Weekly Vulnerabilities Reports > January 5 to 11, 2009
Overview
74 new vulnerabilities reported during this period, including 8 critical vulnerabilities and 23 high severity vulnerabilities. This weekly summary report vulnerabilities in 75 products from 59 vendors including Joomla, Joomlahbs, Phpauctions, Phpclanwebsite, and Constructr. Vulnerabilities are notably categorized as "SQL Injection", "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Path Traversal", and "Improper Authentication".
- 72 reported vulnerabilities are remotely exploitables.
- 41 reported vulnerabilities have public exploit available.
- 40 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 71 reported vulnerabilities are exploitable by an anonymous user.
- Joomla has the most reported vulnerabilities, with 5 reported vulnerabilities.
- Apple has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
8 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-01-08 | CVE-2009-0043 | CA | Permissions, Privileges, and Access Controls vulnerability in CA Service Level Management and Service Metric Analysis The smmsnmpd service in CA Service Metric Analysis r11.0 through r11.1 SP1 and Service Level Management 3.5 does not properly restrict access, which allows remote attackers to execute arbitrary commands via unspecified vectors. | 10.0 |
2009-01-08 | CVE-2008-0067 | HP | Buffer Errors vulnerability in HP Openview Network Node Manager 7.51 Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program, related to ov.dll; or a long string parameter to the (3) getcvdata.exe, (4) ovlaunch.exe, or (5) Toolbar.exe CGI program. | 10.0 |
2009-01-07 | CVE-2008-5866 | Proxim | Code Injection vulnerability in Proxim Tsunami Mp.11 2411 3.0.3 The Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 has public as its default SNMP read/write community, which makes it easier for remote attackers to obtain sensitive information or modify SNMP variables. | 10.0 |
2009-01-08 | CVE-2009-0070 | Apple | Numeric Errors vulnerability in Apple Safari Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary memory locations, cause a denial of service (application crash), and probably have unspecified other impact via the array index of the arguments array in a JavaScript function, possibly a related issue to CVE-2008-2307. | 9.3 |
2009-01-08 | CVE-2008-5876 | Irrlicht | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Irrlicht Buffer overflow in Irrlicht before 1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors in the B3D loader. | 9.3 |
2009-01-08 | CVE-2008-4827 | Componentone SAP Servantix | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple heap-based buffer overflows in the AddTab method in the (1) Tab and (2) CTab ActiveX controls in c1sizer.ocx and the (3) TabOne ActiveX control in sizerone.ocx in ComponentOne SizerOne 8.0.20081.140, as used in ComponentOne Studio for ActiveX 2008, TSC2 Help Desk 4.1.8, SAP GUI 6.40 Patch 29 and 7.10, and possibly other products, allow remote attackers to execute arbitrary code by adding many tabs, or adding tabs with long tab captions. | 9.3 |
2009-01-08 | CVE-2008-5868 | Intellitamper | Buffer Errors vulnerability in Intellitamper 2.07/2.08 Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows user-assisted attackers to execute arbitrary code via a long ProxyLogin value in a configuration (.cfg) file. | 9.3 |
2009-01-05 | CVE-2008-5839 | Foxmail | Buffer Errors vulnerability in Foxmail 6.5 Buffer overflow in Foxmail 6.5 allows remote attackers to execute arbitrary code via a long mailto URI in the HREF attribute of an A element. | 9.3 |
23 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-01-08 | CVE-2008-5872 | Nortel | Improper Input Validation vulnerability in Nortel Multimedia Communication Server 5100 3.0.13 Multiple unspecified vulnerabilities in the UNIStim File Transfer Protocol (UFTP) processing in IP Client Manager (IPCM) in Nortel Multimedia Communication Server (MSC) 5100 3.0.13 allow remote attackers to cause a denial of service (device outage) via a UFTP message that has a negative block size or other crafted Connection Details values. | 7.8 |
2009-01-07 | CVE-2009-0066 | Intel | Security Bypass vulnerability in Intel Trusted Execution Technology NIL Multiple unspecified vulnerabilities in Intel system software for Trusted Execution Technology (TXT) allow attackers to bypass intended loader integrity protections, as demonstrated by exploitation of tboot. | 7.6 |
