Weekly Vulnerabilities Reports > June 1 to 7, 2009

Overview

91 new vulnerabilities reported during this period, including 25 critical vulnerabilities and 19 high severity vulnerabilities. This weekly summary report vulnerabilities in 85 products from 54 vendors including IBM, Apple, SUN, Joomla, and Apache. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Path Traversal", and "Information Exposure".

  • 86 reported vulnerabilities are remotely exploitables.
  • 32 reported vulnerabilities have public exploit available.
  • 43 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 88 reported vulnerabilities are exploitable by an anonymous user.
  • IBM has the most reported vulnerabilities, with 11 reported vulnerabilities.
  • Apple has the most reported critical vulnerabilities, with 10 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

25 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-06-05 CVE-2009-1943 Safenet INC Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Safenet-Inc Softremote and Softremote1.4

Stack-based buffer overflow in the IKE service (ireIke.exe) in SafeNet SoftRemote before 10.8.6 allows remote attackers to execute arbitrary code via a long request to UDP port 62514.

10.0
2009-06-04 CVE-2009-1916 Gscripts OS Command Injection vulnerability in Gscripts DNS Tools

dig.php in GScripts.net DNS Tools allows remote attackers to execute arbitrary commands via shell metacharacters in the ns parameter.

10.0
2009-06-04 CVE-2008-6824 A Link Cryptographic Issues vulnerability in A-Link Wl54Ap2 and Wl54Ap3

The management interface on the A-LINK WL54AP3 and WL54AP2 access points has a blank default password for the admin account, which makes it easier for remote attackers to obtain access.

10.0
2009-06-03 CVE-2008-6821 IBM Buffer Errors vulnerability in IBM DB2 8.0/9.1/9.5

Buffer overflow in the DAS server in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 might allow attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, a different vulnerability than CVE-2007-3676 and CVE-2008-3853.

10.0
2009-06-03 CVE-2008-6820 IBM
Microsoft
Configuration vulnerability in IBM DB2 8.0/9.1/9.5

The db2fmp process in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 on Windows runs with "OS privilege," which has unknown impact and attack vectors, a different vulnerability than CVE-2008-3856.

10.0
2009-06-03 CVE-2009-1901 IBM Multiple Security vulnerability in IBM WebSphere Application Server

The Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 permits "non-standard http methods," which has unknown impact and remote attack vectors.

10.0
2009-06-03 CVE-2009-1899 IBM Multiple Security vulnerability in IBM WebSphere Application Server

Unspecified vulnerability in the Administrative Configservice API in the System Management/Repository component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35, 6.1 before 6.1.0.25, and 7.0 before 7.0.0.5 on z/OS allows remote authenticated users to obtain sensitive information via unknown use of the wsadmin scripting tool, related to a "security exposure in wsadmin."

10.0
2009-06-03 CVE-2009-0896 IBM Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Websphere MQ

Buffer overflow in the queue manager in IBM WebSphere MQ 6.x before 6.0.2.7 and 7.x before 7.0.1.0 allows remote attackers to execute arbitrary code via a crafted request.

10.0
2009-06-02 CVE-2009-0894 Xvid Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xvid

Heap-based buffer overflow in the decoder_create function in the initialization functionality in xvidcore/src/decoder.c in Xvid before 1.2.2, as used by Windows Media Player and other applications, allows remote attackers to execute arbitrary code via vectors involving the DirectShow (aka DShow) frontend and improper handling of the XVID_ERR_MEMORY return code during processing of a crafted movie file.

10.0
2009-06-02 CVE-2009-0893 Xvid Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xvid

Multiple heap-based buffer overflows in xvidcore/src/decoder.c in the xvidcore library in Xvid before 1.2.2, as used by Windows Media Player and other applications, allow remote attackers to execute arbitrary code by providing a crafted macroblock (aka MBlock) number in a video stream in a crafted movie file that triggers heap memory corruption, related to a "missing resync marker range check" and the (1) decoder_iframe, (2) decoder_pframe, and (3) decoder_bframe functions.

