Weekly Vulnerabilities Reports > January 11 to 17, 2010
Overview
110 new vulnerabilities reported during this period, including 16 critical vulnerabilities and 32 high severity vulnerabilities. This weekly summary report vulnerabilities in 100 products from 60 vendors including Typo3, Oracle, Microsoft, Apple, and Adobe. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Improper Input Validation", "Permissions, Privileges, and Access Controls", and "Numeric Errors".
- 102 reported vulnerabilities are remotely exploitables.
- 12 reported vulnerabilities have public exploit available.
- 43 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 99 reported vulnerabilities are exploitable by an anonymous user.
- Typo3 has the most reported vulnerabilities, with 27 reported vulnerabilities.
- Apple has the most reported critical vulnerabilities, with 6 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
16 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2010-01-13 | CVE-2009-4212 | MIT | Numeric Errors vulnerability in MIT Kerberos and Kerberos 5 Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid. | 10.0 |
| 2010-01-13 | CVE-2009-3959 | Adobe Apple Microsoft Unix | Numeric Errors vulnerability in Adobe Acrobat and Acrobat Reader Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document. | 10.0 |
| 2010-01-13 | CVE-2009-3958 | Adobe Apple Microsoft Unix | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Multiple stack-based buffer overflows in the NOS Microsystems getPlus Helper ActiveX control before 1.6.2.49 in gp.ocx in the Download Manager in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow remote attackers to execute arbitrary code via unspecified initialization parameters. | 10.0 |
| 2010-01-13 | CVE-2009-3956 | Adobe Apple Microsoft Unix | Configuration vulnerability in Adobe Acrobat and Acrobat Reader The default configuration of Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, does not enable the Enhanced Security feature, which has unspecified impact and attack vectors, related to a "script injection vulnerability," as demonstrated by Acrobat Forms Data Format (FDF) behavior that allows cross-site scripting (XSS) by user-assisted remote attackers. | 10.0 |
| 2010-01-13 | CVE-2009-3955 | Adobe Apple Microsoft | Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption. | 10.0 |
| 2010-01-13 | CVE-2009-3954 | Adobe Apple Microsoft Unix | Code Injection vulnerability in Adobe Acrobat and Acrobat Reader The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a "DLL-loading vulnerability." Per: http://www.adobe.com/support/security/bulletins/apsb10-02.html Affected software versions Adobe Reader 9.2 and earlier versions for Windows, Macintosh, and UNIX Adobe Acrobat 9.2 and earlier versions for Windows and Macintosh Per: http://www.adobe.com/support/security/bulletins/apsb10-02.html a DLL-loading vulnerability in 3D that could allow arbitrary code execution (CVE-2009-3954). | 10.0 |
| 2010-01-13 | CVE-2009-3953 | Adobe Apple Microsoft Unix | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994. | 10.0 |
| 2010-01-13 | CVE-2009-3637 | Icculus | Buffer Errors vulnerability in Icculus Alien Arena 7.30 Stack-based buffer overflow in the M_AddToServerList function in client/menu.c in Red Planet Arena Alien Arena 7.30 allows remote attackers to execute arbitrary code via a packet with a crafted server description to UDP port 27901 followed by a packet with a long print command. | 10.0 |
| 2010-01-13 | CVE-2010-0079 | Oracle SUN | Unspecified vulnerability in Oracle BEA Product Suite R27.6.5 Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 10.0 |
| 2010-01-13 | CVE-2010-0072 | Oracle | Oracle Secure Backup Remote Code Execution vulnerability in Oracle Secure Backup 10.2.0.3 Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 10.0 |
| 2010-01-13 | CVE-2010-0071 | Oracle | Remote Listener Memory Corruption vulnerability in Oracle Database Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 10.0 |
| 2010-01-12 | CVE-2009-4538 | Linux Debian | Remote Security Bypass vulnerability in Linux Kernel drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537. | 10.0 |
