability in Node Vote 5.x before 5.x-1.1 and 6.x before 6.x-1.0, a module for Drupal, when "Allow user to vote again" is enabled, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to a "previously cast vote." | 6.0 |
| 2008-10-23 | CVE-2008-4698 | Opera | Permissions, Privileges, and Access Controls vulnerability in Opera Browser Opera before 9.61 does not properly block scripts during preview of a news feed, which allows remote attackers to create arbitrary new feed subscriptions and read the contents of arbitrary feeds. | 5.8 |
| 2008-10-23 | CVE-2008-4707 | Sylvain Pasquet | Path Traversal vulnerability in Sylvain Pasquet Bbzl PHP 0.92 Directory traversal vulnerability in index.php in BbZL.PhP 0.92 allows remote attackers to access unauthorized directories via a .. | 5.0 |
| 2008-10-22 | CVE-2008-4693 | IBM | Information Exposure vulnerability in IBM DB2 The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 before FP2 writes sensitive information to the trace output, which allows attackers to obtain sensitive information by reading "PASSWORD-RELATED CONNECTION STRING KEYWORD VALUES." | 5.0 |
| 2008-10-22 | CVE-2008-4691 | IBM | Denial-Of-Service vulnerability in IBM DB2 8.2/9.1 Unspecified vulnerability in the SQLNLS_UNPADDEDCHARLEN function in the New Compiler (aka Starburst derived compiler) component in the server in IBM DB2 9.1 before FP6 allows attackers to cause a denial of service (segmentation violation and trap) via unknown vectors. | 5.0 |
| 2008-10-22 | CVE-2008-4688 | Mantis | Information Exposure vulnerability in Mantis core/string_api.php in Mantis before 1.1.3 does not check the privileges of the viewer before composing a link with issue data in the source anchor, which allows remote attackers to discover an issue's title and status via a request with a modified issue number. | 5.0 |
| 2008-10-22 | CVE-2008-4685 | Wireshark | Resource Management Errors vulnerability in Wireshark Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception. | 5.0 |
| 2008-10-22 | CVE-2008-4683 | Wireshark | Resource Management Errors vulnerability in Wireshark The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call. | 5.0 |
| 2008-10-22 | CVE-2008-4682 | Wireshark | Improper Input Validation vulnerability in Wireshark wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" that triggers a failed assertion. | 5.0 |
| 2008-10-21 | CVE-2008-4635 | Hisanaga Electric CO Xoops | Information Exposure vulnerability in Hisanaga Electric CO Hisa Cart Unspecified vulnerability in Hisanaga Electric Co, Ltd. | 5.0 |
| 2008-10-20 | CVE-2008-4616 | THE Spanner Wordpress | Improper Input Validation vulnerability in multiple products The SpamBam plugin for WordPress allows remote attackers to bypass restrictions and add blog comments by using server-supplied values to calculate a shared key. | 5.0 |
| 2008-10-20 | CVE-2008-4610 | Mplayer | Resource Management Errors vulnerability in Mplayer MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718. | 5.0 |
| 2008-10-21 | CVE-2008-4639 | Sentex | Unspecified vulnerability in Sentex Jhead jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | 4.6 |
| 2008-10-21 | CVE-2008-4638 | Symantec | Information Exposure vulnerability in Symantec Veritas File System 5.0/Unknown qioadmin in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and before 5.0 MP3 on Solaris, Linux, and AIX, allows local users to read arbitrary files by causing qioadmin to write a file's content to standard error in an error message. | 4.6 |
| 2008-10-21 | CVE-2008-3248 | Symantec | Information Exposure vulnerability in Symantec Veritas File System 5.0/Unknown qiomkfile in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and before 5.0 MP3 on Solaris, Linux, and AIX, does not initialize filesystem blocks during creation of a file, which allows local users to obtain sensitive information by creating and then reading files. | 4.6 |
| 2008-10-24 | CVE-2008-4733 | Pressography Wordpress | Cross-Site Scripting vulnerability in Pressography WP Comment Remix Plugin 1.4 Cross-site scripting (XSS) vulnerability in wpcommentremix.php in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the (1) replytotext, (2) quotetext, (3) originallypostedby, (4) sep, (5) maxtags, (6) tagsep, (7) tagheadersep, (8) taglabel, and (9) tagheaderlabel parameters. | 4.3 |
