Weekly Vulnerabilities Reports > January 12 to 18, 2009

Overview

113 new vulnerabilities reported during this period, including 15 critical vulnerabilities and 28 high severity vulnerabilities. This weekly summary report vulnerabilities in 84 products from 37 vendors including Oracle, SUN, Microsoft, Cisco, and Codeavalanche. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", "Improper Input Validation", "Improper Authentication", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "SQL Injection".

  • 99 reported vulnerabilities are remotely exploitables.
  • 21 reported vulnerabilities have public exploit available.
  • 19 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 89 reported vulnerabilities are exploitable by an anonymous user.
  • Oracle has the most reported vulnerabilities, with 41 reported vulnerabilities.
  • Oracle has the most reported critical vulnerabilities, with 5 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

15 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-01-16 CVE-2009-0171 SUN Permissions, Privileges, and Access Controls vulnerability in SUN Sparc Enterprise Server M4000/M5000

The Sun SPARC Enterprise M4000 and M5000 Server, within a certain range of serial numbers, allows remote attackers to use the manufacturing root password, perform a root login to the eXtended System Control Facility Unit (aka XSCFU or Service Processor), and have unspecified other impact.

10.0
2009-01-16 CVE-2008-4770 Realvnc Improper Input Validation vulnerability in Realvnc

The CMsgReader::readRect function in the VNC Viewer component in RealVNC VNC Free Edition 4.0 through 4.1.2, Enterprise Edition E4.0 through E4.4.2, and Personal Edition P4.0 through P4.4.2 allows remote VNC servers to execute arbitrary code via crafted RFB protocol data, related to "encoding type."

10.0
2009-01-15 CVE-2009-0133 Microsoft Buffer Errors vulnerability in Microsoft Html Help Workshop 4.74

Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers to execute arbitrary code via a .hhp file with a long "Index file" field, possibly a related issue to CVE-2006-0564.

10.0
2009-01-14 CVE-2009-0119 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Windows XP

Buffer overflow in Microsoft Windows XP SP3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .chm file.

10.0
2009-01-14 CVE-2008-4835 Microsoft Code Injection vulnerability in Microsoft products

SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans2 request, related to "insufficiently validating the buffer size," aka "SMB Validation Remote Code Execution Vulnerability."

10.0
2009-01-14 CVE-2008-4834 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Buffer overflow in SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans request, aka "SMB Buffer Overflow Remote Code Execution Vulnerability."

10.0
2009-01-14 CVE-2008-5457 Oracle Multiple vulnerability in Oracle January 2009 Critical Patch Update

Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2009-01-14 CVE-2008-5449 Oracle Multiple vulnerability in Oracle Secure Backup 10.2.0.2

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5444 and CVE-2008-5448.

10.0
2009-01-14 CVE-2008-5448 Oracle Multiple vulnerability in Oracle Secure Backup 10.2.0.2

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5444 and CVE-2008-5449.

10.0
2009-01-14 CVE-2008-5444 Oracle Multiple vulnerability in Oracle Secure Backup 10.2.0.2

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5448 and CVE-2008-5449.

10.0
2009-01-14 CVE-2008-4006 Oracle Multiple vulnerability in Oracle Secure Backup 10.1.0.3

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.1.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2009-01-16 CVE-2009-0136 Amarok Numeric Errors vulnerability in Amarok 1.4.10/2.0/2.0.1

Multiple array index errors in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp in Amarok 1.4.10 through 2.0.1 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via an Audible Audio (.aa) file with a crafted (1) nlen or (2) vlen Tag value, each of which can lead to an invalid pointer dereference, or the writing of a 0x00 byte to an arbitrary memory location, after an allocation failure.

9.3
2009-01-16 CVE-2009-0135 Amarok Buffer Errors vulnerability in Amarok 1.4.10/2.0/2.0.1

Multiple integer overflows in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp in Amarok 1.4.10 through 2.0.1 allow remote attackers to execute arbitrary code via an Audible Audio (.aa) file with a large (1) nlen or (2) vlen Tag value, each of which triggers a heap-based buffer overflow.

