Weekly Vulnerabilities Reports > May 18 to 24, 2009
Overview
83 new vulnerabilities reported during this period, including 15 critical vulnerabilities and 29 high severity vulnerabilities. This weekly summary report vulnerabilities in 91 products from 65 vendors including SUN, Roboform, Frax, Omnisoftsol, and Armorlogic. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Path Traversal", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Improper Input Validation".
- 79 reported vulnerabilities are remotely exploitables.
- 51 reported vulnerabilities have public exploit available.
- 44 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 78 reported vulnerabilities are exploitable by an anonymous user.
- SUN has the most reported vulnerabilities, with 3 reported vulnerabilities.
- Dlink has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
15 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-05-22 | CVE-2009-1784 | AVG | Improper Input Validation vulnerability in AVG Anti-Virus The AVG parsing engine 8.5 323, as used in multiple AVG anti-virus products including Anti-Virus Network Edition, Internet Security Netzwerk Edition, Server Edition für Linux/FreeBSD, Anti-Virus SBS Edition, and others allows remote attackers to bypass malware detection via a crafted (1) RAR and (2) ZIP archive. | 10.0 |
2009-05-22 | CVE-2009-1783 | F Prot | Improper Input Validation vulnerability in F-Prot Antivirus, F-Prot Aves and F-Prot Milter Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote attackers to bypass malware detection via a crafted CAB archive. | 10.0 |
2009-05-21 | CVE-2009-1745 | Armorlogic | Credentials Management vulnerability in Armorlogic Profense web Application Firewall 2.4 Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, has a default root password hash, and permits password-based root logins over SSH, which makes it easier for remote attackers to obtain access. | 10.0 |
2009-05-21 | CVE-2009-1161 | Cisco | Path Traversal vulnerability in Cisco products Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors. | 10.0 |
2009-05-18 | CVE-2009-1669 | Smarty | Improper Input Validation vulnerability in Smarty 2.6.22 The smarty_function_math function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. | 10.0 |
2009-05-18 | CVE-2009-0721 | HP | Remote Graphics Software RGS Sender Unauthorized Access vulnerability in HP Unspecified vulnerability in Easy Login in the Sender module in HP Remote Graphics Software (RGS) 4.0.0 through 5.2.4 allows remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
2009-05-22 | CVE-2009-1774 | Strawberry | Path Traversal vulnerability in Strawberry 1.1.1 Directory traversal vulnerability in plugins/ddb/foot.php in Strawberry 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. | 9.3 |
2009-05-22 | CVE-2009-1759 | Rahul | Buffer Errors vulnerability in Rahul Ctorrent and Dtorrent Stack-based buffer overflow in the btFiles::BuildFromMI function (trunk/btfiles.cpp) in Enhanced CTorrent (aka dTorrent) 3.3.2 and probably earlier, and CTorrent 1.3.4, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Torrent file containing a long path. | 9.3 |
2009-05-21 | CVE-2009-1743 | Pinnaclesys | Path Traversal vulnerability in Pinnaclesys Pinnacle Studio 12 Directory traversal vulnerability in InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in Pinnacle Systems Pinnacle Studio 12, allows remote attackers to create and overwrite arbitrary files via a filename containing a ..\ (dot dot backslash) sequence in a Hollywood FX Compressed Archive (.hfz) file. | 9.3 |
2009-05-20 | CVE-2009-1740 | Dlink | Buffer Errors vulnerability in Dlink Mpeg4 Viewer Activex Control 2.11.918.2006 Multiple heap-based buffer overflows in the D-Link MPEG4 Viewer ActiveX Control (csviewer.ocx) 2.11.918.2006 allow remote attackers to execute arbitrary code via a long argument to the (1) SetFilePath and (2) SetClientCookie methods. | 9.3 |
2009-05-18 | CVE-2009-1675 | Electrasoft | Buffer Errors vulnerability in Electrasoft 32Bit FTP 09.04.24 Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 227 reply to a PASV command. | 9.3 |
