Weekly Vulnerabilities Reports > April 13 to 19, 2009
Overview
117 new vulnerabilities reported during this period, including 29 critical vulnerabilities and 17 high severity vulnerabilities. This weekly summary report vulnerabilities in 106 products from 47 vendors including Oracle, Microsoft, IBM, Mini Stream, and Apache. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "SQL Injection", "Information Exposure", and "Improper Authentication".
- 105 reported vulnerabilities are remotely exploitables.
- 36 reported vulnerabilities have public exploit available.
- 26 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 88 reported vulnerabilities are exploitable by an anonymous user.
- Oracle has the most reported vulnerabilities, with 43 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 10 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
29 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2009-04-17 | CVE-2009-1314 | Webfileexplorer | Remote Security vulnerability in Webfileexplorer web File Explorer 3.1 body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension. | 10.0 |
| 2009-04-16 | CVE-2009-1301 | Mpg123 | Numeric Errors vulnerability in Mpg123 Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via an ID3 tag with a negative encoding value. | 10.0 |
| 2009-04-16 | CVE-2009-1300 | Debian | Improper Input Validation vulnerability in Debian Advanced Package Tool 0.7.20 apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight. | 10.0 |
| 2009-04-15 | CVE-2009-1119 | EMC | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in EMC Replistor Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow. | 10.0 |
| 2009-04-15 | CVE-2009-1012 | Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. | 10.0 |
| 2009-04-15 | CVE-2009-1006 | Oracle SUN | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 10.0 |
| 2009-04-17 | CVE-2008-5518 | Apache Microsoft | Path Traversal vulnerability in Apache Geronimo Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet); the (5) createDB parameter to console/portal/Embedded DB/DB Manager (aka the Embedded DB/DB Manager portlet); or the (6) filename parameter to the createKeystore script in the Security/Keystores portlet. | 9.4 |
| 2009-04-17 | CVE-2009-1331 | Microsoft | Numeric Errors vulnerability in Microsoft Windows Media Player 11.0.5721.5260 Integer overflow in Microsoft Windows Media Player (WMP) 11.0.5721.5260 allows remote attackers to cause a denial of service (application crash) via a crafted .mid file, as demonstrated by crash.mid. | 9.3 |
| 2009-04-17 | CVE-2009-1330 | Mini Stream | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mini-Stream Easy RM TO MP3 Converter Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file. | 9.3 |
| 2009-04-17 | CVE-2009-1329 | Mini Stream | Buffer Errors vulnerability in Mini-Stream Shadow Stream Recorder 3.0.1.7 Stack-based buffer overflow in Mini-stream Shadow Stream Recorder 3.0.1.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | 9.3 |
| 2009-04-17 | CVE-2009-1328 | Mini Stream | Buffer Errors vulnerability in Mini-Stream Rm-Mp3 Converter 3.0.0.7 Stack-based buffer overflow in Mini-stream RM-MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | 9.3 |
| 2009-04-17 | CVE-2009-1327 | Mini Stream | Buffer Errors vulnerability in Mini-Stream WM Downloader 3.0.0.9 Stack-based buffer overflow in Mini-stream WM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | 9.3 |
| 2009-04-17 | CVE-2009-1326 | Mini Stream | Buffer Errors vulnerability in Mini-Stream RM Downloader 3.0.0.9 Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | 9.3 |
| 2009-04-17 | CVE-2009-1325 | Mini Stream | Buffer Errors vulnerability in Mini-Stream Ripper 3.0.1.1 Stack-based buffer overflow in Mini-stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | 9.3 |
| 2009-04-17 | CVE-2009-1324 | Mini Stream | Buffer Errors vulnerability in Mini-Stream ASX TO MP3 Converter 3.0.0.7 Stack-based buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | 9.3 |
| 2009-04-17 | CVE-2008-1107 | Danskebank | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Danskebank Danskesikker.Ocx Multiple stack-based buffer overflows in the Danske Bank e-Sec Control Module ActiveX control (DanskeSikker.ocx) 3.1.0.48, and possibly earlier versions, allow remote attackers to execute arbitrary code via long arguments to unspecified methods, which are not properly handled by a logging function. | 9.3 |