| 2010-01-15 | CVE-2010-0316 | Numeric Errors vulnerability in Google Sketchup Integer overflow in Google SketchUp before 7.1 M2 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a crafted SKP file. | 9.3 | |
| 2010-01-15 | CVE-2010-0280 | JAN Eric Krprianidis | Numeric Errors vulnerability in multiple products Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted structures in a 3DS file, probably related to mesh.c. | 9.3 |
| 2010-01-14 | CVE-2009-4182 | HP | Remote Information Disclosure vulnerability in HP web Jetadmin 10.2 Multiple unspecified vulnerabilities in HP Web Jetadmin 10.2, when a remote SQL server is used, allow remote attackers to obtain access to data or cause a denial of service, possibly by leveraging authentication and encryption weaknesses on the SQL server. | 9.0 |
| 2010-01-13 | CVE-2009-3415 | Oracle | OLAP Remote Unspecified vulnerability in Oracle Database Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | 9.0 |
32 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2010-01-15 | CVE-2010-0249 | Microsoft | Use After Free vulnerability in Microsoft Internet Explorer Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object, related to incorrectly initialized memory and improper handling of objects in memory, as exploited in the wild in December 2009 and January 2010 during Operation Aurora, aka "HTML Object Memory Corruption Vulnerability." | 8.8 |
| 2010-01-15 | CVE-2010-0323 | Arco VAN Geest Typo3 | Information Disclosure vulnerability in Goof Fotoboek Unspecified vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. | 7.8 |
| 2010-01-15 | CVE-2010-0317 | Novell | Resource Management Errors vulnerability in Novell Netware 6.5 Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereference, memory consumption, ABEND, and crash) via a large number of malformed or AFP requests that are not properly handled by (1) the CIFS functionality in CIFS.nlm Semantic Agent (Build 163 MP) 3.27 or (2) the AFP functionality in AFPTCP.nlm Build 163 SP 3.27. | 7.8 |
| 2010-01-12 | CVE-2009-4537 | Linux Debian | Improper Input Validation vulnerability in Linux Kernel drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. | 7.8 |
| 2010-01-12 | CVE-2009-4536 | Linux Debian | Numeric Errors vulnerability in Linux Kernel drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. | 7.8 |
| 2010-01-15 | CVE-2010-0350 | Arco VAN Geest Typo3 | Path Traversal vulnerability in Arco VAN Geest Goof Fotoboek Directory traversal vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 has unknown impact and remote attack vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0344 | Typo3 | SQL Injection vulnerability in Typo3 ZAK Store Management SQL injection vulnerability in the zak_store_management extension 1.0.0 and earlier TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0343 | Typo3 | SQL Injection vulnerability in Typo3 PB Clanlist 0.0.1 SQL injection vulnerability in the Clan Users List (pb_clanlist) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0342 | Typo3 | SQL Injection vulnerability in Typo3 JOB Reports SQL injection vulnerability in the Reports for Job (job_reports) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0341 | Typo3 | SQL Injection vulnerability in Typo3 BB Simplejobs SQL injection vulnerability in the BB Simple Jobs (bb_simplejobs) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0340 | Typo3 | SQL Injection vulnerability in Typo3 Mjseventpro SQL injection vulnerability in the MJS Event Pro (mjseventpro) extension 0.2.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0339 | Typo3 | SQL Injection vulnerability in Typo3 Vm19 Userlinks SQL injection vulnerability in the User Links (vm19_userlinks) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0338 | Typo3 | SQL Injection vulnerability in Typo3 Ttpedit 0.0.2 SQL injection vulnerability in the TT_Products editor (ttpedit) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0337 | Typo3 | SQL Injection vulnerability in Typo3 DL3 TT News Alerts SQL injection vulnerability in the tt_news Mail alert (dl3_tt_news_alerts) extension 0.2.