Weekly Vulnerabilities Reports > March 16 to 22, 2009

Overview

93 new vulnerabilities reported during this period, including 13 critical vulnerabilities and 33 high severity vulnerabilities. This weekly summary report vulnerabilities in 245 products from 70 vendors including SUN, Joomla, Drupal, TOR, and Debian. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Code Injection", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Resource Management Errors".

  • 86 reported vulnerabilities are remotely exploitables.
  • 42 reported vulnerabilities have public exploit available.
  • 36 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 87 reported vulnerabilities are exploitable by an anonymous user.
  • SUN has the most reported vulnerabilities, with 5 reported vulnerabilities.
  • Opera has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

13 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-03-20 CVE-2009-1034 Drupal SQL Injection vulnerability in Drupal Tasklist

SQL injection vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via values in the URI.

10.0
2009-03-18 CVE-2009-0939 TOR Denial of Service vulnerability in Tor

Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack vectors related to "Spec conformance," as demonstrated using 192.168.0.

10.0
2009-03-16 CVE-2009-0916 Opera Multiple Security vulnerability in Opera Web Browser prior to 9.64

Unspecified vulnerability in Opera before 9.64 has unknown impact and attack vectors, related to a "moderately severe issue."

10.0
2009-03-20 CVE-2009-1040 Winasm Buffer Errors vulnerability in Winasm Studio 5.1.5.0

Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote attackers to execute arbitrary code via a crafted project (.wap) file.

9.3
2009-03-20 CVE-2009-1029 Poppeeper Buffer Errors vulnerability in Poppeeper POP Peeper 2.4.3/3.0/3.0.1

Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows remote POP3 servers to execute arbitrary code via a long Date header, related to Imap.dll.

9.3
2009-03-20 CVE-2009-1028 Edisys Buffer Errors vulnerability in Edisys Ezip Wizard 3.0

Stack-based buffer overflow in ediSys eZip Wizard 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file.

9.3
2009-03-20 CVE-2009-1022 Gomlab Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gomlab GOM Encoder

Heap-based buffer overflow in the Preview/ Set Segment function in Gretech GOMlab GOM Encoder 1.0.0.11 and earlier allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a long text field in a subtitle (.srt) file.

9.3
2009-03-19 CVE-2009-0927 Adobe Improper Input Validation vulnerability in Adobe Acrobat Reader

Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658.

9.3
2009-03-18 CVE-2008-4564 Autonomy
IBM
Symantec
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.

9.3
2009-03-18 CVE-2007-5543 Miranda IM Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Miranda-Im Miranda IM 0.6.8/0.7.0

Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet.

9.3
2009-03-18 CVE-2007-5542 Miranda IM Buffer Errors vulnerability in Miranda-Im Miranda IM 0.6.8

Stack-based buffer overflow in Miranda IM 0.6.8 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet.

9.3
2009-03-16 CVE-2009-0914 Opera Resource Management Errors vulnerability in Opera Browser

Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption.

9.3
2009-03-16 CVE-2008-6474 F5 Code Injection vulnerability in F5 Tmos 9.4.3

The management interface in F5 BIG-IP 9.4.3 allows remote authenticated users with Resource Manager privileges to inject arbitrary Perl code via unspecified configuration settings related to Perl EP3 with templates, probably triggering static code injection.

9.0

33 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-03-20 CVE-2008-6496 Visagesoft Permissions, Privileges, and Access Controls vulnerability in Visagesoft Expert PDF Editorx 1.0.200.0

Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX control in VSPDFEditorX.ocx 1.0.200.0 in VISAGESOFT eXPert PDF EditorX allows remote attackers to create or overwrite arbitrary files via the first argument to the extractPagesToFile method.

8.8
2009-03-20 CVE-2009-1031 Solarwinds Path Traversal vulnerability in Solarwinds Serv-U File Server

Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.0.0.1 through 7.4.0.1 allows remote attackers to create arbitrary directories via a \..

7.8
2009-03-20 CVE-2008-6497 TP Improper Input Validation vulnerability in TP Neostrada Livebox Adsl Router

The Neostrada Livebox ADSL Router allows remote attackers to cause a denial of service (network outage) via multiple HTTP requests for the /- URI.

