Weekly Vulnerabilities Reports > February 2 to 8, 2009

Overview

150 new vulnerabilities reported during this period, including 21 critical vulnerabilities and 59 high severity vulnerabilities. This weekly summary report vulnerabilities in 171 products from 99 vendors including Joomla, Goahead, Cisco, HP, and Mozilla. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Input Validation", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 141 reported vulnerabilities are remotely exploitables.
  • 63 reported vulnerabilities have public exploit available.
  • 77 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 145 reported vulnerabilities are exploitable by an anonymous user.
  • Joomla has the most reported vulnerabilities, with 10 reported vulnerabilities.
  • Gstreamer has the most reported critical vulnerabilities, with 4 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

21 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-02-08 CVE-2008-4562 HP Buffer Errors vulnerability in HP Openview Network Node Manager 7.0.1/7.51/7.53

Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter.

10.0
2009-02-08 CVE-2008-4559 HP Improper Input Validation vulnerability in HP Openview Network Node Manager 7.0.1/7.51/7.53

HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via shell metacharacters in argument fields to the (1) webappmon.exe or (2) OpenView5.exe CGI program.

10.0
2009-02-06 CVE-2008-6079 Enlightenment Multiple Unspecified vulnerability in 'imlib2' Library

imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer overflows."

10.0
2009-02-04 CVE-2009-0388 Tightvnc
Ultravnc
Numeric Errors vulnerability in multiple products

Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code via a large length value in a message, related to the (a) ClientConnection::CheckBufferSize and (b) ClientConnection::CheckFileZipBufferSize functions in ClientConnection.cpp.

10.0
2009-02-04 CVE-2009-0353 Mozilla Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine.

10.0
2009-02-04 CVE-2009-0352 Mozilla Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and destruction of arbitrary layout objects by the nsViewManager::Composite function.

10.0
2009-02-03 CVE-2009-0414 TOR Resource Management Errors vulnerability in TOR

Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption.

10.0
2009-02-03 CVE-2009-0410 Novell Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Groupwise

Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a buffer overflow.

10.0
2009-02-03 CVE-2009-0183 Free Download Manager Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Free Download Manager Free Download Manager 2.5/3.0

Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request.

10.0
2009-02-02 CVE-2008-6021 Attachmate Security vulnerability in Attachmate Reflection for Secure IT 7.0

Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and Server before 7.0 SP1 have unknown impact and attack vectors, aka "security vulnerabilities found by 3rd party analysis."

10.0
2009-02-08 CVE-2009-0476 Multimediasoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Multimediasoft products

Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedia Soft audio components for .NET, allows remote attackers to execute arbitrary code via a long string in a playlist (.pls) file, as originally reported for Euphonics Audio Player 1.0.

9.3
2009-02-08 CVE-2009-0376 Realnetworks Buffer Errors vulnerability in Realnetworks Realplayer 11

Heap-based buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a modified field that controls an unspecified structure length and triggers heap corruption, related to use of RealPlayer through a Windows Explorer plugin.

9.3
2009-02-08 CVE-2009-0375 Realnetworks Code Injection vulnerability in Realnetworks Realplayer 11

Buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a filename length field containing a large integer, which triggers overwrite of an arbitrary memory location with a 0x00 byte value, related to use of RealPlayer through a Windows Explorer plugin.

9.3
2009-02-04 CVE-2009-0418 HP Improper Input Validation vulnerability in HP Hp-Ux B.11.11/B.11.23/B.11.31

The IPv6 Neighbor Discovery Protocol (NDP) implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity), read private network traffic, and possibly execute arbitrary code via a spoofed message that modifies the Forward Information Base (FIB), a related issue to CVE-2008-2476.

9.3
2009-02-03 CVE-2009-0184 Free Download Manager Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Free Download Manager Free Download Manager 2.5/3.0

Multiple buffer overflows in the torrent parsing implementation in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allow remote attackers to execute arbitrary code via (1) a long file name within a torrent file, (2) a long tracker URL in a torrent file, or (3) a long comment in a torrent file.

9.3
2009-02-03 CVE-2009-0398 Gstreamer Buffer Errors vulnerability in Gstreamer Plug-Ins 0.6.0

Array index error in the gst_qtp_trak_handler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins (aka gstreamer-plugins) 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file.

9.3
2009-02-03 CVE-2009-0397 Gstreamer Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gstreamer Good Plug-Ins and Plug-Ins

Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file.

9.3
2009-02-02 CVE-2009-0389 Eztools Software Unspecified vulnerability in Eztools-Software web ON Windows Activex 2

Multiple insecure method vulnerabilities in the Web On Windows (WOW) ActiveX control in WOW ActiveX 2 allow remote attackers to (1) create and overwrite arbitrary files via the WriteIniFileString method, (2) execute arbitrary programs via the ShellExecute method, (3) read from the registry via unspecified vectors, and (4) write to the registry via unspecified vectors.