| 2009-04-16 | CVE-2009-0196 | Ghostscript | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ghostscript Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run length value. | 9.3 |
| 2009-04-16 | CVE-2008-5259 | Divx | Numeric Errors vulnerability in Divx web Player Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format (STRF) chunk, which triggers a heap-based buffer overflow. | 9.3 |
| 2009-04-16 | CVE-2008-4830 | SAP | Remote Code Execution vulnerability in SAP AG SAPgui KWEdit ActiveX Control Insecure Method Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method. | 9.3 |
| 2009-04-16 | CVE-2007-2238 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Intelligent Application Gateway 2007 Multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll), as used in Microsoft Intelligent Application Gateway (IAG) before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the (1) CheckForUpdates or (2) UpdateComponents methods. | 9.3 |
| 2009-04-15 | CVE-2009-0552 | Microsoft | Unspecified vulnerability in Microsoft IE and Internet Explorer Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 on Windows XP SP2 and SP3, and 6 on Windows Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a web page that triggers presence of an object in memory that was (1) not properly initialized or (2) deleted, aka "Uninitialized Memory Corruption Vulnerability." | 9.3 |
| 2009-04-15 | CVE-2009-0235 | Microsoft | Buffer Errors vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corruption, related to use of inconsistent integer data sizes for an unspecified length field, aka "WordPad Word 97 Text Converter Stack Overflow Vulnerability." | 9.3 |
| 2009-04-15 | CVE-2009-0100 | Microsoft | Resource Management Errors vulnerability in Microsoft products Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel in Microsoft Office 2004 and 2008 for Mac; Microsoft Office Excel Viewer and Excel Viewer 2003 SP3; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 do not properly parse the Excel spreadsheet file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet that contains a malformed object with "an offset and a two-byte value" that trigger a memory calculation error, aka "Memory Corruption Vulnerability." | 9.3 |
| 2009-04-15 | CVE-2009-0088 | Microsoft | Improper Input Validation vulnerability in Microsoft products The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, related to an unspecified counter and control structures on the stack, aka "Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability." | 9.3 |
| 2009-04-15 | CVE-2009-0087 | Microsoft | Unspecified vulnerability in Microsoft products Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to execute arbitrary code via a crafted Word 6 file that contains malformed data, aka "WordPad and Office Text Converter Memory Corruption Vulnerability." | 9.3 |
| 2009-04-15 | CVE-2009-0084 | Microsoft | Code Injection vulnerability in Microsoft Directx Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is later accessed, aka "MJPEG Decompression Vulnerability." | 9.3 |
| 2009-04-13 | CVE-2009-0218 | Ldra Particlesoftware | Remote Code Execution vulnerability in Particle Software IntraLaunch ActiveX Control Insecure method vulnerability in Particle Software IntraLaunch Application Launcher ActiveX control in IntraLaunch.ocx, as used in LDRA TBbrowse and possibly other products, allows remote attackers to execute arbitrary code via unknown vectors. | 9.3 |
| 2009-04-13 | CVE-2008-4420 | Microsoft HP Innermedia Filestream | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple stack-based buffer overflows in DZIP32.DLL before 5.0.0.8 in DynaZip Max and DZIPS32.DLL before 6.0.0.5 in DynaZip Max Secure; as used in HP OpenView Performance Agent C.04.60, HP Performance Agent C.04.70 and C.04.72, TurboZIP 6.0, and other products; allow user-assisted attackers to execute arbitrary code via a long filename in a ZIP archive during a (1) Fix (aka Repair), (2) Add, (3) Update, or (4) Freshen action, a related issue to CVE-2006-3985. | 9.3 |
| 2009-04-15 | CVE-2009-0979 | Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | 9.0 |
