Weekly Vulnerabilities Reports > December 15 to 21, 2008
Overview
157 new vulnerabilities reported during this period, including 20 critical vulnerabilities and 65 high severity vulnerabilities. This weekly summary report vulnerabilities in 121 products from 87 vendors including Apple, Mozilla, Activewebsoftwares, Canonical, and Debian. Vulnerabilities are notably categorized as "SQL Injection", "Permissions, Privileges, and Access Controls", "Resource Management Errors", "Improper Input Validation", and "Path Traversal".
- 152 reported vulnerabilities are remotely exploitables.
- 87 reported vulnerabilities have public exploit available.
- 69 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 144 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 11 reported vulnerabilities.
- Apple has the most reported critical vulnerabilities, with 6 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
20 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-12-19 | CVE-2008-5685 | SUN | Unspecified vulnerability in SUN Scapp Sun ScApp firmware 5.18.x, 5.19.x, and 5.20.0 through 5.20.10 on Sun Fire and Netra platforms allows remote attackers to access the System Controller (SC), the system console, and possibly the host OS, and cause a denial of service (shutdown or reboot), via spoofed IP packets. | 10.0 |
2008-12-19 | CVE-2008-5675 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Portal Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack vectors related to "Access problems with BasicAuthTAI." | 10.0 |
2008-12-17 | CVE-2008-5500 | Mozilla Canonical Debian | Resource Management Errors vulnerability in multiple products The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow. | 10.0 |
2008-12-17 | CVE-2008-5649 | Alstrasoft | SQL Injection vulnerability in Alstrasoft Article Manager PRO 1.6 SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 10.0 |
2008-12-17 | CVE-2008-5619 | Roundcube | Code Injection vulnerability in Roundcube Webmail 0.2.1/0.2.3 html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attackers to execute arbitrary code via crafted input that is processed by the preg_replace function with the eval switch. | 10.0 |
2008-12-17 | CVE-2008-5616 | Mplayer | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mplayer Stack-based buffer overflow in the demux_open_vqf function in libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote attackers to execute arbitrary code via a malformed TwinVQ file. | 10.0 |
2008-12-17 | CVE-2008-4237 | Apple | Multiple Security vulnerability in RETIRED: Apple Mac OS X 2008-008 Managed Client in Apple Mac OS X before 10.5.6 sometimes misidentifies a system when installing per-host configuration settings, which allows context-dependent attackers to have an unspecified impact by leveraging unintended settings, as demonstrated by the screen saver lock setting. | 10.0 |
2008-12-17 | CVE-2008-4223 | Apple | Improper Authentication vulnerability in Apple mac OS X Server Podcast Producer in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to bypass authentication and gain administrative access via unspecified vectors. | 10.0 |
2008-12-17 | CVE-2008-4221 | Apple | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server The strptime API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted date string, related to improper memory allocation. | 10.0 |
2008-12-17 | CVE-2008-4220 | Apple | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer overflow in the inet_net_pton API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | 10.0 |
2008-12-19 | CVE-2008-5674 | Darkwet | Improper Input Validation vulnerability in Darkwet Webcam XP Multiple array index errors in the HTTP server in Darkwet Network webcamXP 3.72.440.0 and earlier and beta 4.05.280 and earlier allow remote attackers to cause a denial of service (device crash) and read portions of memory via (1) an invalid camnum parameter to the pocketpc component and (2) an invalid id parameter to the show_gallery_pic component. | 9.4 |
2008-12-19 | CVE-2008-5696 | Novell | Credentials Management vulnerability in Novell Netware 6.5 Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations. | 9.3 |
2008-12-19 | CVE-2008-5691 | Phonecian Casino | Buffer Errors vulnerability in Phonecian Casino Flashax 1.0.0.7 Heap-based buffer overflow in the Phoenician Casino FlashAX ActiveX control 1.0.0.7 allows remote attackers to execute arbitrary code via a long argument to the SetID method. | 9.3 |
2008-12-19 | CVE-2008-5680 | Opera | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opera Browser Multiple buffer overflows in Opera before 9.63 might allow (1) remote attackers to execute arbitrary code via a crafted text area, or allow (2) user-assisted remote attackers to execute arbitrary code via a long host name in a file: URL. | 9.3 |
2008-12-19 | CVE-2008-5679 | Opera | Resource Management Errors vulnerability in Opera The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption. | 9.3 |
2008-12-18 | CVE-2008-5499 | Adobe Linux | Code Injection vulnerability in Adobe Flash Player FOR Linux Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file. | 9.3 |
2008-12-17 | CVE-2008-5662 | SUN | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in SUN Java Wireless Toolkit FOR Cldc Multiple buffer overflows in Sun Java Wireless Toolkit (WTK) for CLDC 2.5.2 and earlier allow downloaded programs to execute arbitrary code via unknown vectors. | 9.3 |