2009-05-18 | CVE-2009-1674 | Microchip | Buffer Errors vulnerability in Microchip Mplab IDE 8.30 Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows user-assisted remote attackers to execute arbitrary code via a long .cof pathname in a [TOOL_SETTINGS] section in a .mcp file, possibly a related issue to CVE-2009-1608. | 9.3 |
2009-05-18 | CVE-2009-1667 | Mini Stream | Buffer Errors vulnerability in Mini-Stream Castripper 2.50.70 Stack-based buffer overflow in Mini-stream CastRipper 2.50.70 allows remote attackers to execute arbitrary code via a long entry in a .m3u file, a different vector than CVE-2009-5137. | 9.3 |
2009-05-18 | CVE-2009-1666 | Cyclomedia | Memory Corruption vulnerability in Cyclomedia Cycloscopelite 2.50.3.0 Multiple unspecified vulnerabilities in CycloMedia CycloScopeLite 2.50.3.0 allow remote attackers to execute arbitrary code via the ReturnConnection method in (1) CM_ADOConnection.dll, (2) CM_AddressInfoDBC.dll, and (3) CM_RecordingLocationDBC.dll, related to improper dereferencing. | 9.3 |
2009-05-18 | CVE-2009-1660 | Urusoft | Buffer Errors vulnerability in Urusoft Viplay3 3.0 Stack-based buffer overflow in URUWorks ViPlay3 3.0 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file entry in a .vpl file. | 9.3 |
29 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-05-20 | CVE-2009-1737 | Diqiye | Path Traversal vulnerability in Diqiye Mypic 2.1 Directory traversal vulnerability in bom.php in MyPic 2.1 allows remote attackers to list files in arbitrary directories via a .. | 7.8 |
2009-05-22 | CVE-2009-1781 | Roboform Frax | Injection vulnerability in Frax PHP Recommend 1.3 Static code injection vulnerability in admin.php in Frax.dk Php Recommend 1.3 and earlier allows remote attackers to inject arbitrary PHP code into phpre_config.php via the form_aula parameter. | 7.5 |
2009-05-22 | CVE-2009-1780 | Roboform Frax | Missing Authentication for Critical Function vulnerability in Frax PHP Recommend 1.3 admin.php in Frax.dk Php Recommend 1.3 and earlier does not require authentication when the user password is changed, which allows remote attackers to gain administrative privileges via modified form_admin_user and form_admin_pass parameters. | 7.5 |
2009-05-22 | CVE-2009-1779 | Roboform Frax | Path Traversal vulnerability in Frax PHP Recommend 1.3 PHP remote file inclusion vulnerability in admin.php in Frax.dk Php Recommend 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the form_include_template parameter. | 7.5 |
2009-05-22 | CVE-2009-1771 | Flyspeck | Permissions, Privileges, and Access Controls vulnerability in Flyspeck CMS 6.8 index.php in Flyspeck CMS 6.8 does not require administrative authentication for the updateExistingContent action, which allows remote attackers to create or modify admin accounts via the (1) users[fullname], (2) users[email], (3) users[role_id], (4) users[username], and (5) users[password] parameters. | 7.5 |
2009-05-22 | CVE-2009-1770 | Flyspeck | Path Traversal vulnerability in Flyspeck CMS 6.8 Directory traversal vulnerability in includes/database/examples/addressbook.php in Flyspeck CMS 6.8 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2009-05-22 | CVE-2009-1764 | Bokecc | SQL Injection vulnerability in Bokecc Maxcms 2.0 SQL injection vulnerability in inc/ajax.asp in MaxCMS 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a digg action. | 7.5 |
2009-05-22 | CVE-2009-1752 | Exjune | Permissions, Privileges, and Access Controls vulnerability in Exjune Office Message System 1 exJune Office Message System 1 does not properly restrict access to (1) configure.asp and (2) addmessage2.asp, which allows remote attackers to gain privileges a direct request. | 7.5 |
2009-05-22 | CVE-2009-1751 | Realtywebware | SQL Injection vulnerability in Realtywebware Realty Web-Base 1.0 SQL injection vulnerability in list_list.php in Realty Webware Technologies Web-Base 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-05-22 | CVE-2009-1748 | Joost Horward | Path Traversal vulnerability in Joost Horward Catviz 0.4.0 Multiple directory traversal vulnerabilities in index.php in Catviz 0.4.0 Beta 1 allow remote attackers to read arbitrary files via a .. | 7.5 |
2009-05-22 | CVE-2009-1747 | 26Thavenue | SQL Injection vulnerability in 26Thavenue Bspeak 1.10 SQL injection vulnerability in index.php in 26th Avenue bSpeak 1.10 allows remote attackers to execute arbitrary SQL commands via the forumid parameter in a post action. | 7.5 |
