Weekly Vulnerabilities Reports > November 10 to 16, 2008
Overview
89 new vulnerabilities reported during this period, including 28 critical vulnerabilities and 28 high severity vulnerabilities. This weekly summary report vulnerabilities in 104 products from 63 vendors including Mozilla, Canonical, Debian, Adobe, and Novell. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Code Injection", and "Resource Management Errors".
- 80 reported vulnerabilities are remotely exploitables.
- 30 reported vulnerabilities have public exploit available.
- 40 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 85 reported vulnerabilities are exploitable by an anonymous user.
- Mozilla has the most reported vulnerabilities, with 11 reported vulnerabilities.
- Mozilla has the most reported critical vulnerabilities, with 6 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
28 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-11-14 | CVE-2008-5094 | Novell | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Edirectory Heap-based buffer overflow in the NDS Service in Novell eDirectory before 8.8 SP3 has unknown impact and attack vectors. | 10.0 |
2008-11-14 | CVE-2008-5092 | Novell | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Edirectory Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header. | 10.0 |
2008-11-14 | CVE-2008-5091 | Novell | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Edirectory Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an "invalid extensibleMatch filter." | 10.0 |
2008-11-14 | CVE-2008-5090 | Anelectron | Code Injection vulnerability in Anelectron Advanced Electron Forum Electron Inc. | 10.0 |
2008-11-13 | CVE-2008-5066 | Agaresmedia | Code Injection vulnerability in Agaresmedia Themesitescript 1.0 PHP remote file inclusion vulnerability in upload/admin/frontpage_right.php in Agares Media ThemeSiteScript 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter. | 10.0 |
2008-11-13 | CVE-2008-5063 | Otmanager | Code Injection vulnerability in Otmanager 2.4 PHP remote file inclusion vulnerability in Admin/ADM_Pagina.php in OTManager 2.4 allows remote attackers to execute arbitrary PHP code via a URL in the Tipo parameter. | 10.0 |
2008-11-13 | CVE-2008-5060 | Modernbill | Code Injection vulnerability in Modernbill Multiple PHP remote file inclusion vulnerabilities in ModernBill 4.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the DIR parameter to (1) export_batch.inc.php, (2) run_auto_suspend.cron.php, and (3) send_email_cache.php in include/scripts/; (4) include/misc/mod_2checkout/2checkout_return.inc.php; and (5) include/html/nettools.popup.php, different vectors than CVE-2006-4034 and CVE-2005-1054. | 10.0 |
2008-11-13 | CVE-2008-5053 | Joomla | Code Injection vulnerability in Joomla COM Rssreader 1.0 PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader (com_rssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | 10.0 |
2008-11-13 | CVE-2008-5052 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger memory corruption, as demonstrated by e4x/extensions/regress-410192.js. | 10.0 |
2008-11-13 | CVE-2008-5018 | Mozilla Debian Canonical | Resource Management Errors vulnerability in multiple products The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to "insufficient class checking" in the Date class. | 10.0 |
2008-11-13 | CVE-2008-5017 | Mozilla Debian Canonical | Numeric Errors vulnerability in multiple products Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors. | 10.0 |
2008-11-13 | CVE-2008-5014 | Mozilla Debian Canonical | Improper Input Validation vulnerability in multiple products jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying the window.__proto__.__proto__ object in a way that causes a lock on a non-native object, which triggers an assertion failure related to the OBJ_IS_NATIVE function. | 10.0 |
2008-11-13 | CVE-2008-5045 | Network Client COM | Buffer Errors vulnerability in Network-Client.Com FTP NOW 2.6 Heap-based buffer overflow in Network-Client FTP Now 2.6, and possibly other versions, allows remote FTP servers to cause a denial of service (crash) via a 200 server response that is exactly 1024 characters long. | 10.0 |