2008-12-17 | CVE-2008-4234 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server Incomplete blacklist vulnerability in the Quarantine feature in CoreTypes in Apple Mac OS X 10.5 before 10.5.6 allows user-assisted remote attackers to execute arbitrary code via an executable file with the content type indicating no application association for the file, which does not trigger a "potentially unsafe" warning message. | 9.3 |
2008-12-17 | CVE-2008-4217 | Apple | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer signedness error in BOM in Apple Mac OS X before 10.5.6 allows remote attackers to execute arbitrary code via the headers in a crafted CPIO archive, leading to a stack-based buffer overflow. | 9.3 |
2008-12-19 | CVE-2008-5663 | Kusaba | Improper Input Validation vulnerability in Kusaba Multiple unrestricted file upload vulnerabilities in Kusaba 1.0.4 and earlier allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension using (1) load_receiver.php or (2) a shipainter action to paint_save.php, then accessing the uploaded file via a direct request to this file in their user directory. | 9.0 |
65 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-12-19 | CVE-2008-5695 | Wordpress | Improper Input Validation vulnerability in Wordpress and Wordpress MU wp-admin/options.php in WordPress MU before 1.3.2, and WordPress 2.3.2 and earlier, does not properly validate requests to update an option, which allows remote authenticated users with manage_options and upload_files capabilities to execute arbitrary code by uploading a PHP script and adding this script's pathname to active_plugins. | 8.5 |
2008-12-19 | CVE-2008-5686 | IBM | Improper Authentication vulnerability in IBM Tivoli Provisioning Manager IBM Tivoli Provisioning Manager (TPM) before 5.1.1.1 IF0006, when its LDAP service is shared with other applications, does not require that an LDAP user be listed in the TPM user records, which allows remote authenticated users to execute SOAP commands that access arbitrary TPM functionality, as demonstrated by running provisioning workflows. | 8.5 |
2008-12-17 | CVE-2008-5617 | Rsyslog | Permissions, Privileges, and Access Controls vulnerability in Rsyslog The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or create a large number of spurious messages. | 8.5 |
2008-12-19 | CVE-2008-5683 | Opera | Information Exposure vulnerability in Opera Browser Unspecified vulnerability in Opera before 9.63 allows remote attackers to "reveal random data" via unknown vectors. | 7.8 |
2008-12-17 | CVE-2008-5645 | ORB Networks | Path Traversal vulnerability in ORB Networks ORB Directory traversal vulnerability in the media server in Orb Networks Orb before 2.01.0022 allows remote attackers to read arbitrary files via directory traversal sequences in an HTTP GET request. | 7.8 |
2008-12-17 | CVE-2008-5620 | Roundcube | Resource Management Errors vulnerability in Roundcube Webmail 0.1/0.1.1/0.2 RoundCube Webmail (roundcubemail) before 0.2-beta allows remote attackers to cause a denial of service (memory consumption) via crafted size parameters that are used to create a large quota image. | 7.8 |
2008-12-15 | CVE-2008-5563 | Aruba Networks Arubanetworks | Resource Management Errors vulnerability in multiple products Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x allows remote attackers to cause a denial of service (device crash) via a malformed Extensible Authentication Protocol (EAP) frame. | 7.8 |
2008-12-19 | CVE-2008-4122 | Joomla | Cleartext Transmission of Sensitive Information vulnerability in Joomla Joomla! 1.5.8 Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | 7.5 |
2008-12-19 | CVE-2008-5671 | Joomla | Code Injection vulnerability in Joomla 1.0.11/1.0.12/1.0.13 PHP remote file inclusion vulnerability in index.php in Joomla! 1.0.11 through 1.0.14, when RG_EMULATION is enabled in configuration.php, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
2008-12-19 | CVE-2008-5665 | Xoops | SQL Injection vulnerability in Xoops SQL injection vulnerability in index.php in the xhresim module in XOOPS allows remote attackers to execute arbitrary SQL commands via the no parameter. | 7.5 |
2008-12-17 | CVE-2008-5659 | GNU | Cryptographic Issues vulnerability in GNU Classpath The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated against DSA private keys. | 7.5 |
2008-12-17 | CVE-2008-5658 | PHP | Path Traversal vulnerability in PHP Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. | 7.5 |
2008-12-17 | CVE-2008-5657 | Quassel | Improper Input Validation vulnerability in Quassel Core CRLF injection vulnerability in Quassel Core before 0.3.0.3 allows remote attackers to spoof IRC messages as other users via a crafted CTCP message. | 7.5 |
2008-12-17 | CVE-2008-5655 | Myiosoft | SQL Injection vulnerability in Myiosoft Easybookmarker 4.0 Multiple SQL injection vulnerabilities in MyioSoft EasyBookMarker 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) delete_folder and (2) delete_link parameters to unspecified vectors, possibly to (a) plugins/bookmarker/bookmarker_backend.php or (b) ajaxp.php, different vectors than CVE-2008-5654. | 7.5 |
2008-12-17 | CVE-2008-5654 | Myiosoft | SQL Injection vulnerability in Myiosoft Easycalendar 4.0 SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyCalendar 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter, a different vector than CVE-2008-1344. | 7.5 |
2008-12-17 | CVE-2008-5653 | Myiosoft COM | SQL Injection vulnerability in Myiosoft.Com Ajaxportal 3.0 SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. | 7.5 |
2008-12-17 | CVE-2008-5652 | Myiosoft | SQL Injection vulnerability in Myiosoft Easybookmarker 4.0 SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter. | 7.5 |