| 2008-10-24 | CVE-2008-4730 | Phpmyid | Cross-Site Scripting vulnerability in PHPmyid 0.9 Cross-site scripting (XSS) vulnerability in MyID.php in phpMyID 0.9 allows remote attackers to inject arbitrary web script or HTML via the openid_trust_root parameter and an inconsistent openid_return_to parameter, which is not properly handled in an error message. | 4.3 |
| 2008-10-24 | CVE-2008-4727 | Sungard | Cross-Site Scripting vulnerability in Sungard Banner Student 7.3 Cross-site scripting (XSS) vulnerability in the contact update page (ss/bwgkoemr.P_UpdateEmrgContacts) in SunGard Banner Student 7.3 allows remote attackers to inject arbitrary web script or HTML via the addr1 parameter. | 4.3 |
| 2008-10-23 | CVE-2008-4725 | Opera | Cross-Site Scripting vulnerability in Opera Browser 9.52 Cross-site scripting (XSS) vulnerability in Opera.dll in Opera 9.52 allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly escaped before storage in the History Search database (aka md.dat), a different vector than CVE-2008-4696. | 4.3 |
| 2008-10-23 | CVE-2008-4724 | Cross-Site Scripting vulnerability in Google Chrome 0.2.149.30 Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome 0.2.149.30 allow remote attackers to inject arbitrary web script or HTML via an ftp:// URL for an HTML document within a (1) JPG, (2) PDF, or (3) TXT file. | 4.3 | |
| 2008-10-23 | CVE-2008-4723 | Mozilla | Cross-Site Scripting vulnerability in Mozilla Firefox 3.0.1/3.0.2/3.0.3 Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 3.0.1 through 3.0.3 allow remote attackers to inject arbitrary web script or HTML via an ftp:// URL for an HTML document within a (1) JPG, (2) PDF, or (3) TXT file. | 4.3 |
| 2008-10-23 | CVE-2008-4697 | Opera | Cross-Site Scripting vulnerability in Opera Browser The Fast Forward feature in Opera before 9.61, when a page is located in a frame, executes a javascript: URL in the context of the outermost page instead of the page that contains this URL, which allows remote attackers to conduct cross-site scripting (XSS) attacks. | 4.3 |
| 2008-10-23 | CVE-2008-4696 | Opera | Cross-Site Scripting vulnerability in Opera Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the "optional fragment"), which is not properly escaped before storage in the History Search database (aka md.dat). | 4.3 |
| 2008-10-23 | CVE-2008-3815 | Cisco | Improper Authentication vulnerability in Cisco ASA 5500 and PIX Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors. | 4.3 |
| 2008-10-23 | CVE-2007-4349 | HP | Denial of Service vulnerability in HP OpenView Products Shared Trace Service RPC Request Handling The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference. | 4.3 |
| 2008-10-23 | CVE-2008-4710 | Drupal | Cross-Site Scripting vulnerability in Drupal Stock Module 6X Cross-site scripting (XSS) vulnerability in the stock quotes page in Stock 6.x before 6.x-1.0, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-10-22 | CVE-2008-4684 | Wireshark | Resource Management Errors vulnerability in Wireshark packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector. | 4.3 |
| 2008-10-22 | CVE-2008-4681 | Wireshark | Improper Input Validation vulnerability in Wireshark Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets. | 4.3 |
| 2008-10-22 | CVE-2008-4680 | Wireshark | Resource Management Errors vulnerability in Wireshark packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB). | 4.3 |
| 2008-10-22 | CVE-2008-4677 | VIM | Credentials Management vulnerability in VIM Netrw autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions before 133k for Vim 7.1.266, other 7.1 versions, and 7.2 stores credentials for an FTP session, and sends those credentials when attempting to establish subsequent FTP sessions to servers on different hosts, which allows remote FTP servers to obtain sensitive information in opportunistic circumstances by logging usernames and passwords. | 4.3 |
| 2008-10-22 | CVE-2008-4672 | Goodlyrics | Cross-Site Scripting vulnerability in Goodlyrics Lyrics Script Cross-site scripting (XSS) vulnerability in search_results.php in buymyscripts Lyrics Script allows remote attackers to inject arbitrary web script or HTML via the k parameter. | 4.3 |
| 2008-10-22 | CVE-2008-4671 | Wordpress | Cross-Site Scripting vulnerability in Wordpress MU Cross-site scripting (XSS) vulnerability in wp-admin/wp-blogs.php in Wordpress MU (WPMU) before 2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) s and (2) ip_address parameters. | 4.3 |