9.3
2009-01-16 CVE-2009-0134 Share2 Arbitrary File Overwrite vulnerability in Share2 Easy Grid Control 3.51

Insecure method vulnerability in the EasyGrid.SGCtrl.32 ActiveX control in EasyGrid.ocx 1.0.0.1 in AAA EasyGrid ActiveX 3.51 allows remote attackers to create and overwrite arbitrary files via the (1) DoSaveFile or (2) DoSaveHtmlFile method.

9.3
2009-01-16 CVE-2009-0169 SUN Permissions, Privileges, and Access Controls vulnerability in SUN Java System Access Manager 7.1

Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm.

9.0

28 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-01-16 CVE-2008-3818 Cisco Improper Input Validation vulnerability in Cisco ONS and ONS 15600

Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session.

7.8
2009-01-15 CVE-2009-0120 IBM Improper Input Validation vulnerability in IBM Websphere Datapower XML Security Gateway Xs40 3.6.1.5

The IBM WebSphere DataPower XML Security Gateway XS40 with firmware 3.6.1.5 allows remote attackers to cause a denial of service (device reboot) by sending data over an established SSL connection, as demonstrated by the abc\r\n\r\n string data.

7.8
2009-01-12 CVE-2008-5883 Mini PUB Path Traversal vulnerability in Mini-Pub 0.1/0.1.1/0.1.2

Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote attackers to list arbitrary directories via a full pathname in the sDir parameter.

7.8
2009-01-15 CVE-1999-1593 Microsoft Link Following vulnerability in Microsoft Windows 2000, Windows 95 and Windows 98

Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server.

7.6
2009-01-15 CVE-2008-5904 Xrdp Improper Input Validation vulnerability in Xrdp

The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in xrdp 0.4.1 and earlier allows remote RDP servers to have an unknown impact via input data that sets crafted values for certain length variables, leading to a buffer overflow.

7.5
2009-01-15 CVE-2008-5903 Xrdp Numeric Errors vulnerability in Xrdp

Array index error in the xrdp_bitmap_def_proc function in xrdp/funcs.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via vectors that manipulate the value of the edit_pos structure member.

7.5
2009-01-15 CVE-2008-5902 Xrdp Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xrdp

Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via a crafted request.

7.5
2009-01-15 CVE-2009-0121 Goople CMS SQL Injection vulnerability in Goople CMS Goople CMS 1.8.2

SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 allows remote attackers to execute arbitrary SQL commands via the password parameter.

7.5
2009-01-14 CVE-2008-5440 Oracle Multiple vulnerability in Oracle Timesten In-Memory Database 7.0.5.0.0

Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5
2009-01-13 CVE-2008-5517 GIT Code Injection vulnerability in GIT

The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote attackers to execute arbitrary commands via shell metacharacters related to (1) git_snapshot and (2) git_object.

7.5
2009-01-13 CVE-2008-5262 Devil Buffer Errors vulnerability in Devil Developers Image Library 1.7.4

Multiple stack-based buffer overflows in the iGetHdrHeader function in src-IL/src/il_hdr.c in DevIL 1.7.4 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE file.

7.5
2009-01-12 CVE-2008-5901 Iyziforum Permissions, Privileges, and Access Controls vulnerability in Iyziforum Iyzi Forum 1.0

iyzi Forum 1.0 beta 3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for db/iyziforum.mdb.

7.5
2009-01-12 CVE-2008-5900 Codeavalanche Permissions, Privileges, and Access Controls vulnerability in Codeavalanche Articles NIL

CodeAvalanche Articles stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAArticles.mdb.

7.5
2009-01-12 CVE-2008-5899 Codeavalanche Permissions, Privileges, and Access Controls vulnerability in Codeavalanche Freeforall NIL

CodeAvalanche FreeForAll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAFFAPage.mdb.

