Weekly Vulnerabilities Reports > September 14 to 20, 2009
Overview
125 new vulnerabilities reported during this period, including 14 critical vulnerabilities and 30 high severity vulnerabilities. This weekly summary report vulnerabilities in 102 products from 82 vendors including Apple, Vtiger, Oracle, JCE Tech, and Google. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Permissions, Privileges, and Access Controls", and "Resource Management Errors".
- 117 reported vulnerabilities are remotely exploitables.
- 24 reported vulnerabilities have public exploit available.
- 59 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 110 reported vulnerabilities are exploitable by an anonymous user.
- Apple has the most reported vulnerabilities, with 10 reported vulnerabilities.
- Vtiger has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
14 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-09-18 | CVE-2009-2741 | IBM | Remote Security vulnerability in WebSphere Business Events 6.1/6.2 Unspecified vulnerability in the wberuntimeear application in the test servlet in IBM WebSphere Business Events 6.1 and 6.2 allows remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
2009-09-14 | CVE-2008-7232 | Netplex Tech | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Netplex-Tech Xtacacsd Buffer overflow in the report function in xtacacsd 4.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted CONNECT TACACS command. | 10.0 |
2009-09-14 | CVE-2008-7230 | Chris Buccella | Remote Security vulnerability in Chris Buccella Small Footprint CIM Broker 1.2.2/1.2.3 Unspecified vulnerability in Small Footprint CIM Broker (SFCB) before 1.2.5 has unknown impact and attack vectors. | 10.0 |
2009-09-14 | CVE-2008-7228 | White Dune | USE of Externally-Controlled Format String vulnerability in White Dune White Dune Multiple format string vulnerabilities in White_Dune before 0.29beta851 have unspecified impact and attack vectors, a different vulnerability than CVE-2008-0101. | 10.0 |
2009-09-14 | CVE-2008-7225 | Foxitsoftware | Buffer Errors vulnerability in Foxitsoftware WAC Server 2.0 Heap-based buffer overflow in Foxit Remote Access Server (aka WAC Server) 2.0 Build 3503 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SSH packets, a different vulnerability than CVE-2008-0151. | 10.0 |
2009-09-18 | CVE-2009-3254 | Ultimatevideosite | Buffer Errors vulnerability in Ultimatevideosite Ultimate Player 1.56 Multiple stack-based buffer overflows in Ultimate Player 1.56 beta allow remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .upl playlist file. | 9.3 |
2009-09-18 | CVE-2009-3253 | Tricerasoft | Buffer Errors vulnerability in Tricerasoft Swift Ultralite 1.032 Stack-based buffer overflow in TriceraSoft Swift Ultralite 1.032 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in a .M3U playlist file. | 9.3 |
2009-09-18 | CVE-2009-3244 | Adobe | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe Shockwave Player 11.5.1.601 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PlayerVersion property value. | 9.3 |
2009-09-16 | CVE-2009-3221 | Basicunivers Free FR | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Basicunivers.Free.Fr Audio LIB Player Stack-based buffer overflow in Audio Lib Player (ALP) allows remote attackers to execute arbitrary code via a long URL in a .m3u playlist file. | 9.3 |
2009-09-16 | CVE-2009-3214 | Photodex | Buffer Errors vulnerability in Photodex Proshow Gold 4.0.2549 Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields. | 9.3 |
2009-09-16 | CVE-2009-3213 | Broid | Buffer Errors vulnerability in Broid 1.0 Stack-based buffer overflow in broid 1.0 Beta 3a allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .mp3 file. | 9.3 |
2009-09-14 | CVE-2008-7233 | Oracle | Multiple vulnerability in Oracle Application Server and E-Business Suite 11I Unspecified vulnerability in the E-Business Application client, as used in Oracle Application Server 1.1.8.26 and E-Business Suite 11.5.10.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Oracle Jinitiator component, aka AS02. | 9.3 |
2009-09-18 | CVE-2009-3258 | Vtiger | Permissions, Privileges, and Access Controls vulnerability in Vtiger CRM vtiger CRM before 5.1.0 allows remote authenticated users, with certain View privileges, to delete (1) attachments, (2) reports, (3) filters, (4) views, and (5) tickets; insert (6) attachments, (7) reports, (8) filters, (9) views, and (10) tickets; and edit (11) reports, (12) filters, (13) views, and (14) tickets via unspecified vectors. | 9.0 |
