Weekly Vulnerabilities Reports > October 26 to November 1, 2009
Overview
65 new vulnerabilities reported during this period, including 21 critical vulnerabilities and 11 high severity vulnerabilities. This weekly summary report vulnerabilities in 48 products from 45 vendors including Mozilla, Drupal, Typo3, Runcms, and Opendocman. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "SQL Injection", "Permissions, Privileges, and Access Controls", and "Path Traversal".
- 64 reported vulnerabilities are remotely exploitables.
- 9 reported vulnerabilities have public exploit available.
- 21 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 61 reported vulnerabilities are exploitable by an anonymous user.
- Mozilla has the most reported vulnerabilities, with 14 reported vulnerabilities.
- Mozilla has the most reported critical vulnerabilities, with 11 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
21 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-10-29 | CVE-2009-3383 | Mozilla | Remote Memory Corruption vulnerability in Mozilla Firefox 3.5.1/3.5.2/3.5.3 Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 10.0 |
2009-10-29 | CVE-2009-3382 | Mozilla | Remote Memory Corruption vulnerability in Mozilla Firefox layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. | 10.0 |
2009-10-29 | CVE-2009-3381 | Mozilla | Remote Memory Corruption vulnerability in Mozilla Firefox 3.5.1/3.5.2/3.5.3 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 10.0 |
2009-10-29 | CVE-2009-3380 | Mozilla | Remote Memory Corruption vulnerability in Mozilla Firefox Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 10.0 |
2009-10-29 | CVE-2009-3379 | Mozilla | Remote Memory Corruption vulnerability in Mozilla Firefox 3.5.1/3.5.2/3.5.3 Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. | 10.0 |
2009-10-29 | CVE-2009-3377 | Mozilla | Remote Memory Corruption vulnerability in Mozilla Firefox Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. | 10.0 |
2009-10-29 | CVE-2009-3373 | Mozilla | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox and Seamonkey Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2009-10-29 | CVE-2009-3371 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by creating JavaScript web-workers recursively. | 10.0 |
2009-10-28 | CVE-2009-3819 | Typo3 URS Maag | Remote Security vulnerability in Maag Randomimage Unspecified vulnerability in the Random Images (maag_randomimage) extension 1.6.4 and earlier for TYPO3 allows remote attackers to execute arbitrary shell commands via unspecified vectors. | 10.0 |
2009-10-28 | CVE-2009-3818 | Typo3 Stanislas Rolland | Remote Security vulnerability in Sr Freecap Unspecified vulnerability in the session handling feature in freeCap CAPTCHA (sr_freecap) extension 1.2.0 and earlier for TYPO3 has unknown impact and attack vectors. | 10.0 |
2009-10-30 | CVE-2009-3831 | Opera | Out-of-bounds Write vulnerability in Opera Browser Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name. | 9.3 |
2009-10-30 | CVE-2009-3829 | Wireshark | Numeric Errors vulnerability in Wireshark Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." | 9.3 |
2009-10-29 | CVE-2009-3378 | Mozilla | Remote Memory Corruption vulnerability in Mozilla Firefox 3.5.1/3.5.2/3.5.3 The oggplay_data_handle_theora_frame function in media/liboggplay/src/liboggplay/oggplay_data.c in liboggplay, as used in Mozilla Firefox 3.5.x before 3.5.4, attempts to reuse an earlier frame data structure upon encountering a decoding error for the first frame, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a crafted .ogg video file. | 9.3 |
2009-10-29 | CVE-2009-3376 | Mozilla | Configuration vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file. | 9.3 |
2009-10-29 | CVE-2009-3372 | Mozilla | Unspecified vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file. | 9.3 |
2009-10-27 | CVE-2009-3812 | Otslabs | Buffer Errors vulnerability in Otslabs Otsav DJ, Otsav Radio and Otsav TV Heap-based buffer overflow in OtsAV DJ trial version 1.85.64.0, Radio trial version 1.85.64.0, TV trial version 1.85.64.0, and Free version 1.77.001 allows remote attackers to execute arbitrary code via a long playlist in an Ots File List (.ofl) file. | 9.3 |
2009-10-27 | CVE-2009-3811 | Assistanttools | Buffer Errors vulnerability in Assistanttools Music TAG Editor 1.61 Stack-based buffer overflow in Music Tag Editor 1.61 build 212 allows remote attackers to execute arbitrary code via an MP3 file with a long ID3 tag. | 9.3 |
2009-10-27 | CVE-2009-3810 | Acoustica | Buffer Errors vulnerability in Acoustica MP3 Audio Mixer 2.471 Heap-based buffer overflow in Acoustica MP3 Audio Mixer 2.471 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in a .M3U playlist file. | 9.3 |