2008-12-17 | CVE-2008-5651 | Myiosoft | SQL Injection vulnerability in Myiosoft Easybookmarker 4.0 SQL injection vulnerability in plugins/bookmarker/bookmarker_backend.php in MyioSoft EasyBookMarker 4.0 allows remote attackers to execute arbitrary SQL commands via the Parent parameter. | 7.5 |
2008-12-17 | CVE-2008-5650 | Alstrasoft | SQL Injection vulnerability in Alstrasoft Webhost Directory NIL SQL injection vulnerability in the login directory in AlstraSoft Web Host Directory allows remote attackers to execute arbitrary SQL commands via the pwd parameter. | 7.5 |
2008-12-17 | CVE-2008-5648 | Deltascripts | SQL Injection vulnerability in Deltascripts PHP Shop 1.0 SQL injection vulnerability in admin/login.php in DeltaScripts PHP Shop 1.0 allows remote attackers to execute arbitrary SQL commands via the admin_username parameter. | 7.5 |
2008-12-17 | CVE-2008-5646 | Trac | Denial of Service And Phishing vulnerability in Trac Unspecified vulnerability in Trac before 0.11.2 allows attackers to cause a denial of service via unknown attack vectors related to "certain wiki markup." | 7.5 |
2008-12-17 | CVE-2008-5643 | Joomla Mambo | SQL Injection vulnerability in Joomla COM Books SQL injection vulnerability in the Books (com_books) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter in a book_details action to index.php. | 7.5 |
2008-12-17 | CVE-2008-5641 | Activewebsoftwares | SQL Injection vulnerability in Activewebsoftwares Active Photo Gallery 6.2 SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | 7.5 |
2008-12-17 | CVE-2008-5640 | Activewebsoftwares | SQL Injection vulnerability in Activewebsoftwares Active Bids 3.5 SQL injection vulnerability in bidhistory.asp in Active Bids 3.5 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | 7.5 |
2008-12-17 | CVE-2008-5638 | Activewebsoftwares | SQL Injection vulnerability in Activewebsoftwares Active Price Comparison 4.0 Multiple SQL injection vulnerabilities in Active Price Comparison 4 allow remote attackers to execute arbitrary SQL commands via the (1) ProductID parameter to reviews.aspx or the (2) linkid parameter to links.asp. | 7.5 |
2008-12-17 | CVE-2008-5637 | Parsblogger | SQL Injection vulnerability in Parsblogger NIL SQL injection vulnerability in blog.asp in ParsBlogger (Pb) allows remote attackers to execute arbitrary SQL commands via the wr parameter. | 7.5 |
2008-12-17 | CVE-2008-5635 | Activewebsoftwares | SQL Injection vulnerability in Activewebsoftwares Active Membership 2.0 SQL injection vulnerability in account.asp in Active Membership 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. | 7.5 |
2008-12-17 | CVE-2008-5634 | Activewebsoftwares | SQL Injection vulnerability in Activewebsoftwares Active Force Matrix 2.0 SQL injection vulnerability in account.asp in Active Force Matrix 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. | 7.5 |
2008-12-17 | CVE-2008-5633 | Activewebsoftwares | SQL Injection vulnerability in Activewebsoftwares Activevotes 2.2 SQL injection vulnerability in register.asp in ActiveVotes 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. | 7.5 |
2008-12-17 | CVE-2008-5632 | Activewebsoftwares | SQL Injection vulnerability in Activewebsoftwares Active Time Billing 3.2 SQL injection vulnerability in Account.asp in Active Time Billing 3.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. | 7.5 |
2008-12-17 | CVE-2008-5631 | Activewebsoftwares | SQL Injection vulnerability in Activewebsoftwares Active Ewebquiz 8.0 SQL injection vulnerability in start.asp in Active eWebquiz 8.0 allows remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or the (2) password parameter. | 7.5 |
2008-12-17 | CVE-2008-5629 | Turnkeyarcade | SQL Injection vulnerability in Turnkeyarcade Turnkey Arcade Script NIL SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a play action. | 7.5 |
2008-12-17 | CVE-2008-5627 | Activewebsoftwares | SQL Injection vulnerability in Activewebsoftwares Active Trade 2.0 SQL injection vulnerability in account.asp in Active Trade 2 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter (aka Email field) or the (2) password parameter. | 7.5 |
2008-12-17 | CVE-2008-5625 | PHP | Permissions, Privileges, and Access Controls vulnerability in PHP PHP 5 before 5.2.7 does not enforce the error_log safe_mode restrictions when safe_mode is enabled through a php_admin_flag setting in httpd.conf, which allows context-dependent attackers to write to arbitrary files by placing a "php_value error_log" entry in a .htaccess file. | 7.5 |
2008-12-17 | CVE-2008-5624 | PHP | Permissions, Privileges, and Access Controls vulnerability in PHP PHP 5 before 5.2.7 does not properly initialize the page_uid and page_gid global variables for use by the SAPI php_getuid function, which allows context-dependent attackers to bypass safe_mode restrictions via variable settings that are intended to be restricted to root, as demonstrated by a setting of /etc for the error_log variable. | 7.5 |
2008-12-17 | CVE-2008-5609 | Typo3 | SQL Injection vulnerability in Typo3 Commerce Extension SQL injection vulnerability in the Commerce extension 0.9.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2008-12-16 | CVE-2008-5607 | Joomitaly Joomla | SQL Injection vulnerability in Joomitaly Jmovies 1.1 SQL injection vulnerability in the JMovies (aka JM or com_jmovies) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |
2008-12-16 | CVE-2008-5605 | Aspapps | SQL Injection vulnerability in Aspapps Aspportal NIL Multiple SQL injection vulnerabilities in ASP Portal allow remote attackers to execute arbitrary SQL commands via the (1) ItemID parameter to classifieds.asp and the (2) ID parameter to Events.asp. | 7.5 |
2008-12-16 | CVE-2008-5599 | Merlix | SQL Injection vulnerability in Merlix Teamworx Server NIL SQL injection vulnerability in default.asp in Merlix Teamworx Server allows remote attackers to execute arbitrary SQL commands via the password parameter (aka passwd field) in a login action. | 7.5 |
2008-12-16 | CVE-2008-5595 | Aspapps | SQL Injection vulnerability in Aspapps ASP Autodealer NIL SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
2008-12-16 | CVE-2008-5594 | Bpowerhouse | Path Traversal vulnerability in Bpowerhouse Mini Blog 1.0.1 Multiple directory traversal vulnerabilities in index.php in Mini Blog 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2008-12-16 | CVE-2008-5593 | Bpowerhouse | Path Traversal vulnerability in Bpowerhouse Mini CMS 1.0.1 Multiple directory traversal vulnerabilities in index.php in Mini CMS 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2008-12-16 | CVE-2008-5590 | Kalptaru Infotech | SQL Injection vulnerability in Kalptaru Infotech Product Sale Framework 0.1 SQL injection vulnerability in customer.forumtopic.php in Kalptaru Infotech Product Sale Framework 0.1 beta allows remote attackers to execute arbitrary SQL commands via the forum_topic_id parameter. | 7.5 |
2008-12-16 | CVE-2008-5589 | Katywhitton | SQL Injection vulnerability in Katywhitton Rankem SQL injection vulnerability in processlogin.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the (1) txtusername parameter (aka username field) or the (2) txtpassword parameter (aka password field). | 7.5 |
2008-12-16 | CVE-2008-5588 | Katywhitton | SQL Injection vulnerability in Katywhitton Rankem SQL injection vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to execute arbitrary SQL commands via the siteID parameter. | 7.5 |
2008-12-16 | CVE-2008-5585 | Lcxbbportal | Code Injection vulnerability in Lcxbbportal 0.1 Multiple PHP remote file inclusion vulnerabilities in lcxBBportal 0.1 Alpha 2 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) portal/includes/portal_block.php and (2) includes/acp/acp_lcxbbportal.php. | 7.5 |
2008-12-15 | CVE-2008-5582 | Nukedit | SQL Injection vulnerability in Nukedit SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the email parameter. | 7.5 |
2008-12-15 | CVE-2008-5581 | Mini PUB | Improper Input Validation vulnerability in Mini-Pub 0.3 PHP remote file inclusion vulnerability in mini-pub.php/front-end/img.php in mini-pub 0.3 allows remote attackers to execute arbitrary PHP code via a URL in the sFileName parameter. | 7.5 |
2008-12-15 | CVE-2008-5580 | Mini PUB | Improper Input Validation vulnerability in Mini-Pub 0.3 mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the sFileName argument. | 7.5 |
2008-12-15 | CVE-2008-5578 | Scssboard | SQL Injection vulnerability in Scssboard Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allow remote attackers to execute arbitrary SQL commands via (1) the f parameter in a showforum action, (2) the u parameter in a profile action, (3) the viewcat parameter, or (4) a combination of scb_uid and scb_ident cookie values. | 7.5 |
2008-12-15 | CVE-2008-5577 | Scssboard | Code Injection vulnerability in Scssboard PHP remote file inclusion vulnerability in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to execute arbitrary PHP code via a URL in the inc_function parameter. | 7.5 |
2008-12-15 | CVE-2008-5576 | Scssboard | Improper Authentication vulnerability in Scssboard admin/forums.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to bypass authentication and gain administrative access via a large value of the current_user[users_level] parameter. | 7.5 |
2008-12-15 | CVE-2008-5575 | Proclanmanager | Improper Authentication vulnerability in Proclanmanager PRO Clan Manager Session fixation vulnerability in Pro Clan Manager 0.4.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | 7.5 |
2008-12-15 | CVE-2008-5574 | Unscripts | SQL Injection vulnerability in Unscripts Webmaster Marketplace NIL SQL injection vulnerability in member.php in Webmaster Marketplace allows remote attackers to execute arbitrary SQL commands via the u parameter. | 7.5 |
2008-12-15 | CVE-2008-5573 | Adcomplete | SQL Injection vulnerability in Adcomplete Poll PRO 2.0 SQL injection vulnerability in the login feature in Poll Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) Password and (2) username parameters. | 7.5 |
2008-12-15 | CVE-2008-5571 | Dotnetindex | SQL Injection vulnerability in Dotnetindex Professional Download Assistant 0.1 SQL injection vulnerability in admin/login.asp in Professional Download Assistant 0.1 allows remote attackers to execute arbitrary SQL commands via the (1) uname parameter (aka user field) or the (2) psw parameter (aka passwd field). | 7.5 |
2008-12-15 | CVE-2008-5561 | Netref | SQL Injection vulnerability in Netref 4.0 SQL injection vulnerability in Netref 4.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) fiche_product.php and (2) presentation.php. | 7.5 |
2008-12-15 | CVE-2008-5559 | Dazzlindonna | SQL Injection vulnerability in Dazzlindonna Postecards SQL injection vulnerability in sendcard.cfm in PostEcards allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2008-12-19 | CVE-2008-5689 | SUN | Resource Management Errors vulnerability in SUN Opensolaris and Solaris tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted SIOCGTUNPARAM IOCTL request, which triggers a NULL pointer dereference. | 7.2 |