7.8
2009-03-17 CVE-2009-0923 SUN Remote Denial Of Service vulnerability in SUN Opensolaris and Solaris

Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key Distribution Center (KDC) server.

7.8
2009-03-18 CVE-2009-0941 HP Permissions, Privileges, and Access Controls vulnerability in HP products

The HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access.

7.6
2009-03-20 CVE-2009-1039 Cdexos Buffer Errors vulnerability in Cdexos Cdex 170B2

Buffer overflow in CDex 1.70b2 allows remote attackers to execute arbitrary code via a crafted Info header in an Ogg Vorbis (.ogg) file.

7.5
2009-03-20 CVE-2009-1033 Deluxebb SQL Injection vulnerability in Deluxebb

SQL injection vulnerability in misc.php in DeluxeBB 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the qorder parameter, a different vector than CVE-2005-2989 and CVE-2006-2503.

7.5
2009-03-20 CVE-2009-1032 Yabsoft SQL Injection vulnerability in Yabsoft Advanced Image Hosting Script 2.3

SQL injection vulnerability in gallery_list.php in YABSoft Advanced Image Hosting (AIH) Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter.

7.5
2009-03-20 CVE-2009-1027 Opencart SQL Injection vulnerability in Opencart 1.1.8

SQL injection vulnerability in OpenCart 1.1.8 allows remote attackers to execute arbitrary SQL commands via the order parameter.

7.5
2009-03-20 CVE-2009-1026 Kimwebsites SQL Injection vulnerability in Kimwebsites KIM Websites 1.0

Multiple SQL injection vulnerabilities in login.php in Kim Websites 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.

7.5
2009-03-20 CVE-2009-1025 Beerwin Code Injection vulnerability in Beerwin PHPlinkadmin 1.0

PHP remote file inclusion vulnerability in linkadmin.php in Beerwin PHPLinkAdmin 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.

7.5
2009-03-20 CVE-2009-1024 Beerwin SQL Injection vulnerability in Beerwin PHPlinkadmin 1.0

Multiple SQL injection vulnerabilities in Beerwin PHPLinkAdmin 1.0 allow remote attackers to execute arbitrary SQL commands via the linkid parameter to edlink.php, and unspecified other vectors.

7.5
2009-03-20 CVE-2009-1023 Phpcomasy SQL Injection vulnerability in PHPcomasy 0.9.1

SQL injection vulnerability in index.php in phpComasy 0.9.1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter.

7.5
2009-03-19 CVE-2009-0968 Fahlstad
Wordpress
SQL Injection vulnerability in Fahlstad Fmoblog Plugin 2.1

SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

7.5
2009-03-19 CVE-2009-0966 Yabsoft Code Injection vulnerability in Yabsoft Mega File Hosting Script 1.2

PHP remote file inclusion vulnerability in cross.php in YABSoft Mega File Hosting 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter.

7.5
2009-03-19 CVE-2009-0965 Ismail Fahmi SQL Injection vulnerability in Ismail Fahmi Ganesha Digital Library 4.0/4.2

SQL injection vulnerability in functions/browse.php in Ganesha Digital Library (GDL) 4.0 and 4.2 allows remote attackers to execute arbitrary SQL commands via the node parameter in a browse action to gdl.php.

7.5
2009-03-19 CVE-2009-0963 Xlinesoft SQL Injection vulnerability in Xlinesoft PHPrunner 3.1

Multiple SQL injection vulnerabilities in PHPRunner 4.2, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the SearchField parameter to (1) UserView_list.php, (2) orders_list.php, (3) users_list.php, and (4) Administrator_list.php.

7.5
2009-03-19 CVE-2008-6491 Denis Moinel Code Injection vulnerability in Denis Moinel PHPgkit 0.9

PHP remote file inclusion vulnerability in connexion.php in PHPGKit 0.9 allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.

7.5
2009-03-19 CVE-2008-6490 Flysforum Improper Input Validation vulnerability in Flysforum Flaber

function/update_xml.php in FLABER 1.1 and earlier allows remote attackers to overwrite arbitrary files by specifying the target filename in the target_file parameter.

7.5
2009-03-19 CVE-2008-6489 Joomla
Huseyin Bora Abaci
SQL Injection vulnerability in Huseyin Bora Abaci COM Myalbum 1.0

SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the album parameter to index.php.