9.3
2009-02-02 CVE-2009-0387 Gstreamer Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gstreamer Good Plug-Ins and Plug-Ins

Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes."

9.3
2009-02-02 CVE-2009-0386 Gstreamer Buffer Errors vulnerability in Gstreamer Good Plug-Ins 0.10.10/0.10.11/0.10.9

Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 might allow remote attackers to execute arbitrary code via crafted Composition Time To Sample (ctts) atom data in a malformed QuickTime media .mov file.

9.3
2009-02-05 CVE-2009-0062 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco products

Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels.

9.0

59 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-02-08 CVE-2008-4560 HP Information Exposure vulnerability in HP Openview Network Node Manager 7.0.1/7.51/7.53

HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via (1) a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or (2) a crafted parameter in a request to the ovlaunch.exe CGI program, which reveals configuration details.

7.8
2009-02-05 CVE-2009-0061 Cisco Improper Input Validation vulnerability in Cisco products

Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.1 allows remote attackers to cause a denial of service (device crash or hang) via unknown IP packets.

7.8
2009-02-05 CVE-2009-0059 Cisco Improper Input Validation vulnerability in Cisco products

The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authentication (aka WebAuth) session that includes a malformed POST request to login.html.

7.8
2009-02-05 CVE-2008-4419 HP Path Traversal vulnerability in HP products

Directory traversal vulnerability in the HP JetDirect web administration interface in the HP-ChaiSOE 1.0 embedded web server on the LaserJet 9040mfp, LaserJet 9050mfp, and Color LaserJet 9500mfp before firmware 08.110.9; LaserJet 4345mfp and 9200C Digital Sender before firmware 09.120.9; Color LaserJet 4730mfp before firmware 46.200.9; LaserJet 2410, LaserJet 2420, and LaserJet 2430 before firmware 20080819 SPCL112A; LaserJet 4250 and LaserJet 4350 before firmware 20080819 SPCL015A; and LaserJet 9040 and LaserJet 9050 before firmware 20080819 SPCL110A allows remote attackers to read arbitrary files via directory traversal sequences in the URI.

7.8
2009-02-03 CVE-2009-0396 Sony Ericsson Improper Input Validation vulnerability in Sony Ericsson products

The Sony Ericsson W910i, W660i, K618i, K610i, Z610i, K810i, K660i, W880i, and K530i phones allow remote attackers to cause a denial of service (device reboot or hang-up) via a malformed WAP Push packet to (1) SMS or (2) UDP port 2948.

7.8
2009-02-02 CVE-2009-0391 IBM Information Exposure vulnerability in IBM Websphere Application Server 6.0.1

Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0.1 on z/OS allows attackers to read arbitrary files via unknown vectors.

7.8
2009-02-06 CVE-2008-6085 F Secure Numeric Errors vulnerability in F-Secure products

Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow.

7.6
2009-02-06 CVE-2008-6088 Joomtracker
Joomla
SQL Injection vulnerability in Joomtracker COM Joomtracker 1.01

SQL injection vulnerability in the Joomtracker (com_joomtracker) 1.01 module for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a tordetails action to index.php.

7.5
2009-02-06 CVE-2008-6086 Camera Life SQL Injection vulnerability in Camera Life Camera Life 2.6.2B4

SQL injection vulnerability in album.php in Camera Life 2.6.2b4 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3355.

7.5
2009-02-06 CVE-2002-2431 Goahead Unspecified vulnerability in Goahead Webserver

Unspecified vulnerability in GoAhead WebServer before 2.1.4 allows remote attackers to cause "incorrect behavior" via unknown "malicious code," related to incorrect use of the socketInputBuffered function by sockGen.c.

7.5
2009-02-06 CVE-2008-6083 Txtshop Path Traversal vulnerability in Txtshop 1.0

Directory traversal vulnerability in header.php in TXTshop beta 1.0 allows remote attackers to include and execute arbitrary local files via a ..

7.5
2009-02-06 CVE-2008-6081 Simplecustomer SQL Injection vulnerability in Simplecustomer Simple Customer 1.2

SQL injection vulnerability in contact.php in Simple Customer 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2009-02-06 CVE-2008-6078 Limbo CMS SQL Injection vulnerability in Limbo CMS COM Privmsg

SQL injection vulnerability in open.php in the Private Messaging (com_privmsg) component for Limbo CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a pms action to index.php.