2008-12-19 | CVE-2008-5086 | Libvirt | Local Security Bypass vulnerability in libvirt Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and perform administrative actions. | 7.2 |
2008-12-17 | CVE-2008-4218 | Apple | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Multiple integer overflows in the kernel in Apple Mac OS X before 10.5.6 on Intel platforms allow local users to gain privileges via a crafted call to (1) i386_set_ldt or (2) i386_get_ldt. | 7.2 |
2008-12-19 | CVE-2008-5677 | Kwalbum | Improper Input Validation vulnerability in Kwalbum Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and earlier, when PICS_PATH is located in the web root, allows remote authenticated users with upload capability to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under items/, related to the ReplaceBadFilenameChars function in include/ItemAdder.php. | 7.1 |
2008-12-17 | CVE-2008-4236 | Apple | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server Apple Type Services (ATS) in Apple Mac OS X 10.5 before 10.5.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted embedded font in a PDF file. | 7.1 |
2008-12-17 | CVE-2008-4224 | Apple | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server UDF in Apple Mac OS X before 10.5.6 allows user-assisted attackers to cause a denial of service (system crash) via a malformed UDF volume in a crafted ISO file. | 7.1 |
2008-12-17 | CVE-2008-4222 | Apple | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server natd in network_cmds in Apple Mac OS X before 10.5.6, when Internet Sharing is enabled, allows remote attackers to cause a denial of service (infinite loop) via a crafted TCP packet. | 7.1 |
67 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-12-19 | CVE-2008-5078 | GNU | Buffer Errors vulnerability in GNU Escript 1.6.1 Multiple buffer overflows in the (1) recognize_eps_file function (src/psgen.c) and (2) tilde_subst function (src/util.c) in GNU enscript 1.6.1, and possibly earlier, might allow remote attackers to execute arbitrary code via an epsf escape sequence with a long filename. | 6.8 |
2008-12-19 | CVE-2008-5672 | Phparanoid | Cross-Site Request Forgery (CSRF) vulnerability in PHParanoid 0.1/0.2 Multiple cross-site request forgery (CSRF) vulnerabilities in PHParanoid before 0.4 allow remote attackers to hijack the authentication of arbitrary users for requests that use (1) admin.php or (2) private messages. | 6.8 |
2008-12-19 | CVE-2008-5670 | Textpattern | Credentials Management vulnerability in Textpattern 4.0.5 Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password during a password reset, which makes it easier for remote attackers to change a password after hijacking a session. | 6.8 |
2008-12-17 | CVE-2008-5512 | Mozilla Canonical Debian | Permissions, Privileges, and Access Controls vulnerability in multiple products Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to run arbitrary JavaScript with chrome privileges via unknown vectors in which "page content can pollute XPCNativeWrappers." | 6.8 |
2008-12-17 | CVE-2008-5506 | Mozilla Canonical Debian | Permissions, Privileges, and Access Controls vulnerability in multiple products Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-controlled resource that uses a 302 redirect to a resource in a different domain, then reading content from the response, aka "response disclosure." | 6.8 |
2008-12-17 | CVE-2008-5660 | Gnome | USE of Externally-Controlled Format String vulnerability in Gnome Vinagre Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response. | 6.8 |
2008-12-17 | CVE-2008-5636 | Lovedesigner | SQL Injection vulnerability in Lovedesigner Lito Lite CMS NIL SQL injection vulnerability in cate.php in Lito Lite CMS, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 6.8 |
2008-12-17 | CVE-2008-5630 | Qualityunit | SQL Injection vulnerability in Qualityunit Post Affiliate PRO 3.0/3.1.4 SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 3 and 3.1.4 allows remote attackers to execute arbitrary SQL commands via the umprof_status parameter. | 6.8 |
2008-12-17 | CVE-2008-5628 | Little CMS | SQL Injection vulnerability in Little CMS Little CMS 0.0.1 SQL injection vulnerability in index.php in CMS little 0.0.1 allows remote attackers to execute arbitrary SQL commands via the term parameter. | 6.8 |
2008-12-16 | CVE-2008-5604 | Drennansoft | Path Traversal vulnerability in Drennansoft MY Simple Forum 3.0/4.1 Directory traversal vulnerability in index.php in My Simple Forum 3.0 and 4.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2008-12-16 | CVE-2008-5586 | Check UP | SQL Injection vulnerability in Check UP Check NEW 4.52 SQL injection vulnerability in findoffice.php in Check Up New Generation (aka Check New) 4.52, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. | 6.8 |
2008-12-15 | CVE-2008-5570 | PHP Multiple Newsletters | Path Traversal vulnerability in PHP multiple Newsletters PHP multiple Newsletters 2.7 Directory traversal vulnerability in index.php in PHP Multiple Newsletters 2.7, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2008-12-15 | CVE-2008-5568 | IPN Mate | Cross-Site Request Forgery (CSRF) vulnerability in Ipn-Mate IPN PRO 3 Cross-site request forgery (CSRF) vulnerability in admin/settings.php in IPN Pro 3 1.44 and earlier allows remote attackers to change the admin password via a logout action in conjunction with the admin_id, newpass_1, and newpass_2 parameters. | 6.8 |