17 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2009-04-15 | CVE-2009-1016 | Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to IIS. | 8.5 |
| 2009-04-17 | CVE-2009-1323 | Webfileexplorer | SQL Injection vulnerability in Webfileexplorer web File Explorer 3.1 SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2009-04-17 | CVE-2009-1319 | Guestcal | Path Traversal vulnerability in Guestcal Guest CAL 2.1 Directory traversal vulnerability in includes/ini.inc.php in GuestCal 2.1 allows remote attackers to include and execute arbitrary files via a .. | 7.5 |
| 2009-04-17 | CVE-2009-1316 | ABK Soft | SQL Injection vulnerability in Abk-Soft Ablespace 1.0 Multiple SQL injection vulnerabilities in AbleSpace 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to events_view.php and the (2) id parameter to events_clndr_view.php. | 7.5 |
| 2009-04-17 | CVE-2009-0946 | Freetype Debian Canonical Opensuse Suse Apple | Integer Overflow OR Wraparound vulnerability in multiple products Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. | 7.5 |
| 2009-04-16 | CVE-2009-1285 | Phpmyadmin | Code Injection vulnerability in PHPmyadmin Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files. | 7.5 |
| 2009-04-15 | CVE-2009-1000 | Oracle | Credentials Management vulnerability in Oracle E-Business Suite 11I10Cu2/12.0.6 The Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 uses default passwords for unspecified "FND Applications Users (not DB users)," which has unknown impact and attack vectors. | 7.5 |
| 2009-04-15 | CVE-2009-0993 | Oracle | Unspecified vulnerability in Oracle Application Server 10.1.2.3.0 Unspecified vulnerability in the OPMN component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 7.5 |
| 2009-04-14 | CVE-2008-6723 | Turnkeyforms | Improper Authentication vulnerability in Turnkeyforms Entertainment Portal 2.0 TurnkeyForms Entertainment Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the adminLogged cookie to Administrator. | 7.5 |
| 2009-04-14 | CVE-2008-6721 | Ajsquare | SQL Injection vulnerability in Ajsquare AJ Article SQL injection vulnerability in index.php in AJ Square AJ Article allows remote attackers to execute arbitrary SQL commands via the txtName parameter (aka the username field). | 7.5 |
| 2009-04-13 | CVE-2008-6720 | Deltascripts | SQL Injection vulnerability in Deltascripts PHP Links SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka the admin field). | 7.5 |
| 2009-04-13 | CVE-2008-6719 | Uochm | Improper Authentication vulnerability in Uochm Justlistit 1.0 U&M Software Event Lister (aka JustListIt) 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to (1) start.php, (2) aktivitet.php, (3) prop_aktivitet.php, (4) kategorier.php, (5) konfig.php, (6) security.php, (7) manual.php, and possibly (8) index.php. | 7.5 |
| 2009-04-13 | CVE-2008-6718 | Uochm | Improper Authentication vulnerability in Uochm Justbookit 1.0 U&M Software JustBookIt 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to (1) user_manual.php, (2) user_config.php, (3) user_kundnamn.php, (4) user_kundlista.php, (5) user_aktiva_kunder.php, (6) database.php, and possibly (7) index.php. | 7.5 |
| 2009-04-13 | CVE-2008-6717 | Uochm | Improper Authentication vulnerability in Uochm Signup 1.0/1.1 U&M Software Signup 1.0 and 1.1 does not require administrative authentication for all scripts in the admin/ directory, which allows remote attackers to have an unspecified impact via a direct request to (1) adminstart.php, (2) admineventtype.php, (3) admineventdetails.php, (4) admineventlist.php, (5) adminuserslist.php, (6) adminleaderslist.php, (7) admindatabase.php, and possibly (8) index.php. | 7.5 |
| 2009-04-13 | CVE-2008-6716 | Preprojects | Improper Authentication vulnerability in Preprojects PRE ADS Portal homeadmin/adminhome.php in Pre ADS Portal 2.0 and earlier does not require administrative authentication, which allows remote attackers to have an unspecified impact via a direct request. | 7.5 |
| 2009-04-15 | CVE-2009-0681 | PGP | Improper Input Validation vulnerability in PGP Desktop 8.0/9.0/9.0.6 PGP Desktop before 9.10 allows local users to (1) cause a denial of service (crash) via a crafted IOCTL request to pgpdisk.sys, and (2) cause a denial of service (crash) and execute arbitrary code via a crafted IRP in an IOCTL request to pgpwded.sys. | 7.2 |