2009-09-18 | CVE-2009-3250 | Vtiger | Improper Input Validation vulnerability in Vtiger CRM 5.0.4 The saveForwardAttachments procedure in the Compose Mail functionality in vtiger CRM 5.0.4 allows remote authenticated users to execute arbitrary code by composing an e-mail message with an attachment filename ending in (1) .php in installations based on certain Apache HTTP Server configurations, (2) .php. | 9.0 |
30 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-09-18 | CVE-2009-3241 | Wireshark | Multiple vulnerability in Wireshark 1.2.1 Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets. | 7.8 |
2009-09-14 | CVE-2008-7224 | Elinks | Buffer Errors vulnerability in Elinks 0.11.1/0.11.11/0.11.2 Buffer overflow in entity_cache in ELinks before 0.11.4rc0 allows remote attackers to cause a denial of service (crash) via a crafted link. | 7.8 |
2009-09-18 | CVE-2009-3261 | Livestreet | Improper Authentication vulnerability in Livestreet 0.2 update/update_0.1.2_to_0.2.php in LiveStreet 0.2 does not require administrative authentication, which allows remote attackers to perform DROP TABLE operations via unspecified vectors. | 7.5 |
2009-09-18 | CVE-2009-3259 | Thomas Cuchta | SQL Injection vulnerability in Thomas Cuchta Rash 1.2.2 Multiple SQL injection vulnerabilities in RASH Quote Management System (RQMS) 1.2.2 allow remote attackers to execute arbitrary SQL commands via (1) the search parameter in a search action, (2) the quote parameter in a quote addition, or (3) a User_Name cookie in unspecified administrative actions. | 7.5 |
2009-09-18 | CVE-2009-3252 | Dave Robinson | SQL Injection vulnerability in Dave Robinson Rockbandcms 0.10 Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0.10 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) id parameters. | 7.5 |
2009-09-18 | CVE-2009-3249 | Vtiger | Path Traversal vulnerability in Vtiger CRM 5.0.4 Multiple directory traversal vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2009-09-18 | CVE-2009-3246 | Mybuxscript | SQL Injection vulnerability in Mybuxscript Pts-Bux SQL injection vulnerability in spnews.php in MyBuxScript PTC-BUX allows remote attackers to execute arbitrary SQL commands via the id parameter in an spnews action to the default URI. | 7.5 |
2009-09-17 | CVE-2008-7240 | Linuxwebshop | Path Traversal vulnerability in Linuxwebshop PHP User Base 1.3 Directory traversal vulnerability in include/unverified.inc.php in Linux Web Shop (LWS) php User Base 1.3beta allows remote attackers to include and execute arbitrary local files via the template parameter. | 7.5 |
2009-09-17 | CVE-2009-3235 | Dovecot | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Dovecot Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632. | 7.5 |
2009-09-16 | CVE-2009-3226 | Almondsoft | SQL Injection vulnerability in Almondsoft Affiliate Network Classifieds and Almond Classifieds SQL injection vulnerability in index.php in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action. | 7.5 |
2009-09-16 | CVE-2009-3224 | 68Classifieds Classified Software | SQL Injection vulnerability in Classified-Software Super MOD System SQL injection vulnerability in index.php in Super Mod System, when using the 68 Classifieds 3.1 Core System, allows remote attackers to execute arbitrary SQL commands via the s parameter. | 7.5 |
2009-09-16 | CVE-2009-3220 | Tecnick | Code Injection vulnerability in Tecnick Aiocp 1.4.001 PHP remote file inclusion vulnerability in cp_html2txt.php in All In One Control Panel (AIOCP) 1.4.001 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | 7.5 |
2009-09-16 | CVE-2009-3217 | Wiccle | SQL Injection vulnerability in Wiccle Iwiccle 1.01 SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote attackers to execute arbitrary SQL commands via the member_id parameter in an edit_user action to index.php. | 7.5 |
2009-09-16 | CVE-2009-3215 | PHP Shop System Joomla | SQL Injection vulnerability in PHP-Shop-System Ixxo Cart SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter. | 7.5 |
2009-09-16 | CVE-2009-3209 | Raizlabs | SQL Injection vulnerability in Raizlabs PHP Email Manager 3.3.0 SQL injection vulnerability in remove.php in PHP eMail Manager 3.3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
2009-09-16 | CVE-2009-3208 | Prakashatma Mishra | SQL Injection vulnerability in Prakashatma Mishra PHPfreebb 1.0 Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to permalink.php and (2) year parameter to index.php. | 7.5 |
2009-09-16 | CVE-2009-3205 | Cbauthority | SQL Injection vulnerability in Cbauthority SQL injection vulnerability in main.php in CBAuthority allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_product action. | 7.5 |