| 2008-10-22 | CVE-2008-4670 | ED Putal | Cross-Site Scripting vulnerability in ED Putal Clickbank Portal Cross-site scripting (XSS) vulnerability in search.php in Ed Pudol Clickbank Portal allows remote attackers to inject arbitrary web script or HTML via the search box. | 4.3 |
| 2008-10-22 | CVE-2008-4669 | DAN Fletcher | Cross-Site Scripting vulnerability in DAN Fletcher Recipe Script Cross-site scripting (XSS) vulnerability in search.php in Dan Fletcher Recipe Script allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. | 4.3 |
| 2008-10-22 | CVE-2008-4663 | Kumacchi | Cross-Site Scripting vulnerability in Kumacchi KS CGI Access LOG 1.44 Cross-site scripting (XSS) vulnerability in analysis.cgi 1.44, as used in K's CGI Access Log Kaiseki (1) jcode.pl and (2) Jcode.pm, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-10-22 | CVE-2008-4661 | Typo3 | Cross-Site Scripting vulnerability in Typo3 Page Improvements Cross-site scripting (XSS) vulnerability in the Page Improvements (sm_pageimprovements) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-10-22 | CVE-2008-4648 | Elxis | Cross-Site Scripting vulnerability in Elxis CMS 2008.1 Cross-site scripting (XSS) vulnerability in index.php in Elxis CMS 2008.1 revision 2204 allows remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO or the (2) option, (3) Itemid, (4) id, (5) task, (6) bid, and (7) contact_id parameters. | 4.3 |
| 2008-10-21 | CVE-2008-4637 | Cpcommerce | Cross-Site Scripting vulnerability in Cpcommerce Cross-site scripting (XSS) vulnerability in cpCommerce before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors in the advanced search feature. | 4.3 |
| 2008-10-21 | CVE-2008-4121 | Cpcommerce | Cross-Site Scripting vulnerability in Cpcommerce Multiple cross-site scripting (XSS) vulnerabilities in cpCommerce before 1.2.4 allow remote attackers to inject arbitrary web script or HTML via (1) the search parameter in a search.quick action to search.php and (2) the name parameter in a sendtofriend action to sendtofriend.php. | 4.3 |
| 2008-10-21 | CVE-2007-4350 | HP | Cross-Site Scripting vulnerability in HP Sitescope 9.0 Cross-site scripting (XSS) vulnerability in the management interface in HP SiteScope 9.0 build 911 allows remote attackers to inject arbitrary web script or HTML via an SNMP trap message. | 4.3 |
| 2008-10-21 | CVE-2008-4629 | Usagi | Cross-Site Scripting vulnerability in Usagi Mynets Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-10-21 | CVE-2008-1547 | Microsoft | Open Redirect vulnerability in Microsoft Exchange Server 2003 Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter. | 4.3 |
| 2008-10-20 | CVE-2008-4612 | Portalapp | Cross-Site Scripting vulnerability in Portalapp 4.0 Cross-site scripting (XSS) vulnerability in PortalApp 4.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter to (1) forums.asp and (2) content.asp. | 4.3 |
| 2008-10-20 | CVE-2007-6718 | Mplayer | Denial-Of-Service vulnerability in MPlayer MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and application crash) via (1) a malformed MP3 file, as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file, as demonstrated by lol-mplayer.ogg; (3) a malformed MPEG-1 file, as demonstrated by lol-mplayer.mpg; (4) a malformed MPEG-2 file, as demonstrated by lol-mplayer.m2v; (5) a malformed MPEG-4 AVI file, as demonstrated by lol-mplayer.avi; (6) a malformed FLAC file, as demonstrated by lol-mplayer.flac; (7) a malformed Ogg Theora file, as demonstrated by lol-mplayer.ogm; (8) a malformed WMV file, as demonstrated by lol-mplayer.wmv; or (9) a malformed AAC file, as demonstrated by lol-mplayer.aac. | 4.3 |
3 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2008-10-21 | CVE-2008-4640 | Sentex | Improper Input Validation vulnerability in Sentex Jhead The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final "z" character is replaced by a "t" character or (2) a final "t" character is replaced by a "z" character. | 3.6 |
| 2008-10-21 | CVE-2008-4634 | SIX Apart | Cross-Site Scripting vulnerability in SIX Apart Movable Type 4/4.20 Cross-site scripting (XSS) vulnerability in Movable Type 4 through 4.21 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to the administrative page, a different vulnerability than CVE-2008-4079. | 3.5 |
| 2008-10-22 | CVE-2008-4646 | Websense | Credentials Management vulnerability in Websense Enterpise 6.3.2 The Websense Reporter Module in Websense Enterprise 6.3.2 stores the SQL database system administrator password in plaintext in CreateDbInstall.log, which allows local users to gain privileges to the database. | 2.1 |