| 2009-04-15 | CVE-2009-0985 | Oracle | Multiple vulnerability in Oracle Database 10G and Database 11G Unspecified vulnerability in the Core RDBMS component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users with the IMP_FULL_DATABASE role to affect confidentiality, integrity, and availability. | 7.1 |
68 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2009-04-15 | CVE-2009-0080 | Microsoft | Improper Privilege Management vulnerability in Microsoft Windows Server 2008 and Windows Vista The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by leveraging incorrect thread ACLs to access the resources of one of the processes, aka "Windows Thread Pool ACL Weakness Vulnerability." | 6.9 |
| 2009-04-15 | CVE-2009-0079 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows Server 2003 and Windows XP The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows RPCSS Service Isolation Vulnerability." | 6.9 |
| 2009-04-17 | CVE-2009-0039 | Apache | Cross-Site Request Forgery (CSRF) vulnerability in Apache Geronimo Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that (1) change the web administration password, (2) upload applications, and perform unspecified other administrative actions, as demonstrated by (3) a Shutdown request to console/portal//Server/Shutdown. | 6.8 |
| 2009-04-17 | CVE-2009-1317 | Aquacms | SQL Injection vulnerability in Aquacms Aqua CMS 1.1 Multiple SQL injection vulnerabilities in Aqua CMS 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) userSID cookie parameter to droplets/functions/base.php and the (2) username parameter to admin/index.php. | 6.8 |
| 2009-04-15 | CVE-2009-0999 | Oracle | Multiple vulnerability in Oracle E-Business Suite 12.0.6 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 6.8 |
| 2009-04-14 | CVE-2009-0159 | NTP | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in NTP Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response. | 6.8 |
| 2009-04-13 | CVE-2009-1290 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Advanced Management Module 1.36H Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration interface in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allow remote attackers to hijack the authentication of administrators, as demonstrated by a power-off request to the private/blade_power_action script. | 6.8 |
| 2009-04-13 | CVE-2009-1244 | Vmware | Hosted Products Display Function Code Execution vulnerability in VMware Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916. | 6.8 |
| 2009-04-17 | CVE-2009-1318 | Jamroom | Path Traversal vulnerability in Jamroom Directory traversal vulnerability in index.php in Jamroom 3.1.2, 3.2.3 through 3.2.6, 4.0.2, and possibly other versions before 3.4.0 allows remote attackers to include arbitrary files via directory traversal sequences in the t parameter. | 6.5 |
| 2009-04-15 | CVE-2009-0972 | Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the Workspace Manager component in Oracle Database 11.1.0.6, 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | 6.5 |
| 2009-04-15 | CVE-2009-1013 | Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1014. | 6.4 |
| 2009-04-17 | CVE-2008-6726 | Cmscout | Path Traversal vulnerability in Cmscout 2.06 Multiple directory traversal vulnerabilities in CMScout 2.06, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. | 6.0 |
| 2009-04-17 | CVE-2008-6725 | Cmscout | SQL Injection vulnerability in Cmscout 2.06 Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) index.php in a mythings page (mythings.php) and (2) the users page in admin.php. | 6.0 |
| 2009-04-15 | CVE-2009-1014 | Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1013. | 5.8 |
| 2009-04-15 | CVE-2009-1002 | Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors. | 5.8 |
| 2009-04-15 | CVE-2009-1001 | Oracle | Multiple vulnerability in Oracle BEA Product Suite 8.1 Unspecified vulnerability in Oracle BEA WebLogic Portal 8.1 Gold through SP6 allows remote authenticated users to gain privileges via unknown vectors. | 5.5 |
| 2009-04-15 | CVE-2009-0998 | Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the PeopleSoft Enterprise HRMS - eBenefits component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | 5.5 |