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0334 | Francisco Cifuentes Typo3 | SQL Injection vulnerability in Francisco Cifuentes Vote for TT News 1.0.1 SQL injection vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0333 | Matthias Graubner Typo3 | SQL Injection vulnerability in Matthias Graubner MG Help SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0332 | Stefan Tannhaeuser Typo3 | SQL Injection vulnerability in Stefan Tannhaeuser Tv21 Talkshow 1.0.1 SQL injection vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0330 | Julian Fries Typo3 | SQL Injection vulnerability in Julian Fries JF Easymaps SQL injection vulnerability in the Googlemaps for tt_news (jf_easymaps) extension 1.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0329 | Alex Kellner Typo3 | SQL Injection vulnerability in Alex Kellner Powermail SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection field" and "typoscript." | 7.5 |
| 2010-01-15 | CVE-2010-0324 | Patrick Bauerochse Typo3 | SQL Injection vulnerability in Patrick Bauerochse REF List SQL injection vulnerability in the Customer Reference List (ref_list) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-15 | CVE-2010-0322 | Matthias Karr Typo3 | SQL Injection vulnerability in Matthias Karr MK Anydropdownmenu SQL injection vulnerability in the init function in MK-AnydropdownMenu (mk_anydropdownmenu) extension 0.3.28 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-14 | CVE-2009-4613 | Netartmedia | SQL Injection vulnerability in Netartmedia Real Estate Portal 2.0 SQL injection vulnerability in realestate20/loginaction.php in NetArt Media Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the Password parameter. | 7.5 |
| 2010-01-14 | CVE-2010-0015 | GNU | Credentials Management vulnerability in GNU Glibc 2.10.2/2.7 nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function. | 7.5 |
| 2010-01-13 | CVE-2009-4611 | Mortbay | Improper Input Validation vulnerability in Mortbay Jetty Mort Bay Jetty 6.x through 6.1.22 and 7.0.0 writes backtrace data without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator, related to (1) a string value in the Age parameter to the default URI for the Cookie Dump Servlet in test-jetty-webapp/src/main/java/com/acme/CookieDump.java under cookie/, (2) an alphabetic value in the A parameter to jsp/expr.jsp, or (3) an alphabetic value in the Content-Length HTTP header to an arbitrary application. | 7.5 |
| 2010-01-12 | CVE-2009-4604 | Fernando Soares Joomla | Code Injection vulnerability in Fernando Soares COM Mamboleto 2.0 PHP remote file inclusion vulnerability in mamboleto.php in the Fernando Soares Mamboleto (com_mamboleto) component 2.0 RC3 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2010-01-12 | CVE-2009-4600 | Netartmedia | SQL Injection vulnerability in Netartmedia Media Real Estate Portal 2.0 SQL injection vulnerability in realestate20/loginaction.php in NetArt Media Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the Email parameter (aka the username field). | 7.5 |
| 2010-01-12 | CVE-2009-4599 | Joomshark Joomla | SQL Injection vulnerability in Joomshark COM Jsjobs 1.0.5.6 Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) component 1.0.5.6 for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the md parameter in an employer view_company action to index.php or (2) the oi parameter in an employer view_job action to index.php. | 7.5 |
| 2010-01-12 | CVE-2009-4598 | Corephp Joomla | SQL Injection vulnerability in Corephp COM Jphoto 1.0 SQL injection vulnerability in the JPhoto (com_jphoto) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a category action to index.php. | 7.5 |
| 2010-01-12 | CVE-2009-4597 | Phpwares | SQL Injection vulnerability in PHPwares PHP Inventory 1.2 Multiple SQL injection vulnerabilities in index.php in PHP Inventory 1.2 allow (1) remote authenticated users to execute arbitrary SQL commands via the user_id parameter in a users details action, and allow remote attackers to execute arbitrary SQL commands via the (2) user (username) and (3) pass (password) parameters. | 7.5 |
| 2010-01-14 | CVE-2010-0184 | Tibco | Permissions, Privileges, and Access Controls vulnerability in Tibco Runtime Agent The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors. | 7.2 |