2009-01-09 | CVE-2009-0111 | Goople CMS | SQL Injection vulnerability in Goople CMS Goople CMS SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2009-01-09 | CVE-2009-0110 | Riotpix | SQL Injection vulnerability in Riotpix SQL injection vulnerability in read.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | 7.5 |
2009-01-09 | CVE-2009-0109 | Riotpix | SQL Injection vulnerability in Riotpix SQL injection vulnerability in index.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2009-01-09 | CVE-2009-0108 | Phpauctions | Permissions, Privileges, and Access Controls vulnerability in PHPauctions NIL PHPAuctions (aka PHPAuctionSystem) allows remote attackers to bypass authentication and gain administrative access via modified (1) PHPAUCTION_RM_ID, (2) PHPAUCTION_RM_NAME, (3) PHPAUCTION_RM_USERNAME, and (4) PHPAUCTION_RM_EMAIL cookies. | 7.5 |
2009-01-09 | CVE-2009-0106 | Phpauctions | SQL Injection vulnerability in PHPauctions NIL SQL injection vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | 7.5 |
2009-01-09 | CVE-2009-0104 | SE ED | SQL Injection vulnerability in Se-Ed Ezpack 4.2 SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrary SQL commands via the qType parameter in a webboard prog action. | 7.5 |
2009-01-09 | CVE-2009-0103 | Playsms | Code Injection vulnerability in Playsms 0.9.3 Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) apps_path[plug] parameter to plugin/gateway/gnokii/init.php, the (2) apps_path[themes] parameter to plugin/themes/default/init.php, and the (3) apps_path[libs] parameter to lib/function.php. | 7.5 |
2009-01-09 | CVE-2008-5882 | Citrix Avaya | SQL Injection vulnerability in multiple products SQL injection vulnerability in login.asp in Citrix Application Gateway - Broadcast Server (BCS) before 6.1, as used by Avaya AG250 - Broadcast Server before 2.0 and possibly other products, allows remote attackers to execute arbitrary SQL commands via the txtUID parameter. | 7.5 |
2009-01-09 | CVE-2008-5881 | Playsms | Path Traversal vulnerability in Playsms 0.9.3 Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) gateway_module parameter to plugin/gateway/gnokii/init.php and the (2) themes_module parameter to plugin/themes/default/init.php. | 7.5 |
2009-01-08 | CVE-2008-5880 | Gobbl | Improper Authentication vulnerability in Gobbl CMS 1.0 admin/auth.php in Gobbl CMS 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the auth cookie to "ok". | 7.5 |
2009-01-08 | CVE-2008-5875 | Joomlahbs Joomla | SQL Injection vulnerability in Joomlahbs products SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php. | 7.5 |
2009-01-08 | CVE-2008-5874 | Joomlahbs Joomla | SQL Injection vulnerability in Joomlahbs products Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php in the (1) com_allhotels or (2) com_5starhotels module. | 7.5 |
2009-01-08 | CVE-2008-5873 | Yerba | Permissions, Privileges, and Access Controls vulnerability in Yerba 6.28 Yerba SACphp 6.3 and earlier allows remote attackers to bypass authentication and gain administrative access via a galleta[sesion] cookie that has a value beginning with 1:1: followed by a username. | 7.5 |
2009-01-06 | CVE-2008-5865 | Joomlahbs Joomla | SQL Injection vulnerability in Joomlahbs Hotel Booking Reservation System 1.0.0 SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php. | 7.5 |
2009-01-06 | CVE-2008-5864 | Joomlahbs Joomla | SQL Injection vulnerability in Joomlahbs products SQL injection vulnerability in the Top Hotel (com_tophotelmodule) component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php. | 7.5 |
2009-01-06 | CVE-2008-5863 | Woltlab V GN | SQL Injection vulnerability in V-Gn Userlocator 3.0 SQL injection vulnerability in locator.php in the Userlocator module 3.0 for Woltlab Burning Board (wBB) allows remote attackers to execute arbitrary SQL commands via the y parameter in a get_user action. | 7.5 |
2009-01-06 | CVE-2008-5851 | Mypbs | SQL Injection vulnerability in Mypbs NIL SQL injection vulnerability in index.php in My PHP Baseball Stats (MyPBS) allows remote attackers to execute arbitrary SQL commands via the seasonID parameter. | 7.5 |