2009-10-27 | CVE-2009-3808 | Kramware | Unspecified vulnerability in Kramware Mixsense DJ Studio 1.0.0.1 MixSense DJ Studio 1.0.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in an .mp3 playlist file. | 9.3 |
2009-10-27 | CVE-2009-3807 | Mixvibes | Buffer Errors vulnerability in Mixvibes 7.043 Stack-based buffer overflow in MixVibes 7.043 Pro allows remote attackers to cause a denial of service (crash) via a long string in a .vib file. | 9.3 |
2009-10-26 | CVE-2009-3790 | Cutepdf | Buffer Errors vulnerability in Cutepdf Formmax 3.5 Heap-based buffer overflow in FormMax (formerly AcroForm) evaluation 3.5 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted FormMax import (.aim) file. | 9.3 |
11 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-10-29 | CVE-2009-3374 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects." | 7.5 |
2009-10-28 | CVE-2009-3825 | Thomas Graber | Path Traversal vulnerability in Thomas Graber Gencms 2006 Multiple directory traversal vulnerabilities in GenCMS 2006 allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2009-10-28 | CVE-2009-3824 | Michael J Greenwood | Path Traversal vulnerability in Michael J Greenwood PHP Content Manager 0.3.2 Directory traversal vulnerability in include/processor.php in Greenwood PHP Content Manager 0.3.2 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2009-10-28 | CVE-2009-3822 | Joomla Fijiwebdesign | Code Injection vulnerability in Fijiwebdesign COM Ajaxchat 1.0 PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat (com_ajaxchat) component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter to tests/ajcuser.php. | 7.5 |
2009-10-28 | CVE-2009-3820 | Typo3 Flagbit | SQL Injection vulnerability in Flagbit FB Filebase 0.1.0 SQL injection vulnerability in the Flagbit Filebase (fb_filebase) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2009-10-28 | CVE-2009-3817 | Joomla Ordasoft | Code Injection vulnerability in Ordasoft COM Booklibrary 1.0 PHP remote file inclusion vulnerability in doc/releasenote.php in the BookLibrary (com_booklibrary) component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter, a different vector than CVE-2009-2637. | 7.5 |
2009-10-27 | CVE-2009-3806 | Dedecms | SQL Injection vulnerability in Dedecms 5.1 SQL injection vulnerability in feedback_js.php in DedeCMS 5.1 allows remote attackers to execute arbitrary SQL commands via the arcurl parameter. | 7.5 |
2009-10-27 | CVE-2009-3801 | Opendocman | SQL Injection vulnerability in Opendocman 1.2.5 SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via the frmpass (aka Password) parameter. | 7.5 |
2009-10-26 | CVE-2009-3788 | Opendocman | SQL Injection vulnerability in Opendocman 1.2.5 SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via the frmuser (aka Username) parameter. | 7.5 |
2009-10-26 | CVE-2009-3781 | Drupal Quicksketch | Permissions, Privileges, and Access Controls vulnerability in Quicksketch Filefield 6.X3.1 The filefield_file_download function in FileField 6.x-3.1, a module for Drupal, does not properly check node-access permissions for Drupal core private files, which allows remote attackers to access unauthorized files via unspecified vectors. | 7.5 |
2009-10-26 | CVE-2009-3778 | Adam Gerson Drupal | SQL Injection vulnerability in Adam Gerson Moodle Courselist 6.X1.2 SQL injection vulnerability in Moodle Course List 6.x before 6.x-1.2, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
31 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-10-26 | CVE-2009-3785 | Drupal Sjoerd Arendsen | Cross-Site Request Forgery (CSRF) vulnerability in Sjoerd Arendsen Simplenews Statistics Multiple cross-site request forgery (CSRF) vulnerabilities in Simplenews Statistics 6.x before 6.x-2.0, a module for Drupal, allow remote attackers to hijack the authentication of arbitrary users via unknown vectors. | 6.8 |
2009-10-26 | CVE-2009-3784 | Drupal Sjoerd Arendsen | Cross-Site Request Forgery (CSRF) vulnerability in Sjoerd Arendsen Simplenews Statistics Open redirect vulnerability in Simplenews Statistics 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 6.8 |
2009-10-27 | CVE-2009-3814 | Runcms | Code Injection vulnerability in Runcms 2M1 Static code injection vulnerability in RunCMS 2M1 allows remote authenticated administrators to execute arbitrary PHP code via the "Filter/Banning" feature, as demonstrated by modifying modules/system/cache/bademails.php using the "Prohibited: Emails" action, and other unspecified filters. | 6.5 |