2008-12-15 | CVE-2008-5567 | Bonzacart | Cross-Site Request Forgery (CSRF) vulnerability in Bonzacart Bonza Cart Cross-site request forgery (CSRF) vulnerability in admin/ad_settings.php in Bonza Cart 1.10 and earlier allows remote attackers to change the admin password via a logout action in conjunction with the NewAdmin, NewPass1, and NewPass2 parameters. | 6.8 |
2008-12-15 | CVE-2008-5565 | Dinkumsoft | Cross-Site Request Forgery (CSRF) vulnerability in Dinkumsoft DL Paycart 1.01 Cross-site request forgery (CSRF) vulnerability in admin/settings.php in DL PayCart 1.34 and earlier allows remote attackers to change the admin password via a logout action in conjunction with the NewAdmin, NewPass1, and NewPass2 parameters. | 6.8 |
2008-12-19 | CVE-2008-1094 | Barracuda Networks | SQL Injection vulnerability in Barracuda Networks Barracuda Spam Firewall SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) before 3.5.12.007 allows remote authenticated administrators to execute arbitrary SQL commands via a pattern_x parameter in a search_count_equals action, as demonstrated by the pattern_0 parameter. | 6.5 |
2008-12-19 | CVE-2008-5673 | Phparanoid | Permissions, Privileges, and Access Controls vulnerability in PHParanoid 0.1/0.2 PHParanoid before 0.4 does not properly restrict access to the members area by unauthenticated users, which has unknown impact and remote attack vectors. | 6.5 |
2008-12-17 | CVE-2008-5507 | Mozilla Canonical Debian | Information Exposure vulnerability in multiple products Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL that redirects to the target resource, which generates an error if the target data does not have JavaScript syntax, which can be accessed using the window.onerror DOM API. | 6.0 |
2008-12-17 | CVE-2008-5621 | Phpmyadmin | Cross-Site Request Forgery (CSRF) vulnerability in PHPmyadmin Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allows remote attackers to perform unauthorized actions as the administrator via a link or IMG tag to tbl_structure.php with a modified table parameter. | 6.0 |
2008-12-19 | CVE-2008-5252 | Mediawiki | Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki Cross-site request forgery (CSRF) vulnerability in the Special:Import feature in MediaWiki 1.3.0 through 1.6.10, 1.12.x before 1.12.2, and 1.13.x before 1.13.3 allows remote attackers to perform unspecified actions as authenticated users via unknown vectors. | 5.8 |
2008-12-17 | CVE-2008-5661 | SUN | Resource Management Errors vulnerability in SUN Opensolaris and Solaris The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 through snv_82, with certain patches installed, allows remote attackers to cause a denial of service (panic) via unknown vectors that trigger a NULL pointer dereference. | 5.4 |
2008-12-19 | CVE-2008-5693 | Ipswitch | Improper Input Validation vulnerability in Ipswitch WS FTP Ipswitch WS_FTP Server Manager 6.1.0.0 and earlier, and possibly other Ipswitch products, might allow remote attackers to read the contents of custom ASP files in WSFTPSVR/ via a request with an appended dot character. | 5.0 |
2008-12-19 | CVE-2008-5692 | Ipswitch | Improper Authentication vulnerability in Ipswitch WS FTP Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other Ipswitch products, allows remote attackers to bypass authentication and read logs via a logLogout action to FTPLogServer/login.asp followed by a request to FTPLogServer/LogViewer.asp with the localhostnull account name. | 5.0 |
2008-12-19 | CVE-2008-5687 | Mediawiki | Permissions, Privileges, and Access Controls vulnerability in Mediawiki MediaWiki 1.11, and other versions before 1.13.3, does not properly protect against the download of backups of deleted images, which might allow remote attackers to obtain sensitive information via requests for files in images/deleted/. | 5.0 |
2008-12-19 | CVE-2008-5684 | SUN | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the X Inter Client Exchange library (aka libICE) in Sun Solaris 8 through 10 and OpenSolaris before snv_85 allows context-dependent attackers to cause a denial of service (application crash), as demonstrated by a port scan that triggers a segmentation violation in the Gnome session manager (aka gnome-session). | 5.0 |
2008-12-19 | CVE-2008-5676 | Breach | Unspecified vulnerability in Breach Modsecurity Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to "transformation caching." | 5.0 |
2008-12-19 | CVE-2008-5669 | Textpattern | Improper Input Validation vulnerability in Textpattern 4.0.5 index.php in the comments preview section in Textpattern (aka Txp CMS) 4.0.5 allows remote attackers to cause a denial of service via a long message parameter. | 5.0 |
2008-12-19 | CVE-2008-5667 | Virusblokada | Resource Management Errors vulnerability in Virusblokada Vba32 Personal Antivirus 3.12.8 The scanning engine in VirusBlokAda VBA32 Personal Antivirus 3.12.8.x allows remote attackers to cause a denial of service (memory corruption and application crash) via a malformed RAR archive. | 5.0 |
2008-12-17 | CVE-2008-5510 | Mozilla Canonical Debian | Remote vulnerability in Mozilla Firefox/Thunderbird/SeaMonkey The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines. | 5.0 |
2008-12-17 | CVE-2008-5505 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies. | 5.0 |
2008-12-17 | CVE-2008-5502 | Mozilla Canonical | Resource Management Errors vulnerability in multiple products The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the GetXMLEntity and FastAppendChar functions. | 5.0 |
2008-12-17 | CVE-2008-5501 | Mozilla Canonical | Remote vulnerability in Mozilla Firefox/Thunderbird/SeaMonkey The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure. | 5.0 |