7.5
2009-03-19 CVE-2009-0962 Futomi Security Bypass vulnerability in Futomi's CGI Cafe MP Form Mail CGI

Unspecified vulnerability in Futomi's CGI Cafe MP Form Mail CGI eCommerce 1.3.0 and earlier, and CGI Professional 3.2.2 and earlier, allows remote attackers to gain administrative privileges via unknown attack vectors.

7.5
2009-03-18 CVE-2008-6488 Softcomplex SQL Injection vulnerability in Softcomplex PHP Image Gallery 1.0

SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the Admin field in a login action.

7.5
2009-03-18 CVE-2008-6487 Digiappz SQL Injection vulnerability in Digiappz Digiaffiliate

Multiple SQL injection vulnerabilities in login.asp in Digiappz DigiAffiliate 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin and (2) password fields.

7.5
2009-03-18 CVE-2008-6485 Softcomplex SQL Injection vulnerability in Softcomplex PHP Image Gallery

SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery allows remote attackers to execute arbitrary SQL commands via the ctg parameter.

7.5
2009-03-18 CVE-2008-6484 Mole Group SQL Injection vulnerability in Mole-Group Taxi Calc Dist Script

SQL injection vulnerability in login.php in Mole Group Taxi Map Script (aka Taxi Calc Dist Script) allows remote attackers to execute arbitrary SQL commands via the user field.

7.5
2009-03-18 CVE-2008-6483 Virtuemart Solutions
Joomla
Code Injection vulnerability in Virtuemart-Solutions COM Googlebase 1.1

PHP remote file inclusion vulnerability in admin.googlebase.php in the Ecom Solutions VirtueMart Google Base (aka com_googlebase or Froogle) component 1.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

7.5
2009-03-17 CVE-2008-6481 Joomla
Mambo Foundation
Joomprod
SQL Injection vulnerability in Joomprod COM Versioning 1.0.2

SQL injection vulnerability in the Versioning component (com_versioning) 1.0.2 in Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task to index.php.

7.5
2009-03-16 CVE-2009-0919 Apachefriends Credentials Management vulnerability in Apachefriends Xampp

XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the "lampp" default password for the "nobody" account within the included ProFTPD installation, (2) a blank default password for the "root" account within the included MySQL installation, (3) a blank default password for the "pma" account within the phpMyAdmin installation, and possibly other unspecified passwords.

7.5
2009-03-16 CVE-2009-0918 Dflabs Remote Security vulnerability in PTK

Multiple unspecified vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 allow remote attackers to execute arbitrary commands in processes launched by PTK's Apache HTTP Server via (1) "external tools" or (2) a crafted forensic image.

7.5
2009-03-16 CVE-2009-0508 IBM Information Exposure vulnerability in IBM Websphere Application Server

The Servlet Engine/Web Container and JSP components in IBM WebSphere Application Server (WAS) 5.1.0, 5.1.1.19, 6.0.2 before 6.0.2.35, 6.1 before 6.1.0.23, and 7.0 before 7.0.0.3 allow remote attackers to read arbitrary files contained in war files in (1) web-inf, (2) meta-inf, and unspecified other directories via unknown vectors, related to (a) web-based applications and (b) the administrative console.

7.5
2009-03-16 CVE-2008-6477 Mumbojumbo SQL Injection vulnerability in Mumbojumbo OP4

SQL injection vulnerability in Mumbo Jumbo Media OP4 allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

7.5
2009-03-16 CVE-2008-6475 Drake Team SQL Injection vulnerability in Drake Team Drake CMS 0.2

SQL injection vulnerability in the guestbook component (components/guestbook/guestbook.php) in Drake CMS 0.4.11 and earlier allows remote attackers to execute arbitrary SQL commands via the Via HTTP header (HTTP_VIA) to index.php.

7.5
2009-03-16 CVE-2009-0912 Mandriva Improper Input Validation vulnerability in Mandriva products

perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 through 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows attackers to gain privileges via "special characters" in unspecified vectors.

7.2

47 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-03-20 CVE-2009-1036 Drupal Cross-Site Request Forgery (CSRF) vulnerability in Drupal Plus1

Cross-site request forgery (CSRF) vulnerability in the Plus 1 module before 6.x-2.6, a module for Drupal, allows remote attackers to cast votes for content via unspecified aspects of the URI.