2009-10-27 | CVE-2009-3813 | Runcms | SQL Injection vulnerability in Runcms 2M1 Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the (1) forum parameter to modules/forum/post.php and possibly (2) forum_id variable to modules/forum/class/class.permissions.php. | 6.5 |
2009-10-27 | CVE-2009-3804 | Runcms | SQL Injection vulnerability in Runcms 2M1 Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via (1) the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or (2) the topic_id parameter. | 6.5 |
2009-10-30 | CVE-2009-3832 | Opera | Open Redirect vulnerability in Opera Browser Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site. | 5.8 |
2009-10-28 | CVE-2009-3639 | Proftpd | Cryptographic Issues vulnerability in Proftpd The mod_tls module in ProFTPD before 1.3.2b, and 1.3.3 before 1.3.3rc2, when the dNSNameRequired TLS option is enabled, does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 client certificate, which allows remote attackers to bypass intended client-hostname restrictions via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | 5.8 |
2009-10-30 | CVE-2009-3830 | Microsoft | Improper Input Validation vulnerability in Microsoft Sharepoint Server 2007 The download functionality in Team Services in Microsoft Office SharePoint Server 2007 12.0.0.4518 and 12.0.0.6219 allows remote attackers to read ASP.NET source code via pathnames in the SourceUrl and Source parameters to _layouts/download.aspx. | 5.0 |
2009-10-30 | CVE-2009-3549 | Wireshark SUN | Improper Input Validation vulnerability in Wireshark 1.2/1.2.0/1.2.1 packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. | 5.0 |
2009-10-30 | CVE-2009-3828 | Everfocus | Improper Authentication vulnerability in Everfocus Edr1600 The web interface for Everfocus EDR1600 DVR allows remote attackers to bypass authentication and access live cams via certain vectors. | 5.0 |
2009-10-29 | CVE-2009-3626 | Perl | Remote Denial of Service vulnerability in Perl 5.10.1 Perl 5.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match. | 5.0 |
2009-10-29 | CVE-2009-3370 | Mozilla | Unspecified vulnerability in Mozilla Firefox Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries. | 5.0 |
2009-10-28 | CVE-2009-3826 | Squidguard | Buffer Errors vulnerability in Squidguard 1.4 Multiple buffer overflows in squidGuard 1.4 allow remote attackers to bypass intended URL blocking via a long URL, related to (1) the relationship between a certain buffer size in squidGuard and a certain buffer size in Squid and (2) a redirect URL that contains information about the originally requested URL. | 5.0 |
2009-10-28 | CVE-2009-3700 | Squidguard | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Squidguard 1.3/1.4 Buffer overflow in sgLog.c in squidGuard 1.3 and 1.4 allows remote attackers to cause a denial of service (application hang or loss of blocking functionality) via a long URL with many / (slash) characters, related to "emergency mode." | 5.0 |
2009-10-27 | CVE-2009-3815 | Runcms | Information Exposure vulnerability in Runcms 2M1 RunCMS 2M1, when running with certain error_reporting levels, allows remote attackers to obtain sensitive information via (1) the op[] parameter to modules/contact/index.php or (2) uid[] parameter to userinfo.php, which leaks the installation path in an error message when these parameters are used in a call to the preg_match function. | 5.0 |
2009-10-27 | CVE-2009-3802 | Amirocms | Improper Input Validation vulnerability in Amirocms Amiro.Cms Amiro.CMS 5.4.0.0 and earlier allows remote attackers to obtain sensitive information via an invalid loginname ("%%%") to _admin/index.php, which reveals the installation path and other information in an error message. | 5.0 |
2009-10-26 | CVE-2009-3787 | Vivvo | Path Traversal vulnerability in Vivvo 4.1.5.1 files.php in Vivvo CMS 4.1.5.1 allows remote attackers to conduct directory traversal attacks and read arbitrary files via the file parameter with "logs/" in between two . | 5.0 |
2009-10-29 | CVE-2009-3627 | Derrick Oswald | Improper Input Validation vulnerability in Derrick Oswald Html-Parser The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service (infinite loop) via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character. | 4.3 |
2009-10-29 | CVE-2009-3375 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function. | 4.3 |
2009-10-28 | CVE-2009-3641 | Snort | Denial Of Service vulnerability in Snort Snort before 2.8.5.1, when the -v option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted IPv6 packet that uses the (1) TCP or (2) ICMP protocol. | 4.3 |
2009-10-28 | CVE-2009-3823 | Ac4P | Path Traversal vulnerability in Ac4P Mobilelib Gold 3.0 Directory traversal vulnerability in myhtml.php in Mobilelib GOLD 3.0, when magic_quotes_gpc is enabled, allows remote attackers to read arbitrary files via a .. | 4.3 |