| 2010-01-13 | CVE-2009-4607 | Overlandstorage | Permissions, Privileges, and Access Controls vulnerability in Overlandstorage Guardianos and Snap Server 410 The command line interface in Overland Storage Snap Server 410 with GuardianOS 5.1.041 runs the "less" utility with a higher-privileged uid than the CLI user and without sufficient restriction on shell escapes, which allows local users to gain privileges using the "!" character within less to access a privileged shell. | 7.2 |
| 2010-01-13 | CVE-2009-4606 | South River Technologies | Permissions, Privileges, and Access Controls vulnerability in South River Technologies Webdrive 9.02 South River Technologies WebDrive 9.02 build 2232 installs the WebDrive Service without a security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command. | 7.2 |
57 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2010-01-15 | CVE-2010-0318 | Freebsd | Permissions, Privileges, and Access Controls vulnerability in Freebsd 7.1/7.2/8.0 The replay functionality for ZFS Intent Log (ZIL) in FreeBSD 7.1, 7.2, and 8.0, when creating files during replay of a setattr transaction, uses 7777 permissions instead of the original permissions, which might allow local users to read or modify unauthorized files in opportunistic circumstances after a system crash or power failure. | 6.9 |
| 2010-01-14 | CVE-2010-0311 | SUN IBM | Privilege Escalation vulnerability in SUN Java System Identity Server 8.1.0.5/8.1.0.6 Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors. | 6.8 |
| 2010-01-14 | CVE-2010-0310 | SUN | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris 10.0 Trusted Extensions in Sun Solaris 10 allows local users to gain privileges via vectors related to omission of unspecified libraries from software updates. | 6.8 |
| 2010-01-13 | CVE-2009-4487 | F5 | Unspecified vulnerability in F5 Nginx 0.7.64 nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. | 6.8 |
| 2010-01-13 | CVE-2010-0279 | BTS GI NET | Unspecified vulnerability in Bts-Gi.Net Read Excel 1.1 Unrestricted file upload vulnerability in upload.php in BTS-GI Read excel 1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. | 6.8 |
| 2010-01-13 | CVE-2010-0077 | Oracle | CRM Technical Foundation (mobile) Remote vulnerability in Oracle E-Business Suite 11.5.10.2/12.0.6/12.1.2 Unspecified vulnerability in the CRM Technical Foundation (mobile) component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. | 6.4 |
| 2010-01-13 | CVE-2010-0076 | Oracle | Remote Application vulnerability in Oracle Database 3.2.1.00.10 Unspecified vulnerability in the Application Express Application Builder component in Oracle Database 3.2.1.00.10 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | 6.0 |
| 2010-01-12 | CVE-2009-4595 | Phpwares | SQL Injection vulnerability in PHPwares PHP Inventory 1.2 SQL injection vulnerability in index.php in PHP Inventory 1.2 allows remote authenticated users to execute arbitrary SQL commands via the sup_id parameter in a suppliers details action. | 6.0 |
| 2010-01-15 | CVE-2010-0348 | C 3 CO JP | Path Traversal vulnerability in C-3.Co.Jp Webcalenderc3 0.31/0.32 Directory traversal vulnerability in C3 Corp. | 5.0 |
| 2010-01-15 | CVE-2010-0336 | Typo3 | Information Disclosure vulnerability in kiddog_mysqldumper Unspecified vulnerability in the kiddog_mysqldumper (kiddog_mysqldumper) extension 0.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. | 5.0 |
| 2010-01-15 | CVE-2010-0325 | Typo3 Sebastian Baumann | Information Disclosure vulnerability in Sebastian Baumann SB Folderdownload 0.1.1/0.2.0/0.2.1 Unspecified vulnerability in the SB Folderdownload (sb_folderdownload) extension 0.2.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. | 5.0 |
| 2010-01-14 | CVE-2010-0315 | Multiple Security vulnerability in Google Chrome prior to 4.0.249.89 WebKit before r53607, as used in Google Chrome before 4.0.249.89, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value, related to an IFRAME element. | 5.0 | |
| 2010-01-14 | CVE-2010-0314 | Apple | Unspecified vulnerability in Apple Safari Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value. | 5.0 |
| 2010-01-14 | CVE-2010-0313 | SUN | Denial of Service vulnerability in SUN Java System Directory Server 7.0 The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted LDAP Search Request message. | 5.0 |