10.0
2009-06-02 CVE-2004-2764 SUN Permissions, Privileges, and Access Controls vulnerability in SUN JRE and SDK

Sun SDK and Java Runtime Environment (JRE) 1.4.2 through 1.4.2_04, 1.4.1 through 1.4.1_07, and 1.4.0 through 1.4.0_04 allows untrusted applets and unprivileged servlets to gain privileges and read data from other applets via unspecified vectors related to classes in the XSLT processor, aka "XML sniffing."

10.0
2009-06-01 CVE-2003-1573 SUN SQL Injection vulnerability in SUN J2Ee 1.4

The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequate security settings and library bugs in sun.* and org.apache.* packages."

10.0
2009-06-05 CVE-2009-1944 Aimp Buffer Errors vulnerability in Aimp 2.51

Stack-based buffer overflow in AIMP 2.51 build 330 allows remote attackers to execute arbitrary code via an MP3 file with a long ID3 tag.

9.3
2009-06-02 CVE-2009-0957 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime

Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image.

9.3
2009-06-02 CVE-2009-0956 Apple Resource Management Errors vulnerability in Apple Quicktime

Apple QuickTime before 7.6.2 does not properly initialize memory before use in handling movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie containing a user data atom of size zero.

9.3
2009-06-02 CVE-2009-0955 Apple Code Injection vulnerability in Apple Quicktime

Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted image description atoms in an Apple video file, related to a "sign extension issue."

9.3
2009-06-02 CVE-2009-0954 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime

Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie file containing crafted Clipping Region (CRGN) atom types.

9.3
2009-06-02 CVE-2009-0953 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime

Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.

9.3
2009-06-02 CVE-2009-0952 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime

Buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted compressed PSD image.

9.3
2009-06-02 CVE-2009-0951 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime

Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC compression file.

9.3
2009-06-02 CVE-2009-0950 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Itunes

Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon.

9.3
2009-06-02 CVE-2009-0188 Apple Resource Management Errors vulnerability in Apple Quicktime

Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file.

9.3
2009-06-02 CVE-2009-0185 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime

Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.

9.3
2009-06-02 CVE-2009-1882 Imagemagick Numeric Errors vulnerability in Imagemagick 6.5.28

Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow.

9.3
2009-06-01 CVE-2003-1572 SUN Unspecified vulnerability in SUN JMF

Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstrated by reading environment variables using modified .data and .size fields.

9.3

19 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-06-05 CVE-2009-1949 Unclassified Information Exposure vulnerability in Unclassified Newsboard 1.6.4

import_wbb1.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.

7.8
2009-06-04 CVE-2009-1385 Intel
Linux
Numeric Errors vulnerability in multiple products

Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.

7.8
2009-06-03 CVE-2009-1902 Modsecurity Remote Denial of Service vulnerability in ModSecurity

The multipart processor in ModSecurity before 2.5.9 allows remote attackers to cause a denial of service (crash) via a multipart form datapost request with a missing part header name, which triggers a NULL pointer dereference.

7.8
2009-06-05 CVE-2009-1950 Ahmet Donmez SQL Injection vulnerability in Ahmet Donmez Webeyes Guest Book 3

SQL injection vulnerability in yorum.asp in WebEyes Guest Book 3 allows remote attackers to execute arbitrary SQL commands via the mesajid parameter.

7.5
2009-06-05 CVE-2009-1947 Newsboard SQL Injection vulnerability in Newsboard Unclassified Newsboard 1.6.4

SQL injection vulnerability in the UnbDbEncode function in unb_lib/database.lib.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote attackers to execute arbitrary SQL commands via the Query parameter in a search action to forum.php, a different vector than CVE-2005-3686.

7.5
2009-06-05 CVE-2009-1945 TZO SQL Injection vulnerability in TZO Webcal 3.04

SQL injection vulnerability in webCal3_detail.asp in WebCal 3.04 allows remote attackers to execute arbitrary SQL commands via the event_id parameter.