2008-12-17 | CVE-2008-5647 | Trac | Denial of Service And Phishing vulnerability in Trac Unspecified vulnerability in the HTML sanitizer filter in Trac before 0.11.2 allows attackers to conduct phishing attacks via unknown attack vectors. | 5.0 |
2008-12-17 | CVE-2008-5642 | Cmsmadesimple | Path Traversal vulnerability in Cmsmadesimple CMS Made Simple 1.4.1 Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. | 5.0 |
2008-12-17 | CVE-2008-5618 | Rsyslog | Denial-Of-Service vulnerability in RSyslog imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 before 3.20.2 generates a message even when it is sent by an unauthorized sender, which allows remote attackers to cause a denial of service (disk consumption) via a large number of spurious messages. | 5.0 |
2008-12-17 | CVE-2008-5081 | Avahi | Resource Management Errors vulnerability in Avahi The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure. | 5.0 |
2008-12-16 | CVE-2008-5608 | Aspapps | Permissions, Privileges, and Access Controls vulnerability in Aspapps ASP Autodealer NIL ASP AutoDealer stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for auto.mdb. | 5.0 |
2008-12-16 | CVE-2008-5606 | Gazatem Technologies | Permissions, Privileges, and Access Controls vulnerability in Gazatem Technologies Qmail Mailing List Manager 1.2 Gazatem QMail Mailing List Manager 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for qmail.mdb. | 5.0 |
2008-12-16 | CVE-2008-5603 | Aspapps | Permissions, Privileges, and Access Controls vulnerability in Aspapps Aspticker 1.0 ASPTicker 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for news.mdb. | 5.0 |
2008-12-16 | CVE-2008-5602 | Natterchat | Permissions, Privileges, and Access Controls vulnerability in Natterchat 1.12 Natterchat 1.12 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for natterchat112.mdb. | 5.0 |
2008-12-16 | CVE-2008-5601 | Robs Projects | Permissions, Privileges, and Access Controls vulnerability in Robs-Projects ASP User Engine NIL User Engine Lite ASP stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for users.mdb. | 5.0 |
2008-12-16 | CVE-2008-5600 | Merlix | Permissions, Privileges, and Access Controls vulnerability in Merlix Teamworx Server NIL Merlix Teamworx Server stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for teamworx.mdb. | 5.0 |
2008-12-16 | CVE-2008-5598 | Phpmygallery | Path Traversal vulnerability in PHPmygallery 1.51 Directory traversal vulnerability in index.php in PHPmyGallery 1.51 gold allows remote attackers to list arbitrary directories via a .. | 5.0 |
2008-12-16 | CVE-2008-5597 | Cold BBS | Permissions, Privileges, and Access Controls vulnerability in Cold BBS Cold BBS NIL Cold BBS stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for db/cforum.mdb. | 5.0 |
2008-12-16 | CVE-2008-5596 | Dotnetindex | Permissions, Privileges, and Access Controls vulnerability in Dotnetindex Ikon Admanager Ikon AdManager 2.1 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for ikonBAnner_AdManager.mdb. | 5.0 |
2008-12-16 | CVE-2008-5592 | Iwrite | Permissions, Privileges, and Access Controls vulnerability in Iwrite Nightfall Personal Diary 1.0 Nightfall Personal Diary 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for users-zza21.mdb. | 5.0 |
2008-12-15 | CVE-2008-5579 | Mini PUB | Path Traversal vulnerability in Mini-Pub 0.3 Absolute path traversal vulnerability in mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to read arbitrary files via a full pathname in the sFileName parameter. | 5.0 |
2008-12-15 | CVE-2008-5572 | Dotnetindex | Permissions, Privileges, and Access Controls vulnerability in Dotnetindex Professional Download Assistant 0.1 Professional Download Assistant 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for database/downloads.mdb. | 5.0 |
2008-12-15 | CVE-2008-5564 | ORB Networks | Remote Denial Of Service vulnerability in Orb Networks Orb Unspecified vulnerability in the media server in Orb Networks Orb before 2.01.0025 allows remote attackers to cause a denial of service (daemon crash) via a malformed HTTP request. | 5.0 |
2008-12-15 | CVE-2008-5562 | Aspapps | Permissions, Privileges, and Access Controls vulnerability in Aspapps Aspportal NIL ASPPortal stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for xportal.mdb. | 5.0 |
2008-12-15 | CVE-2008-5560 | Dazzlindonna | Permissions, Privileges, and Access Controls vulnerability in Dazzlindonna Postecards PostEcards stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for postcards.mdb. | 5.0 |
2008-12-17 | CVE-2008-4219 | Apple | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server The kernel in Apple Mac OS X before 10.5.6 allows local users to cause a denial of service (infinite loop and system halt) by running an application that is dynamically linked to libraries on an NFS server, related to occurrence of an exception in this application. | 4.9 |
2008-12-19 | CVE-2008-5249 | Mediawiki | Cross-Site Scripting vulnerability in Mediawiki 1.13.0/1.13.1/1.13.2 Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.0 through 1.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-12-19 | CVE-2008-5682 | Opera | Cross-Site Scripting vulnerability in Opera Browser Cross-site scripting (XSS) vulnerability in Opera before 9.63 allows remote attackers to inject arbitrary web script or HTML via built-in XSLT templates. | 4.3 |
2008-12-19 | CVE-2008-5681 | Opera | Unspecified vulnerability in Opera Browser Opera before 9.63 does not block unspecified "scripted URLs" during the feed preview, which allows remote attackers to read existing subscriptions and force subscriptions to arbitrary feed URLs. | 4.3 |