2009-01-05 | CVE-2008-5844 | PHP | Configuration vulnerability in PHP 5.2.7 PHP 5.2.7 contains an incorrect change to the FILTER_UNSAFE_RAW functionality, and unintentionally disables magic_quotes_gpc regardless of the actual magic_quotes_gpc setting, which might make it easier for context-dependent attackers to conduct SQL injection attacks and unspecified other attacks. | 7.5 |
2009-01-05 | CVE-2008-5841 | Igamingcms | SQL Injection vulnerability in Igamingcms Igaming CMS 1.3.1/1.4.2 Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the browse parameter to (1) previews.php and (2) reviews.php, and the (3) id parameter to index.php in a viewarticle action. | 7.5 |
2009-01-05 | CVE-2008-5840 | Phpicalendar | Permissions, Privileges, and Access Controls vulnerability in PHPicalendar and PHPicalendar2.0 PHP iCalendar 2.24 and earlier allows remote attackers to bypass authentication by setting the phpicalendar and phpicalendar_login cookies to 1. | 7.5 |
2009-01-05 | CVE-2008-5838 | Ephpscripts | SQL Injection vulnerability in Ephpscripts E-Shop Shopping Cart SQL injection vulnerability in search_results.php in E-Php Scripts E-Shop (aka E-Php Shopping Cart) Shopping Cart Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
41 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-01-09 | CVE-2009-0112 | Expinion | Cross-Site Request Forgery (CSRF) vulnerability in Expinion Poll PRO 3.0 Cross-site request forgery (CSRF) vulnerability in admin/agent_edit.asp in PollPro 3.0 allows remote attackers to create or modify accounts as administrators via the username, password, and name parameters. | 6.8 |
2009-01-08 | CVE-2008-5877 | Phpclanwebsite | SQL Injection vulnerability in PHPclanwebsite Multiple SQL injection vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php, (2) form_id parameter to pcw/processforms.php, (3) pcwlogin and (4) pcw_pass parameters to pcw/setlogin.php, (5) searchvalue parameter to pcw/downloads.php, and the (6) searchvalue and (7) whichfield parameter to pcw/downloads.php, a different vector than CVE-2006-0444. | 6.8 |
2009-01-07 | CVE-2009-0068 | Freedesktop Mozilla | Code Injection vulnerability in Freedesktop Xdg-Utils 1.0 Interaction error in xdg-open allows remote attackers to execute arbitrary code by sending a file with a dangerous MIME type but using a safe type that Firefox sends to xdg-open, which causes xdg-open to process the dangerous file type through automatic type detection, as demonstrated by overwriting the .desktop file. | 6.8 |
2009-01-07 | CVE-2009-0025 | ISC | Improper Authentication vulnerability in ISC Bind BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. | 6.8 |
2009-01-06 | CVE-2008-5857 | Knowledgetree Document Management | Multiple Unspecified vulnerability in KnowledgeTree The DropDocuments plugin in KnowledgeTree before 3.5.4a allows remote authenticated users to gain administrative privileges via a certain sequence of "browse documents" and dashboard requests. | 6.5 |
2009-01-08 | CVE-2008-5871 | Nortel | Credentials Management vulnerability in Nortel Multimedia Communication Server 5100 3.0.13 Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not verify credentials during call placement, which allows remote attackers to spoof and redirect VoIP calls, possibly related to the snoop command. | 6.4 |
2009-01-05 | CVE-2009-0022 | Samba | Improper Input Validation vulnerability in Samba Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name. | 6.3 |
2009-01-07 | CVE-2008-5077 | Openssl | Improper Input Validation vulnerability in Openssl OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys. | 5.8 |
2009-01-08 | CVE-2008-5878 | Phpclanwebsite | Path Traversal vulnerability in PHPclanwebsite Multiple directory traversal vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary files via a .. | 5.1 |
2009-01-06 | CVE-2008-5860 | Constructr | Path Traversal vulnerability in Constructr Constructr-Cms Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to create or read arbitrary files via directory traversal sequences in the edit_file parameter. | 5.1 |
2009-01-06 | CVE-2008-5859 | Constructr | SQL Injection vulnerability in Constructr Constructr-Cms SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the show_page parameter. | 5.1 |
2009-01-09 | CVE-2009-0113 | Joomla | Path Traversal vulnerability in Joomla Xstandard Directory traversal vulnerability in attachmentlibrary.php in the XStandard component for Joomla! 1.5.8 and earlier allows remote attackers to list arbitrary directories via a .. | 5.0 |