2009-05-22 | CVE-2008-6813 | Surat Kabar | SQL Injection vulnerability in Surat Kabar PHPwebnews 0.2 SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter. | 7.5 |
2009-05-22 | CVE-2008-6812 | Surat Kabar | SQL Injection vulnerability in Surat Kabar PHPwebnews 0.1 SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter. | 7.5 |
2009-05-21 | CVE-2009-1746 | Diangemilang | SQL Injection vulnerability in Diangemilang Dgnews 3.0Beta SQL injection vulnerability in berita.php in Dian Gemilang DGNews 3.0 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | 7.5 |
2009-05-21 | CVE-2009-1594 | Armorlogic | Permissions, Privileges, and Access Controls vulnerability in Armorlogic Profense web Application Firewall 2.4 Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, does not properly implement the "positive model," which allows remote attackers to bypass certain protection mechanisms via a %0A (encoded newline), as demonstrated by a %0A in a cross-site scripting (XSS) attack URL. | 7.5 |
2009-05-20 | CVE-2009-1742 | Pc4Arb | SQL Injection vulnerability in Pc4Arb PC4 Uploader code.php in PC4Arb Pc4 Uploader 9.0 and earlier makes it easier for remote attackers to conduct SQL injection attacks via crafted keyword sequences that are removed from a filter in the id parameter in a banner action, as demonstrated via the "UNIunionON" string, which is collapsed into "UNION" by the filter_sql function. | 7.5 |
2009-05-20 | CVE-2009-1739 | Phpeasycode | Improper Input Validation vulnerability in PHPeasycode PAD Site Scripts 3.6 PAD Site Scripts 3.6 allows remote attackers to bypass authentication and gain privileges as other users, including administrative privileges, by setting the authuser cookie parameter to a valid username. | 7.5 |
2009-05-20 | CVE-2009-1736 | Joomla | SQL Injection vulnerability in Joomla COM Gsticketsystem SQL injection vulnerability in the GridSupport (GS) Ticket System (com_gsticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewCategory action to index.php. | 7.5 |
2009-05-20 | CVE-2009-1734 | Omnisoftsol | SQL Injection vulnerability in Omnisoftsol Vidsharepro SQL injection vulnerability in listing_video.php in VidSharePro allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |
2009-05-20 | CVE-2009-1731 | Mlffat | SQL Injection vulnerability in Mlffat 2.1 SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded supervisor cookie. | 7.5 |
2009-05-18 | CVE-2009-1678 | Bitweaver | Path Traversal vulnerability in Bitweaver Directory traversal vulnerability in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allows remote attackers to create or overwrite arbitrary files via a .. | 7.5 |
2009-05-18 | CVE-2009-1670 | Tcpdb | Improper Authentication vulnerability in Tcpdb 3.8 user/index.php in TCPDB 3.8 does not require administrative authentication, which allows remote attackers to add admin accounts via unspecified vectors. | 7.5 |
2009-05-18 | CVE-2009-1664 | Easy Scripts | Improper Authentication vulnerability in Easy-Scripts Answer and Question Script myaccount.php in Easy Scripts Answer and Question Script does not verify the original password before changing passwords, which allows remote attackers to change the password of other users and gain privileges via modified userid, txtpassword, and txtRpassword parameters. | 7.5 |
2009-05-18 | CVE-2009-1662 | Recipescript | SQL Injection vulnerability in Recipescript Recipe Script 5 Multiple SQL injection vulnerabilities in admin/login.php in Wright Way Services Recipe Script 5 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) Password fields, as reachable from admin/index.php. | 7.5 |
2009-05-18 | CVE-2009-1658 | Realtywebware | SQL Injection vulnerability in Realtywebware Realty Web-Base 1.0 Multiple SQL injection vulnerabilities in admin/admin.php in Realty Webware Technologies Realty Web-Base 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) user (username) and (2) password parameters. | 7.5 |