| 2010-01-14 | CVE-2010-0312 | IBM Linux | Improper Input Validation vulnerability in IBM Tivoli Directory Server 6.2 The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.2 on Linux allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SecureWay 3.2 Event Registration Request (aka a 1.3.18.0.2.12.1 request). | 5.0 |
| 2010-01-14 | CVE-2009-4355 | Openssl Redhat | Resource Management Errors vulnerability in multiple products Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. | 5.0 |
| 2010-01-13 | CVE-2009-4609 | Mortbay | Information Exposure vulnerability in Mortbay Jetty The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote attackers to obtain sensitive information about internal variables and other data via a request to a URI ending in /dump/, as demonstrated by discovering the value of the getPathTranslated variable. | 5.0 |
| 2010-01-13 | CVE-2009-4496 | BOA | Improper Input Validation vulnerability in BOA 0.94.14Rc21 Boa 0.94.14rc21 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. | 5.0 |
| 2010-01-13 | CVE-2009-4495 | Yaws | Improper Input Validation vulnerability in Yaws 1.85 Yaws 1.85 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. | 5.0 |
| 2010-01-13 | CVE-2009-4494 | AOL | Improper Input Validation vulnerability in AOL Aolserver 4.5.1 AOLserver 4.5.1 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. | 5.0 |
| 2010-01-13 | CVE-2009-4493 | Orion | Improper Input Validation vulnerability in Orion Application Server 2.0.7 Orion Application Server 2.0.7 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. | 5.0 |
| 2010-01-13 | CVE-2009-4490 | Acme | Improper Input Validation vulnerability in Acme Mini Httpd 1.19 mini_httpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. | 5.0 |
| 2010-01-13 | CVE-2009-4489 | Cherokee Project | Improper Input Validation vulnerability in Cherokee-Project Cherokee header.c in Cherokee before 0.99.32 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. | 5.0 |
| 2010-01-13 | CVE-2009-3957 | Adobe Apple Microsoft Unix | Denial of Service vulnerability in Adobe Reader and Acrobat Null Pointer Dereference Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors. | 5.0 |
| 2010-01-13 | CVE-2010-0078 | Oracle | Remote WebLogic Server vulnerability in Oracle WebLogic Server Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.0, 9.1, 9.2MP3, 10.0MP2, and 10.3.1 allows remote attackers to affect availability via unknown vectors. | 5.0 |
| 2010-01-13 | CVE-2010-0075 | Oracle | Remote Oracle HRMS (Self Service) vulnerability in Oracle E-Business Suite 11.5.10.2/12.0.6/12.1.1 Unspecified vulnerability in the Oracle HRMS (Self Service) component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors. | 5.0 |
| 2010-01-13 | CVE-2010-0074 | Oracle | Remote vulnerability in Oracle WebLogic Server Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 7.0SP7, 8.1SP6, 9.0, 9.1, 9.2MP3, 10.0MP2, and 10.3.1 allows remote attackers to affect availability via unknown vectors. | 5.0 |
| 2010-01-13 | CVE-2010-0068 | Oracle | Remote WebLogic Server vulnerability in Oracle WebLogic Server Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.0, 9.1, 9.2MP2, and 10.0 allows remote attackers to affect confidentiality via unknown vectors. | 5.0 |
| 2010-01-13 | CVE-2010-0067 | Oracle | Remote Oracle Containers for J2EE vulnerability in Oracle Application Server 10.1.2.3/10.1.3.4 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect confidentiality via unknown vectors. | 5.0 |
| 2010-01-13 | CVE-2010-0066 | Oracle | Access Manager Identity Server Remote vulnerability in Oracle Application Server 10.1.4.2/7.0.4.3 Unspecified vulnerability in the Access Manager Identity Server component in Oracle Application Server 7.0.4.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors. | 5.0 |
| 2010-01-12 | CVE-2009-4603 | SAP | Denial Of Service vulnerability in SAP Kernel 'sapstartsrv' Unspecified vulnerability in sapstartsrv.exe in the SAP Kernel 6.40, 7.00, 7.01, 7.10, 7.11, and 7.20, as used in SAP NetWeaver 7.x and SAP Web Application Server 6.x and 7.x, allows remote attackers to cause a denial of service (Management Console shutdown) via a crafted request. | 5.0 |