7.5
2009-01-12 CVE-2008-5898 Codeavalanche Permissions, Privileges, and Access Controls vulnerability in Codeavalanche Directory NIL

CodeAvalanche Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CADirectory.mdb.

7.5
2009-01-12 CVE-2008-5897 Codeavalanche Permissions, Privileges, and Access Controls vulnerability in Codeavalanche Freewallpaper NIL

CodeAvalanche FreeWallpaper stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CAFreeWallpaper.mdb.

7.5
2009-01-12 CVE-2008-5896 Codeavalanche Permissions, Privileges, and Access Controls vulnerability in Codeavalanche Ratemysite NIL

CodeAvalanche RateMySite stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the administrator password via a direct request for _private/CARateMySite.mdb.

7.5
2009-01-12 CVE-2008-5895 Mediatheka SQL Injection vulnerability in Mediatheka 4.2

SQL injection vulnerability in connection.php in Mediatheka 4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter.

7.5
2009-01-12 CVE-2008-5892 Icash SQL Injection vulnerability in Icash Click&Email NIL

Multiple SQL injection vulnerabilities in ClickAndEmail allow remote attackers to execute arbitrary SQL commands via (1) the ID parameter to admin_dblayers.asp in an update action, (2) the adminid parameter to admin_loginCheck.asp (aka the USERNAME field in admin_main.asp), and (3) the PassWord parameter to admin_loginCheck.asp (aka the PASSWORD field in admin_main.asp).

7.5
2009-01-12 CVE-2008-5890 Injader SQL Injection vulnerability in Injader

SQL injection vulnerability in feeds.php in Injader before 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2009-01-12 CVE-2008-5888 Icash SQL Injection vulnerability in Icash Click&Rank NIL

Multiple SQL injection vulnerabilities in Click&Rank allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hitcounter.asp, (2) user_delete.asp, and (3) user_update.asp; (4) the userid parameter to admin_login.asp (aka the USERNAME field in admin.asp); and (5) the PassWord parameter to admin_login.asp (aka the PASSWORD field in admin.asp).

7.5
2009-01-16 CVE-2008-5910 SUN Unspecified vulnerability in SUN Opensolaris

Unspecified vulnerability in txzonemgr in Sun OpenSolaris has unknown impact and local attack vectors, related to a "Temporary file vulnerability," aka Bug ID 6653462.

7.2
2009-01-16 CVE-2008-5909 SUN Unspecified vulnerability in SUN Opensolaris

Unspecified vulnerability in conv_lpd in Sun OpenSolaris has unknown impact and local attack vectors, related to improper handling of temporary files, aka Bug ID 6655641.

7.2
2009-01-16 CVE-2008-5908 SUN Local Security vulnerability in OpenSolaris

Unspecified vulnerability in the root/boot archive tool in Sun OpenSolaris has unknown impact and local attack vectors, related to a "Temporary file vulnerability," aka Bug ID 6653455.

7.2
2009-01-15 CVE-2009-0029 Linux
Debian
Improper Input Validation vulnerability in Linux Kernel

The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call.

7.2
2009-01-13 CVE-2009-0024 Linux Permissions, Privileges, and Access Controls vulnerability in Linux Kernel

The sys_remap_file_pages function in mm/fremap.c in the Linux kernel before 2.6.24.1 allows local users to cause a denial of service or gain privileges via unspecified vectors, related to the vm_file structure member, and the mmap_region and do_munmap functions.

7.2
2009-01-16 CVE-2008-4444 Cisco Improper Input Validation vulnerability in Cisco Unified IP Phone 7940G and Unified IP Phone 7960G

Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware P0S3-08-9-00 and possibly other versions before 8.10 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a Realtime Transport Protocol (RTP) packet with malformed headers.

