Weekly Vulnerabilities Reports > August 3 to 9, 2009
Overview
79 new vulnerabilities reported during this period, including 16 critical vulnerabilities and 21 high severity vulnerabilities. This weekly summary report vulnerabilities in 59 products from 39 vendors including Apple, SUN, Mozilla, Zeeways, and Drupal. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "SQL Injection", "Cross-site Scripting", and "Resource Management Errors".
- 72 reported vulnerabilities are remotely exploitables.
- 20 reported vulnerabilities have public exploit available.
- 20 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 69 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 13 reported vulnerabilities.
- Apple has the most reported critical vulnerabilities, with 4 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
16 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-08-07 | CVE-2008-6916 | Siemens John DOE | Improper Authentication vulnerability in multiple products Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication via an invalid Host header, possibly involving a trailing dot in the hostname. | 10.0 |
2009-08-06 | CVE-2009-2193 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in the kernel in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a crafted AppleTalk response packet. | 10.0 |
2009-08-06 | CVE-2008-6904 | Sophos | File Processing Remote Denial Of Service vulnerability in Sophos Anti-Virus and Anti-Virus7.6.3 Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) armadillo, (2) asprotect, or (3) asprotectSKE. | 10.0 |
2009-08-05 | CVE-2009-2688 | Xemacs | Numeric Errors vulnerability in Xemacs 21.4.22 Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when running on Windows, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) the tiff_instantiate function processing a crafted TIFF file, (2) the png_instantiate function processing a crafted PNG file, and (3) the jpeg_instantiate function processing a crafted JPEG file, all which trigger a heap-based buffer overflow. | 10.0 |
2009-08-05 | CVE-2009-2675 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN JDK and JRE Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression. | 10.0 |
2009-08-05 | CVE-2009-2667 | IBM | Unspecified vulnerability in IBM Tklm 1.0 Unspecified vulnerability in IBM Tivoli Key Lifecycle Manager (TKLM) 1.0 has unknown impact and attack vectors, related to a "password security vulnerability." | 10.0 |
2009-08-04 | CVE-2009-2665 | Mozilla | Code Injection vulnerability in Mozilla Firefox 3.5/3.5.1/3.5.2 The nsDocument::SetScriptGlobalObject function in content/base/src/nsDocument.cpp in Mozilla Firefox 3.5.x before 3.5.2, when certain add-ons are enabled, does not properly handle a Link HTTP header, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted web page, related to an incorrect security wrapper. | 10.0 |
2009-08-04 | CVE-2009-2662 | Mozilla | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox The browser engine in Mozilla Firefox 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the TraceRecorder::snapshot function in js/src/jstracer.cpp, and unspecified other vectors. | 10.0 |
2009-08-03 | CVE-2009-2204 | Apple | Remote Code Execution vulnerability in Apple iPhone SMS Application Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore. | 10.0 |
2009-08-06 | CVE-2009-2188 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and Safari before 4.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with crafted EXIF metadata. | 9.3 |
2009-08-06 | CVE-2009-1726 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile. | 9.3 |
2009-08-05 | CVE-2008-6898 | Saschart | Buffer Errors vulnerability in Saschart Sascam Webcam Server 2.6.5 Buffer overflow in the XHTTP Module 4.1.0.0 in the ActiveX control for SaschArt SasCam Webcam Server 2.6.5 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Get method and other unspecified methods. | 9.3 |
2009-08-05 | CVE-2008-6897 | Andres Garcia | Buffer Errors vulnerability in Andres Garcia Getleft 1.2 Multiple buffer overflows in Getleft.exe in Andres Garcia Getleft 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) "a" HTML tag; a long src attribute in (2) embed, (3) img, or (4) script tags; (5) a long background attribute in a body tag; and other unspecified tags. | 9.3 |
2009-08-04 | CVE-2009-2663 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg file. | 9.3 |