6.8
2009-03-20 CVE-2008-6498 Apachefriends Cross-Site Request Forgery (CSRF) vulnerability in Apachefriends Xampp 1.6.8

Cross-site request forgery (CSRF) vulnerability in security/xamppsecurity.php in XAMPP 1.6.8 allows remote attackers to hijack the authentication of users for requests that change a certain .htaccess password via the xampppasswd parameter.

6.8
2009-03-20 CVE-2008-6492 Tizag Improper Input Validation vulnerability in Tizag Countdown Creator 3

Unrestricted file upload vulnerability in process.php in Tizag Countdown Creator 3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via index.php, then accessing the uploaded file via a direct request to the file in pics/.

6.8
2009-03-19 CVE-2009-0970 Phpprobid Code Injection vulnerability in PHPprobid PHP PRO BID 6.05

PHP remote file inclusion vulnerability in includes/class_image.php in PHP Pro Bid 6.05, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the fileExtension parameter.

6.8
2009-03-19 CVE-2009-0969 Phpfox Cross-Site Request Forgery (CSRF) vulnerability in PHPfox 1.6.2.1

Cross-site request forgery (CSRF) vulnerability in account/settings/account/index.php in phpFoX 1.6.21 allows remote attackers to hijack the authentication of administrators for requests that change the email address via the act[update] action.

6.8
2009-03-18 CVE-2008-6486 Shatm Code Injection vulnerability in Shatm Sharedlog

PHP remote file inclusion vulnerability in slideshow_uploadvideo.content.php in SharedLog, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[root_dir] parameter.

6.8
2009-03-18 CVE-2008-6482 Justjoomla
Joomla
Code Injection vulnerability in Justjoomla COM Treeg 1.0

PHP remote file inclusion vulnerability in admin.treeg.php in the Flash Tree Gallery (com_treeg) component 1.0 for Joomla!, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the mosConfig_live_site parameter.

6.8
2009-03-16 CVE-2009-0915 Opera
Opera Software
Multiple Security vulnerability in Opera Web Browser prior to 9.64

Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified vectors related to plug-ins.

6.8
2009-03-16 CVE-2008-6480 Softnews Media Group Cross-Site Request Forgery (CSRF) vulnerability in Softnews Media Group Datalife Engine 6.7

Cross-site request forgery (CSRF) vulnerability in engine/modules/imagepreview.php in Datalife Engine 6.7 allows remote attackers to hijack the authentication of arbitrary users for requests that use a modified image parameter.

6.8
2009-03-16 CVE-2008-6479 Parallels Cross-Site Request Forgery (CSRF) vulnerability in Parallels Virtuozzo 25.4Swsoft

Cross-site request forgery (CSRF) vulnerability in the "change password" feature in the VZPP web interface for Parallels Virtuozzo 25.4.swsoft (build 3.0.0-25.4.swsoft) allows remote attackers to modify the password via a link or IMG tag to vz/cp/pwd.

6.8
2009-03-16 CVE-2008-6478 Parallels Cross-Site Request Forgery (CSRF) vulnerability in Parallels Virtuozzo Containers 3.0.025.4.Swsoft/4.0.0365.6.Swsoft

Cross-site request forgery (CSRF) vulnerability in the file manager in the VZPP web interface for Parallels Virtuozzo 365.6.swsoft (build 4.0.0-365.6.swsoft) and 25.4.swsoft (build 3.0.0-25.4.swsoft) allows remote attackers to create and delete arbitrary files as the administrator via a link or IMG tag to (1) create-file and (2) list-control in vz/cp/vzdir/infrman/envs/files/; or modify system configuration via the path parameter to vz/cp/vzdir/infrman/envs/files/index.

6.8
2009-03-20 CVE-2009-1038 YAP SQL Injection vulnerability in YAP Blog 1.1.1

Multiple SQL injection vulnerabilities in YAP Blog 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) image_id parameter to comments.php, and remote authenticated administrators to execute arbitrary SQL commands via the (2) user parameter in a modif action to admin/index.php.

6.5
2009-03-17 CVE-2009-0932 Debian Path Traversal vulnerability in Debian Horde and Horde Groupware

Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.

6.4
2009-03-16 CVE-2008-6473 Blogator Script Credentials Management vulnerability in Blogator-Script 0.95

_blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the password for arbitrary users via a modified "a" parameter with a "%" wildcard symbol in the b parameter.