7.1
2009-01-15 CVE-2009-0123 Apple
Microsoft
Information Exposure vulnerability in Apple Safari

Unspecified vulnerability in Apple Safari on Mac OS X 10.5 and Windows allows remote attackers to read arbitrary files on a client machine via vectors related to the association of Safari with the (1) feed, (2) feeds, and (3) feedsearch URL types for RSS feeds.

7.1

64 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-01-15 CVE-2009-0122 HP Permissions, Privileges, and Access Controls vulnerability in HP Hplip 2.7.7/2.8.2

hplip.postinst in HP Linux Imaging and Printing (HPLIP) 2.7.7 and 2.8.2 on Ubuntu allows local users to change the ownership of arbitrary files via unspecified manipulations in advance of an HPLIP installation or upgrade by an administrator, related to the product's attempt to correct the ownership of its configuration files within home directories.

6.9
2009-01-16 CVE-2009-0056 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Ironport Encryption Appliance and Ironport Postx

Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action.

6.8
2009-01-16 CVE-2009-0055 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Ironport Encryption Appliance and Ironport Postx

Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to modify appliance preferences as arbitrary users via unspecified vectors.

6.8
2009-01-15 CVE-2008-5906 Ktorrent Improper Input Validation vulnerability in Ktorrent

Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.

6.8
2009-01-14 CVE-2008-5462 Oracle Permissions, Privileges, and Access Controls vulnerability in Oracle BEA Product Suite

Unspecified vulnerability in the WebLogic Portal component in BEA Product Suite 10.3, 10.2, 10.0 MP1, 9.2 MP3, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

6.8
2009-01-14 CVE-2008-5461 Oracle Permissions, Privileges, and Access Controls vulnerability in Oracle BEA Product Suite

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0, and SP7 allows remote attackers to affect confidentiality, integrity, and availability, related to WLS.

6.8
2009-01-12 CVE-2008-5894 Mediatheka Path Traversal vulnerability in Mediatheka 4.2

Directory traversal vulnerability in index.php in Mediatheka 4.2 allows remote attackers to include and execute arbitrary local files via a ..

6.8
2009-01-14 CVE-2008-4007 Oracle Multiple vulnerability in Oracle January 2009 Critical Patch Update

Unspecified vulnerability in the PeopleSoft Enterprise Components component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

6.5
2009-01-16 CVE-2009-0170 SUN Permissions, Privileges, and Access Controls vulnerability in SUN Java System Access Manager 6.3/7.02005Q4/7.1

Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in the console.

6.0
2009-01-15 CVE-2003-1567 Microsoft Information Exposure vulnerability in Microsoft Internet Information Services 5.0

The undocumented TRACK method in Microsoft Internet Information Services (IIS) 5.0 returns the content of the original request in the body of the response, which makes it easier for remote attackers to steal cookies and authentication credentials, or bypass the HttpOnly protection mechanism, by using TRACK to read the contents of the HTTP headers that are returned in the response, a technique that is similar to cross-site tracing (XST) using HTTP TRACE.

5.8
2009-01-14 CVE-2008-5458 Oracle Multiple vulnerability in Oracle January 2009 Critical Patch Update

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10 and CU2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5
2009-01-14 CVE-2008-5452 Jdedwards
Oracle
Multiple vulnerability in Oracle January 2009 Critical Patch Update

Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5
2009-01-14 CVE-2008-5447 Oracle Multiple vulnerability in Oracle Enterprise Manager Grid Control 10G 10.2.0.4

Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5
2009-01-14 CVE-2008-4014 Oracle Multiple vulnerability in Oracle January 2009 Critical Patch Update

Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Application Server allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5
2009-01-14 CVE-2008-5437 Oracle Multiple vulnerability in Oracle Database 10G, Database 11I and Database 9I

Unspecified vulnerability in the Job Queue component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_IJOB.

5.5
2009-01-14 CVE-2008-5436 Oracle Multiple vulnerability in Oracle Database 10G and Database 9I

Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect integrity and availability via unknown vectors.