2009-10-28 | CVE-2009-3821 | Typo3 Apache | Cross-Site Scripting vulnerability in Apache Solr 1.0.0 Cross-site scripting (XSS) vulnerability in the Apache Solr Search (solr) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2009-10-28 | CVE-2009-3816 | IBM | Cross-Site Scripting vulnerability in IBM Lotus Connections 2.5.0.0 Multiple cross-site scripting (XSS) vulnerabilities in Activities pages in the Mobile subsystem in IBM Lotus Connections 2.5.0.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2009-10-27 | CVE-2009-3809 | Acoustica | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Acoustica MP3 Audio Mixer 1.0/2.471 Acoustica MP3 Audio Mixer 1.0 and possibly 2.471 allows remote attackers to cause a denial of service (crash) via a long string in a .sgp playlist file. | 4.3 |
2009-10-27 | CVE-2009-3805 | KDE Apps Gpg4Win | Remote Denial of Service vulnerability in Gpg4Win 2.0.1 gpg2.exe in Gpg4win 2.0.1, as used in KDE Kleopatra 2.0.11, allows remote attackers to cause a denial of service (application crash) via a long certificate signature. | 4.3 |
2009-10-27 | CVE-2009-3803 | Amirocms | Cross-Site Scripting vulnerability in Amirocms Amiro.Cms Multiple cross-site scripting (XSS) vulnerabilities in Amiro.CMS 5.4.0.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the status_message parameter to (1) /news, (2) /comment, (3) /forum, (4) /blog, and (5) /tags; the status_message parameter to (6) forum.php, (7) discussion.php, (8) guestbook.php, (9) blog.php, (10) news.php, (11) srv_updates.php, (12) srv_backups.php, (13) srv_twist_prevention.php, (14) srv_tags.php, (15) srv_tags_reindex.php, (16) google_sitemap.php, (17) sitemap_history.php, (18) srv_options.php, (19) locales.php and (20) plugins_wizard.php in _admin/; a crafted IMG BBcode tag in the message body of a (21) forum, (22) guestbook, or (23) comment; (24) the content of an avatar file, which is not properly handled by Internet Explorer; and (25) the loginname parameter (aka username) in _admin/index.php. | 4.3 |
2009-10-26 | CVE-2009-3789 | Opendocman | Cross-Site Scripting vulnerability in Opendocman 1.2.5 Multiple cross-site scripting (XSS) vulnerabilities in OpenDocMan 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the last_message parameter to (1) add.php, (2) toBePublished.php, (3) index.php, and (4) admin.php; the PATH_INFO to the default URI to (5) category.php, (6) department.php, (7) profile.php, (8) rejects.php, (9) search.php, (10) toBePublished.php, (11) user.php, and (12) view_file.php; and (13) the caller parameter in a Modify User action to user.php. | 4.3 |
2009-10-26 | CVE-2009-3786 | Moshe Weitzman Drupal | Cross-Site Scripting vulnerability in Moshe Weitzman OG Vocab 5.X1.0/5.X1.Xdev Cross-site scripting (XSS) vulnerability in Organic Groups (OG) Vocabulary 5.x before 5.x-1.1 and 6.x before 6.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the group title. | 4.3 |
2009-10-26 | CVE-2009-3783 | Drupal Sjoerd Arendsen | Cross-Site Scripting vulnerability in Sjoerd Arendsen Simplenews Statistics Cross-site scripting (XSS) vulnerability in Simplenews Statistics 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vector. | 4.3 |
2009-10-26 | CVE-2009-3780 | Drupal Ashok Modi | Cross-Site Scripting vulnerability in Ashok Modi Abuse 5.X1.0/5.X1.Xdev/5.X2.Xdev Cross-site scripting (XSS) vulnerability in Abuse 5.x before 5.x-2.1 and 6.x before 6.x-1.1-alpha1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2009-10-26 | CVE-2009-3779 | Drupal Stefan Auditor | Cross-Site Scripting vulnerability in Stefan Auditor Vcard Cross-site scripting (XSS) vulnerability in vCard 5.x before 5.x-1.4 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the addition of the theme_vcard function to a theme and the use of default content. | 4.3 |
2 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2009-10-26 | CVE-2009-3611 | LE WEB | Permissions, Privileges, and Access Controls vulnerability in Le-Web Backintime 0.9.26 common/snapshots.py in Back In Time (aka backintime) 0.9.26 changes certain permissions to 0777 before deleting the files in an old backup snapshot, which allows local users to obtain sensitive information by reading these files, or interfere with backup integrity by modifying files that are shared across snapshots. | 3.6 |
2009-10-26 | CVE-2009-3782 | Drupal 2Bits | Information Exposure vulnerability in 2Bits Userpoints 6.X1.0/6.X1.Xdev Unspecified vulnerability in Userpoints 6.x before 6.x-1.1, a module for Drupal, allows remote authenticated users with "View own userpoints" permissions to read the userpoint data of arbitrary users via unknown attack vectors. | 3.5 |