2009-09-16 | CVE-2009-3203 | Ajsquare | SQL Injection vulnerability in Ajsquare AJ Auction Pro-Oopd 2.0 SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-09-15 | CVE-2009-3165 | Mozilla | SQL Injection vulnerability in Mozilla Bugzilla SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | 7.5 |
2009-09-15 | CVE-2009-3125 | Mozilla | SQL Injection vulnerability in Mozilla Bugzilla SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | 7.5 |
2009-09-15 | CVE-2009-2629 | F5 Debian Fedoraproject | Out-of-bounds Write vulnerability in multiple products Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests. | 7.5 |
2009-09-15 | CVE-2009-3193 | Joomla Uwix | SQL Injection vulnerability in Uwix COM Digifolio 1.52 SQL injection vulnerability in the DigiFolio (com_digifolio) component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php. | 7.5 |
2009-09-15 | CVE-2009-3190 | PAD Site Scripts | SQL Injection vulnerability in Pad-Site-Scripts PAD Site Scripts 3.6 Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to list.php and (2) cat parameter to rss.php. | 7.5 |
2009-09-15 | CVE-2009-3188 | David Frohlich | Code Injection vulnerability in David Frohlich PHPsane 0.5.0 PHP remote file inclusion vulnerability in save.php in phpSANE 0.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the file_save parameter. | 7.5 |
2009-09-15 | CVE-2009-3185 | Comsenz | SQL Injection vulnerability in Comsenz Crazy Star Plugin 2.0 SQL injection vulnerability in plugin.php in the Crazy Star plugin 2.0 for Discuz! allows remote authenticated users to execute arbitrary SQL commands via the fmid parameter in a view action. | 7.5 |
2009-09-14 | CVE-2008-7229 | Greensql | Permissions, Privileges, and Access Controls vulnerability in Greensql Firewall 0.9.2 GreenSQL Firewall (greensql-fw) before 0.9.2 allows remote attackers to bypass SQL injection protection via a crafted string, possibly involving an encoded space character (%20). | 7.5 |
2009-09-14 | CVE-2008-7226 | PHP Nuke Phpnuke | SQL Injection vulnerability in PHP-Nuke Recipe Module 1.3/1.4 SQL injection vulnerability in index.php in the Recipes module 1.3, 1.4, and possibly other versions for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the recipeid parameter. | 7.5 |
2009-09-17 | CVE-2009-3233 | Cameron Morland | OS Command Injection vulnerability in Cameron Morland Changetrack 4.3 changetrack 4.3 allows local users to execute arbitrary commands via CRLF sequences and shell metacharacters in a filename in a directory that is checked by changetrack. | 7.2 |
2009-09-14 | CVE-2009-3183 | SUN | Buffer Errors vulnerability in SUN Opensolaris and Solaris Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors. | 7.2 |
2009-09-14 | CVE-2009-2807 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors. | 7.2 |
75 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-09-18 | CVE-2009-3255 | Thomas Cuchta | SQL Injection vulnerability in Thomas Cuchta Rash SQL injection vulnerability in RASH Quote Management System (RQMS) 1.2.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter in an admin action to the default URI. | 6.8 |
2009-09-18 | CVE-2009-3248 | Vtiger | Cross-Site Request Forgery (CSRF) vulnerability in Vtiger CRM 5.0.4 Cross-site request forgery (CSRF) vulnerability in the RSS module in vtiger CRM 5.0.4 allows remote attackers to hijack the authentication of Admin users for requests that modify the news feed system via the rssurl parameter in a Save action to index.php. | 6.8 |
2009-09-17 | CVE-2008-7243 | Modxcms | Cross-Site Request Forgery (CSRF) vulnerability in Modxcms 0.9.6.1 Cross-site request forgery (CSRF) vulnerability in page 34 in MODx CMS 0.9.6.1 and 0.9.6.1p1 allows remote attackers to hijack the authentication of other users for requests that modify passwords via manager/index.php. | 6.8 |
2009-09-17 | CVE-2008-7241 | Punbb | Cross-Site Request Forgery (CSRF) vulnerability in Punbb Cross-site request forgery (CSRF) vulnerability in PunBB before 1.2.17 allows remote attackers to hijack the authentication of unspecified users for requests related to a logout, probably a forced logout. | 6.8 |
2009-09-16 | CVE-2009-3219 | THE Ghost | Path Traversal vulnerability in The-Ghost AR web Content Manager 2.1 Directory traversal vulnerability in a.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2009-09-16 | CVE-2009-3218 | THE Ghost | SQL Injection vulnerability in The-Ghost AR web Content Manager 2.1 SQL injection vulnerability in control/login.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | 6.8 |