5.5
2009-01-14 CVE-2008-4015 Oracle Multiple vulnerability in Oracle Database 10G 10.1.0.5

Unspecified vulnerability in the Oracle Streams component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_STREAMS_AUTH.

5.5
2009-01-14 CVE-2008-3979 Oracle Multiple vulnerability in Oracle January 2009 Critical Patch Update

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5
2009-01-14 CVE-2008-3978 Oracle Multiple vulnerability in Oracle Database 10G 10.1.0.5

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5
2009-01-16 CVE-2009-0173 IBM Improper Input Validation vulnerability in IBM DB2 Universal Database 9.1/9.5

Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream.

5.0
2009-01-16 CVE-2009-0172 IBM Improper Input Validation vulnerability in IBM DB2 Universal Database 9.1/9.5

Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream.

5.0
2009-01-15 CVE-2009-0130 Erlang Improper Authentication vulnerability in Erlang NIL

** DISPUTED ** lib/crypto/c_src/crypto_drv.c in erlang does not properly check the return value from the OpenSSL DSA_do_verify function, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

5.0
2009-01-15 CVE-2009-0129 Perl Openssl Improper Authentication vulnerability in Perl-Openssl Libcrypt-Openssl-Dsa-Perl NIL

libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSA_verify and DSA_do_verify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

5.0
2009-01-15 CVE-2009-0128 Llnl Improper Authentication vulnerability in Llnl Slurm NIL

plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Resource Management (aka SLURM or slurm-llnl) does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

5.0
2009-01-15 CVE-2009-0127 Heikkitoivonen Improper Authentication vulnerability in Heikkitoivonen M2Crypto

** DISPUTED ** M2Crypto does not properly check the return value from the OpenSSL EVP_VerifyFinal, DSA_verify, ECDSA_verify, DSA_do_verify, and ECDSA_do_verify functions, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

5.0
2009-01-15 CVE-2009-0126 Berkeley Improper Authentication vulnerability in Berkeley Boinc Client 6.2.14/6.4.5

The decrypt_public function in lib/crypt.cpp in the client in Berkeley Open Infrastructure for Network Computing (BOINC) 6.2.14 and 6.4.5 does not check the return value from the OpenSSL RSA_public_decrypt function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

5.0
2009-01-15 CVE-2009-0125 Finkproject Improper Authentication vulnerability in Finkproject Libnasl 2.2.11

** DISPUTED ** NOTE: this issue has been disputed by the upstream vendor.

5.0
2009-01-15 CVE-2009-0124 Arrl Improper Authentication vulnerability in Arrl Tqsllib 2.0

The tqsl_verifyDataBlock function in openssl_cert.cpp in American Radio Relay League (ARRL) tqsllib 2.0 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.

5.0
2009-01-15 CVE-2008-5907 Libpng
Debian
Remote Security vulnerability in libpng3

The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0' character constant to a NULL pointer.

5.0
2009-01-15 CVE-2003-1566 Microsoft Configuration vulnerability in Microsoft Internet Information Services 5.0

Microsoft Internet Information Services (IIS) 5.0 does not log requests that use the TRACK method, which allows remote attackers to obtain sensitive information without detection.

5.0
2009-01-14 CVE-2009-0041 Asterisk Information Exposure vulnerability in Asterisk products

IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.

5.0
2009-01-14 CVE-2008-5459 Oracle Permissions, Privileges, and Access Controls vulnerability in Oracle BEA Product Suite 10.3

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality via unknown vectors.

5.0
2009-01-14 CVE-2008-5445 Oracle Multiple vulnerability in Oracle Secure Backup 10.2.0.2

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors.

5.0
2009-01-14 CVE-2008-5443 Oracle Multiple vulnerability in Oracle Secure Backup 10.2.0.2

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2008-5441 and CVE-2008-5442.