2008-11-10 | CVE-2008-5031 | Python | Numeric Errors vulnerability in Python Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. | 10.0 |
2008-11-10 | CVE-2008-5030 | Libcaudio | Buffer Errors vulnerability in Libcaudio 0.99.12P2 Heap-based buffer overflow in the cddb_read_disc_data function in cddb.c in libcdaudio 0.99.12p2 allows remote CDDB servers to execute arbitrary code via long CDDB data. | 10.0 |
2008-11-10 | CVE-2008-5010 | SUN | Remote Code Execution vulnerability in SUN Opensolaris and Solaris in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805. | 10.0 |
2008-11-12 | CVE-2008-5038 | Novell | Use After Free vulnerability in Novell Edirectory Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852. | 9.8 |
2008-11-14 | CVE-2008-5089 | Datadynamics | Insecure Method vulnerability in Datadynamics Activereports 2.5.0.1314 Multiple insecure method vulnerabilities in the DDActiveReportsViewer2.ARViewer2 ActiveX control (arview2.ocx) in Data Dynamics ActiveReports 2.5.0.1314 allow remote attackers to overwrite arbitrary files via a call to the (1) Pages.Save, (2) PrintReport, or (3) Canvas.Save method. | 9.3 |
2008-11-14 | CVE-2008-5073 | Novell | Buffer Errors vulnerability in Novell Zenworks Desktop Management 6.5 Heap-based buffer overflow in an ActiveX control in Novell ZENworks Desktop Management 6.5 allows remote attackers to execute arbitrary code via a long argument to the CanUninstall method. | 9.3 |
2008-11-13 | CVE-2008-5013 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do not properly check when the Flash module has been dynamically unloaded properly, which allows remote attackers to execute arbitrary code via a crafted SWF file that "dynamically unloads itself from an outside JavaScript function," which triggers an access of an expired memory address. | 9.3 |
2008-11-13 | CVE-2008-0017 | Mozilla Canonical Debian | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check for an allocation failure, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP index response with a crafted 200 header, which triggers memory corruption and a buffer overflow. | 9.3 |
2008-11-13 | CVE-2008-5050 | Clam Anti Virus | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Clam Anti-Virus Clamav Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow. | 9.3 |
2008-11-10 | CVE-2008-4387 | SAP Simba Technologies Microsoft | Code Injection vulnerability in multiple products Unspecified vulnerability in the Simba MDrmSap ActiveX control in mdrmsap.dll in SAP SAPgui allows remote attackers to execute arbitrary code via unknown vectors involving instantiation by Internet Explorer. | 9.3 |
2008-11-10 | CVE-2008-5008 | Mega Nerd | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mega-Nerd Secret Rabbit Code Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or libsamplerate) before 0.1.4, when "extreme low conversion ratios" are used, allows user-assisted attackers to have an unknown impact via a crafted audio file. | 9.3 |
2008-11-10 | CVE-2008-5002 | Chilkat Software | Improper Input Validation vulnerability in Chilkat Software Chilkat Crypt Activex Control 2.1 Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control (ChilkatCrypt2.dll 4.3.2.1) in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the WriteFile method. | 9.3 |
2008-11-10 | CVE-2008-5001 | Ultravnc | Buffer Errors vulnerability in Ultravnc 1.0.2/1.0.4 Multiple stack-based buffer overflows in multiple functions in vncviewer/FileTransfer.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.4 before 01252008, when in LISTENING mode or when using the DSM plugin, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified parameters, a different issue than CVE-2008-0610. | 9.3 |
2008-11-10 | CVE-2008-4281 | Vmware | Path Traversal vulnerability in VMWare ESX and Esxi Directory traversal vulnerability in VMWare ESXi 3.5 before ESXe350-200810401-O-UG and ESX 3.5 before ESX350-200810201-UG allows administrators with the Datastore.FileManagement privilege to gain privileges via unknown vectors. | 9.3 |
2008-11-14 | CVE-2008-5071 | Yoxel | Code Injection vulnerability in Yoxel Multiple eval injection vulnerabilities in itpm_estimate.php in Yoxel 1.23beta and earlier allow remote authenticated users to execute arbitrary PHP code via the proj_id parameter. | 9.0 |