7.5
2009-02-06 CVE-2008-6076 Jlleblanc
Joomla
SQL Injection vulnerability in Jlleblanc COM Dailymessage 1.0.3

SQL injection vulnerability in the Daily Message (com_dailymessage) 1.0.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

7.5
2009-02-05 CVE-2008-6066 Meet WEB Code Injection vulnerability in Meet#Web 0.8

Multiple PHP remote file inclusion vulnerabilities in Meet#Web 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) modules.php, (2) ManagerResource.class.php, (3) ManagerRightsResource.class.php, (4) RegForm.class.php, (5) RegResource.class.php, and (6) RegRightsResource.class.php in classes/.

7.5
2009-02-05 CVE-2008-6064 Domphp SQL Injection vulnerability in Domphp 0.81

Multiple SQL injection vulnerabilities in DomPHP 0.81 allow remote attackers to execute arbitrary SQL commands via the cat parameter to agenda/index.php, and unspecified other vectors.

7.5
2009-02-05 CVE-2009-0431 Codefixer SQL Injection vulnerability in Codefixer Linkspro NIL

SQL injection vulnerability in Default.asp in LinksPro Standard Edition allows remote attackers to execute arbitrary SQL commands via the OrderDirection parameter.

7.5
2009-02-05 CVE-2009-0429 Activewebsoftwares SQL Injection vulnerability in Activewebsoftwares Active Bids

Multiple SQL injection vulnerabilities in Active Bids allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to search.asp, (2) SortDir parameter to auctionsended.asp, and the (3) catid parameter to wishlist.php.

7.5
2009-02-05 CVE-2009-0428 Dmxready SQL Injection vulnerability in Dmxready Secure Document Library 1.0

SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.

7.5
2009-02-05 CVE-2009-0427 Dmxready SQL Injection vulnerability in Dmxready Member Directory Manager 1.1

SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.

7.5
2009-02-05 CVE-2009-0426 Dmxready SQL Injection vulnerability in Dmxready Classified Listings Manager 1.1

SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Classified Listings Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.

7.5
2009-02-05 CVE-2009-0425 Blue EYE CMS SQL Injection vulnerability in Blue EYE CMS Blue EYE CMS

SQL injection vulnerability in index.php in Blue Eye CMS 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the clanek parameter.

7.5
2009-02-05 CVE-2009-0423 Kevin Walker Path Traversal vulnerability in Kevin Walker PHP Photo Album 0.8

Directory traversal vulnerability in index.php in Php Photo Album (PHPPA) 0.8 BETA allows remote attackers to include and execute arbitrary local files via a ..

7.5
2009-02-05 CVE-2009-0422 Tincan Code Injection vulnerability in Tincan PHPlist

Dynamic variable evaluation vulnerability in lists/admin.php in phpList 2.10.8 and earlier, when register_globals is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the _SERVER[ConfigFile] parameter to admin/index.php.

7.5
2009-02-05 CVE-2009-0421 Joomla SQL Injection vulnerability in Joomla COM Eventing

SQL injection vulnerability in the Eventing (com_eventing) 1.6.x component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.

7.5
2009-02-05 CVE-2009-0420 RD Media
Joomla
SQL Injection vulnerability in Rd-Media Rd-Autos 1.5.5

SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

7.5
2009-02-04 CVE-2008-6050 Ircmaxell
Joomla
SQL Injection vulnerability in Ircmaxell Tech Article 1.0.1

SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the item parameter to index.php.

7.5
2009-02-04 CVE-2008-6046 Adbnewssender Project SQL Injection vulnerability in Adbnewssender Project Adbnewssender

SQL injection vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in (1) opt_in_out.php.inc, (2) confirmation.php.inc, and (3) renewal.php.inc in mailinglist/.

7.5
2009-02-03 CVE-2009-0412 Interspire Improper Authentication vulnerability in Interspire Shopping Cart 4.0.1

The ProcessLogin function in class.auth.php in Interspire Shopping Cart (ISC) 4.0.1 Ultimate edition allows remote attackers to bypass authentication and obtain administrative access by reusing the RememberToken cookie after a failed admin login attempt.

7.5
2009-02-03 CVE-2009-0407 Humayun Shabbir SQL Injection vulnerability in Humayun Shabbir PHP-Cms Project 1

SQL injection vulnerability in admin/login.php in PHP-CMS Project 1 allows remote attackers to execute arbitrary SQL commands via the username parameter.

7.5
2009-02-03 CVE-2009-0406 Community CMS SQL Injection vulnerability in Community CMS Community CMS

SQL injection vulnerability in index.php in Community CMS 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2009-02-03 CVE-2009-0405 Smartsitecms SQL Injection vulnerability in Smartsitecms 1.0

SQL injection vulnerability in articles.php in smartSite CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the var parameter.

7.5
2009-02-03 CVE-2009-0403 Chipmunk Scripts SQL Injection vulnerability in Chipmunk Scripts Chipmunk Blogger

SQL injection vulnerability in admin/authenticate.php in Chipmunk Blogger Script allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.