| 2010-01-13 | CVE-2010-0080 | Oracle | Remote eProfile vulnerability in Oracle PeopleSoft Enterprise HCM Unspecified vulnerability in the PeopleSoft Enterprise HCM - eProfile component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 Bundle, #21 and 9.0 Bundle #11 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | 4.9 |
| 2010-01-13 | CVE-2009-3414 | Oracle | Oracle Spatial Remote Unspecified vulnerability in Oracle Database Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2008-3976 and CVE-2009-3413. | 4.9 |
| 2010-01-13 | CVE-2009-3411 | Oracle | Remote Oracle Data Pump vulnerability in Oracle Database Unspecified vulnerability in the Oracle Data Pump component in Oracle Database 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | 4.9 |
| 2010-01-15 | CVE-2010-0349 | C 3 CO JP | Cross-Site Scripting vulnerability in C-3.Co.Jp Webcalenderc3 0.31/0.32 Cross-site scripting (XSS) vulnerability in C3 Corp. | 4.3 |
| 2010-01-15 | CVE-2010-0347 | Typo3 | Cross-Site Scripting vulnerability in Typo3 VD Gemomap Cross-site scripting (XSS) vulnerability in the VD / Geomap (vd_geomap) extension 0.3.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-01-15 | CVE-2010-0346 | Typo3 | Cross-Site Scripting vulnerability in Typo3 Mimi Tipfriends Cross-site scripting (XSS) vulnerability in the Tip many friends (mimi_tipfriends) extension 0.0.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-01-15 | CVE-2010-0345 | Typo3 | Cross-Site Scripting vulnerability in Typo3 Majordomo Cross-site scripting (XSS) vulnerability in the Majordomo extension 1.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-01-15 | CVE-2010-0335 | Francisco Cifuentes Typo3 | Cross-Site Scripting vulnerability in Francisco Cifuentes Vote for TT News 1.0.1 Cross-site scripting (XSS) vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-01-15 | CVE-2010-0331 | Stefan Tannhaeuser Typo3 | Cross-Site Scripting vulnerability in Stefan Tannhaeuser Tv21 Talkshow 1.0.1 Cross-site scripting (XSS) vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-01-15 | CVE-2010-0328 | Rastislav Birka Typo3 | Cross-Site Scripting vulnerability in Rastislav Birka CS2 Unitconv 1.0.4 Cross-site scripting (XSS) vulnerability in the Unit Converter (cs2_unitconv) extension 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-01-15 | CVE-2010-0327 | Julian Kleinhans Typo3 | Cross-Site Scripting vulnerability in Julian Kleinhans KJ Imagelightbox2 1.4.0/1.4.1/1.4.2 Cross-site scripting (XSS) vulnerability in the KJ: Imagelightbox (kj_imagelightbox2) extension 2.0.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-2490. | 4.3 |
| 2010-01-15 | CVE-2010-0326 | Francois Suter Rene Fritz Typo3 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Developer log (devlog) extension 2.9.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-01-15 | CVE-2010-0321 | Jamit | Cross-Site Scripting vulnerability in Jamit JOB Board 3.0 Cross-site scripting (XSS) vulnerability in jobs/index.php in Jamit Job Board 3.0 allows remote attackers to inject arbitrary web script or HTML via the post_id parameter. | 4.3 |
| 2010-01-15 | CVE-2010-0320 | X10Media | Cross-Site Scripting vulnerability in X10Media Glitter Central Script Cross-site scripting (XSS) vulnerability in submitlink.php in Glitter Central Script allows remote attackers to inject arbitrary web script or HTML via the catid parameter. | 4.3 |
| 2010-01-15 | CVE-2010-0319 | Docmint | Cross-Site Scripting vulnerability in Docmint 1.0/2.1 Cross-site scripting (XSS) vulnerability in index.php in Docmint 1.0 and 2.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 4.3 |
| 2010-01-13 | CVE-2009-4612 | Mortbay | Cross-Site Scripting vulnerability in Mortbay Jetty Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP Snoop page in Mort Bay Jetty 6.1.x through 6.1.21 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) jspsnoop/, (2) jspsnoop/ERROR/, and (3) jspsnoop/IOException/, and possibly the PATH_INFO to (4) snoop.jsp. | 4.3 |
| 2010-01-13 | CVE-2009-4610 | Mortbay | Cross-Site Scripting vulnerability in Mortbay Jetty Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty 6.x and 7.0.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to jsp/dump.jsp in the JSP Dump feature, or the (2) Name or (3) Value parameter to the default URI for the Session Dump Servlet under session/. | 4.3 |