2009-08-03 | CVE-2009-2404 | Mozilla AOL Gnome Pidgin | Buffer Errors vulnerability in Mozilla Network Security Services 3.12.3 Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long domain name in the subject's Common Name (CN) field of an X.509 certificate, related to the cert_TestHostName function. | 9.3 |
2009-08-05 | CVE-2008-6899 | Freesshd | Buffer Errors vulnerability in Freesshd 1.2.1 Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command. | 9.0 |
21 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-08-07 | CVE-2009-2411 | Subversion | Numeric Errors vulnerability in Subversion Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412. | 8.5 |
2009-08-06 | CVE-2009-2190 | Apple | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server launchd in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers to cause a denial of service (individual service outage) by making many connections to an inetd-based launchd service. | 7.8 |
2009-08-05 | CVE-2009-2668 | Microsoft | Resource Management Errors vulnerability in Microsoft Internet Explorer 6/7 Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through 7.0.6000.16473 allows remote attackers to cause a denial of service (CPU consumption) via an XML document composed of a long series of start-tags with no corresponding end-tags, a related issue to CVE-2009-1232. | 7.8 |
2009-08-03 | CVE-2008-6895 | 3CX | Unspecified vulnerability in 3CX Phone System 6.0.806.0 3CX Phone System 6.0.806.0 allows remote attackers to cause a denial of service (unstable service or crash) via unspecified vectors, as demonstrated by vulnerability scans from Nessus or SAINT. | 7.8 |
2009-08-07 | CVE-2009-0669 | Zope | Improper Authentication vulnerability in Zope Zodb 3.8/3.8.0 Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO network protocol. | 7.5 |
2009-08-07 | CVE-2008-6917 | Exoscripts | SQL Injection vulnerability in Exoscripts Exophpdesk 1.2 SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to execute arbitrary SQL commands via the username (user parameter). | 7.5 |
2009-08-07 | CVE-2008-6912 | Zeeways | Improper Authentication vulnerability in Zeeways Shaadiclone 2.0 Zeeways SHAADICLONE 2.0 allows remote attackers to bypass authentication and gain administrative privileges via a direct request to admin/home.php. | 7.5 |
2009-08-06 | CVE-2008-6910 | Drupal Marc Ingram | Cryptographic Issues vulnerability in Marc Ingram Services Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, does not use timeouts for signed requests, which allows remote attackers to impersonate other users and gain privileges via a replay attack that sends the same request. | 7.5 |
2009-08-06 | CVE-2008-6908 | Marc Ingram Drupal | Cryptographic Issues vulnerability in Marc Ingram Services Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, uses an insecure hash when signing requests, which allows remote attackers to impersonate other users and gain privileges. | 7.5 |
2009-08-06 | CVE-2009-2192 | Apple | Credentials Management vulnerability in Apple mac OS X and mac OS X Server MobileMe in Apple Mac OS X 10.5 before 10.5.8 does not properly delete credentials upon signout from the preference pane, which makes it easier for attackers to hijack a MobileMe session via unspecified vectors, related to a "logic issue." | 7.5 |
2009-08-06 | CVE-2009-2191 | Apple | USE of Externally-Controlled Format String vulnerability in Apple mac OS X and mac OS X Server Format string vulnerability in Login Window in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in an application name. | 7.5 |
2009-08-05 | CVE-2009-2674 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN JDK and JRE Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow. | 7.5 |
2009-08-05 | CVE-2009-2673 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN JDK and JRE The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword. | 7.5 |
2009-08-05 | CVE-2009-2672 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN JDK and JRE The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors. | 7.5 |
2009-08-04 | CVE-2009-2658 | ZNC | Path Traversal vulnerability in ZNC Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request. | 7.5 |
2009-08-03 | CVE-2008-6892 | Peel | SQL Injection vulnerability in Peel 3.1 SQL injection vulnerability in lire/index.php in Peel 3.1 allows remote attackers to execute arbitrary SQL commands via the rubid parameter. | 7.5 |
2009-08-03 | CVE-2008-6890 | Codetoad | SQL Injection vulnerability in Codetoad ASP Forum Script SQL injection vulnerability in messages.asp in ASP Forum Script allows remote attackers to execute arbitrary SQL commands via the message_id parameter. | 7.5 |