7.5
2009-02-03 CVE-2009-0401 Ephpscripts SQL Injection vulnerability in Ephpscripts E-PHP CMS

SQL injection vulnerability in browsecats.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the cid parameter.

7.5
2009-02-03 CVE-2009-0399 Chipmunk Scripts Permissions, Privileges, and Access Controls vulnerability in Chipmunk Scripts Chipmunk Blogger

Chipmunk Blogger Script allows remote attackers to gain administrator privileges via a direct request to admin/reguser.php.

7.5
2009-02-03 CVE-2008-6043 Phpprobid SQL Injection vulnerability in PHPprobid PHP PRO BID 6.04

Multiple SQL injection vulnerabilities in PHP Pro Bid (PPB) 6.04 allow remote attackers to execute arbitrary SQL commands via the (1) order_field and (2) order_type parameters to categories.php and unspecified other components.

7.5
2009-02-03 CVE-2008-6042 Netartmedia SQL Injection vulnerability in Netartmedia Real Estate Portal 2.0

SQL injection vulnerability in the re_search module in NetArtMedia Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the ad parameter to index.php.

7.5
2009-02-03 CVE-2008-6040 Agares Media SQL Injection vulnerability in Agares Media Arcadem PRO 2.700/2.707/2.802

SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php.

7.5
2009-02-03 CVE-2008-6038 Mapcal SQL Injection vulnerability in Mapcal 0.1

SQL injection vulnerability in index.php in MapCal 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an editevent action, possibly related to dsp_editevent.php.

7.5
2009-02-03 CVE-2008-6037 Availscript SQL Injection vulnerability in Availscript Article Script

SQL injection vulnerability in view.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the v parameter.

7.5
2009-02-03 CVE-2008-6036 Basebuilder Code Injection vulnerability in Basebuilder 1.0/1.0.3/2.0

PHP remote file inclusion vulnerability in main.inc.php in BaseBuilder 2.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mj_config[src_path] parameter.

7.5
2009-02-03 CVE-2008-6033 WSN Links SQL Injection vulnerability in WSN Links WSN Links 2.20

SQL injection vulnerability in comments.php in WSN Links 2.20 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2009-02-03 CVE-2008-6032 WSN SQL Injection vulnerability in WSN Links 4.0.34P

SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2009-02-03 CVE-2008-6031 WSN Links SQL Injection vulnerability in WSN Links WSN Links 2.22/2.23

SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2009-02-03 CVE-2008-6030 Netartmedia SQL Injection vulnerability in Netartmedia Jobs Portal 1.3

Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via (1) the job parameter to index.php in the search module or (2) the news_id parameter to index.php.

7.5
2009-02-03 CVE-2008-6028 University OF Queensland SQL Injection vulnerability in University of Queensland FEZ 1.3/2.0

SQL injection vulnerability in list.php in University of Queensland Library Fez 1.3 and 2.0 RC1 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter in a subject action.

7.5
2009-02-03 CVE-2008-6026 Bluecube SQL Injection vulnerability in Bluecube CMS

SQL injection vulnerability in tienda.php in BlueCUBE CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2009-02-03 CVE-2009-0395 Netartmedia SQL Injection vulnerability in Netartmedia CAR Portal 1.0

SQL injection vulnerability in the login feature in NetArt Media Car Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.

7.5
2009-02-03 CVE-2009-0394 PLE CMS SQL Injection vulnerability in PLE CMS PLE CMS 1.0

SQL injection vulnerability in login.php in Pre Lecture Exercises (PLEs) CMS 1.0 beta 4.2 allows remote attackers to execute arbitrary SQL commands via the school parameter.

7.5
2009-02-02 CVE-2008-6023 Xnova Code Injection vulnerability in Xnova 0.8

PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in a newer version of Xnova, possibly 0.8 sp1, allows remote attackers to execute arbitrary PHP code via a URL in the xnova_root_path parameter.

7.5
2009-02-02 CVE-2008-6022 Xnova Code Injection vulnerability in Xnova 0.8

PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in an older version of Xnova, possibly 0.8 sp1, allows remote attackers to execute arbitrary PHP code via a URL in the ugamela_root_path parameter.

7.5
2009-02-02 CVE-2008-6020 Drupal SQL Injection vulnerability in Drupal Views 6.X2.0

SQL injection vulnerability in the Views module 6.x before 6.x-2.2 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "an exposed filter on CCK text fields."

7.5
2009-02-02 CVE-2008-6019 DO CMS SQL Injection vulnerability in Do-Cms 3.0

SQL injection vulnerability in index.php in EACOMM DO-CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the p parameter.

7.5
2009-02-02 CVE-2008-6017 I Rater SQL Injection vulnerability in I-Rater Basic NIL

SQL injection vulnerability in messages.php in I-Rater Basic allows remote attackers to execute arbitrary SQL commands via the idp parameter.