7.5
2009-06-04 CVE-2009-1910 Rafal Kucharski SQL Injection vulnerability in Rafal Kucharski Rtwebalbum 1.0.462

SQL injection vulnerability in index.php in RTWebalbum 1.0.462 allows remote attackers to execute arbitrary SQL commands via the AlbumId parameter.

7.5
2009-06-04 CVE-2009-1909 Openskip SQL Injection vulnerability in Openskip Skip 0.9/1.0.0/1.0.1

SQL injection vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2009-06-04 CVE-2008-6822 Newearthpt Unspecified vulnerability in Newearthpt Imgupload 1.0

Unrestricted file upload vulnerability in uploadp.php in New Earth Programming Team (NEPT) imgupload (aka Image Uploader) 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a modified content type, then accessing this file via a direct request, as demonstrated by an upload with an image/jpeg content type.

7.5
2009-06-01 CVE-2009-1854 Cmsnx Improper Authentication vulnerability in Cmsnx Million Dollar Text Links 1.0

Million Dollar Text Links 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the userid cookie to 1.

7.5
2009-06-01 CVE-2009-1853 Kenseiboard SQL Injection vulnerability in Kenseiboard Kensei Board 1.1.0

Multiple SQL injection vulnerabilities in index.php in Kensei Board 2.0 BETA (aka 2.0.0b) and earlier allow remote attackers to execute arbitrary SQL commands via the (1) f and (2) t parameters in a showforum action.

7.5
2009-06-01 CVE-2009-1852 Graphiks SQL Injection vulnerability in Graphiks Myforum 1.3

Multiple SQL injection vulnerabilities in Graphiks MyForum 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.

7.5
2009-06-01 CVE-2009-1851 Benjamin Curtis SQL Injection vulnerability in Benjamin Curtis PHPbugtracker

SQL injection vulnerability in include.php in phpBugTracker 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.

7.5
2009-06-01 CVE-2009-1850 Benjamin Curtis SQL Injection vulnerability in Benjamin Curtis PHPbugtracker 1.0.3

SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote attackers to execute arbitrary SQL commands via the password parameter.

7.5
2009-06-01 CVE-2009-1848 Joomlame
Joomla
SQL Injection vulnerability in Joomlame COM Agoragroup 0.3.5.3

SQL injection vulnerability in the JoomlaMe AgoraGroups (aka AG or com_agoragroup) component 0.3.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a groupdetail action to index.php.

7.5
2009-06-01 CVE-2009-1847 Easypx41 Path Traversal vulnerability in Easypx41 Easy PX 41 CMS 9.0B1

Directory traversal vulnerability in index.php in Easy PX 41 CMS 9.0 B1 allows remote attackers to include and execute arbitrary local files via a ..

7.5
2009-06-01 CVE-2009-1846 Bjsintay Path Traversal vulnerability in Bjsintay Sitex

Multiple directory traversal vulnerabilities in SiteX 0.7.4 Build 418 and earlier allow remote attackers to include and execute arbitrary local files via a ..

7.5
2009-06-01 CVE-2009-1843 Glenn Mcgurrin SQL Injection vulnerability in Glenn Mcgurrin Flash Quiz Beta2

Multiple SQL injection vulnerabilities in Flash Quiz Beta 2 allow remote attackers to execute arbitrary SQL commands via the (1) quiz parameter to (a) num_questions.php, (b) answers.php, (c) high_score.php, (d) high_score_web.php, (e) results_table_web.php, and (f) question.php; and the (2) order_number parameter to (g) answers.php and (h) question.php.

7.5
2009-06-01 CVE-2009-1842 Phpnuke SQL Injection vulnerability in PHPnuke PHP-Nuke 8.0

SQL injection vulnerability in main/tracking/userLog.php in Francisco Burzi PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header.

7.5

44 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-06-05 CVE-2009-1952 Propertymaxpro SQL Injection vulnerability in Propertymaxpro Propertymax PRO Free 0.3

Multiple SQL injection vulnerabilities in the administrative login feature in PropertyMax Pro FREE 0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.

6.8
2009-06-05 CVE-2009-1946 Adaptbb Code Injection vulnerability in Adaptbb 1.0

PHP remote file inclusion vulnerability in latestposts.php in AdaptBB 1.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the forumspath parameter.

6.8
2009-06-05 CVE-2008-6825 Trixbox Path Traversal vulnerability in Trixbox 2.0/2.4.2.0

Directory traversal vulnerability in user/index.php in Fonality trixbox CE 2.6.1 and earlier allows remote attackers to include and execute arbitrary files via a ..

6.8
2009-06-05 CVE-2009-1936 Cpcommerce Improper Input Validation vulnerability in Cpcommerce

_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote attackers to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PHP code, or read arbitrary files via the GLOBALS[prefix] parameter, a different vector than CVE-2003-1500.

6.8
2009-06-05 CVE-2009-1717 Apple Numeric Errors vulnerability in Apple mac OS X and mac OS X Server

Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted size value in a CSI[4 xterm resize escape sequence that triggers a heap-based buffer overflow.

6.8
2009-06-04 CVE-2009-1932 Gstreamer Numeric Errors vulnerability in Gstreamer Good Plug-Ins 0.10.15

Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow.

6.8
2009-06-04 CVE-2009-1912 Webspell Path Traversal vulnerability in Webspell

Directory traversal vulnerability in src/func/language.php in webSPELL 4.2.0e and earlier allows remote attackers to include and execute arbitrary local .php files via a ..

6.8
2009-06-04 CVE-2009-1911 Tinywebgallery
Claudio Klingler
Path Traversal vulnerability in multiple products

Directory traversal vulnerability in .include/init.php (aka admin/_include/init.php) in QuiXplorer 2.3.2 and earlier, as used in TinyWebGallery (TWG) 1.7.6 and earlier, allows remote attackers to include and execute arbitrary local files via a ..

6.8
2009-06-04 CVE-2008-6823 A Link Cross-Site Request Forgery (CSRF) vulnerability in A-Link Wl54Ap2 and Wl54Ap3

Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface on the A-LINK WL54AP3 and WL54AP2 access points before firmware 1.4.2-eng1 allow remote attackers to hijack the authentication of administrators for requests that (1) modify the network configuration via certain parameters to goform/formWanTcpipSetup or (2) modify credentials via certain parameters to goform/formPasswordSetup.

6.8
2009-06-03 CVE-2008-2154 IBM Configuration vulnerability in IBM DB2 8.0/9.1/9.5

IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 provides an INSTALL_JAR (aka sqlj.install_jar) procedure, which allows remote authenticated users to create or overwrite arbitrary files via unspecified calls.

6.0
2009-06-01 CVE-2004-2763 SUN Configuration vulnerability in SUN Iplanet web Server and ONE web Server

The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.

5.8
2009-06-05 CVE-2009-1948 Unclassified Path Traversal vulnerability in Unclassified Newsboard 1.6.4

Multiple directory traversal vulnerabilities in forum.php in Unclassified NewsBoard (UNB) 1.6.4, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to (1) read arbitrary recently-modified files via a ..

5.1
2009-06-04 CVE-2009-1913 Luxbum SQL Injection vulnerability in Luxbum 0.5.5

SQL injection vulnerability in manager.php in LuxBum 0.5.5, when magic_quotes_gpc is disabled and dotclear authentication is used, allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action.

5.1
2009-06-05 CVE-2009-1941 Phpeasycode Permissions, Privileges, and Access Controls vulnerability in PHPeasycode PAD Site Scripts 3.6

PAD Site Scripts 3.6 stores sensitive information under the web document root with insufficient access control, which allows remote attackers to download the database and obtain sensitive information via a direct request for dbbackup.txt.

5.0
2009-06-05 CVE-2009-0033 Apache Improper Input Validation vulnerability in Apache Tomcat

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header.

5.0
2009-06-04 CVE-2009-1387 Openssl
Openssl Project
Redhat
Resource Management Errors vulnerability in multiple products

The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug."

5.0
2009-06-04 CVE-2009-1386 Openssl
Openssl Project
Redhat
Denial of Service vulnerability in OpenSSL 'ChangeCipherSpec' DTLS Packet

ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.

5.0
2009-06-03 CVE-2009-1900 IBM Information Exposure vulnerability in IBM Websphere Application Server

The Configservice APIs in the Administrative Console component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35, 6.1 before 6.1.0.25, and 7.0 before 7.0.0.5, when tracing is enabled, allow remote attackers to obtain sensitive information via unspecified use of the wsadmin scripting tool.

5.0
2009-06-03 CVE-2009-1898 IBM Information Exposure vulnerability in IBM Websphere Application Server

The secure login page in the Administrative Console component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 does not redirect to an https page upon receiving an http request, which makes it easier for remote attackers to read the contents of WAS sessions by sniffing the network.

5.0
2009-06-01 CVE-2008-6818 Mole Group Credentials Management vulnerability in Mole-Group Real Estate Script

Mole Group Real Estate Script 1.1 and earlier stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information.

5.0
2009-06-01 CVE-2008-6817 Mole Group Credentials Management vulnerability in Mole-Group Lastminute Script

Mole Group Lastminute Script 4.0 and earlier stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information.

5.0
2009-06-04 CVE-2009-1914 Linux Improper Input Validation vulnerability in Linux Kernel

The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialized pointers and the request_resource function.

4.9
2009-06-05 CVE-2009-1933 SUN Credentials Management vulnerability in SUN Opensolaris and Solaris

Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors.

4.7
2009-06-01 CVE-2008-6819 Microsoft Race Condition vulnerability in Microsoft Windows 2003 Server and Windows Vista

win32k.sys in Microsoft Windows Server 2003 and Vista allows local users to cause a denial of service (system crash) via vectors related to CreateWindow, TranslateMessage, and DispatchMessage, possibly a race condition between threads, a different vulnerability than CVE-2008-1084.

4.7
2009-06-05 CVE-2009-0783 Apache Information Exposure vulnerability in Apache Tomcat

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.

4.6
2009-06-05 CVE-2009-1951 Propertymaxpro Cross-Site Scripting vulnerability in Propertymaxpro Propertymax PRO Free 0.3

Cross-site scripting (XSS) vulnerability in index.php in PropertyMax Pro FREE 0.3 allows remote attackers to inject arbitrary web script or HTML via the pl parameter in a mi action.

4.3
2009-06-05 CVE-2009-1940 Joomla Cross-Site Scripting vulnerability in Joomla

Cross-site scripting (XSS) vulnerability in the administrator panel in the com_users core component for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2009-06-05 CVE-2009-1939 Joomla Cross-Site Scripting vulnerability in Joomla

Cross-site scripting (XSS) vulnerability in the JA_Purity template for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2009-06-05 CVE-2009-1938 Joomla Cross-Site Scripting vulnerability in Joomla

Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to database output and the frontend administrative panel.

4.3
2009-06-05 CVE-2009-1937 Lightneasy Cross-Site Scripting vulnerability in Lightneasy 2.2.1/2.2.2

Cross-site scripting (XSS) vulnerability in the comment posting feature in LightNEasy 2.2.1 "no database" (aka flat) and 2.2.2 SQLite allows remote attackers to inject arbitrary web script or HTML via the (1) commentname (aka Author), (2) commentemail (aka Email), and (3) commentmessage (aka Comment) parameters.

4.3
2009-06-05 CVE-2009-1934 SUN Cross-Site Scripting vulnerability in SUN Java System web Server and ONE web Server

Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error.

4.3
2009-06-05 CVE-2009-1162 Cisco Cross-Site Scripting vulnerability in Cisco products

Cross-site scripting (XSS) vulnerability in the Spam Quarantine login page in Cisco IronPort AsyncOS before 6.5.2 on Series C, M, and X appliances allows remote attackers to inject arbitrary web script or HTML via the referrer parameter.

4.3
2009-06-05 CVE-2009-0580 Apache Information Exposure vulnerability in Apache Tomcat

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter.