2009-08-03 | CVE-2008-6889 | Activewebsoftwares | SQL Injection vulnerability in Activewebsoftwares Aspreferral 5.3 SQL injection vulnerability in Merchantsadd.asp in ASPReferral 5.3 allows remote attackers to execute arbitrary SQL commands via the AccountID parameter. | 7.5 |
2009-08-03 | CVE-2008-6887 | Preprojects | SQL Injection vulnerability in Preprojects PRE Classified Listings 1.0 SQL injection vulnerability in detailad.asp in Pre Classified Listings 1.0 allows remote attackers to execute arbitrary SQL commands via the siteid parameter. | 7.5 |
2009-08-06 | CVE-2009-0151 | Apple | Multiple Security vulnerability in Apple Mac OS X 2009-003 The screen saver in Dock in Apple Mac OS X 10.5 before 10.5.8 does not prevent four-finger Multi-Touch gestures, which allows physically proximate attackers to bypass locking and "manage applications or use Expose" via unspecified vectors. | 7.2 |
2009-08-05 | CVE-2009-2669 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM AIX 5.3/6.1 A certain debugging component in IBM AIX 5.3 and 6.1 does not properly handle the (1) _LIB_INIT_DBG and (2) _LIB_INIT_DBG_FILE environment variables, which allows local users to gain privileges by leveraging a setuid-root program to create an arbitrary root-owned file with world-writable permissions, related to libC.a (aka the XL C++ runtime library) in AIX 5.3 and libc.a in AIX 6.1. | 7.2 |
41 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-08-06 | CVE-2008-6911 | Brewblogger | SQL Injection vulnerability in Brewblogger 2.1.0.1 SQL injection vulnerability in the authenticateUser function in includes/authentication.inc.php in BrewBlogger (BB) 2.1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the loginUsername parameter to includes/logincheck.inc.php. | 6.8 |
2009-08-06 | CVE-2008-6907 | 2532Gigs | SQL Injection vulnerability in 2532Gigs 1.2.2 Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters, as accessible from a form generated by index.php. | 6.8 |
2009-08-06 | CVE-2009-1728 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Stack-based buffer overflow in Image RAW in Apple Mac OS X 10.5 before 10.5.8, and 10.4 before Digital Camera RAW Compatibility Update 2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image. | 6.8 |
2009-08-06 | CVE-2009-1727 | Apple | Multiple Security vulnerability in Apple Mac OS X 2009-003 Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X 10.5 before 10.5.8 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a download with a Content-Type value that is not on the list of possibly unsafe content types for Safari. | 6.8 |
2009-08-06 | CVE-2008-6902 | 2532Gigs | Code Injection vulnerability in 2532Gigs 1.2.2 Unrestricted file upload vulnerability in upload_flyer.php in 2532designs 2532|Gigs 1.2.2 Stable allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in flyers/. | 6.8 |
2009-08-05 | CVE-2009-2676 | SUN | Unspecified vulnerability in SUN products Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.2_21 and earlier; allows remote attackers to create or modify arbitrary files via vectors involving an untrusted Java applet that accesses an old version of JNLPAppletLauncher. | 6.8 |
2009-08-03 | CVE-2009-2652 | SUN | Remote Denial of Service vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in Solaris Trusted Extensions in Sun Solaris 10, and OpenSolaris snv_37 through snv_120, allows remote attackers to cause a denial of service (panic) via vectors involving the parsing of labeled packets. | 6.8 |
2009-08-07 | CVE-2009-0668 | Zope | Code Injection vulnerability in Zope Zodb Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol. | 6.5 |
2009-08-07 | CVE-2008-6914 | Zeeways | Permissions, Privileges, and Access Controls vulnerability in Zeeways Zeeproperty 1.0 Unrestricted file upload vulnerability in viewprofile.php in Zeeways ZEEPROPERTY 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a photo in a profile modification, then accessing a related file via a direct request to the file in companylogo/. | 6.5 |
2009-08-07 | CVE-2008-6913 | Zeeways | Improper Input Validation vulnerability in Zeeways Zeejobsite 2.0 Unrestricted file upload vulnerability in editresume_next.php in Zeeways ZEEJOBSITE 2.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a photo in a profile edit action, then accessing the file via a direct request to jobseekers/logos/. | 6.5 |