7.5
2009-02-02 CVE-2009-0381 Bazaarbuilder
Joomla
SQL Injection vulnerability in Bazaarbuilder Ecommerce Shopping Cart 5.0

SQL injection vulnerability in the BazaarBuilder Ecommerce Shopping Cart (com_prod) 5.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in a products action to index.php.

7.5
2009-02-02 CVE-2009-0379 Joomla SQL Injection vulnerability in Joomla COM Pcchess

SQL injection vulnerability in the Prince Clan Chess Club (com_pcchess) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a showgame action to index.php, a different vector than CVE-2008-0761.

7.5
2009-02-02 CVE-2009-0377 Joomla SQL Injection vulnerability in Joomla COM Beamospetition 1.0.12

SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than CVE-2008-3132.

7.5
2009-02-08 CVE-2009-0477 SUN Permissions, Privileges, and Access Controls vulnerability in SUN Opensolaris

Unspecified vulnerability in the process (aka proc) filesystem in Sun OpenSolaris snv_85 through snv_100 allows local users to gain privileges via vectors related to the contract filesystem.

7.2
2009-02-02 CVE-2009-0390 Enomaly Code Injection vulnerability in Enomaly Elastic Computing Platform 2.1

Argument injection vulnerability in Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program.

7.2

67 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-02-03 CVE-2009-0416 Standards Based Linux Instrumentation Link Following vulnerability in Standards Based Linux Instrumentation Sblim-Sfcb 1.3.2

The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /var/tmp/key.pem, (2) /var/tmp/cert.pem, and (3) /var/tmp/ssl.cnf temporary files.

6.9
2009-02-02 CVE-2008-4990 Enomaly Link Following vulnerability in Enomaly Elastic Computing Platform

Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file.

6.9
2009-02-06 CVE-2009-0473 Rockwellautomation Link Following vulnerability in Rockwellautomation Controllogix 1756-Enbt/A Ethernet/ IP Bridge

Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

6.8
2009-02-06 CVE-2009-0471 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS 12.4(23)

Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with a level/15/configure/-/hostname request.

6.8
2009-02-06 CVE-2008-6084 Matteoiammarrone Improper Input Validation vulnerability in .Matteoiammarrone Iamma Simple Gallery 1.0/2.0

Unrestricted file upload vulnerability in pages/download.php in Iamma Simple Gallery 1.0 and 2.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads directory.

6.8
2009-02-03 CVE-2009-0409 Mzbservices SQL Injection vulnerability in Mzbservices Max.Blog 1.0.6

SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.

6.8
2009-02-03 CVE-2009-0400 Socialengine SQL Injection vulnerability in Socialengine 3.06

SQL injection vulnerability in blog.php in SocialEngine 3.06 trial allows remote attackers to execute arbitrary SQL commands via the category_id parameter.

6.8
2009-02-03 CVE-2008-6039 Bluepage Improper Authentication vulnerability in Bluepage CMS 2.4.0

Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.

6.8
2009-02-03 CVE-2008-6029 Buzzywall SQL Injection vulnerability in Buzzywall 1/1.3

SQL injection vulnerability in search.php in BuzzyWall 1.3.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter.

6.8
2009-02-03 CVE-2008-6025 Openelec Path Traversal vulnerability in Openelec 2.02/3.00

Directory traversal vulnerability in scr/form.php in openElec 3.01 and earlier allows remote attackers to include and execute arbitrary local files via a ..

6.8
2009-02-03 CVE-2009-0392 Motorola Path Traversal vulnerability in Motorola Cpei300

Directory traversal vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to read arbitrary files via a ..

6.8
2009-02-02 CVE-2009-0272 Novell Cross-Site Request Forgery (CSRF) vulnerability in Novell Groupwise

Cross-site request forgery (CSRF) vulnerability in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allows remote attackers to insert e-mail forwarding rules, and modify unspecified other configuration settings, as arbitrary users via unknown vectors.

6.8
2009-02-02 CVE-2008-6018 Myphpsite Path Traversal vulnerability in Myphpsite NIL

Directory traversal vulnerability in index.php in MyPHPSite, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a ..

6.8
2009-02-02 CVE-2009-0384 Adam Tomecek SQL Injection vulnerability in Adam Tomecek Ownrs 1.2

SQL injection vulnerability in autor.php in OwnRS CMS 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.

6.8
2009-02-06 CVE-2008-6077 Loudblog SQL Injection vulnerability in Loudblog

SQL injection vulnerability in loudblog/ajax.php in LoudBlog 0.8.0a and earlier allows remote authenticated users to execute arbitrary SQL commands via the colpick parameter in a singleread action.