2009-01-08 | CVE-2008-3819 | Cisco | Remote Denial Of Service vulnerability in Cisco Global Site Selector DNS Server dnsserver in Cisco Application Control Engine Global Site Selector (GSS) before 3.0(1) allows remote attackers to cause a denial of service (daemon crash) via a series of crafted DNS requests, aka Bug ID CSCsj70093. | 5.0 |
2009-01-07 | CVE-2008-5867 | Yerba | Path Traversal vulnerability in Yerba 6.3 Directory traversal vulnerability in Yerba SACphp 6.3 allows remote attackers to read arbitrary files, and possibly have other impact, via directory traversal sequences in the mod field contained in the base64-encoded SID parameter to an unspecified component. | 5.0 |
2009-01-07 | CVE-2009-0051 | Zxid | Improper Authentication vulnerability in Zxid ZXID 0.29 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. | 5.0 |
2009-01-07 | CVE-2009-0049 | EID | Improper Authentication vulnerability in EID Eidlib Belgian eID middleware (eidlib) 2.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. | 5.0 |
2009-01-07 | CVE-2009-0048 | Openevidence | Improper Authentication vulnerability in Openevidence 1.0.5 OpenEvidence 1.0.6 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. | 5.0 |
2009-01-07 | CVE-2009-0047 | Gale | Cryptographic Issues vulnerability in Gale Gale 0.99 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. | 5.0 |
2009-01-07 | CVE-2009-0046 | SUN | Improper Authentication vulnerability in SUN Grid Engine 5.3 Sun GridEngine 5.3 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. | 5.0 |
2009-01-07 | CVE-2009-0021 | NTP | Improper Authentication vulnerability in NTP NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. | 5.0 |
2009-01-06 | CVE-2008-5862 | Webcamxp | Path Traversal vulnerability in Webcamxp 5.3.2.375/5.3.2.410 Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410 build 2132 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the URI. | 5.0 |
2009-01-06 | CVE-2008-5861 | Freelyrics | Path Traversal vulnerability in Freelyrics 1.0 Directory traversal vulnerability in source.php in FreeLyrics 1.0 allows remote attackers to read arbitrary files via directory traversal sequences in the p parameter. | 5.0 |
2009-01-06 | CVE-2008-5856 | Class | Path Traversal vulnerability in Class Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attackers to read arbitrary files via directory traversal sequences in the ftype parameter. | 5.0 |
2009-01-06 | CVE-2008-5855 | Myphpscripts | Permissions, Privileges, and Access Controls vulnerability in Myphpscripts Login Session 2.0 myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to discover usernames, e-mail addresses, and password hashes via a direct request for users.txt. | 5.0 |
2009-01-06 | CVE-2008-5853 | Chicomas | Permissions, Privileges, and Access Controls vulnerability in Chicomas 2.0.3 Chilek Content Management System (aka ChiCoMaS) 2.0.4 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain database credentials via a direct request for config.inc or (2) read database backups via a request for a backup/ URI. | 5.0 |
2009-01-06 | CVE-2008-5852 | Emefa | Permissions, Privileges, and Access Controls vulnerability in Emefa Guestbook 3.0 Emefa Guestbook 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for guestbook.mdb. | 5.0 |
2009-01-06 | CVE-2008-5849 | Checkpoint | Information Exposure vulnerability in Checkpoint Vpn-1 R55/R65 Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows remote attackers to discover intranet IP addresses via a packet with a small TTL, which triggers an ICMP_TIMXCEED_INTRANS (aka ICMP time exceeded in-transit) response containing an encapsulated IP packet with an intranet address, as demonstrated by a TCP packet to the firewall management server on port 18264. | 5.0 |
2009-01-05 | CVE-2004-2761 | Ietf | Cryptographic Issues vulnerability in Ietf MD5 The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate. | 5.0 |
2009-01-07 | CVE-2009-0069 | SUN | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors. | 4.9 |
2009-01-05 | CVE-2008-5843 | Pdfjam | Unspecified vulnerability in Pdfjam NIL Multiple untrusted search path vulnerabilities in pdfjam allow local users to gain privileges via a Trojan horse program in (1) the current working directory or (2) /var/tmp, related to the (a) pdf90, (b) pdfjoin, and (c) pdfnup scripts. | 4.6 |
2009-01-09 | CVE-2009-0107 | Phpauctions | Cross-Site Scripting vulnerability in PHPauctions NIL Cross-site scripting (XSS) vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote attackers to inject arbitrary web script or HTML via the user_id parameter. | 4.3 |
2009-01-09 | CVE-2009-0105 | SE ED | Cross-Site Scripting vulnerability in Se-Ed Ezpack 4.2 Cross-site scripting (XSS) vulnerability in index.php in EZpack 4.2b2 allows remote attackers to inject arbitrary web script or HTML via the mdfd parameter in a prog action. | 4.3 |
2009-01-08 | CVE-2008-5879 | Phpclanwebsite | Cross-Site Scripting vulnerability in PHPclanwebsite Cross-site scripting (XSS) vulnerability in index.php in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, allows remote attackers to inject arbitrary web script or HTML via the page parameter and other unspecified vectors. | 4.3 |
2009-01-08 | CVE-2008-5870 | Faststone | Improper Input Validation vulnerability in Faststone Image Viewer 3.6 FastStone Image Viewer 3.6 allows user-assisted attackers to cause a denial of service (application crash) via a malformed BMP image with large width and height values, possibly a related issue to CVE-2007-1942. | 4.3 |
2009-01-08 | CVE-2008-5869 | Proxim | Cross-Site Scripting vulnerability in Proxim Tsunami Mp.11 2411 3.0.3 Cross-site scripting (XSS) vulnerability in the Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 allows remote authenticated users to inject arbitrary web script or HTML via the system.sysName.0 SNMP OID. | 4.3 |
2009-01-07 | CVE-2009-0050 | Entrouvert | Improper Input Validation vulnerability in Entrouvert Lasso 1.9.9.0/2.0.01/2.2.10 Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. | 4.3 |
2009-01-06 | CVE-2008-5858 | Knowledgetree Document Management | Cross-Site Scripting vulnerability in Knowledgetree Document Management Knowledgetree Document Management Multiple cross-site scripting (XSS) vulnerabilities in KnowledgeTree before 3.5.4a allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-4281. | 4.3 |
2009-01-06 | CVE-2008-5854 | Myphpscripts | Cross-Site Scripting vulnerability in Myphpscripts Login Session 2.0 Multiple cross-site scripting (XSS) vulnerabilities in login.php in myPHPscripts Login Session 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ls_user and (2) ls_email parameters (aka the User form) in an ls_register action. | 4.3 |
2009-01-05 | CVE-2008-5845 | Sixapart | Cross-Site Scripting vulnerability in Sixapart Movable Type Multiple cross-site scripting (XSS) vulnerabilities in Six Apart Movable Type (MT) before 4.23 allow remote attackers to inject arbitrary web script or HTML via a (1) MTEntryAuthorUsername, (2) MTAuthorDisplayName, (3) MTEntryAuthorDisplayName, or (4) MTCommenterName field in a Profile View template; a (5) listing screen or (6) edit screen in the CMS app; (7) a TrackBack title, related to the HTML sanitization library; or (8) a user archive name (aka archive title) on a published Community Blog template. | 4.3 |
2009-01-05 | CVE-2008-5842 | Fujitsu Siemens | Cross-Site Scripting vulnerability in Fujitsu-Siemens Webtransactions 6.0/7.0/7.1 Multiple cross-site scripting (XSS) vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via vectors associated with (1) a demo application shipped with WebTransactions and possibly (2) an unspecified "dynamic application." | 4.3 |
2009-01-05 | CVE-2008-5846 | Sixapart | Permissions, Privileges, and Access Controls vulnerability in Sixapart Movable Type Six Apart Movable Type (MT) before 4.23 allows remote authenticated users with create permission for posts to bypass intended access restrictions and publish posts via a "system-wide entry listing screen." | 4.0 |
2 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-01-08 | CVE-2009-0071 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a certain (a) replaceChild or (b) removeChild call, followed by a (1) queryCommandValue, (2) queryCommandState, or (3) queryCommandIndeterm call. | 2.6 |
2009-01-05 | CVE-2008-5847 | Constructr | Credentials Management vulnerability in Constructr Constructr-Cms Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information by reading the hash column. | 2.6 |