2009-08-06 | CVE-2008-6909 | Marc Ingram Drupal | Cryptographic Issues vulnerability in Marc Ingram Services Services 5.x before 5.x-0.92 and 6.x before 6.x-0.13, a module for Drupal, does not sign all required data in requests, which has unspecified impact, probably related to man-in-the-middle attacks that modify critical data and allow remote attackers to impersonate other users and gain privileges. | 6.5 |
2009-08-06 | CVE-2008-6900 | Availscript | Code Injection vulnerability in Availscript Article Script Unrestricted file upload vulnerability in "Add Pen/Author Name" feature in addpen.php in AvailScript Article Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photos/. | 6.5 |
2009-08-05 | CVE-2009-2579 | CS Cart | SQL Injection vulnerability in Cs-Cart SQL injection vulnerability in reward_points.post.php in the Reward points addon in CS-Cart before 2.0.6 allows remote authenticated users to execute arbitrary SQL commands via the sort_order parameter in a reward_points.userlog action to index.php, a different vulnerability than CVE-2005-4429.2. | 6.5 |
2009-08-07 | CVE-2009-2666 | Fetchmail | Cryptographic Issues vulnerability in Fetchmail socket.c in fetchmail before 6.3.11 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | 6.4 |
2009-08-06 | CVE-2008-6905 | Babbleboard | Cross-Site Request Forgery (CSRF) vulnerability in Babbleboard 1.1.6 Cross-site request forgery (CSRF) vulnerability in index.php in BabbleBoard 1.1.6 allows remote authenticated users to hijack the authentication of administrators for requests that delete (1) categories or (2) groups; (3) ban users; or (4) delete users via the admin page. | 6.0 |
2009-08-03 | CVE-2009-2654 | Mozilla | Improper Input Validation vulnerability in Mozilla Firefox Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page. | 5.8 |
2009-08-06 | CVE-2008-6901 | 2532Gigs | Path Traversal vulnerability in 2532Gigs 1.2.2 Multiple directory traversal vulnerabilities in 2532designs 2532|Gigs 1.2.2 Stable, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. | 5.1 |
2009-08-05 | CVE-2009-2671 | SUN | Privilege Escalation vulnerability in SUN JDK and JRE The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors. | 5.0 |
2009-08-05 | CVE-2009-2670 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN JDK and JRE The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties. | 5.0 |
2009-08-04 | CVE-2009-2664 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted .js file, related to a "memory safety bug." NOTE: this was originally reported as affecting versions before 3.0.13. | 5.0 |
2009-08-04 | CVE-2009-2661 | Strongswan | Cryptographic Issues vulnerability in Strongswan The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names (RDNs), which allows remote attackers to cause a denial of service (pluto IKE daemon crash) via malformed ASN.1 data. | 5.0 |
2009-08-04 | CVE-2009-2659 | Django Project | Path Traversal vulnerability in Django Project Django 0.96/1.0 The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected "static media files," which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL. | 5.0 |
2009-08-04 | CVE-2009-2470 | Mozilla | Improper Input Validation vulnerability in Mozilla Firefox Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply. | 5.0 |
2009-08-03 | CVE-2009-2656 | Remote Denial Of Service vulnerability in Google Android 1.0/1.1/1.5 Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009. | 5.0 | |
2009-08-03 | CVE-2008-6896 | 3CX | Information Exposure vulnerability in 3CX Phone System 6.0.806.0 login.php in 3CX Phone System 6.0.806.0, when 100% disk capacity is reached, allows remote attackers to gain sensitive information via unspecified vectors that reveal the installation path. | 5.0 |
2009-08-03 | CVE-2008-6886 | RSA | Permissions, Privileges, and Access Controls vulnerability in RSA Envision RSA EnVision 3.5.0, 3.5.1, 3.5.2, and 3.7.0 does not properly restrict access to unspecified user profile functionality, which allows remote attackers to obtain the administrator password hash and conduct brute force guessing attacks. | 5.0 |
2009-08-07 | CVE-2009-2715 | SUN | Improper Input Validation vulnerability in SUN Virtualbox 2.2/3.0.2 Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to cause a denial of service (Linux host OS reboot) via a sysenter instruction. | 4.9 |
2009-08-07 | CVE-2009-2714 | SUN | Local Denial Of Service vulnerability in SUN Virtualbox 3.0.0/3.0.2 Unspecified vulnerability in Sun VirtualBox 3.0.0 and 3.0.2 allows guest OS users to cause a denial of service (host OS reboot) via unknown vectors. | 4.9 |