6.5
2009-02-05 CVE-2009-0058 Cisco Improper Input Validation vulnerability in Cisco products

The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial of service (web authentication outage or device reload) via unspecified network traffic, as demonstrated by a vulnerability scanner.

6.1
2009-02-03 CVE-2009-0408 Oscommerce Cross-Site Request Forgery (CSRF) vulnerability in Oscommerce 2.2

Cross-site request forgery (CSRF) vulnerability in osCommerce 2.2 RC 2a allows remote attackers to hijack the authentication of administrators.

6.0
2009-02-04 CVE-2009-0355 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox

components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.

5.4
2009-02-02 CVE-2008-6024 SUN Resource Management Errors vulnerability in SUN Opensolaris and Solaris

Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors.

5.4
2009-02-06 CVE-2008-6074 Phpcrs Path Traversal vulnerability in PHPcrs

Directory traversal vulnerability in frame.php in phpcrs 2.06 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a ..

5.1
2009-02-05 CVE-2008-6065 Oracle Permissions, Privileges, and Access Controls vulnerability in Oracle Database Server 10.1/10.2/11

Oracle Database Server 10.1, 10.2, and 11g grants directory WRITE permissions for arbitrary pathnames that are aliased in a CREATE OR REPLACE DIRECTORY statement, which allows remote authenticated users with CREATE ANY DIRECTORY privileges to gain SYSDBA privileges by aliasing the pathname of the password directory, and then overwriting the password file through UTL_FILE operations, a related issue to CVE-2006-7141.

5.1
2009-02-08 CVE-2009-0478 Squid Improper Input Validation vulnerability in Squid

Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c.

5.0
2009-02-06 CVE-2009-0474 Rockwellautomation Information Exposure vulnerability in Rockwellautomation Controllogix 1756-Enbt/A Ethernet/ IP Bridge

The web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to obtain "internal web page information" and "internal information about the module" via unspecified vectors.

5.0
2009-02-06 CVE-2008-6089 Scriptsez Path Traversal vulnerability in Scriptsez Easy Image Downloader

Directory traversal vulnerability in main.php in ScriptsEz Easy Image Downloader allows remote attackers to read arbitrary files via a ..

5.0
2009-02-06 CVE-2003-1569 Goahead
Microsoft
Improper Input Validation vulnerability in Goahead Webserver

GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial of service (daemon crash) via an HTTP request with a (1) con, (2) nul, (3) clock$, or (4) config$ device name in a path component, different vectors than CVE-2001-0385.

5.0
2009-02-06 CVE-2003-1568 Goahead
Goahead Software
Improper Input Validation vulnerability in multiple products

GoAhead WebServer before 2.1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an invalid URL, related to the websSafeUrl function.

5.0
2009-02-06 CVE-2002-2430 Goahead Resource Management Errors vulnerability in Goahead Webserver 2.0/2.1

GoAhead WebServer before 2.1.1 allows remote attackers to cause a denial of service (CPU consumption) by performing a socket disconnect to terminate a request before it has been fully processed by the server.

5.0
2009-02-06 CVE-2002-2429 Goahead Improper Input Validation vulnerability in Goahead Webserver

webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request that contains a negative integer in the Content-Length header.

5.0
2009-02-06 CVE-2002-2428 Goahead Improper Input Validation vulnerability in Goahead Webserver

webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP POST request that contains a Content-Length header but no body data.

5.0
2009-02-06 CVE-2002-2427 Goahead Improper Authentication vulnerability in Goahead Webserver 2.0/2.1

The security handler in GoAhead WebServer before 2.1.1 allows remote attackers to bypass authentication and obtain access to protected web content via "an extra slash in a URL," a different vulnerability than CVE-2002-1603.

5.0
2009-02-06 CVE-2008-6082 Southrivertech Resource Management Errors vulnerability in Southrivertech Titan FTP Server 6.26

Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command.

5.0
2009-02-06 CVE-2008-6080 Codecall
Joomla
Path Traversal vulnerability in Codecall COM Ionfiles 4.4.2

Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a ..

5.0
2009-02-05 CVE-2008-6059 Webkit Permissions, Privileges, and Access Controls vulnerability in Webkit

xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls, related to the HTTPOnly protection mechanism.

5.0
2009-02-04 CVE-2009-0419 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft XML Core Services

Microsoft XML Core Services, as used in Microsoft Expression Web, Office, Internet Explorer 6 and 7, and other products, does not properly restrict access from web pages to Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls, related to the HTTPOnly protection mechanism.

5.0
2009-02-04 CVE-2009-0357 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox and Seamonkey

Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls, related to the HTTPOnly protection mechanism.

5.0
2009-02-04 CVE-2008-6057 Liberum Permissions, Privileges, and Access Controls vulnerability in Liberum Help Desk 0.97.3

Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.