| 2010-01-13 | CVE-2009-4608 | Canon ITS | Cross-Site Scripting vulnerability in Canon-Its Accessguardian Cross-site scripting (XSS) vulnerability in Canon IT Solutions Inc. | 4.3 |
| 2010-01-13 | CVE-2010-0070 | Oracle | Remote Oracle Containers for J2EE vulnerability in Oracle Application Server 10.1.2.3/10.1.3.4 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 10.1.2.3 and 10.1.3.4 allows remote attackers to affect integrity via unknown vectors. | 4.3 |
| 2010-01-13 | CVE-2010-0069 | Oracle | Remote vulnerability in Oracle Weblogic Server Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 7.0, SP7, 8.1SP6, 9.0, 9.1, 9.2MP3, 10.0MP1, and 10.3.0 allows remote attackers to affect integrity via unknown vectors. | 4.3 |
| 2010-01-13 | CVE-2009-3416 | Oracle | Oracle Application Object Library Remote vulnerability in Oracle E-Business Suite 11.5.10.2/12.0.6/12.1.1 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows remote attackers to affect integrity via unknown vectors. | 4.3 |
| 2010-01-12 | CVE-2010-0278 | Microsoft | Buffer Overflow vulnerability in Microsoft Windows Live Messenger 2009 A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft Windows Live Messenger 2009 build 14.0.8089.726 on Windows Vista and Windows 7 allows remote attackers to cause a denial of service (msnmsgr.exe crash) by calling the ViewProfile method with a crafted argument during an MSN Messenger session. | 4.3 |
| 2010-01-12 | CVE-2009-4602 | Drupal | Cross-Site Scripting vulnerability in Drupal Randomizer 5.X1.0/6.X1.0 Cross-site scripting (XSS) vulnerability in the Randomizer module 5.x through 5.x-1.0 and 6.x through 6.x-1.0, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-01-12 | CVE-2009-4601 | Zeeways | Cross-Site Scripting vulnerability in Zeeways Zeejobsite 3.0 Cross-site scripting (XSS) vulnerability in basic_search_result.php in Zeeways ZeeJobsite 3x allows remote attackers to inject arbitrary web script or HTML via the title parameter. | 4.3 |
| 2010-01-12 | CVE-2009-4596 | Phpwares | Cross-Site Scripting vulnerability in PHPwares PHP Inventory 1.2 Cross-site scripting (XSS) vulnerability in index.php in PHP Inventory 1.2 allows remote attackers to inject arbitrary web script or HTML via the sup_id parameter in a suppliers details action. | 4.3 |
| 2010-01-13 | CVE-2009-1996 | Oracle | Remote Logical Standby vulnerability in Oracle Database Unspecified vulnerability in the Logical Standby component in Oracle Database allows remote authenticated users to affect integrity via unknown vectors. | 4.0 |
5 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2010-01-14 | CVE-2010-0014 | Fedoraproject | Improper Authentication vulnerability in Fedoraproject Sssd System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary password, to the screen-locking program on a workstation that has any user's Kerberos ticket-granting ticket (TGT); and might allow remote attackers to bypass intended access restrictions via vectors involving an arbitrary password in conjunction with a valid TGT. | 3.7 |
| 2010-01-13 | CVE-2009-3410 | Oracle | Remote RDBMS vulnerability in Oracle Database Unspecified vulnerability in the RDBMS component in Oracle Database 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | 3.6 |
| 2010-01-13 | CVE-2009-3413 | Oracle | Oracle Spatial Remote vulnerability in Oracle Database Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2008-3976 and CVE-2009-3414. | 3.2 |
| 2010-01-14 | CVE-2010-0002 | GNU | Improper Input Validation vulnerability in GNU Bash The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-control-chars option in LS_OPTIONS, which allows local users to send escape sequences to terminal emulators, or hide the existence of a file, via a crafted filename. | 2.1 |
| 2010-01-13 | CVE-2009-3412 | Oracle | Local Unzip vulnerability in Oracle Application Server and Database Server Unspecified vulnerability in the Unzip component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5; and Oracle Application Server 10.1.2.3; allows local users to affect confidentiality via unknown vectors. | 1.0 |