4.3
2009-06-04 CVE-2009-1915 ICQ Buffer Errors vulnerability in ICQ 6.5

Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ICQ 6.5 allows remote attackers to cause a denial of service (persistent crash) and possibly execute arbitrary code via an Internet shortcut .URL file containing a long URL parameter, which triggers a crash when browsing a folder that contains this file.

4.3
2009-06-04 CVE-2009-1908 Openskip Cross-Site Scripting vulnerability in Openskip Skip 0.9/1.0.0/1.0.1

Cross-site scripting (XSS) vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2009-06-04 CVE-2009-1907 Claroline Cross-Site Scripting vulnerability in Claroline 1.8.11

Cross-site scripting (XSS) vulnerability in claroline/linker/notfound.php in Claroline 1.8.11 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header.

4.3
2009-06-03 CVE-2009-1906 IBM Denial-Of-Service vulnerability in DB2 9.1/9.5

The DRDA Services component in IBM DB2 9.1 before FP7 and 9.5 before FP4 allows remote attackers to cause a denial of service (memory corruption and application crash) via an IPv6 address in the correlation token in the APPID string, as demonstrated by an APPID string sent by the third-party DataDirect JDBC driver 3.7.32.

4.3
2009-06-03 CVE-2009-1903 Modsecurity Configuration vulnerability in Modsecurity

The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.

4.3
2009-06-03 CVE-2009-0899 IBM Permissions, Privileges, and Access Controls vulnerability in IBM products

IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 through 7.0.0.4, IBM WebSphere Portal Server 5.1 through 6.0, and IBM Integrated Solutions Console (ISC) 6.0.1 do not properly set the IsSecurityEnabled security flag during migration of WebSphere Member Manager (WMM) to Virtual Member Manager (VMM) and a Federated Repository, which allows attackers to obtain sensitive information from repositories via unspecified vectors.

4.3
2009-06-02 CVE-2009-1881 Mt312 Cross-Site Scripting vulnerability in Mt312 Img-Bbs

Cross-site scripting (XSS) vulnerability in MT312 IMG-BBS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to model.php with a timestamp before 20090521.

4.3
2009-06-02 CVE-2009-1880 Mt312 Cross-Site Scripting vulnerability in Mt312 Rep-Bbs

Cross-site scripting (XSS) vulnerability in MT312 REP-BBS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) model.php and (2) config.php with timestamps before 20090521.

4.3
2009-06-01 CVE-2009-1849 Paessler Cross-Site Scripting vulnerability in Paessler products

Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth function in PRTG Traffic Grapher 6.2.2.977 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2009-06-01 CVE-2009-1845 Lussumo Cross-Site Scripting vulnerability in Lussumo Vanilla 1.1.5/1.1.7

Cross-site scripting (XSS) vulnerability in ajax/updatecheck.php in Lussumo Vanilla 1.1.5 and 1.1.7 allows remote attackers to inject arbitrary web script or HTML via the RequestName parameter.

4.3
2009-06-01 CVE-2009-1805 Vmware Denial Of Service vulnerability in VMware Products Descheduled Time Accounting Driver

Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors.

4.0

3 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2009-06-05 CVE-2009-1942 Drupal Cross-Site Scripting vulnerability in Drupal Quiz

Cross-site scripting (XSS) vulnerability in the Quiz module 5.x, 6.x-2.x before 6.x-2.2, and 6.x-3.x before 6.x-3.0, a module for Drupal, allows remote authenticated users, with create quizzes or quiz questions access, to inject arbitrary web script or HTML via unspecified vectors.

3.5
2009-06-01 CVE-2009-1844 Drupal Cross-Site Scripting vulnerability in Drupal

Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x before 5.18 and 6.x before 6.12 allow (1) remote authenticated users to inject arbitrary web script or HTML via crafted UTF-8 byte sequences that are treated as UTF-7 by Internet Explorer 6 and 7, which are not properly handled in the "HTML exports of books" feature; and (2) allow remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via the help text of an arbitrary vocabulary.

3.5
2009-06-03 CVE-2009-1905 IBM Improper Authentication vulnerability in IBM DB2

The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish a database connection via unspecified vectors.

2.6