| 2009-04-15 | CVE-2009-0992 | Oracle | Multiple vulnerability in Oracle Database 10G and Database 11G Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. | 5.5 |
| 2009-04-15 | CVE-2009-0990 | Oracle | Unspecified vulnerability in Oracle Application Server 10.1.3.2.1/10.1.3.3.3/5.6.2 Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0989. | 5.5 |
| 2009-04-15 | CVE-2009-0989 | Oracle | Unspecified vulnerability in Oracle Application Server 10.1.3.2.1/10.1.3.3.3/5.6.2 Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0990. | 5.5 |
| 2009-04-15 | CVE-2009-0984 | Oracle | Multiple vulnerability in Oracle Database 10G, Database 11G and Database 9I Unspecified vulnerability in the Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_SYS_SQL. | 5.5 |
| 2009-04-15 | CVE-2009-0980 | Oracle | Multiple vulnerability in Oracle Database 10G and Database 11G Unspecified vulnerability in the SQLX Functions component in Oracle Database 10.2.0.3 and 11.1.0.6 allows remote authenticated users to affect integrity and availability, related to AGGXQIMP. | 5.5 |
| 2009-04-15 | CVE-2009-0978 | Oracle | Multiple vulnerability in Oracle Database 10G and Database 11G Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0975. | 5.5 |
| 2009-04-15 | CVE-2009-0977 | Oracle | Multiple vulnerability in Oracle Database 10G and Database 9I Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. | 5.5 |
| 2009-04-15 | CVE-2009-0976 | Oracle | Multiple vulnerability in Oracle Database 10G and Database 11G Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to LTADM. | 5.5 |
| 2009-04-15 | CVE-2009-0975 | Oracle | Multiple vulnerability in Oracle Database 10G and Database 11G Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0978. | 5.5 |
| 2009-04-15 | CVE-2009-0986 | Oracle | Multiple vulnerability in Oracle Database 10G and Database 11G Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | 5.4 |
| 2009-04-17 | CVE-2009-1332 | SUN | Information Disclosure vulnerability in Sun Java System Directory Server 5.0/5.2 The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remote attackers to determine the existence of files and directories, and possibly obtain partial contents of files, via unspecified vectors. | 5.0 |
| 2009-04-17 | CVE-2009-1322 | Humayun Shabbir Bhutta | Permissions, Privileges, and Access Controls vulnerability in Humayun Shabbir Bhutta ASP Product Catalog 1.0 ASP Product Catalog 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for database/aspProductCatalog.mdb. | 5.0 |
| 2009-04-16 | CVE-2009-1293 | Novell | Information Exposure vulnerability in Novell Teaming The web login functionality (c/portal/login) in Novell Teaming 1.0 through SP3 (1.0.3) generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames. | 5.0 |
| 2009-04-15 | CVE-2009-1003 | Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote attackers to affect integrity via unknown vectors related to "access to source code of web pages." | 5.0 |
| 2009-04-15 | CVE-2009-0991 | Oracle | Multiple vulnerability in Oracle Database 10G, Database 11G and Database 9I Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-1970. | 5.0 |
| 2009-04-15 | CVE-2009-0973 | Oracle | Multiple vulnerability in Oracle Database 10G 10.1.0.5 Unspecified vulnerability in the Cluster Ready Services component in Oracle Database 10.1.0.5 allows remote attackers to affect availability via unknown vectors. | 5.0 |
| 2009-04-15 | CVE-2007-4514 | HP | Information Exposure vulnerability in HP Procurve Manager Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows remote attackers to obtain sensitive information from the ProCurve Manager server via unknown attack vectors. | 5.0 |
| 2009-04-15 | CVE-2009-0077 | Microsoft | Unspecified vulnerability in Microsoft products The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka "Web Proxy TCP State Limited Denial of Service Vulnerability." | 5.0 |
| 2009-04-13 | CVE-2009-1286 | IBM | Remote Denial of Service vulnerability in IBM Lotus Domino IMAP Server The IMAP task in the server in IBM Lotus Domino 8.0.2 before FP1 IF1 and 8.5 before IF3 allows remote attackers to cause a denial of service (daemon crash) via a MIME e-mail message with RFC822 attachments (aka blobs) containing malformed root entities. | 5.0 |