2009-05-18 | CVE-2009-1657 | B2Evolution | SQL Injection vulnerability in B2Evolution Starrating Plugin 0.6/0.7/0.7.5 Multiple SQL injection vulnerabilities in the Starrating plugin before 0.7.7 for b2evolution allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2009-05-18 | CVE-2008-6810 | Bookingcentre | SQL Injection vulnerability in Bookingcentre Booking System for Hotels Group 2.01 Multiple SQL injection vulnerabilities in admin/checklogin.php in Venalsur Booking Centre Booking System for Hotels Group 2.01 allow remote attackers to execute arbitrary SQL commands via the (1) myusername (username) and (2) password parameters. | 7.5 |
2009-05-18 | CVE-2008-6809 | Bookingcentre | SQL Injection vulnerability in Bookingcentre Booking System for Hotels Group 2.01 SQL injection vulnerability in hotel_habitaciones.php in Venalsur Booking Centre Booking System for Hotels Group 2.01 allows remote attackers to execute arbitrary SQL commands via the HotelID parameter. | 7.5 |
2009-05-22 | CVE-2009-1763 | SUN | Local Code Execution vulnerability in Sun Solaris Secure Digital Slot Driver (sdhost(7D)) Unspecified vulnerability in the Solaris Secure Digital slot driver (aka sdhost) in Sun OpenSolaris snv_105 through snv_108 on the x86 platform allows local users to gain privileges or cause a denial of service (filesystem or memory corruption) via unknown vectors. | 7.2 |
36 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-05-22 | CVE-2009-1782 | F Secure | Unspecified vulnerability in F-Secure products Multiple F-Secure anti-virus products, including Anti-Virus for Microsoft Exchange 7.10 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, Windows 6.61 and earlier, and Linux 2.16 and earlier; Internet Security 2009 and earlier, Anti-Virus 2009 and earlier, Client Security 8.0 and earlier, and others; allow remote attackers to bypass malware detection via a crafted (1) ZIP and (2) RAR archive. | 6.8 |
2009-05-22 | CVE-2009-1778 | Bigace | SQL Injection vulnerability in Bigace CMS 2.5 SQL injection vulnerability in the new user registration feature in BigACE CMS 2.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | 6.8 |
2009-05-22 | CVE-2009-1765 | Pluck CMS | Path Traversal vulnerability in Pluck-Cms Pluck 4.6.2 Multiple directory traversal vulnerabilities in pluck 4.6.2, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2009-05-22 | CVE-2009-1757 | Transmissionbt | Cross-Site Request Forgery (CSRF) vulnerability in Transmissionbt Transmission Cross-site request forgery (CSRF) vulnerability in Transmission 1.5 before 1.53 and 1.6 before 1.61 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2009-05-20 | CVE-2009-1741 | Dutchmonkey | SQL Injection vulnerability in Dutchmonkey DM Filemanager 3.9.2 Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. | 6.8 |
2009-05-20 | CVE-2009-1733 | Richard Ellerbrock | Cross-Site Request Forgery (CSRF) vulnerability in Richard Ellerbrock Ipplan 4.91A Cross-site request forgery (CSRF) vulnerability in IPplan 4.91a allows remote attackers to hijack the authentication of administrators for requests that (1) change the password, (2) add users, or (3) delete users via unknown vectors. | 6.8 |
2009-05-19 | CVE-2009-1252 | NTP | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in NTP Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field. | 6.8 |
2009-05-18 | CVE-2009-1663 | Easy Scripts | File-Upload vulnerability in Answer And Question Script Unrestricted file upload vulnerability in myaccount.php in Easy Scripts Answer and Question Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads/[username] directory. | 6.8 |
2009-05-18 | CVE-2009-1661 | Anoldman | SQL Injection vulnerability in Anoldman Utopic 1.0 SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the rating parameter to index.php. | 6.8 |
2009-05-18 | CVE-2009-1659 | Intelliants | Arbitrary File Upload and Authentication Bypass vulnerability in Intelliants Elitius 1.0 Unrestricted file upload vulnerability in admin/uploadimage.php in eLitius 1.0 allows remote attackers to bypass intended access restrictions and upload and execute arbitrary files via an avatar file with an accepted Content-Type such as image/gif, then requesting the file in admin/banners/. | 6.8 |
2009-05-18 | CVE-2008-6811 | Instinct Wordpress | Unspecified vulnerability in Instinct E-Commerce Plugin Unrestricted file upload vulnerability in image_processing.php in the e-Commerce Plugin 3.4 and earlier for Wordpress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/plugins/wp-shopping-cart/. | 6.8 |
2009-05-18 | CVE-2009-1677 | Bitweaver | Code Injection vulnerability in Bitweaver Multiple static code injection vulnerabilities in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allow (1) remote authenticated users to inject arbitrary PHP code into files by placing PHP sequences into the account's "display name" setting and then invoking boards/boards_rss.php, and might allow (2) remote attackers to inject arbitrary PHP code into files via the HTTP Host header in a request to boards/boards_rss.php. | 6.5 |
2009-05-22 | CVE-2009-1766 | Teozkr | SQL Injection vulnerability in Teozkr Lightopencms 0.1 SQL injection vulnerability in index.php in LightOpenCMS 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 6.4 |
2009-05-18 | CVE-2009-1665 | Easy Scripts | Permissions, Privileges, and Access Controls vulnerability in Easy-Scripts Answer and Question Script myaccount.php in Easy Scripts Answer and Question Script allows remote attackers to remove arbitrary user accounts via a modified userid parameter without specifying any additional fields. | 6.4 |
2009-05-22 | CVE-2009-1750 | Omnisoftsol | Unspecified vulnerability in Omnisoftsol Vidsharepro Unrestricted file upload vulnerability in VidSharePro allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors. | 6.0 |
2009-05-22 | CVE-2009-1777 | Matt Wright | Improper Input Validation vulnerability in Matt Wright Formmail 1.92 CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail 1.92, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the redirect parameter. | 5.0 |
2009-05-22 | CVE-2009-1773 | Activecollab | Improper Input Validation vulnerability in Activecollab 2.1.0 activeCollab 2.1 Corporate allows remote attackers to obtain sensitive information via an invalid re_route parameter to the login script, which reveals the installation path in an error message. | 5.0 |
2009-05-22 | CVE-2009-1768 | Ramazeiten | Path Traversal vulnerability in Ramazeiten products Directory traversal vulnerability in download.php in Rama Zaiten CMS 0.9.8 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2009-05-22 | CVE-2009-1767 | 2Daybiz | Permissions, Privileges, and Access Controls vulnerability in 2Daybiz Template Monster Clone admin/edituser.php in 2daybiz Template Monster Clone does not require administrative authentication, which allows remote attackers to modify arbitrary accounts via the (1) loginname, (2) password, (3) email, (4) firstname, or (5) lastname parameter. | 5.0 |
2009-05-22 | CVE-2009-1758 | Linux XEN | Resource Management Errors vulnerability in XEN The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in "certain address ranges." | 5.0 |
2009-05-22 | CVE-2009-1755 | Nlnetlabs | Numeric Errors vulnerability in Nlnetlabs NSD Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_query_section in query.c in nsd 2.3.7, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a buffer overflow. | 5.0 |
2009-05-18 | CVE-2009-1673 | SUN | Local Denial Of Service vulnerability in SUN Solaris 9 The kernel in Sun Solaris 9 allows local users to cause a denial of service (panic) by calling fstat with a first argument of AT_FDCWD. | 4.9 |
2009-05-22 | CVE-2009-1785 | Ulteo | Cross-Site Scripting vulnerability in Ulteo Open Virtual Desktop 1.0 Cross-site scripting (XSS) vulnerability in Ulteo Open Virtual Desktop 1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter to header.php. | 4.3 |
2009-05-22 | CVE-2009-1776 | Matt Wright | Cross-Site Scripting vulnerability in Matt Wright Formmail Multiple cross-site scripting (XSS) vulnerabilities in FormMail.pl in Matt Wright FormMail 1.92, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via javascript: URIs in the (1) request and (2) return_link_url parameters. | 4.3 |
2009-05-22 | CVE-2009-1772 | Activecollab | Cross-Site Scripting vulnerability in Activecollab 2.1.0 Cross-site scripting (XSS) vulnerability in activeCollab 2.1 Corporate allows remote attackers to inject arbitrary web script or HTML via the re_route parameter to the login script. | 4.3 |
2009-05-22 | CVE-2009-1762 | Novell | Cross-Site Scripting vulnerability in Novell Groupwise Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess login page (aka gw/webacc) in Novell GroupWise 7.x before 7.03 HP2 allow remote attackers to inject arbitrary web script or HTML via the (1) GWAP.version or (2) User.Theme (aka User.Theme.index) parameter. | 4.3 |
2009-05-22 | CVE-2009-1635 | Novell | Cross-Site Scripting vulnerability in Novell Groupwise Multiple cross-site scripting (XSS) vulnerabilities in the WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to inject arbitrary web script or HTML via (1) the User.lang parameter to the login page (aka gw/webacc), (2) style expressions in a message that contains an HTML file, or (3) vectors associated with incorrect protection mechanisms against scripting, as demonstrated using whitespace between JavaScript event names and values. | 4.3 |
2009-05-22 | CVE-2009-1749 | Joost Horward | Cross-Site Scripting vulnerability in Joost Horward Catviz 0.4.0 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Catviz 0.4.0 beta 1 allow remote attackers to inject arbitrary web script or HTML via the (1) userman_form and (2) webpages_form parameters. | 4.3 |
2009-05-21 | CVE-2009-1729 | SUN | Cross-Site Scripting vulnerability in SUN Java System Communications Express 6.2/6.3 Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express 6 2005Q4 (aka 6.2) and 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the abperson_displayName parameter to uwc/abs/search.xml in the Add Contact implementation in the Personal Address Book component or (2) the temporaryCalendars parameter to uwc/base/UWCMain. | 4.3 |
2009-05-21 | CVE-2009-1593 | Armorlogic | Cross-Site Scripting vulnerability in Armorlogic Profense web Application Firewall 2.4 Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, does not properly implement the "negative model," which allows remote attackers to conduct cross-site scripting (XSS) attacks via a modified end tag of a SCRIPT element. | 4.3 |
2009-05-21 | CVE-2009-1744 | Pinnaclesys | Path Traversal vulnerability in Pinnaclesys Pinnacle Studio 12 InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in Pinnacle Systems Pinnacle Studio 12, allows remote attackers to cause a denial of service (application crash) via a crafted Hollywood FX Compressed Archive (.hfz) file. | 4.3 |
2009-05-20 | CVE-2009-1735 | Omnisoftsol | Cross-Site Scripting vulnerability in Omnisoftsol Vidsharepro Cross-site scripting (XSS) vulnerability in search.php in VidSharePro allows remote attackers to inject arbitrary web script or HTML via the searchtxt parameter. | 4.3 |
2009-05-20 | CVE-2009-1732 | Richard Ellerbrock | Cross-Site Scripting vulnerability in Richard Ellerbrock Ipplan 4.91A Cross-site scripting (XSS) vulnerability in admin/usermanager in IPplan 4.91a allows remote attackers to inject arbitrary web script or HTML via the grp parameter. | 4.3 |
2009-05-19 | CVE-2009-1418 | HP | Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2009-05-21 | CVE-2009-0897 | IBM | Information Disclosure vulnerability in IBM WebSphere Partner Gateway 'bcgarchive' IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the "schema DB2 instance id" and the bcgarchive (aka the archiver script). | 4.0 |
2009-05-18 | CVE-2009-1668 | Typsoft | Improper Input Validation vulnerability in Typsoft FTP Server 1.11 TYPSoft FTP Server 1.11 allows remote attackers to cause a denial of service (CPU consumption) by sending an ABOR (abort) command without an active file transfer. | 4.0 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-05-20 | CVE-2009-1738 | Ivanjaros Drupal | Cross-Site Scripting vulnerability in Ivanjaros Feed Block 6.X1.0/6.X1.X Cross-site scripting (XSS) vulnerability in Feed Block 6.x-1.x before 6.x-1.1, a module for Drupal, allows remote authenticated users with administrator feed permissions to inject arbitrary web script or HTML via unspecified vectors in "aggregator items." | 3.5 |
2009-05-22 | CVE-2009-1753 | EMN | Link Following vulnerability in EMN Coccinelle 0.1.7 Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecified "result file." | 3.3 |
2009-05-22 | CVE-2009-1756 | Simone Rota | Information Exposure vulnerability in Simone Rota Slim Simple Login Manager 1.3.0 SLiM Simple Login Manager 1.3.0 places the X authority magic cookie (mcookie) on the command line when invoking xauth from (1) app.cpp and (2) switchuser.cpp, which allows local users to access the X session by listing the process and its arguments. | 2.1 |