2009-09-16 | CVE-2009-3212 | Dimofinf | SQL Injection vulnerability in Dimofinf Infinity Script 2.0.5 SQL injection vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username field. | 6.8 |
2009-09-16 | CVE-2009-3211 | Dimofinf | Path Traversal vulnerability in Dimofinf Infinity Script 2.0.5 Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. | 6.8 |
2009-09-16 | CVE-2009-3207 | Drupal Drewish | Permissions, Privileges, and Access Controls vulnerability in Drewish Imagecache The ImageCache module 5.x before 5.x-2.5 and 6.x before 6.x-2.0-beta10, a module for Drupal, when the private file system is used, does not properly perform access control for derivative images, which allows remote attackers to view arbitrary images via a request that specifies an image's filename. | 6.8 |
2009-09-14 | CVE-2009-2812 | Apple | Remote Code Execution vulnerability in Apple Mac OS X Launch Services Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site. | 6.8 |
2009-09-14 | CVE-2009-2811 | Apple | Code Injection vulnerability in Apple mac OS X and mac OS X Server Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code via a .fileloc file, which does not trigger a "potentially unsafe" warning message in the Quarantine feature. | 6.8 |
2009-09-14 | CVE-2009-2809 | Apple | Code Injection vulnerability in Apple mac OS X and mac OS X Server ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to "multiple memory corruption issues." | 6.8 |
2009-09-14 | CVE-2009-2805 | Apple | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow. | 6.8 |
2009-09-14 | CVE-2009-2804 | Apple Microsoft | Numeric Errors vulnerability in Apple mac OS X, mac OS X Server and Safari Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8, and Safari before 4.0.4 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow. | 6.8 |
2009-09-14 | CVE-2009-2803 | Apple | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork. | 6.8 |
2009-09-14 | CVE-2008-7234 | Oracle | Unspecified vulnerability in Oracle Application Server 10.1.2.2/10.1.3.3 Unspecified vulnerability in the Oracle BPEL Worklist Application component in Oracle Application Server 10.1.2.2 and 10.1.3.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, aka AS03. | 6.8 |
2009-09-14 | CVE-2008-7221 | Runcms | Cross-Site Request Forgery (CSRF) vulnerability in Runcms 1.6.1 Cross-site request forgery (CSRF) vulnerability in RunCMS 1.6.1 allows remote attackers to hijack the authentication of administrators for requests that (1) add new administrators or (2) modify user profiles via a crafted request to system/admin.php. | 6.8 |
2009-09-17 | CVE-2009-3230 | Postgresql | Permissions, Privileges, and Access Controls vulnerability in Postgresql The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZATION operations, which allows remote authenticated users to gain privileges. | 6.5 |
2009-09-16 | CVE-2009-3223 | Inoutscripts | SQL Injection vulnerability in Inoutscripts Inout Adserver SQL injection vulnerability in ppc-add-keywords.php in Inout Adserver allows remote authenticated users to execute arbitrary SQL commands via the id parameter. | 6.5 |
2009-09-14 | CVE-2009-2813 | Samba Apple Fedoraproject | Permissions, Privileges, and Access Controls vulnerability in multiple products Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories. | 6.0 |
2009-09-14 | CVE-2008-7238 | Oracle | Multiple vulnerability in Oracle E-Business Suite 12.0.3 Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 allow (1) local users to affect confidentiality and integrity via unknown vectors related to the Mobile Application Server component (APP01); (2) remote attackers to affect confidentiality via unknown vectors related to the Oracle Applications Framework (APP03); remote authenticated users to affect confidentiality and integrity via unknown vectors related to the (3) CRM Technical Foundation (APP05) and (4) Oracle Application Object Library (APP06); and remote authenticated users to affect integrity and availability via unknown vectors related to (5) Oracle Applications Technology Stack (APP07). | 6.0 |
2009-09-18 | CVE-2009-3238 | Linux Canonical Opensuse Suse | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time." | 5.5 |
2009-09-18 | CVE-2009-3270 | Microsoft | Resource Exhaustion vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 7 through 7.0.6000.16711 allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. | 5.0 |
2009-09-18 | CVE-2009-3269 | Opera | Resource Management Errors vulnerability in Opera Browser Opera 9.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a series of automatic submissions of a form containing a KEYGEN element, a related issue to CVE-2009-1828. | 5.0 |