6.4
2009-03-20 CVE-2008-6499 Apachefriends Code Injection vulnerability in Apachefriends Xampp 1.6.8

security/xamppsecurity.php in XAMPP 1.6.8 performs an extract operation on the SERVER superglobal array, which allows remote attackers to spoof critical variables, as demonstrated by setting the REMOTE_ADDR variable to 127.0.0.1.

5.5
2009-03-18 CVE-2009-0940 HP Cross-Site Request Forgery (CSRF) vulnerability in HP products

Multiple cross-site request forgery (CSRF) vulnerabilities in the HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that (1) print documents via unknown vectors, (2) modify the network configuration via a NetIPChange request to hp/device/config_result_YesNo.html/config, or (3) change the password via the Password and ConfirmPassword parameters to hp/device/set_config_password.html/config.

5.1
2009-03-20 CVE-2009-1037 Drupal Remote Security vulnerability in Print

Unspecified vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to send unlimited spam messages via unknown vectors related to the flood control API.

5.0
2009-03-20 CVE-2008-6494 Robs Projects Permissions, Privileges, and Access Controls vulnerability in Robs-Projects ASP User Engine.Net

ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb.

5.0
2009-03-20 CVE-2008-6493 Easy News Permissions, Privileges, and Access Controls vulnerability in Easy-News Easy Content Management Publishing

Easy Content Management Publishing stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database/News.mdb.

5.0
2009-03-19 CVE-2009-0964 Xlinesoft Credentials Management vulnerability in Xlinesoft PHPrunner 3.1

UserView_list.php in PHPRunner 4.2, and possibly earlier, stores passwords in cleartext in the database, which allows attackers to gain privileges.

5.0
2009-03-19 CVE-2009-0661 Flashtux Improper Input Validation vulnerability in Flashtux Weechat 0.2.6

Wee Enhanced Environment for Chat (WeeChat) 0.2.6 allows remote attackers to cause a denial of service (crash) via an IRC PRIVMSG command containing crafted color codes that trigger an out-of-bounds read.

5.0
2009-03-18 CVE-2009-0938 TOR Denial of Service vulnerability in Tor

Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service (exit node crash) via "malformed input."

5.0
2009-03-18 CVE-2009-0937 TOR Denial of Service vulnerability in Tor

Unspecified vulnerability in Tor before 0.2.0.34 allows directory mirrors to cause a denial of service via unknown vectors.

5.0
2009-03-18 CVE-2009-0936 TOR Denial of Service vulnerability in Tor

Unspecified vulnerability in Tor before 0.2.0.34 allows attackers to cause a denial of service (infinite loop) via "corrupt votes."

5.0
2009-03-17 CVE-2009-0929 Nucleus Group Path Traversal vulnerability in Nucleus Group Nucleus CMS

Directory traversal vulnerability in the media manager in Nucleus CMS before 3.40 allows remote attackers to read arbitrary files via unknown vectors.

5.0
2009-03-17 CVE-2009-0926 SUN Resource Management Errors vulnerability in SUN Opensolaris and Solaris

Unspecified vulnerability in the UFS filesystem functionality in Sun OpenSolaris snv_86 through snv_91, when running in 32-bit mode on x86 systems, allows local users to cause a denial of service (panic) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6679732.

4.9
2009-03-18 CVE-2009-0935 Linux Resource Management Errors vulnerability in Linux Kernel

The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance.

4.7
2009-03-17 CVE-2009-0925 SUN Resource Management Errors vulnerability in SUN Opensolaris and Solaris

Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, and OpenSolaris snv_47 through snv_85, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6425723.

4.7
2009-03-17 CVE-2009-0924 SUN Resource Management Errors vulnerability in SUN Opensolaris and Solaris

Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x86 architectures, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6442712.

4.7
2009-03-16 CVE-2009-0913 SUN Local Denial Of Service vulnerability in SUN Opensolaris and Solaris

Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options.

4.7
2009-03-20 CVE-2008-6502 Prochatrooms Path Traversal vulnerability in Prochatrooms PRO Chat Rooms 3.0.2

Directory traversal vulnerability in Pro Chat Rooms 3.0.2 allows remote authenticated users to select an arbitrary local PHP script as an avatar via a ..