2009-08-07 | CVE-2009-2711 | SUN X ORG | Information Exposure vulnerability in multiple products XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276. | 4.9 |
2009-08-06 | CVE-2009-2194 | Apple | Multiple Security vulnerability in Apple Mac OS X 2009-003 Apple Mac OS X 10.5 before 10.5.8 does not properly share file descriptors over local sockets, which allows local users to cause a denial of service (system crash) by placing file descriptors in messages sent to a socket that has no receiver, related to a "synchronization issue." | 4.9 |
2009-08-07 | CVE-2009-2713 | SUN | Information Disclosure vulnerability in SUN Java System Access Manager and Java System web Server The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote attackers to obtain sensitive information via unspecified vectors. | 4.3 |
2009-08-07 | CVE-2008-6915 | Zeeways | Cross-Site Scripting vulnerability in Zeeways Zeeproperty 1.0 Cross-site scripting (XSS) vulnerability in view_prop_details.php in Zeeways ZEEPROPERTY 1.0 allows remote attackers to inject arbitrary web script or HTML via the propid parameter. | 4.3 |
2009-08-06 | CVE-2008-6906 | Babbleboard | Cross-Site Scripting vulnerability in Babbleboard 1.1.6 Cross-site scripting (XSS) vulnerability in index.php in BabbleBoard 1.1.6 allows remote attackers to inject arbitrary web script or HTML via the username. | 4.3 |
2009-08-06 | CVE-2009-1723 | Apple | Multiple Security vulnerability in Apple Mac OS X 2009-003 CFNetwork in Apple Mac OS X 10.5 before 10.5.8 places an incorrect URL in a certificate warning in certain 302 redirection scenarios, which makes it easier for remote attackers to trick a user into visiting an arbitrary https web site by leveraging an open redirect vulnerability, a different issue than CVE-2009-2062. | 4.3 |
2009-08-06 | CVE-2008-6903 | Sophos | Resource Management Errors vulnerability in Sophos Anti-Virus and Anti-Virus7.6.3 Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus for OS X before 4.9.18, Anti-Virus for Linux before 6.4.5, Anti-Virus for UNIX before 7.0.5, Anti-Virus for Unix and Netware before 4.37.0, Sophos EM Library, and Sophos small business solutions, when CAB archive scanning is enabled, allows remote attackers to cause a denial of service (segmentation fault) via a "fuzzed" CAB archive file, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats. | 4.3 |
2009-08-04 | CVE-2009-2198 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple Garageband Apple GarageBand before 5.1 reconfigures Safari to accept all cookies regardless of domain name, which makes it easier for remote web servers to track users. | 4.3 |
2009-08-03 | CVE-2008-6894 | 3CX | Cross-Site Scripting vulnerability in 3CX Phone System 6.0.806.0/6.1793 Multiple cross-site scripting (XSS) vulnerabilities in login.php in 3CX Phone System Free Edition 6.1793 and 6.0.806.0 allow remote attackers to inject arbitrary web script or HTML via the (1) fName and (2) fPassword parameters. | 4.3 |
2009-08-03 | CVE-2008-6893 | ALT N | Cross-Site Scripting vulnerability in Alt-N Worldclient 10.0.2 Cross-site scripting (XSS) vulnerability in Alt-N MDaemon WorldClient 10.0.2, when Internet Explorer 7 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted img tag. | 4.3 |
2009-08-03 | CVE-2009-2655 | Microsoft | Improper Input Validation vulnerability in Microsoft Internet Explorer 7/8 mshtml.dll in Microsoft Internet Explorer 7 and 8 on Windows XP SP3 allows remote attackers to cause a denial of service (application crash) by calling the JavaScript findText method with a crafted Unicode string in the first argument, and only one additional argument, as demonstrated by a second argument of -1. | 4.3 |
2009-08-03 | CVE-2008-6891 | Codetoad | Cross-Site Scripting vulnerability in Codetoad ASP Forum Script Multiple cross-site scripting (XSS) vulnerabilities in ASP Forum Script allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id parameter to (a) new_message.asp and (b) messages.asp, and the (2) query string to default.asp. | 4.3 |
2009-08-03 | CVE-2008-6888 | Preprojects | Cross-Site Scripting vulnerability in Preprojects PRE Classified Listings 1.0 Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings 1.0 allows remote attackers to inject arbitrary web script or HTML via the address parameter. | 4.3 |
1 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-08-07 | CVE-2009-2712 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN products Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files. | 2.1 |