2009-09-18 | CVE-2009-3268 | Resource Management Errors vulnerability in Google Chrome Google Chrome 1.0.154.48 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an automatically submitted form containing a KEYGEN element, a related issue to CVE-2009-1828. | 5.0 | |
2009-09-18 | CVE-2009-3267 | Microsoft | Resource Exhaustion vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 6.0.2900.2180, and 7.0.6000.16711, allows remote attackers to cause a denial of service (CPU consumption) via an automatically submitted form containing a KEYGEN element, a related issue to CVE-2009-1828. | 5.0 |
2009-09-18 | CVE-2008-7246 | Resource Management Errors vulnerability in Google Chrome Google Chrome 0.2.149.29 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. | 5.0 | |
2009-09-18 | CVE-2008-7245 | Opera | Resource Management Errors vulnerability in Opera Browser Opera 9.52 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. | 5.0 |
2009-09-18 | CVE-2008-7244 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox Mozilla Firefox 3.0.1 and earlier allows remote attackers to cause a denial of service (browser hang) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. | 5.0 |
2009-09-18 | CVE-2009-3243 | Wireshark Microsoft | Multiple vulnerability in Wireshark 1.2.0/1.2.1 Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations. | 5.0 |
2009-09-18 | CVE-2009-3242 | Wireshark | Multiple vulnerability in Wireshark 1.2.0/1.2.1 Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure. | 5.0 |
2009-09-15 | CVE-2009-3166 | Mozilla | Credentials Management vulnerability in Mozilla Bugzilla 3.4/3.4.1 token.cgi in Bugzilla 3.4rc1 through 3.4.1 places a password in a URL at the beginning of a login session that occurs immediately after a password reset, which allows context-dependent attackers to discover passwords by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history. | 5.0 |
2009-09-15 | CVE-2009-3199 | Uebimiau | Information Exposure vulnerability in Uebimiau 3.2.02.0 Uebimiau Webmail 3.2.0-2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database with usernames and password hashes via a direct request for system_admin/admin.ucf. | 5.0 |
2009-09-14 | CVE-2008-7239 | Oracle | Multiple vulnerability in Oracle E-Business Suite 11I 11.5.10.2 Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 allow remote attackers to affect confidentiality via unknown vectors related to the (1) Oracle Application Object Library (APP02) and (2) Oracle Applications Manager (APP04). | 5.0 |
2009-09-14 | CVE-2008-7227 | Geoserver | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Geoserver PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exception, with unknown impact and attack vectors. | 5.0 |
2009-09-17 | CVE-2009-3234 | Linux | Buffer Errors vulnerability in Linux Kernel 2.6.31 Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash) and execute arbitrary code via a "big size data" to the perf_counter_open system call. | 4.9 |
2009-09-18 | CVE-2009-2793 | Netbsd | Permissions, Privileges, and Access Controls vulnerability in Netbsd The kernel in NetBSD, probably 5.0.1 and earlier, on x86 platforms does not properly handle a pre-commit failure of the iret instruction, which might allow local users to gain privileges via vectors related to a tempEIP pseudocode variable that is outside of the code-segment limits. | 4.6 |
2009-09-18 | CVE-2009-1883 | Linux | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel 2.6.9 The z90crypt_unlocked_ioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage. | 4.4 |
2009-09-18 | CVE-2009-3266 | Opera | Cross-Site Scripting vulnerability in Opera Browser Opera before 10.01 does not properly restrict HTML in a (1) RSS or (2) Atom feed, which allows remote attackers to conduct cross-site scripting (XSS) attacks, and conduct cross-zone scripting attacks involving the Feed Subscription Page to read feeds or create feed subscriptions, via a crafted feed, related to the rendering of the application/rss+xml content type as "scripted content." | 4.3 |
2009-09-18 | CVE-2009-3265 | Opera | Cross-Site Scripting vulnerability in Opera Browser 10.00/9.0 Cross-site scripting (XSS) vulnerability in Opera 9 and 10 allows remote attackers to inject arbitrary web script or HTML via a (1) RSS or (2) Atom feed, related to the rendering of the application/rss+xml content type as "scripted content." NOTE: the vendor reportedly considers this behavior a "design feature," not a vulnerability. | 4.3 |