28 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-11-14 | CVE-2008-5097 | Myfwb | SQL Injection vulnerability in Myfwb 1.0 SQL injection vulnerability in index.php in MyFWB 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | 7.5 |
2008-11-14 | CVE-2008-5088 | Knowledgebase Script | SQL Injection vulnerability in Knowledgebase-Script PHPkb Knowledge Base Software 1.5 Multiple SQL injection vulnerabilities in PHPKB Knowledge Base Software 1.5 Professional allow remote attackers to execute arbitrary SQL commands via the ID parameter to (1) email.php and (2) question.php, a different vector than CVE-2008-1909. | 7.5 |
2008-11-14 | CVE-2008-5087 | Typo3 | SQL Injection vulnerability in Typo3 Another Backend Login 0.0.1/0.0.2 SQL injection vulnerability in TYPO3 Another Backend Login (wrg_anotherbelogin) extension before 0.0.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2008-11-14 | CVE-2008-5074 | PHP Fusion | SQL Injection vulnerability in PHP-Fusion Freshlinks Module 1.0 SQL injection vulnerability in index.php in the Freshlinks 1.0 RC1 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the linkid parameter. | 7.5 |
2008-11-14 | CVE-2008-5070 | PRO Chat Rooms | SQL Injection vulnerability in PRO Chat Rooms PRO Chat Rooms 3.0.3 SQL injection vulnerability in Pro Chat Rooms 3.0.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the gud parameter to (1) profiles/index.php and (2) profiles/admin.php. | 7.5 |
2008-11-14 | CVE-2008-5069 | Deeserver | SQL Injection vulnerability in Deeserver Panuwat Promoteweb Mysql SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2008-11-13 | CVE-2008-5065 | Easy Script | Improper Authentication vulnerability in Easy-Script Tlguesbook 1.2 TlGuestBook 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the tlGuestBook_login cookie to admin. | 7.5 |
2008-11-13 | CVE-2008-5064 | H H | SQL Injection vulnerability in H&H Websoccer 2.80 SQL injection vulnerability in liga.php in H&H WebSoccer 2.80 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2008-11-13 | CVE-2008-5058 | Preproject | SQL Injection vulnerability in Preproject PRE Simple CMS SQL injection vulnerability in siteadmin/loginsucess.php in Pre Simple CMS allows remote attackers to execute arbitrary SQL commands via the user parameter, as reachable from siteadmin/adminlogin.php. | 7.5 |
2008-11-13 | CVE-2008-5057 | Aspindir | SQL Injection vulnerability in Aspindir Dizi Portali SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the film parameter. | 7.5 |
2008-11-13 | CVE-2008-5055 | Activecampaign | SQL Injection vulnerability in Activecampaign Triolive SQL injection vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to execute arbitrary SQL commands via the department_id parameter to index.php. | 7.5 |
2008-11-13 | CVE-2008-5054 | Develop IT Easy | SQL Injection vulnerability in Develop IT Easy Membership System 1.3 Multiple SQL injection vulnerabilities in Develop It Easy Membership System 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameters to customer_login.php and the (3) user_name and (4) user_pass parameters to admin/index.php. | 7.5 |
2008-11-13 | CVE-2008-5024 | Mozilla Debian Canonical | XML Injection (Aka Blind Xpath Injection) vulnerability in multiple products Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document. | 7.5 |
2008-11-13 | CVE-2008-5023 | Mozilla Debian Canonical | Improper Input Validation vulnerability in multiple products Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file. | 7.5 |
2008-11-13 | CVE-2008-5022 | Mozilla Debian Canonical | Improper Authentication vulnerability in multiple products The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass the inner window check. | 7.5 |
2008-11-13 | CVE-2008-5051 | Jooblog Joomla | SQL Injection vulnerability in Jooblog 1.1 SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PostID parameter to index.php. | 7.5 |