| 2009-04-13 | CVE-2009-1269 | Wireshark | Denial Of Service vulnerability in Wireshark Prior to 1.0.7 Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | 5.0 |
| 2009-04-13 | CVE-2009-1267 | Wireshark Microsoft | Denial Of Service vulnerability in Wireshark Prior to 1.0.7 Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors. | 5.0 |
| 2009-04-16 | CVE-2009-0579 | Linux PAM | Permissions, Privileges, and Access Controls vulnerability in Linux-Pam Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified. | 4.6 |
| 2009-04-15 | CVE-2009-1011 | Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML. | 4.4 |
| 2009-04-15 | CVE-2009-1010 | IBM Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1008. | 4.4 |
| 2009-04-15 | CVE-2009-1009 | Oracle IBM | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 allows local users to affect confidentiality, integrity, and availability, related to HTML. | 4.4 |
| 2009-04-15 | CVE-2009-1008 | IBM Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010. | 4.4 |
| 2009-04-17 | CVE-2009-1335 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 7/8 Microsoft Internet Explorer 7 and 8 on Windows XP and Vista allows remote attackers to cause a denial of service (application hang) via a large document composed of unprintable characters, aka MSRC 9011jr. | 4.3 |
| 2009-04-17 | CVE-2009-1333 | HP | Cross-Site Scripting vulnerability in HP Deskjet 6840 Xf1M131A Cross-site scripting (XSS) vulnerability in refresh_rate.htm in the web interface on the HP Deskjet 6840 printer with firmware XF1M131A allows remote attackers to inject arbitrary web script or HTML via the POST request body. | 4.3 |
| 2009-04-17 | CVE-2009-0038 | Apache | Cross-Site Scripting vulnerability in Apache Geronimo Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description parameter to console/portal/Server/Monitoring; or (5) the PATH_INFO to the default URI under console/portal/. | 4.3 |
| 2009-04-17 | CVE-2009-1321 | Humayun Shabbir Bhutta | Cross-Site Scripting vulnerability in Humayun Shabbir Bhutta ASP Product Catalog 1.0 Cross-site scripting (XSS) vulnerability in search.asp in ASP Product Catalog 1.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. | 4.3 |
| 2009-04-17 | CVE-2009-1320 | Zazzle | Cross-Site Scripting vulnerability in Zazzle Store Builder 1.0.2 Multiple cross-site scripting (XSS) vulnerabilities in include/zstore.php in Zazzle Store Builder 1.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) gridPage and (2) gridSort parameters. | 4.3 |
| 2009-04-17 | CVE-2009-1315 | ABK Soft | Cross-Site Scripting vulnerability in Abk-Soft Ablespace 1.0 Multiple cross-site scripting (XSS) vulnerabilities in AbleSpace 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) gid parameter to groups_profile.php, (2) cat_id and (3) razd_id parameters to adv_cat.php, and the (4) URL to blogs_full.php. | 4.3 |
| 2009-04-17 | CVE-2008-6724 | Patrick Matthai | Cross-Site Scripting vulnerability in Patrick Matthai Pnopaste 1.0 Cross-site scripting (XSS) vulnerability in index.pl in Perl Nopaste 1.0 allows remote attackers to inject arbitrary web script or HTML via the language parameter. | 4.3 |
| 2009-04-16 | CVE-2009-1294 | Novell Liferay | Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in web/guest/home in the Liferay 4.3.0 portal in Novell Teaming 1.0 through SP3 (1.0.3) allow remote attackers to inject arbitrary web script or HTML via the (1) p_p_state or (2) p_p_mode parameters. | 4.3 |
| 2009-04-15 | CVE-2009-0995 | Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 allows remote attackers to affect integrity via unknown vectors. | 4.3 |
| 2009-04-15 | CVE-2009-0983 | Oracle | Unspecified vulnerability in Oracle Application Server 10.1.2.3.0/10.1.4.2.0 Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0974 and CVE-2009-3407. | 4.3 |
| 2009-04-15 | CVE-2009-0974 | Oracle | Unspecified vulnerability in Oracle Application Server 10.1.2.3.0/10.1.4.2.0 Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0983 and CVE-2009-3407. | 4.3 |
| 2009-04-15 | CVE-2009-0237 | Microsoft | Cross-Site Scripting vulnerability in Microsoft products Cross-site scripting (XSS) vulnerability in cookieauth.dll in the HTML forms authentication component in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2006, 2006 Supportability Update, and 2006 SP1; allows remote attackers to inject arbitrary web script or HTML via "authentication input" to this component, aka "Cross-Site Scripting Vulnerability." | 4.3 |