4.6
2009-03-18 CVE-2009-0538 Symantec USE of Externally-Controlled Format String vulnerability in Symantec Pcanywhere

Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 allows local users to read and modify arbitrary memory locations, and cause a denial of service (application crash) or possibly have unspecified other impact, via format string specifiers in the pathname of a remote control file (aka .CHF file).

4.6
2009-03-20 CVE-2009-1035 Jake Gordon
Drupal
Cross-Site Scripting vulnerability in Jake Gordon Tasks 5.X1.0/5.X1.2/5.X2.Xdev

Cross-site scripting (XSS) vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via Cascading Style Sheets (CSS).

4.3
2009-03-20 CVE-2008-6503 Prestashop Cross-Site Scripting vulnerability in Prestashop 1.1.0.3

Multiple cross-site scripting (XSS) vulnerabilities in PrestaShop 1.1.0.3 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/login.php and (2) order.php.

4.3
2009-03-20 CVE-2008-6501 Prochatrooms Cross-Site Scripting vulnerability in Prochatrooms PRO Chat Rooms 3.0.2

Cross-site scripting (XSS) vulnerability in profiles/index.php in Pro Chat Rooms 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the gud parameter.

4.3
2009-03-20 CVE-2008-6500 Codetoad Cross-Site Scripting vulnerability in Codetoad ASP Shopping Cart Script

Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart Script allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.

4.3
2009-03-20 CVE-2009-1030 Wordpress Cross-Site Scripting vulnerability in Wordpress MU

Cross-site scripting (XSS) vulnerability in the choose_primary_blog function in wp-includes/wpmu-functions.php in WordPress MU (WPMU) before 2.7 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header.

4.3
2009-03-20 CVE-2008-6495 Zirkon BOX Cross-Site Scripting vulnerability in Zirkon BOX Yappa-Ng 2.3.2

Cross-site scripting (XSS) vulnerability in index.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to inject arbitrary web script or HTML via the album parameter.

4.3
2009-03-19 CVE-2009-0971 Futomi Cross-Site Scripting vulnerability in Futomi Access Analyzer CGI

Cross-site scripting (XSS) vulnerability in futomi's CGI Cafe Access Analyzer CGI Standard Version 3.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

4.3
2009-03-18 CVE-2009-0934 Process ONE Cross-Site Scripting vulnerability in Process-One Ejabberd

Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to links and MUC logs.

4.3
2009-03-17 CVE-2009-0933 Dotclear Cross-Site Scripting vulnerability in Dotclear

Cross-site scripting (XSS) vulnerability in the administrative interface in Dotclear before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2009-03-17 CVE-2009-0931 Debian Cross-Site Scripting vulnerability in Debian Horde and Horde Groupware

Cross-site scripting (XSS) vulnerability in the tag cloud search script (horde/services/portal/cloud_search.php) in Horde before 3.2.4 and 3.3.3, and Horde Groupware before 1.1.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2009-03-17 CVE-2009-0930 Debian Cross-Site Scripting vulnerability in Debian Horde IMP 4.0

Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 4.2.2 and 4.3.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) smime.php, (2) pgp.php, and (3) message.php.

4.3
2009-03-16 CVE-2009-0917 Dflabs Cross-Site Scripting vulnerability in Dflabs PTK

Cross-site scripting (XSS) vulnerability in DFLabs PTK 1.0.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML by providing a forensic image containing HTML documents, which are rendered in web browsers during inspection by PTK.

4.3
2009-03-16 CVE-2008-6476 Dotnetblogengine Cross-Site Scripting vulnerability in Dotnetblogengine Blogengine.Net

Cross-site scripting (XSS) vulnerability in blog/search.aspx in BlogEngine.NET allows remote attackers to inject arbitrary web script or HTML via the q parameter.

4.3
2009-03-19 CVE-2009-0967 Solarwinds Resource Management Errors vulnerability in Solarwinds Serv-U File Server

The FTP server in Serv-U 7.0.0.1 through 7.4.0.1 allows remote authenticated users to cause a denial of service (service hang) via a large number of SMNT commands without an argument.

4.0
2009-03-17 CVE-2009-0922 Postgresql Resource Management Errors vulnerability in Postgresql

PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding conversion requests.

4.0

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS