Weekly Vulnerabilities Reports > April 20 to 26, 2009
Overview
97 new vulnerabilities reported during this period, including 15 critical vulnerabilities and 19 high severity vulnerabilities. This weekly summary report vulnerabilities in 74 products from 61 vendors including Mozilla, Apple, Glyphandcog, Foolabs, and Poppler. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Improper Input Validation", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Path Traversal".
- 95 reported vulnerabilities are remotely exploitables.
- 40 reported vulnerabilities have public exploit available.
- 45 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 93 reported vulnerabilities are exploitable by an anonymous user.
- Mozilla has the most reported vulnerabilities, with 10 reported vulnerabilities.
- Debian has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
15 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-04-23 | CVE-2009-0165 | Foolabs Glyphandcog Poppler | Numeric Errors vulnerability in multiple products Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn." | 10.0 |
2009-04-23 | CVE-2009-1372 | Clamav | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Clamav Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL. | 10.0 |
2009-04-22 | CVE-2009-1361 | Gscripts | Improper Input Validation vulnerability in Gscripts DNS Tools dig.php in GScripts.net DNS Tools allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter. | 10.0 |
2009-04-21 | CVE-2009-1358 | Debian | Unspecified vulnerability in Debian Advanced Package Tool and APT apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories. | 10.0 |
2009-04-21 | CVE-2009-1350 | Novell | Improper Input Validation vulnerability in Novell Netidentity Client1.2.3 Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client before 1.2.4 allows remote attackers to execute arbitrary code by establishing an IPC$ connection to the XTIERRPCPIPE named pipe, and sending RPC messages that trigger a dereference of an arbitrary pointer. | 10.0 |
2009-04-21 | CVE-2009-1266 | Wireshark | Remote Security vulnerability in Wireshark Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors. | 10.0 |
2009-04-21 | CVE-2009-0718 | HP | Unspecified vulnerability in HP Storageworks Storage Mirroring 5/5.1 Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
2009-04-24 | CVE-2008-6748 | Megacubo | Code Injection vulnerability in Megacubo 5.0.7 Eval injection vulnerability in Megacubo 5.0.7 allows remote attackers to inject and execute arbitrary PHP code via the play action in a mega:// URI. | 9.3 |
2009-04-22 | CVE-2009-1370 | Xilisoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xilisoft Video Converter 3.1.53/5.1.23 Stack-based buffer overflow in ape_plugin.plg in Xilisoft Video Converter 3.1.53.0704n and 5.1.23.0402 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .cue file. | 9.3 |
2009-04-21 | CVE-2008-6734 | Keller WEB Admin | Path Traversal vulnerability in Keller web Admin KWA 0.94 Directory traversal vulnerability in Public/index.php in Keller Web Admin CMS 0.94 Pro allows remote attackers to include and execute arbitrary local files via a .. | 9.3 |
2009-04-21 | CVE-2009-1356 | Elecard | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Elecard AVC HD Player Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary code via a long MP3 filename in a playlist (.xpl) file. | 9.3 |
2009-04-21 | CVE-2009-1352 | Dawningsoft | Buffer Errors vulnerability in Dawningsoft Powerchm 5.7 Stack-based buffer overflow in Dawningsoft PowerCHM 5.7 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an HTML file with a link to a long URL, as demonstrated by a .rar URL. | 9.3 |
2009-04-21 | CVE-2009-1351 | Heikki Ylinen | Buffer Errors vulnerability in Heikki Ylinen Apollo 37Zz Heap-based buffer overflow in Apollo 37zz allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long URI in a playlist (.m3u) file. | 9.3 |
2009-04-20 | CVE-2008-6731 | China ON Site | Improper Input Validation vulnerability in China-On-Site Flexphplink 0.0.7 Unrestricted file upload vulnerability in submitlink.php in FlexPHPLink Pro 0.0.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the renamed file in linkphoto/. | 9.3 |
2009-04-24 | CVE-2009-0064 | Symantec | Remote Privilege Escalation vulnerability in Symantec Brightmail Gateway Appliance 7.5/7.6/7.7 Multiple unspecified vulnerabilities in the Control Center in Symantec Brightmail Gateway Appliance before 8.0.1 allow remote authenticated users to gain privileges, and possibly obtain sensitive information or hijack sessions of arbitrary users, via vectors involving (1) administrative scripts or (2) console functions. | 9.0 |
19 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-04-24 | CVE-2009-1412 | Information Exposure vulnerability in Google Chrome Argument injection vulnerability in the chromehtml: protocol handler in Google Chrome before 1.0.154.59, when invoked by Internet Explorer, allows remote attackers to determine the existence of files, and open tabs for URLs that do not satisfy the IsWebSafeScheme restriction, via a web page that sets document.location to a chromehtml: value, as demonstrated by use of a (1) javascript: or (2) data: URL. | 7.8 | |
2009-04-21 | CVE-2008-6737 | EA | Information Exposure vulnerability in EA Crysis 1.1/1.2 Crysis 1.21 and earlier allows remote attackers to obtain sensitive player information such as real IP addresses by sending a keyexchange packet without a previous join packet, which causes Crysis to send a disconnect packet that includes unrelated log information. | 7.8 |
2009-04-24 | CVE-2009-1433 | Silverstripe | SQL Injection vulnerability in Silverstripe SQL injection vulnerability in File::find (filesystem/File.php) in SilverStripe before 2.3.1 allows remote attackers to execute arbitrary SQL commands via the filename parameter. | 7.5 |
2009-04-24 | CVE-2009-1411 | Neocrome | SQL Injection vulnerability in Neocrome Seditio 1.0 SQL injection vulnerability in events/inc/events.inc.php in the Events plugin for Seditio CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the c parameter to plug.php. | 7.5 |
2009-04-24 | CVE-2009-1410 | Opensolution | SQL Injection vulnerability in Opensolution Quick.Cms.Lite 0.5 SQL injection vulnerability in index.php in Quick.Cms.Lite 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-04-24 | CVE-2009-1403 | Creloaded | SQL Injection vulnerability in Creloaded CRE Loaded 6.2 SQL injection vulnerability in product_info.php in CRE Loaded 6.2 allows remote attackers to execute arbitrary SQL commands via the products_id parameter. | 7.5 |
2009-04-24 | CVE-2008-6752 | Revou | Improper Input Validation vulnerability in Revou adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging does not verify the original password before changing passwords, which allows remote attackers to change the administrator's password and gain privileges via a direct request with modified newpass1 and newpass2 parameters in a Change operation. | 7.5 |
2009-04-23 | CVE-2009-1182 | Foolabs Glyphandcog Poppler Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. | 7.5 |
2009-04-23 | CVE-2008-6745 | Blogphp | Improper Input Validation vulnerability in Blogphp 2.0 index.php in BlogPHP 2.0 allows remote attackers to gain administrator privileges via a crafted email parameter in a register2 action. | 7.5 |
2009-04-22 | CVE-2009-1368 | Mozilo | Path Traversal vulnerability in Mozilo Mozilocms 1.11 Directory traversal vulnerability in index.php in moziloCMS 1.11 allows remote attackers to read arbitrary files via a .. | 7.5 |
2009-04-22 | CVE-2008-6743 | Shock Therapy | Improper Authentication vulnerability in Shock-Therapy Rsmscript 1.21 RSMScript 1.21 allows remote attackers to bypass authentication and gain administrative privileges by setting the verified cookie to an arbitrary value and performing a direct request to (1) delete.php, (2) edit-submit.php, (3) edit.php, (4) submit.php, and (5) update.php, which bypasses the security check that is performed by verify.php. | 7.5 |
2009-04-21 | CVE-2008-6741 | Simple Machines | SQL Injection vulnerability in Simple Machines Simple Machines Forum SQL injection vulnerability in Load.php in Simple Machines Forum (SMF) 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands by setting the db_character_set parameter to a multibyte character set such as big5, which causes the addslashes PHP function to produce a "\" (backslash) sequence that does not quote the "'" (single quote) character, as demonstrated via a manlabels action to index.php. | 7.5 |
2009-04-21 | CVE-2008-6739 | Toddwoolums | Improper Authentication vulnerability in Toddwoolums ASP Download 1.03 Todd Woolums ASP Download management script 1.03 does not require authentication for setupdownload.asp, which allows remote attackers to gain administrator privileges via a direct request. | 7.5 |
2009-04-21 | CVE-2008-6738 | Mark Girling | Improper Authentication vulnerability in Mark Girling Myshoutpro 1.2 MyShoutPro 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the admin_access cookie to 1. | 7.5 |
2009-04-21 | CVE-2009-0716 | HP | Unspecified vulnerability in HP Storageworks Storage Mirroring 5/5.1 Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to cause a denial of service or obtain "access" via unknown vectors. | 7.5 |
2009-04-20 | CVE-2009-1346 | Interguias | SQL Injection vulnerability in Interguias Nethoteles 3.0 SQL injection vulnerability in publico/ficha.php in NetHoteles 3.0 allows remote attackers to execute arbitrary SQL commands via the id_establecimiento parameter. | 7.5 |
2009-04-20 | CVE-2009-1345 | Cpcommerce | SQL Injection vulnerability in Cpcommerce 1.2.8 SQL injection vulnerability in document.php in cpCommerce 1.2.8 allows remote attackers to execute arbitrary SQL commands via the id_document parameter. | 7.5 |
2009-04-20 | CVE-2008-6728 | Phpnuke | SQL Injection vulnerability in PHPnuke PHP-Nuke SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php. | 7.5 |
2009-04-21 | CVE-2009-1355 | IBM | Buffer Errors vulnerability in IBM AIX 5.2/5.3/6.1 Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename. | 7.2 |
63 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-04-24 | CVE-2009-1407 | Wonko | Path Traversal vulnerability in Wonko Notftp 1.3.1 Directory traversal vulnerability in config.php in NotFTP 1.3.1 allows remote attackers to read arbitrary files via a .. | 6.8 |
2009-04-24 | CVE-2009-1406 | Sweetphp | Path Traversal vulnerability in Sweetphp Totalcalendar 2.4 Directory traversal vulnerability in cms_detect.php in TotalCalendar 2.4 allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2009-04-24 | CVE-2009-1405 | Pastel | Path Traversal vulnerability in Pastel Pastelcms 0.8.0 Directory traversal vulnerability in index.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2009-04-24 | CVE-2009-1404 | Pastel | SQL Injection vulnerability in Pastel Pastelcms 0.8.0 SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user (Username) parameter. | 6.8 |
2009-04-24 | CVE-2008-6751 | Revou | Improper Input Validation vulnerability in Revou Tclone Unrestricted file upload vulnerability in index.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in settings/my_photo. | 6.8 |
2009-04-24 | CVE-2008-6750 | China ON Site | Improper Input Validation vulnerability in China-On-Site Flexphpdirectory 0.0.1 Unrestricted file upload vulnerability in add.php in FlexPHPDirectory 0.0.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photo/. | 6.8 |
2009-04-24 | CVE-2008-6749 | China ON Site | SQL Injection vulnerability in China-On-Site Flexphpdirectory 0.0.1 Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) checkuser and (2) checkpass parameters. | 6.8 |
2009-04-23 | CVE-2009-1357 | SUN | Improper Input Validation vulnerability in SUN Java System Delegated Administrator 6.2/6.3/6.4 CRLF injection vulnerability in da/DA/Login in Sun Java System Delegated Administrator 6.2 through 6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the HELP_PAGE parameter. | 6.8 |
2009-04-23 | CVE-2009-1180 | Foolabs Glyphandcog Poppler Apple | Resource Management Errors vulnerability in multiple products The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data. | 6.8 |
2009-04-23 | CVE-2009-0195 | Apple Foolabs Glyphandcog | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments. | 6.8 |
2009-04-23 | CVE-2009-0163 | Apple | Numeric Errors vulnerability in Apple Cups Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1) _cupsImageReadTIFF function in the imagetops filter and (2) imagetoraster filter, leading to a heap-based buffer overflow. | 6.8 |
2009-04-23 | CVE-2008-6747 | Dotproject | Permissions, Privileges, and Access Controls vulnerability in Dotproject dotProject before 2.1.2 does not properly restrict access to administrative pages, which allows remote attackers to gain privileges. | 6.8 |
2009-04-23 | CVE-2008-6744 | Cybozu | Cross-Site Request Forgery (CSRF) vulnerability in Cybozu Dezie, Cybozu Garoon and Cybozu Office Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0), and Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2009-04-22 | CVE-2009-1362 | Chcounter | SQL Injection vulnerability in Chcounter 3.1.3 SQL injection vulnerability in administration/index.php in chCounter 3.1.3 allows remote attackers to execute arbitrary SQL commands via the login_name parameter. | 6.8 |
2009-04-22 | CVE-2009-1307 | Mozilla | Improper Input Validation vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI. | 6.8 |
2009-04-21 | CVE-2008-6740 | Homap | Code Injection vulnerability in Homap 0.1 PHP remote file inclusion vulnerability in html/admin/modules/plugin_admin.php in HoMaP-CMS 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the _settings[pluginpath] parameter. | 6.8 |
2009-04-20 | CVE-2009-1347 | Chcounter | SQL Injection vulnerability in Chcounter 3.1.3 Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers to execute arbitrary SQL commands via (1) the login_name parameter (aka the username field) or (2) the login_pw parameter (aka the password field). | 6.8 |
2009-04-20 | CVE-2008-6730 | China ON Site | SQL Injection vulnerability in China-On-Site Flexphplink 0.0.6/0.0.7 Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (aka password field), to admin/index.php. | 6.8 |
2009-04-20 | CVE-2008-6729 | Phpmotion | Cross-Site Request Forgery (CSRF) vulnerability in PHPmotion 1.0/2.0 Multiple cross-site request forgery (CSRF) vulnerabilities in password.php in PHPmotion 2.1 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that modify an account via the (1) password or (2) email_address parameter. | 6.8 |
2009-04-21 | CVE-2009-0715 | HP | Unspecified vulnerability in HP Storage Essentials 6.0.2/6.0.3/6.0.4 Unspecified vulnerability in Secure NaviCLI in HP Storage Essentials 6.0.2 through 6.0.4 allows remote authenticated users to obtain "access" or "extended privileges" via unknown vectors. | 6.5 |
2009-04-24 | CVE-2009-0164 | Apple | Improper Input Validation vulnerability in Apple Cups The web interface for CUPS before 1.3.10 does not validate the HTTP Host header in a client request, which makes it easier for remote attackers to conduct DNS rebinding attacks. | 6.4 |
2009-04-21 | CVE-2008-6736 | Circulargenius | Permissions, Privileges, and Access Controls vulnerability in Circulargenius Flat Calendar 1.1 Flat Calendar 1.1 does not properly restrict access to administrative functions, which allows remote attackers to (1) add new events via calAdd.php, as reachable from admin/add.php, or (2) delete events via admin/deleteEvent.php. | 6.4 |
2009-04-23 | CVE-2009-0662 | Plone | Improper Authentication vulnerability in Plone Plonepas The PlonePAS product 3.x before 3.9 and 3.2.x before 3.2.2, a product for Plone, does not properly handle the login form, which allows remote authenticated users to acquire the identity of an arbitrary user via unspecified vectors. | 6.0 |
2009-04-21 | CVE-2008-6735 | Thaiquickcart | Path Traversal vulnerability in Thaiquickcart 3 Directory traversal vulnerability in qc/index.php in ThaiQuickCart 3 allows remote attackers to read arbitrary files via a .. | 5.8 |
2009-04-24 | CVE-2009-1409 | E107 | SQL Injection vulnerability in E107 SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when "Extended User Fields" is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320. | 5.1 |
2009-04-24 | CVE-2009-0798 | TIM Hockin | Resource Management Errors vulnerability in TIM Hockin Acpid ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop. | 5.0 |
2009-04-23 | CVE-2009-1371 | Clamav | Improper Input Validation vulnerability in Clamav The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) via a malformed file with UPack encoding. | 5.0 |
2009-04-22 | CVE-2009-1369 | Mozilo | Improper Input Validation vulnerability in Mozilo Mozilocms 1.11 moziloCMS 1.11 allows remote attackers to obtain sensitive information via the (1) gal[] parameter to gallery.php, (2) page[] and (3) cat[] parameter to index.php, or (4) file[] parameter to download.php, which reveals the installation path in an error message. | 5.0 |
2009-04-22 | CVE-2009-1305 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT attribute. | 5.0 |
2009-04-22 | CVE-2009-1304 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration. | 5.0 |
2009-04-22 | CVE-2009-1303 | Mozilla | Configuration vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree. | 5.0 |
2009-04-22 | CVE-2009-1302 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other vectors. | 5.0 |
2009-04-21 | CVE-2009-1353 | Sebastian Fernandez | Buffer Errors vulnerability in Sebastian Fernandez Zervit 0.02 Buffer overflow in the http_parse_hex function in libz/misc.c in Zervit Webserver 0.02 allows remote attackers to cause a denial of service (daemon crash) via a long URI, related to http.c. | 5.0 |
2009-04-21 | CVE-2009-0717 | HP | Unspecified vulnerability in HP Storageworks Storage Mirroring 5/5.1 Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.1.1.1090.15 allows remote attackers to cause a denial of service via unknown vectors. | 5.0 |
2009-04-22 | CVE-2009-1359 | SUN | Local Denial Of Service vulnerability in Sun OpenSolaris SCTP Sockets Unspecified vulnerability in the SCTP sockets implementation in Sun OpenSolaris snv_106 through snv_107 allows local users to cause a denial of service (panic) via unknown vectors. | 4.9 |
2009-04-24 | CVE-2009-1414 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google Chrome 2.0.x lets modifications to the global object persist across a page transition, which makes it easier for attackers to conduct Universal XSS attacks via unspecified vectors. | 4.3 | |
2009-04-24 | CVE-2009-1413 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google Chrome 1.0.x does not cancel timeouts upon a page transition, which makes it easier for attackers to conduct Universal XSS attacks by calling setTimeout to trigger future execution of JavaScript code, and then modifying document.location to arrange for JavaScript execution in the context of an arbitrary web site. | 4.3 | |
2009-04-24 | CVE-2009-0063 | Symantec | Cross-Site Scripting vulnerability in Symantec Brightmail Gateway Appliance 7.5/7.6/7.7 Cross-site scripting (XSS) vulnerability in the Control Center in Symantec Brightmail Gateway Appliance before 8.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2009-04-24 | CVE-2009-1408 | Webspell | Cross-Site Scripting vulnerability in Webspell 4.2.0C Cross-site scripting (XSS) vulnerability in webSPELL 4.2.0c allows remote attackers to inject arbitrary web script or HTML allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover in nested BBcode tags, as demonstrated using (1) email, (2) img, and (3) url tags. | 4.3 |
2009-04-23 | CVE-2009-0799 | Foolabs Glyphandcog Poppler Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read. | 4.3 |
2009-04-23 | CVE-2009-0664 | Mahara | Cross-Site Scripting vulnerability in Mahara Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0.x before 1.0.11 and 1.1.x before 1.1.3 allow remote attackers to inject arbitrary web script or HTML via (1) the introduction field in a user profile or (2) an arbitrary text block in a user view. | 4.3 |
2009-04-23 | CVE-2009-0166 | Foolabs Glyphandcog Poppler Apple | Resource Management Errors vulnerability in multiple products The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory. | 4.3 |
2009-04-23 | CVE-2009-0147 | Foolabs Glyphandcog Apple | Numeric Errors vulnerability in multiple products Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap. | 4.3 |
2009-04-23 | CVE-2009-0146 | Foolabs Glyphandcog Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg. | 4.3 |
2009-04-23 | CVE-2008-6746 | Horde | Cross-Site Scripting vulnerability in Horde Turba H3 Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the contact name. | 4.3 |
2009-04-22 | CVE-2009-1367 | Mozilo | Cross-Site Scripting vulnerability in Mozilo Mozilocms 1.11 Cross-site scripting (XSS) vulnerability in index.php in moziloCMS 1.11 allows remote attackers to inject arbitrary web script or HTML via the query parameter in search action, a different issue than CVE-2008-6127.2a. | 4.3 |
2009-04-22 | CVE-2009-1366 | Dotnetnuke | Cross-Site Scripting vulnerability in Dotnetnuke Cross-site scripting (XSS) vulnerability in Website\admin\Sales\paypalipn.aspx in DotNetNuke (DNN) before 4.9.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "name/value pairs" and "paypal IPN functionality." | 4.3 |
2009-04-22 | CVE-2009-1312 | Mozilla | Configuration vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. | 4.3 |
2009-04-22 | CVE-2009-1311 | Mozilla | Information Exposure vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODE_FILEONLY save of the inner frame. | 4.3 |
2009-04-22 | CVE-2009-1310 | Mozilla | Cross-Site Scripting vulnerability in Mozilla Firefox Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element. | 4.3 |
2009-04-22 | CVE-2009-1309 | Mozilla | Configuration vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document. | 4.3 |
2009-04-22 | CVE-2009-1306 | Mozilla | Configuration vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation. | 4.3 |
2009-04-22 | CVE-2009-0307 | RIM | Cross-Site Scripting vulnerability in RIM Blackberry Enterprise Server Cross-site scripting (XSS) vulnerability in the "Customize Statistics Page" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via the (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, and (11) referenceTime parameters. | 4.3 |
2009-04-21 | CVE-2008-6742 | Gofoxy | Improper Input Validation vulnerability in Gofoxy Foxy Foxy P2P software allows remote attackers to cause a denial of service (memory consumption) via a foxy URI with a download action and a large fs value. | 4.3 |
2009-04-21 | CVE-2008-6733 | Dotnetnuke | Cross-Site Scripting vulnerability in Dotnetnuke Cross-site scripting (XSS) vulnerability in the error handling page in DotNetNuke 4.6.2 through 4.8.3 allows remote attackers to inject arbitrary web script or HTML via the querystring parameter. | 4.3 |
2009-04-21 | CVE-2008-6732 | Dotnetnuke | Cross-Site Scripting vulnerability in Dotnetnuke Cross-site scripting (XSS) vulnerability in the Language skin object in DotNetNuke before 4.8.4 allows remote attackers to inject arbitrary web script or HTML via "newly generated paths." | 4.3 |
2009-04-21 | CVE-2006-7238 | Mark Girling | Cross-Site Scripting vulnerability in Mark Girling Myshoutpro Cross-site scripting (XSS) vulnerability in MyShoutPro before 1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2009-04-21 | CVE-2009-1349 | Redhat | Cross-Site Scripting vulnerability in Redhat Stronghold 2.3 Cross-site scripting (XSS) vulnerability in C2Net Stronghold 2.3 allows remote attackers to inject arbitrary web script or HTML via the URI. | 4.3 |
2009-04-20 | CVE-2009-1344 | Drupal | Cross-Site Scripting vulnerability in Drupal Localization Client Cross-site scripting (XSS) vulnerability in the Localization client module 5.x before 5.x-1.2 and 6.x before 6.x-1.7, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via input to the translation functionality. | 4.3 |
2009-04-20 | CVE-2009-1343 | Drupal | Cross-Site Scripting vulnerability in Drupal Print Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.5 and 6.x before 6.x-1.5, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via content titles. | 4.3 |
2009-04-20 | CVE-2009-1342 | Drupal | Cross-Site Scripting vulnerability in Drupal CCK Comment Reference 6.X/6.X1.1 Cross-site scripting (XSS) vulnerability in the CCK comment reference module 6.x before 6.x-1.2, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via certain comment titles associated with a node edit form. | 4.3 |
2009-04-20 | CVE-2008-6727 | Myupb | Cross-Site Scripting vulnerability in Myupb UPB Cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) 2.2.2, 2.2.1, and earlier 2.x versions allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header. | 4.3 |
2009-04-21 | CVE-2009-1354 | Sergey Lyubka | Path Traversal vulnerability in Sergey Lyubka Mongoose 2.4 Directory traversal vulnerability in Mongoose 2.4 allows remote attackers to read arbitrary files via a .. | 4.0 |
0 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|