2008-11-13 | CVE-2008-5047 | Mole Group | SQL Injection vulnerability in Mole Group Rental Script SQL injection vulnerability in admin/index.php in Mole Group Rental Script allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2008-11-13 | CVE-2008-5046 | Mole Group | SQL Injection vulnerability in Mole Group Pizza Script SQL injection vulnerability in index.php in Mole Group Pizza Script allows remote attackers to execute arbitrary SQL commands via the manufacturers_id parameter. | 7.5 |
2008-11-12 | CVE-2008-5042 | Zeeways | Improper Authentication vulnerability in Zeeways Photovideotube Zeeways PhotoVideoTube 1.1 and earlier allows remote attackers to bypass authentication and perform administrative tasks via a direct request to admin/home.php. | 7.5 |
2008-11-12 | CVE-2008-5041 | Sweex | Permissions, Privileges, and Access Controls vulnerability in Sweex Ro002 Router Ts03072 Sweex RO002 Router with firmware Ts03-072 has "rdc123" as its default password for the "rdc123" account, which makes it easier for remote attackers to obtain access. | 7.5 |
2008-11-12 | CVE-2008-5040 | Graphiks | Improper Authentication vulnerability in Graphiks Myforum 1.3 Graphiks MyForum 1.3 allows remote attackers to bypass authentication and gain administrative access by setting the (1) myforum_login and (2) myforum_pass cookies to 1. | 7.5 |
2008-11-12 | CVE-2008-5037 | Elkagroup | SQL Injection vulnerability in Elkagroup Image Gallery 1.0 SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2008-11-10 | CVE-2008-5004 | Mywebland | SQL Injection vulnerability in Mywebland Bloggie Lite 0.0.2 SQL injection vulnerability in genscode.php in myWebland Bloggie Lite 0.0.2 beta allows remote attackers to execute arbitrary SQL commands via a crafted cookie. | 7.5 |
2008-11-10 | CVE-2008-5003 | Shahrood | SQL Injection vulnerability in Shahrood SQL injection vulnerability in ndetail.php in Shahrood allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2008-11-13 | CVE-2008-5049 | Isecsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Isecsoft Anti-Keylogger Elite Buffer overflow in AKEProtect.sys 3.3.3.0 in ISecSoft Anti-Keylogger Elite 3.3.0 and earlier, and possibly other versions including 3.3.3, allows local users to gain privileges via long inputs to the (1) 0x002224A4, (2) 0x002224C0, and (3) 0x002224CC IOCTL. | 7.2 |
2008-11-13 | CVE-2008-5048 | Isecsoft | Buffer Errors vulnerability in Isecsoft Anti-Trojan Elite 4.1.9/4.2.0/4.2.1 Buffer overflow in Atepmon.sys in ISecSoft Anti-Trojan Elite 4.2.1 and earlier, and possibly 4.2.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via long inputs to the 0x00222494 IOCTL. | 7.2 |
2008-11-10 | CVE-2008-4831 | Adobe | Permissions, Privileges, and Access Controls vulnerability in Adobe Coldfusion 7.2/8.0/8.0.1 Unspecified vulnerability in Adobe ColdFusion 8 and 8.0.1 and ColdFusion MX 7.0.2 allows local users to bypass sandbox restrictions, and obtain sensitive information or possibly gain privileges, via unknown vectors. | 7.2 |
2008-11-10 | CVE-2008-4820 | Microsoft Adobe | Information Exposure vulnerability in Adobe Flash Player Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player 9.0.124.0 and earlier on Windows allows attackers to obtain sensitive information via unknown vectors. | 7.1 |
31 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-11-10 | CVE-2008-5007 | Lazarus | Link Following vulnerability in Lazarus 0.9.24 create_lazarus_export_tgz.sh in lazarus 0.9.24 allows local users to overwrite or delete arbitrary files via a symlink attack on a (1) /tmp/lazarus.tgz temporary file or a (2) /tmp/lazarus temporary directory. | 6.9 |
2008-11-10 | CVE-2008-4915 | Vmware | Permissions, Privileges, and Access Controls vulnerability in VMWare products The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS. | 6.9 |
2008-11-14 | CVE-2008-5075 | Scriptsfrenzy | SQL Injection vulnerability in Scriptsfrenzy E-Uploader PRO 1.0 Multiple SQL injection vulnerabilities in E-Uploader Pro 1.0 (aka Uploader PRO), when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) img.php, (b) file.php, (c) mail.php, (d) thumb.php, (e) zip.php, and (f) zipit.php, and (2) the view parameter to (g) browser.php. | 6.8 |
2008-11-10 | CVE-2008-5000 | Phpx | SQL Injection vulnerability in PHPx 3.5.16 SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5.16, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via uppercase characters in the news_id parameter. | 6.8 |