5.0
2009-01-14 CVE-2008-4017 Oracle Multiple vulnerability in Oracle Application Server 10.1.2.3

Unspecified vulnerability in the OC4J component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality via unknown vectors.

5.0
2009-01-14 CVE-2008-5442 Oracle Multiple vulnerability in Oracle Secure Backup 10.2.0.2

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2008-5441 and CVE-2008-5443.

5.0
2009-01-14 CVE-2008-5441 Oracle Multiple vulnerability in Oracle Secure Backup 10.2.0.2

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2008-5442 and CVE-2008-5443.

5.0
2009-01-14 CVE-2008-3981 Oracle Multiple vulnerability in Oracle Secure Backup 10.1.0.1

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.1.0.1 allows remote attackers to affect confidentiality via unknown vectors.

5.0
2009-01-12 CVE-2008-5887 Tincan Improper Input Validation vulnerability in Tincan PHPlist

phplist before 2.10.8 allows remote attackers to include files via unknown vectors, related to a "local file include vulnerability."

5.0
2009-01-12 CVE-2008-5886 Takempis Permissions, Privileges, and Access Controls vulnerability in Takempis Discussion web 4.0

TAKempis Discussion Web 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for _private/discussion.mdb.

5.0
2009-01-12 CVE-2008-5885 Thenetguys Permissions, Privileges, and Access Controls vulnerability in Thenetguys Aspired2Quote NIL

The Net Guys ASPired2Quote stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for admin/quote.mdb.

5.0
2009-01-16 CVE-2009-0168 SUN Denial-Of-Service vulnerability in SUN Opensolaris and Solaris

Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files.

4.9
2009-01-15 CVE-2009-0132 SUN Numeric Errors vulnerability in SUN Opensolaris and Solaris

Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a denial of service (panic) via a large integer value in the second argument (aka nent argument).

4.9
2009-01-15 CVE-2009-0131 SUN Local Denial Of Service vulnerability in Sun OpenSolaris 'posix_fallocate(3C)' System Call

The UFS implementation in the kernel in Sun OpenSolaris snv_29 through snv_90 allows local users to cause a denial of service (panic) via the single posix_fallocate test in the SUSv3 POSIX test suite, related to an F_ALLOCSP fcntl call.

4.9
2009-01-14 CVE-2008-5463 Oracle Multiple vulnerability in Oracle January 2009 Critical Patch Update

Unspecified vulnerability in the PeopleSoft Enterprise Campus Solutions component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

4.9
2009-01-14 CVE-2008-5456 Oracle Multiple vulnerability in Oracle January 2009 Critical Patch Update

Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

4.9
2009-01-14 CVE-2008-5455 Jdedwards
Oracle
Multiple vulnerability in Oracle January 2009 Critical Patch Update

Unspecified vulnerability in the PeopleSoft Enterprise HRMS - ePerformance component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

4.9
2009-01-14 CVE-2008-5454 Oracle Multiple vulnerability in Oracle E-Business Suite 11I and E-Business Suite 12

Unspecified vulnerability in the iProcurement component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

4.9
2009-01-16 CVE-2009-0167 SUN Local Denial Of Service vulnerability in SUN Opensolaris and Solaris

Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability."

4.7
2009-01-16 CVE-2009-0054 Cisco Credentials Management vulnerability in Cisco Ironport Encryption Appliance and Ironport Postx

PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to capture credentials by tricking a user into reading a modified or crafted e-mail message.

4.3
2009-01-16 CVE-2009-0053 Cisco Cryptographic Issues vulnerability in Cisco Ironport Encryption Appliance and Ironport Postx

PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to obtain the decryption key via unspecified vectors, related to a "logic error."

4.3
2009-01-16 CVE-2008-3821 Cisco Cross-Site Scripting vulnerability in Cisco IOS

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.

4.3
2009-01-15 CVE-2008-5905 Ktorrent Permissions, Privileges, and Access Controls vulnerability in Ktorrent

The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.