5.0
2009-02-04 CVE-2008-6055 Preprojects Permissions, Privileges, and Access Controls vulnerability in Preprojects PRE Classified Listings

PreProjects Pre Classified Listings stores pclasp.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.

5.0
2009-02-04 CVE-2008-6054 Preprojects COM Permissions, Privileges, and Access Controls vulnerability in Preprojects.Com PRE Courier and Cargo Business

PreProjects Pre Courier and Cargo Business stores dbcourior.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.

5.0
2009-02-04 CVE-2008-6053 Preprojects Permissions, Privileges, and Access Controls vulnerability in Preprojects PRE Resume Submitter

PreProjects Pre Resume Submitter stores onlineresume.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.

5.0
2009-02-04 CVE-2008-6052 Preprojects Permissions, Privileges, and Access Controls vulnerability in Preprojects PRE E-Learning Portal

PreProjects Pre E-Learning Portal stores db_elearning.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.

5.0
2009-02-04 CVE-2008-6051 Metalinks Permissions, Privileges, and Access Controls vulnerability in Metalinks Metacart

MetaCart Free stores metacart.mdb under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords via a direct request.

5.0
2009-02-03 CVE-2009-0411 Google Permissions, Privileges, and Access Controls vulnerability in Google Chrome

Google Chrome before 1.0.154.46 does not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls and other web script.

5.0
2009-02-03 CVE-2009-0276 Google Unspecified vulnerability in Google Chrome

Cross-domain vulnerability in the V8 JavaScript engine in Google Chrome before 1.0.154.46 allows remote attackers to bypass the Same Origin Policy via a crafted script that accesses another frame and reads its full URL and possibly other sensitive information, or modifies the URL of this frame.

5.0
2009-02-03 CVE-2009-0274 Novell Information Exposure vulnerability in Novell Groupwise

Unspecified vulnerability in WebAccess in Novell GroupWise 6.5, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 might allow remote attackers to obtain sensitive information via a crafted URL, related to conversion of POST requests to GET requests.

5.0
2009-02-08 CVE-2009-0206 HP Local Denial Of Service vulnerability in HP-UX NFS

Unspecified vulnerability in NFS in HP ONCplus B.11.31.05 and earlier for HP-UX B.11.31 allows local users to cause a denial of service via unknown vectors.

4.9
2009-02-03 CVE-2008-4914 Vmware Denial Of Service vulnerability in VMWare ESX and Esxi

Unspecified vulnerability in VMware ESXi 3.5 before ESXe350-200901401-I-SG and ESX 3.5 before ESX350-200901401-SG allows local administrators to cause a denial of service (host crash) via a snapshot with a malformed VMDK delta disk.

4.7
2009-02-06 CVE-2009-0472 Rockwellautomation Cross-Site Scripting vulnerability in Rockwellautomation Controllogix 1756-Enbt/A Ethernet/ IP Bridge

Multiple cross-site scripting (XSS) vulnerabilities in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2009-02-06 CVE-2009-0470 Cisco Cross-Site Scripting vulnerability in Cisco IOS 12.4(23)

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different vulnerability than CVE-2008-3821.

4.3
2009-02-06 CVE-2008-6090 Scriptsez Path Traversal vulnerability in Scriptsez Mini Hosting Panel

Directory traversal vulnerability in members.php in ScriptsEz Mini Hosting Panel allows remote attackers to read arbitrary local files via a ..

4.3
2009-02-06 CVE-2008-6087 Camera Life Cross-Site Scripting vulnerability in Camera Life Camera Life 2.6.2B4

Cross-site scripting (XSS) vulnerability in topic.php in Camera Life 2.6.2b4 allows remote attackers to inject arbitrary web script or HTML via the name parameter.

4.3
2009-02-05 CVE-2008-6063 Microsoft Information Exposure vulnerability in Microsoft Word 2007

Microsoft Word 2007, when the "Save as PDF" add-on is enabled, places an absolute pathname in the Subject field during an "Email as PDF" operation, which allows remote attackers to obtain sensitive information such as the sender's account name and a Temporary Internet Files subdirectory name.

4.3
2009-02-05 CVE-2008-6062 Adobe Cross-Site Scripting vulnerability in Adobe Dreamweaver

Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver, when the Insert Flash Video feature is used, allows remote attackers to inject arbitrary web script or HTML via an asfunction: URI in the skinName parameter.

4.3
2009-02-05 CVE-2008-6061 Techsmith Cross-Site Scripting vulnerability in Techsmith Camtasia Studio

Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) controller files created by Techsmith Camtasia Studio before 5 allows remote attackers to inject arbitrary additional SWF content via a URL in the csPreloader parameter.