2008-11-10 | CVE-2008-4822 | Adobe | Permissions, Privileges, and Access Controls vulnerability in Adobe Flash Player Adobe Flash Player 9.0.124.0 and earlier does not properly interpret policy files, which allows remote attackers to bypass a non-root domain policy. | 6.8 |
2008-11-10 | CVE-2008-4819 | Adobe | Multiple Security vulnerability in Adobe Flash Player Unspecified vulnerability in Adobe Flash Player 9.0.124.0 and earlier makes it easier for remote attackers to conduct DNS rebinding attacks via unknown vectors. | 6.8 |
2008-11-10 | CVE-2008-5027 | Nagios OP5 | Permissions, Privileges, and Access Controls vulnerability in multiple products The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an (a) custom form or a (b) browser addon. | 6.5 |
2008-11-13 | CVE-2008-4989 | GNU Fedoraproject Canonical Debian Suse Opensuse | Improper Certificate Validation vulnerability in multiple products The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed certificate for any Distinguished Name (DN). | 5.9 |
2008-11-13 | CVE-2008-5015 | Mozilla | Code Injection vulnerability in Mozilla Firefox Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privileges via malicious code in a file that has already been saved on the local system. | 5.1 |
2008-11-14 | CVE-2008-5096 | Typo3 | Information Exposure vulnerability in Typo3 File List Extension Unspecified vulnerability in the TYPO3 File List (file_list) extension 0.2.1 and earlier allows remote attackers to obtain sensitive information via unknown attack vectors. | 5.0 |
2008-11-13 | CVE-2008-5062 | Smolinari | Path Traversal vulnerability in Smolinari Mini web Calendar 1.2 Directory traversal vulnerability in php/cal_pdf.php in Mini Web Calendar (mwcal) 1.2 allows remote attackers to read arbitrary files via directory traversal sequences in the thefile parameter. | 5.0 |
2008-11-10 | CVE-2008-5035 | IBM | Resource Management Errors vulnerability in IBM Hardware Management Console 3.2.0/3.3.0 The Resource Monitoring and Control (RMC) daemon in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 and 3.3.0 SP2 allows remote attackers to cause a denial of service (daemon crash or hang) via a packet with an invalid length. | 5.0 |
2008-11-10 | CVE-2008-5006 | University OF Washington | Resource Management Errors vulnerability in University of Washington Imap Toolkit 2007B smtp.c in the c-client library in University of Washington IMAP Toolkit 2007b allows remote SMTP servers to cause a denial of service (NULL pointer dereference and application crash) by responding to the QUIT command with a close of the TCP connection instead of the expected 221 response code. | 5.0 |
2008-11-10 | CVE-2008-5029 | Linux | Local Denial of Service vulnerability in Linux Kernel '__scm_destroy()' The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors. | 4.9 |
2008-11-14 | CVE-2008-5076 | Htop | Information Exposure vulnerability in Htop 0.7 htop 0.7 writes process names to a terminal without sanitizing non-printable characters, which might allow local users to hide processes, modify arbitrary files, or have unspecified other impact via a process name with "crazy control strings." | 4.6 |
2008-11-14 | CVE-2008-5095 | Novell | Cross-Site Scripting vulnerability in Novell products Cross-site scripting (XSS) vulnerability in the Novell User Application 3.0.1, 3.5.0, and 3.5.1; and Identity Manager Roles Based Provisioning Module 3.6.0 and 3.6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2008-11-14 | CVE-2008-5093 | Novell | Cross-Site Scripting vulnerability in Novell Edirectory Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2008-11-14 | CVE-2008-5072 | K Lite | Denial Of Service vulnerability in K-Lite Mega Codec Pack 3.5.7.0 vsfilter.dll in K-Lite Mega Codec Pack 3.5.7.0 allows remote attackers to cause a denial of service (application crash) via a malformed FLV file. | 4.3 |
2008-11-13 | CVE-2008-5068 | Kkeim | Cross-Site Scripting vulnerability in Kkeim Kmita Gallery Multiple cross-site scripting (XSS) vulnerabilities in Kmita Gallery allow remote attackers to inject arbitrary web script or HTML via the (1) begin parameter to index.php and the (2) searchtext parameter to search.php. | 4.3 |