4.3
2009-01-14 CVE-2008-5438 Oracle Unspecified vulnerability in Oracle Application Server 10.1.2.3.0/10.1.4.2.0

Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors.

4.3
2009-01-12 CVE-2008-5891 Injader Cross-Site Scripting vulnerability in Injader

Cross-site scripting (XSS) vulnerability in the profile editing functionality in Injader before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2009-01-12 CVE-2008-5889 Icash Cross-Site Scripting vulnerability in Icash Click&Rank NIL

Cross-site scripting (XSS) vulnerability in user.asp in Click&Rank allows remote attackers to inject arbitrary web script or HTML via the action parameter.

4.3
2009-01-12 CVE-2008-5884 Zkesoft Denial of Service vulnerability in Zkesoft Ayeview 2.20

AyeView 2.20 allows user-assisted attackers to cause a denial of service (application crash) via a GIF file with a malformed header.

4.3
2009-01-14 CVE-2008-5451 Jdedwards
Oracle
Multiple vulnerability in Oracle January 2009 Critical Patch Update

Unspecified vulnerability in the JD Edwards Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.5 allows remote authenticated users to affect confidentiality via unknown vectors.

4.0
2009-01-14 CVE-2008-4016 Oracle Multiple vulnerability in Oracle Collaboration Suite 10.1.2

Unspecified vulnerability in the Collaborative Workspaces component in Oracle Collaboration Suite 10.1.2 allows remote authenticated users to affect confidentiality via unknown vectors.

4.0
2009-01-14 CVE-2008-5439 Oracle Multiple vulnerability in Oracle Database 10G 10.2.0.4

Unspecified vulnerability in the SQL*Plus Windows GUI component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality via unknown vectors.

4.0
2009-01-14 CVE-2008-3999 Oracle Multiple vulnerability in Oracle Database 10G and Database 9I

Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T.

4.0
2009-01-14 CVE-2008-3997 Oracle Multiple vulnerability in Oracle Database 10G 10.1.0.5/10.2.0.3

Unspecified vulnerability in the Oracle OLAP component in Oracle Database 10.1.0.5 and 10.2.0.3 allows remote authenticated users to affect availability, related to SYS.DBMS_XSOQ_ODBO.

4.0
2009-01-14 CVE-2008-3974 Oracle Multiple vulnerability in Oracle January 2009 Critical Patch Update

Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.0.2.8 and 9.2.0.8DV allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T.

4.0
2009-01-13 CVE-2008-4307 Linux Race Condition vulnerability in Linux Kernel

Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improper handling of a race between fcntl and close in the EINTR case.

4.0

6 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-01-14 CVE-2008-5446 Oracle Multiple vulnerability in Oracle January 2009 Critical Patch Update

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows remote authenticated users to affect confidentiality via unknown vectors.

3.5
2009-01-14 CVE-2008-5460 Oracle Information Exposure vulnerability in Oracle BEA Product Suite

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote attackers to affect confidentiality via unknown vectors.

2.6
2009-01-12 CVE-2008-5893 Icash Cross-Site Scripting vulnerability in Icash Click&Email NIL

Cross-site scripting (XSS) vulnerability in admin_dblayers.asp in ClickAndEmail allows remote attackers to inject arbitrary web script or HTML via the tablename parameter in an update action.

2.6
2009-01-14 CVE-2008-2623 Oracle Multiple vulnerability in Oracle Jdeveloper 10.1.2.3

Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors.

2.1
2009-01-14 CVE-2008-3973 Oracle Multiple vulnerability in Oracle Database 10G and Database 11G

Unspecified vulnerability in the SQL*Plus Windows GUI component in Oracle Database allows local users to affect confidentiality via unknown vectors.

1.7
2009-01-14 CVE-2008-5450 Oracle Multiple vulnerability in Oracle January 2009 Critical Patch Update

Unspecified vulnerability in the Oracle Applications Platform Engineering component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows local users to affect confidentiality via unknown vectors.

1.2