2008-12-19 | CVE-2008-5668 | Textpattern | Cross-Site Scripting vulnerability in Textpattern 4.0.5 Multiple cross-site scripting (XSS) vulnerabilities in Textpattern (aka Txp CMS) 4.0.5 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to setup/index.php or (2) the name parameter to index.php in the comments preview section. | 4.3 |
2008-12-17 | CVE-2008-5508 | Mozilla Canonical Debian | Improper Input Validation vulnerability in multiple products Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not properly parse URLs with leading whitespace or control characters, which might allow remote attackers to misrepresent URLs and simplify phishing attacks. | 4.3 |
2008-12-17 | CVE-2008-5656 | Typo3 | Cross-Site Scripting vulnerability in Typo3 4.2.0/4.2.1/4.2.2 Cross-site scripting (XSS) vulnerability in the frontend plugin for the felogin system extension in TYPO3 4.2.0, 4.2.1 and 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2008-12-17 | CVE-2008-5644 | Typo3 | Cross-Site Scripting vulnerability in Typo3 4.2.2 Cross-site scripting (XSS) vulnerability in the file backend module in TYPO3 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2008-12-17 | CVE-2008-5639 | Txtblogcms | Path Traversal vulnerability in Txtblogcms Txtblog 1.0 Directory traversal vulnerability in index.php in TxtBlog 1.0 Alpha allows remote attackers to read arbitrary files via a .. | 4.3 |
2008-12-17 | CVE-2008-5558 | Asterisk | Improper Authentication vulnerability in Asterisk Business Edition and Open Source Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unknown user or (2) a user using hostname matching. | 4.3 |
2008-12-16 | CVE-2008-5591 | Iwrite | Cross-Site Scripting vulnerability in Iwrite Nightfall Personal Diary 1.0 Cross-site scripting (XSS) vulnerability in login.asp in Nightfall Personal Diary 1.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter and possibly other "login fields." NOTE: some of these details are obtained from third party information. | 4.3 |
2008-12-16 | CVE-2008-5587 | Phppgadmin | Path Traversal vulnerability in PHPpgadmin Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. | 4.3 |
2008-12-15 | CVE-2008-5569 | Phpeppershop | Cross-Site Scripting vulnerability in PHPeppershop 1.4 Multiple cross-site scripting (XSS) vulnerabilities in PHPepperShop 1.4 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php or (2) shop/kontakt.php, or (3) shop_kunden_mgmt.php or (4) SHOP_KONFIGURATION.php in shop/Admin/. | 4.3 |
2008-12-15 | CVE-2008-5566 | Phpmultiplenewsletters | Cross-Site Scripting vulnerability in PHPmultiplenewsletters 2.7 Cross-site scripting (XSS) vulnerability in index.php in Triangle Solutions PHP Multiple Newsletters 2.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | 4.3 |
2008-12-19 | CVE-2008-5678 | Fdgroup | Improper Input Validation vulnerability in Fdgroup Olib7 Webview 2.5.1.1 Fretwell-Downing Informatics (FDI) OLIB7 WebView 2.5.1.1 allows remote authenticated users to obtain sensitive information from files via the infile parameter to the default URI under cgi/, as demonstrated by the (1) get_settings.ini, (2) setup.ini, and (3) text.ini files. | 4.0 |
2008-12-17 | CVE-2008-5626 | Dxmsoft | Resource Management Errors vulnerability in Dxmsoft XM Easy Personal FTP Server 5.6.0 XM Easy Personal FTP Server 5.6.0 allows remote authenticated users to cause a denial of service via a crafted argument to the NLST command, as demonstrated by a -1 argument. | 4.0 |
5 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2008-12-19 | CVE-2008-5250 | Mediawiki | Cross-Site Scripting vulnerability in Mediawiki Cross-site scripting (XSS) vulnerability in MediaWiki before 1.6.11, 1.12.x before 1.12.2, and 1.13.x before 1.13.3, when Internet Explorer is used and uploads are enabled, or an SVG scripting browser is used and SVG uploads are enabled, allows remote authenticated users to inject arbitrary web script or HTML by editing a wiki page. | 3.5 |
2008-12-19 | CVE-2008-0971 | Barracuda Networks | Cross-Site Scripting vulnerability in Barracuda Networks products Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Barracuda Spam Firewall (BSF) before 3.5.12.007, Message Archiver before 1.2.1.002, Web Filter before 3.3.0.052, IM Firewall before 3.1.01.017, and Load Balancer before 2.3.024 allow remote attackers to inject arbitrary web script or HTML via (1) the Policy Name field in Search Based Retention Policy in Message Archiver; unspecified parameters in the (2) IP Configuration, (3) Administration, (4) Journal Accounts, (5) Retention Policy, and (6) GroupWise Sync components in Message Archiver; (7) input to search operations in Web Filter; and (8) input used in error messages and (9) hidden INPUT elements in (a) Spam Firewall, (b) IM Firewall, and (c) Web Filter. | 3.5 |
2008-12-19 | CVE-2008-5666 | Wftpserver | Resource Management Errors vulnerability in Wftpserver Winftp FTP Server 2.3.0 WinFTP FTP Server 2.3.0, when passive (aka PASV) mode is used, allows remote authenticated users to cause a denial of service via a sequence of FTP sessions that include an invalid "NLST -1" command. | 3.5 |
2008-12-17 | CVE-2008-5503 | Mozilla | Remote vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or access data from other domains via crafted XBL bindings. | 2.6 |
2008-12-19 | CVE-2008-5690 | SUN | Credentials Management vulnerability in SUN Opensolaris and Solaris The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the store_cred function in pam_krb5. | 2.1 |