4.3
2009-02-05 CVE-2008-6060 Infosoftglobal Cross-Site Scripting vulnerability in Infosoftglobal Fusion Charts

Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by InfoSoft FusionCharts allows remote attackers to inject arbitrary additional SWF content via a URL in the SRC attribute of an IMG element in the dataURL parameter.

4.3
2009-02-05 CVE-2009-0430 Activewebsoftwares Cross-Site Scripting vulnerability in Activewebsoftwares Active Bids

Multiple cross-site scripting (XSS) vulnerabilities in Active Bids allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter to search.asp and the (2) URL parameter to tellafriend.asp.

4.3
2009-02-05 CVE-2009-0424 AN Guestbook Cross-Site Scripting vulnerability in AN Guestbook AN Guestbook

Cross-site scripting (XSS) vulnerability in sign1.php in AN Guestbook (ANG) before 0.7.7 allows remote attackers to inject arbitrary web script or HTML via the country parameter, which is not properly handled in (1) administrator/manage.php or (2) administrator/trash.php.

4.3
2009-02-04 CVE-2008-6056 EX Designs Cross-Site Scripting vulnerability in Ex-Designs World Recipe 2.11

Multiple cross-site scripting (XSS) vulnerabilities in World Recipe 2.11 allow remote attackers to inject arbitrary web script or HTML via the (1) n parameter to emailrecipe.aspx, (2) id parameter to recipedetail.aspx, and the (3) catid parameter to validatefieldlength.aspx.

4.3
2009-02-04 CVE-2008-6047 Adbnewssender Cross-Site Scripting vulnerability in Adbnewssender

Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubscribing.

4.3
2009-02-03 CVE-2009-0413 Roundcube Cross-Site Scripting vulnerability in Roundcube Webmail 0.2

Cross-site scripting (XSS) vulnerability in RoundCube Webmail (roundcubemail) 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message.

4.3
2009-02-03 CVE-2009-0404 Bioinformatics Cross-Site Scripting vulnerability in Bioinformatics Htmlawed

Multiple cross-site scripting (XSS) vulnerabilities in Bioinformatics htmLawed 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script or HTML via invalid Cascading Style Sheets (CSS) expressions in the style attribute, which is processed by Internet Explorer 7.

4.3
2009-02-03 CVE-2008-6041 Dataspade Cross-Site Scripting vulnerability in Dataspade 1.0

Multiple cross-site scripting (XSS) vulnerabilities in Index.asp in Dataspade 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ViewName, (2) TableName, (3) OrderBy, and (4) FilterField parameters.

4.3
2009-02-03 CVE-2008-6035 Achievo Cross-Site Scripting vulnerability in Achievo 1.3.2

Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2-STABLE allows remote attackers to inject arbitrary web script or HTML via the atknodetype parameter.

4.3
2009-02-03 CVE-2008-6034 Achievo Cross-Site Scripting vulnerability in Achievo 1.3.2

Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2 allows remote attackers to inject arbitrary web script or HTML via the atkaction parameter.

4.3
2009-02-03 CVE-2008-6027 Bluepage Cross-Site Scripting vulnerability in Bluepage CMS 2.4.0

Multiple cross-site scripting (XSS) vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) whl, (2) var_1, and (3) search parameters.

4.3
2009-02-02 CVE-2009-0273 Novell Cross-Site Scripting vulnerability in Novell Groupwise

Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allow remote attackers to inject arbitrary web script or HTML via the (1) User.id and (2) Library.queryText parameters to gw/webacc, and other vectors involving (3) HTML e-mail and (4) HTML attachments.

4.3
2009-02-02 CVE-2009-0382 Drupal Permissions, Privileges, and Access Controls vulnerability in Drupal Internationalization 5.X1.1

Unspecified vulnerability in Internationalization (i18n) Translation 5.x before 5.x-2.5, a module for Drupal, allows remote attackers with "translate node" permissions to bypass intended access restrictions and read unpublished nodes via unspecified vectors.

4.3
2009-02-02 CVE-2009-0378 Joomla Cross-Site Scripting vulnerability in Joomla COM Beamospetition 1.0.12

Cross-site scripting (XSS) vulnerability in index.php in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the pet parameter in a sign action.

4.3

3 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-02-03 CVE-2009-0415 Monkey Unspecified vulnerability in Monkey Trickle 1.07

Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code via a Trojan horse trickle-overload.so in the current working directory, which is referenced in the LD_PRELOAD path.

3.7
2009-02-03 CVE-2009-0393 Motorola Cross-Site Scripting vulnerability in Motorola Cpei300

Cross-site scripting (XSS) vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to inject arbitrary web script or HTML via the page parameter.

3.5
2009-02-04 CVE-2009-0358 Mozilla Information Exposure vulnerability in Mozilla Firefox

Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of the victim's browser, as demonstrated by reading the response page of an https POST request.

3.3