2009-09-18 | CVE-2009-3264 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome The getSVGDocument method in Google Chrome before 3.0.195.21 omits an unspecified "access check," which allows remote web servers to bypass the Same Origin Policy and conduct cross-site scripting attacks via unknown vectors, related to a user's visit to a different web server that hosts an SVG document. | 4.3 | |
2009-09-18 | CVE-2009-3263 | Cross-Site Scripting vulnerability in Google Chrome Cross-site scripting (XSS) vulnerability in Google Chrome 2.x and 3.x before 3.0.195.21 allows remote attackers to inject arbitrary web script or HTML via a (1) RSS or (2) Atom feed, related to the rendering of the application/rss+xml content type as XML "active content." Per http://www.securityfocus.com/archive/1/archive/1/506517/100/0/threaded VII. | 4.3 | |
2009-09-18 | CVE-2009-3260 | Livestreet | Cross-Site Scripting vulnerability in Livestreet 0.2 Cross-site scripting (XSS) vulnerability in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the header of the topic in a comment. | 4.3 |
2009-09-18 | CVE-2009-3256 | Livestreet | Cross-Site Scripting vulnerability in Livestreet 0.2 Cross-site scripting (XSS) vulnerability in include/ajax/blogInfo.php in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the URI, as demonstrated by a SCRIPT element in an arbitrary parameter such as the asd parameter. | 4.3 |
2009-09-18 | CVE-2009-3247 | Vtiger | Cross-Site Scripting vulnerability in Vtiger CRM 5.0.4 Cross-site scripting (XSS) vulnerability in the Activities module in vtiger CRM 5.0.4 allows remote attackers to inject arbitrary web script or HTML via the action parameter to phprint.php. | 4.3 |
2009-09-18 | CVE-2009-3240 | Ohwada Xoops | Cross-Site Scripting vulnerability in Ohwada Xf-Section 1.12A Cross-site scripting (XSS) vulnerability in the Happy Linux XF-Section module 1.12a for XOOPS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2009-09-18 | CVE-2009-2937 | Intertwingly | Cross-Site Scripting vulnerability in Intertwingly Planet and Planet Venus Cross-site scripting (XSS) vulnerability in Planet 2.0 and Planet Venus allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IMG element in a feed. | 4.3 |
2009-09-17 | CVE-2008-7242 | Modxcms | Cross-Site Scripting vulnerability in Modxcms 0.9.6.1 Multiple cross-site scripting (XSS) vulnerabilities in MODx CMS 0.9.6.1 and 0.9.6.1p1 allo remote attackers to inject arbitrary web script or HTML via the (1) search, (2) "a," (3) messagesubject, and (4) messagebody parameters to certain pages as reachable from manager/index.php; (5) highlight, (6) id, (7) email, (8) name, and (9) parent parameters to index.php; and the (10) docgrp and (11) moreResultsPage parameters to index-ajax.php. | 4.3 |
2009-09-17 | CVE-2009-3237 | Horde | Cross-Site Scripting vulnerability in Horde products Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.2 before 3.2.5 and 3.3 before 3.3.5; Groupware 1.1 before 1.1.6 and 1.2 before 1.2.4; and Groupware Webmail Edition 1.1 before 1.1.6 and 1.2 before 1.2.4; allow remote attackers to inject arbitrary web script or HTML via the (1) crafted number preferences that are not properly handled in the preference system (services/prefs.php), as demonstrated by the sidebar_width parameter; or (2) crafted unknown MIME "text parts" that are not properly handled in the MIME viewer library (config/mime_drivers.php). | 4.3 |
2009-09-17 | CVE-2009-3236 | Horde | Unspecified vulnerability in Horde Application Framework and Groupware The form library in Horde Application Framework 3.2 before 3.2.5 and 3.3 before 3.3.5; Groupware 1.1 before 1.1.6 and 1.2 before 1.2.4; and Groupware Webmail Edition 1.1 before 1.1.6 and 1.2 before 1.2.4; reuses temporary filenames during the upload process which allows remote attackers, with privileges to write to the address book, to overwrite arbitrary files and execute PHP code via crafted Horde_Form_Type_image form field elements. | 4.3 |
2009-09-16 | CVE-2009-3227 | Almondsoft | Cross-Site Scripting vulnerability in Almondsoft Affiliate Network Classifieds and Almond Classifieds Cross-site scripting (XSS) vulnerability in index.php in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds allows remote attackers to inject arbitrary web script or HTML via the city parameter in a search action. | 4.3 |
2009-09-16 | CVE-2009-3225 | Almondsoft | Cross-Site Scripting vulnerability in Almondsoft Almond Classifieds Multiple cross-site scripting (XSS) vulnerabilities in AlmondSoft Almond Classifieds Wap and Pro, and possibly Almond Affiliate Network Classifieds, allow remote attackers to inject arbitrary web script or HTML via (1) the page parameter in a browse action to index.php or (2) the addr parameter to gmap.php. | 4.3 |