2008-11-13 | CVE-2008-5067 | Kkeim | Cross-Site Scripting vulnerability in Kkeim Kmita Catalogue 2.0 Cross-site scripting (XSS) vulnerability in search.php in Kmita Catalogue 2.x allows remote attackers to inject arbitrary web script or HTML via the q parameter. | 4.3 |
2008-11-13 | CVE-2008-5061 | Smolinari | Cross-Site Scripting vulnerability in Smolinari Mini web Calendar 1.2 Cross-site scripting (XSS) vulnerability in php/cal_default.php in Mini Web Calendar (mwcal) 1.2 allows remote attackers to inject arbitrary web script or HTML via the URL. | 4.3 |
2008-11-13 | CVE-2008-5059 | Modernbill | Cross-Site Scripting vulnerability in Modernbill Cross-site scripting (XSS) vulnerability in index.php in ModernBill 4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript event in the new_language parameter in a login action. | 4.3 |
2008-11-13 | CVE-2008-5056 | Activecampaign | Cross-Site Scripting vulnerability in Activecampaign Triolive Cross-site scripting (XSS) vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to inject arbitrary web script or HTML via the department_id parameter to index.php. | 4.3 |
2008-11-12 | CVE-2008-4033 | Microsoft | Information Exposure vulnerability in Microsoft XML Core Services Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka "MSXML Header Request Vulnerability." | 4.3 |
2008-11-12 | CVE-2008-5039 | Phpnuke PHP Nuke | Cross-Site Scripting vulnerability in PHP-Nuke League Module 2.4 Cross-site scripting (XSS) vulnerability in the League module for PHP-Nuke, possibly 2.4, allows remote attackers to inject arbitrary web script or HTML via the tid parameter in a team action to modules.php. | 4.3 |
2008-11-10 | CVE-2008-5011 | IBM | Cross-Site Scripting vulnerability in IBM Lotus Quickr Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to qpconfig_sample.xml, aka SPR CWIR7KMPVP and THES7F9NVR, a different vulnerability than CVE-2008-2163 and CVE-2008-3860. | 4.3 |
2008-11-10 | CVE-2008-4823 | Adobe | Cross-Site Scripting vulnerability in Adobe Flash Player Cross-site scripting (XSS) vulnerability in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to loose interpretation of an ActionScript attribute. | 4.3 |
2008-11-10 | CVE-2008-4821 | Mozilla Adobe | Information Exposure vulnerability in Adobe Flash Player Adobe Flash Player 9.0.124.0 and earlier, when a Mozilla browser is used, does not properly interpret jar: URLs, which allows attackers to obtain sensitive information via unknown vectors. | 4.3 |
2008-11-10 | CVE-2008-4818 | Adobe | Cross-Site Scripting vulnerability in Adobe Flash Player Cross-site scripting (XSS) vulnerability in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving HTTP response headers. | 4.3 |
2008-11-12 | CVE-2008-5044 | Microsoft | Race Condition vulnerability in Microsoft Windows Server 2003 and Windows Vista Race condition in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service (crash or hang) via a multi-threaded application that makes many calls to UnhookWindowsHookEx while certain other desktop activity is occurring. | 4.0 |
2008-11-10 | CVE-2008-5009 | SUN | Race Condition vulnerability in SUN Solstice X.25 9.2 Race condition in the s_xout kernel module in Sun Solstice X.25 9.2, when running on a multiple CPU machine, allows local users to cause a denial of service (panic) via vectors involving reading the /dev/xty file. | 4.0 |
2 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-11-12 | CVE-2008-5043 | IBM | Cross-Site Scripting vulnerability in IBM Metrica Service Assurance Framework Multiple cross-site scripting (XSS) vulnerabilities in the web-based interface in IBM Metrica Service Assurance Framework allow remote authenticated users to inject arbitrary web script or HTML via (1) the elementid parameter in a generatedreportresults action to the ReportTree program, (2) the jnlpname parameter to the Launch program, or (3) the :tasklabel parameter to the ReportRequest program, related to the name of a report. | 3.5 |
2008-11-10 | CVE-2008-5026 | Microsoft | Cross-Site Scripting vulnerability in Microsoft Sharepoint Server Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting (XSS) attacks by uploading HTML documents. | 3.5 |