| 2009-04-13 | CVE-2009-1288 | IBM | Cross-Site Scripting vulnerability in IBM Advanced Management Module and Bladecenter Multiple cross-site scripting (XSS) vulnerabilities in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allow remote attackers to inject arbitrary web script or HTML via (1) the username in a login action or (2) the PATH parameter to private/file_management.ssi in the File manager. | 4.3 |
| 2009-04-13 | CVE-2009-1287 | Cisco | Cross-Site Scripting vulnerability in Cisco Subscriber Edge Services Manager Cross-site scripting (XSS) vulnerability in Cisco Subscriber Edge Services Manager (SESM) allows remote attackers to inject arbitrary web script or HTML via the URI. | 4.3 |
| 2009-04-13 | CVE-2009-1268 | Wireshark | Improper Input Validation vulnerability in Wireshark The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet. | 4.3 |
| 2009-04-13 | CVE-2008-6715 | Preprojects | Cross-Site Scripting vulnerability in Preprojects PRE ADS Portal Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.php and (2) homeadmin/signinform.php. | 4.3 |
| 2009-04-15 | CVE-2009-1005 | Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the Oracle Data Service Integrator (AquaLogic Data Services Platform) component in BEA Product Suite 10.3.0, 3.2, 3.0.1, and 3.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | 4.1 |
| 2009-04-15 | CVE-2009-1017 | Oracle | Unspecified vulnerability in Oracle Application Server Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-0994. | 4.0 |
| 2009-04-15 | CVE-2009-1004 | Oracle | Multiple vulnerability in Oracle BEA Product Suite 10.3 Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality and integrity via unknown vectors. | 4.0 |
| 2009-04-15 | CVE-2009-0997 | Oracle | Multiple vulnerability in Oracle Database Server 11.1.0.6 Unspecified vulnerability in the Database Vault component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, related to DBMS_SYS_SQL. | 4.0 |
| 2009-04-15 | CVE-2009-0996 | Oracle | Unspecified vulnerability in Oracle Application Server 10.1.3.2.1/10.1.3.3.3/10.1.3.4 Unspecified vulnerability in the BI Publisher component in Oracle Application Server 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors. | 4.0 |
| 2009-04-15 | CVE-2009-0994 | Oracle | Unspecified vulnerability in Oracle Application Server Unspecified vulnerability in the BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, 10.1.3.3.3, and 10.1.3.4 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2009-1017. | 4.0 |
| 2009-04-15 | CVE-2009-0982 | Oracle | Multiple vulnerability in Oracle April 2009 Critical Patch Update Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.19 allows remote authenticated users to affect integrity via unknown vectors. | 4.0 |
| 2009-04-15 | CVE-2009-0981 | Oracle | Multiple vulnerability in Oracle Database 11G 11.1.0.7 Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX. | 4.0 |
| 2009-04-13 | CVE-2009-1289 | IBM | Information Exposure vulnerability in IBM Advanced Management Module and Bladecenter private/login.ssi in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allows remote attackers to discover the access roles and scopes of arbitrary user accounts via a modified WEBINDEX parameter. | 4.0 |
3 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2009-04-15 | CVE-2009-0988 | Oracle | Multiple vulnerability in Oracle Database 11G 11.1.0.6 Unspecified vulnerability in the Password Policy component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality via unknown vectors. | 2.1 |
| 2009-04-14 | CVE-2009-1292 | IBM Unix | Information Exposure vulnerability in IBM Rational Clearcase UCM-CQ in IBM Rational ClearCase 7.0.0.x before 7.0.0.5, 7.0.1.x before 7.0.1.4, and 7.1.x before 7.1.0.1 on Linux and AIX places a username and password on the command line, which allows local users to obtain credentials by listing the process. | 2.1 |
| 2009-04-14 | CVE-2008-6722 | Novell | Information Exposure vulnerability in Novell Access Manager 3 Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to clear entries from its SSL cache. | 1.9 |