2009-09-16 | CVE-2009-3216 | Wiccle | Path Traversal vulnerability in Wiccle Iwiccle 1.01 Multiple directory traversal vulnerabilities in iWiccle 1.01, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via a .. | 4.3 |
2009-09-16 | CVE-2009-3204 | Stivaforum | Cross-Site Scripting vulnerability in Stivaforum Stiva Forum 1.0 Multiple cross-site scripting (XSS) vulnerabilities in Stiva Forum 1.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) demo.php and (2) forum.php, and the PATH_INFO to (3) include_forum.php. | 4.3 |
2009-09-16 | CVE-2009-3202 | Uloki | Cross-Site Scripting vulnerability in Uloki PHP Forum 2.1 Cross-site scripting (XSS) vulnerability in search.php in ULoKI PHP Forum 2.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter. | 4.3 |
2009-09-15 | CVE-2009-3201 | ROB Schultz | Numeric Errors vulnerability in ROB Schultz Media Player Classic 6.4.9 Integer overflow in Media Player Classic 6.4.9 allows user-assisted remote attackers to cause a denial of service (application crash) via a MIDI file (.mid) with a malformed header, which triggers a buffer overflow, a different vulnerability than CVE-2007-4940. | 4.3 |
2009-09-15 | CVE-2009-2945 | Stanford | Credentials Management vulnerability in Stanford Webauth 3.5.5/3.6.0/3.6.1 weblogin/login.fcgi (aka the WebLogin login script) in Stanford University WebAuth 3.5.5, 3.6.0, and 3.6.1 places passwords in URLs in certain circumstances involving conversion of a POST request to a GET request, which allows context-dependent attackers to discover passwords by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history. | 4.3 |
2009-09-15 | CVE-2009-3198 | JCE Tech | Cross-Site Scripting vulnerability in Jce-Tech Affiliate Master Datafeed Parser 2.0 Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech Affiliate Master Datafeed Parser Script 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 4.3 |
2009-09-15 | CVE-2009-3197 | JCE Tech | Cross-Site Scripting vulnerability in Jce-Tech PHP Calendars Script Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech PHP Calendars Script allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 4.3 |
2009-09-15 | CVE-2009-3196 | JCE Tech | Cross-Site Scripting vulnerability in Jce-Tech PHP Video Script Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech PHP Video Script allows remote attackers to inject arbitrary web script or HTML via the key parameter. | 4.3 |
2009-09-15 | CVE-2009-3195 | JCE Tech | Cross-Site Scripting vulnerability in Jce-Tech Auction RSS Content Script 3.0 Multiple cross-site scripting (XSS) vulnerabilities in JCE-Tech Auction RSS Content Script 3.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) rss.php and (2) search.php. | 4.3 |
2009-09-15 | CVE-2009-3194 | JCE Tech | Cross-Site Scripting vulnerability in Jce-Tech Searchfeed Script Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech SearchFeed Script allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 4.3 |
2009-09-15 | CVE-2009-3192 | Linkorcms | Cross-Site Scripting vulnerability in Linkorcms 1.1/1.2 Multiple cross-site scripting (XSS) vulnerabilities in index.php in LinkorCMS 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the searchstr parameter in a search action; or the (2) nikname, (3) realname, (4) homepage, or (5) city parameter in a registration action. | 4.3 |
2009-09-15 | CVE-2009-3191 | PAD Site Scripts | Cross-Site Scripting vulnerability in Pad-Site-Scripts PAD Site Scripts 3.6 Multiple cross-site scripting (XSS) vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to inject arbitrary web script or HTML via the cat parameter to (1) rss.php and (2) opml.php. | 4.3 |
2009-09-15 | CVE-2009-3189 | Digioz | Cross-Site Scripting vulnerability in Digioz Guestbook 1.7.2 Cross-site scripting (XSS) vulnerability in search.php in DigiOz Guestbook 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the search_term parameter. | 4.3 |
2009-09-15 | CVE-2009-3187 | Standalonearcade | Cross-Site Scripting vulnerability in Standalonearcade SAA 1.1 Cross-site scripting (XSS) vulnerability in gamelist.php in Stand Alone Arcade 1.1 allows remote attackers to inject arbitrary web script or HTML via the cat parameter. | 4.3 |
2009-09-15 | CVE-2009-3186 | Videogirls | Cross-Site Scripting vulnerability in Videogirls BIZ Multiple cross-site scripting (XSS) vulnerabilities in VideoGirls BiZ allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to forum.php, (2) profile_name parameter to profile.php, and (3) p parameter to view.php. | 4.3 |
2009-09-14 | CVE-2009-2814 | Apple | Cross-Site Scripting vulnerability in Apple mac OS X Server 10.5.8 Cross-site scripting (XSS) vulnerability in the Wiki Server in Apple Mac OS X 10.5.8 allows remote attackers to inject arbitrary web script or HTML via a search request containing data that does not use UTF-8 encoding. | 4.3 |
2009-09-14 | CVE-2008-7236 | Oracle | Unspecified vulnerability in Oracle Application Server 10.1.2.2/10.1.3.1 Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 and 10.1.3.1 allows remote attackers to affect integrity via unknown vectors, aka AS05. | 4.3 |
2009-09-14 | CVE-2008-7235 | Oracle | Unspecified vulnerability in Oracle Application Server and E-Business Suite Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10.1.2.2 and E-Business Suite 12.0.3 allows remote attackers to affect integrity via unknown vectors, aka AS04. | 4.3 |
2009-09-14 | CVE-2008-7223 | Linpha | Cross-Site Scripting vulnerability in Linpha Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via (1) ftp/index.php, (2) viewer.php, (3) functions/other.php, (4) include/left_menu.class.php, or (5) plugins/stats/stats_view.php. | 4.3 |
2009-09-14 | CVE-2008-7222 | Runcms | Cross-Site Scripting vulnerability in Runcms 1.6.1 Cross-site scripting (XSS) vulnerability in system/admin.php in RunCMS 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the rank_title parameter in a RankForumAdd action. | 4.3 |
2009-09-18 | CVE-2009-3251 | Vtiger | Permissions, Privileges, and Access Controls vulnerability in Vtiger CRM include/utils/ListViewUtils.php in vtiger CRM before 5.1.0 allows remote authenticated users to bypass intended access restrictions and read the (1) visibility, (2) location, and (3) recurrence fields of a calendar via a custom view. | 4.0 |
2009-09-17 | CVE-2009-3229 | Postgresql | Multiple Security vulnerability in PostgreSQL The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service (backend shutdown) by "re-LOAD-ing" libraries from a certain plugins directory. | 4.0 |
2009-09-14 | CVE-2008-7237 | Oracle | Unspecified vulnerability in Oracle Application Server 10.1.2.2/9.0.4.3 Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows remote authenticated users to affect confidentiality via unknown vectors, aka AS06. | 4.0 |
6 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-09-18 | CVE-2009-3257 | Vtiger | Permissions, Privileges, and Access Controls vulnerability in Vtiger CRM vtiger CRM before 5.1.0 allows remote authenticated users to bypass the permissions on the (1) Account Billing Address and (2) Shipping Address fields in a profile by creating a Sales Order (SO) associated with that profile. | 3.6 |
2009-09-18 | CVE-2009-3262 | IBM | Cross-Site Scripting vulnerability in IBM Tivoli Identity Manager 5.0.0.5 Cross-site scripting (XSS) vulnerability in the Self Service UI (SSUI) in IBM Tivoli Identity Manager (ITIM) 5.0.0.5 allows remote authenticated users to inject arbitrary web script or HTML via the last name field in a profile. | 3.5 |
2009-09-16 | CVE-2009-3210 | Drupal Joao Ventura | Cross-Site Scripting vulnerability in Joao Ventura Print Multiple cross-site scripting (XSS) vulnerabilities in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.8 and 6.x before 6.x-1.8, a module for Drupal, allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2009-09-16 | CVE-2009-3206 | Drupal Drewish | Cross-Site Scripting vulnerability in Drewish Imagecache Multiple cross-site scripting (XSS) vulnerabilities in the ImageCache module 5.x before 5.x-2.5 and 6.x before 6.x-2.0-beta10, a module for Drupal, allow remote authenticated users, with "administer imagecache" permissions, to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2009-09-14 | CVE-2008-7231 | Meridio | Cross-Site Scripting vulnerability in Meridio Document and Records Management 4.2 Cross-site scripting (XSS) vulnerability in Meridio Document and Records Management before 4.3 SR1 allows remote authenticated users to inject arbitrary web script or HTML via the Title field in a (1) document (subGeneralProps:dmpvDocTitle:PROP_W_title) or (2) container (subGeneralProps:dmpvContainerTitle:PROP_W_title). | 3.5 |
2009-09-15 | CVE-2009-2201 | Apple | Cryptographic Issues vulnerability in Apple Xsan 1.0/1.2/1.3 The screensharing feature in the Admin application in Apple Xsan before 2.2 places a cleartext username and password in a URL within an error dialog, which allows physically proximate attackers to obtain credentials by reading this dialog. | 2.1 |