Weekly Vulnerabilities Reports > February 22 to 28, 2010
Overview
96 new vulnerabilities reported during this period, including 10 critical vulnerabilities and 31 high severity vulnerabilities. This weekly summary report vulnerabilities in 91 products from 66 vendors including Joomla, Microsoft, Mozilla, Moinmo, and Wikyblog. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Path Traversal", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".
- 87 reported vulnerabilities are remotely exploitables.
- 34 reported vulnerabilities have public exploit available.
- 48 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 85 reported vulnerabilities are exploitable by an anonymous user.
- Joomla has the most reported vulnerabilities, with 10 reported vulnerabilities.
- Mozilla has the most reported critical vulnerabilities, with 3 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
10 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-02-26 | CVE-2010-0689 | Datev | Remote Command Execution vulnerability in DateV 'DVBSExeCall.ocx' ActiveX Control The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0.1 in DVBSExeCall.ocx in DATEV Base System (aka Grundpaket Basis) allows remote attackers to execute arbitrary commands via unspecified vectors. | 10.0 |
2010-02-22 | CVE-2010-0160 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. | 10.0 |
2010-02-22 | CVE-2010-0159 | Mozilla Debian Canonical | Remote Memory Corruption vulnerability in Mozilla Firefox The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors. | 10.0 |
2010-02-22 | CVE-2009-1571 | Mozilla | Code Injection vulnerability in Mozilla Firefox and Seamonkey Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations. | 10.0 |
2010-02-25 | CVE-2010-0620 | EMC | Path Traversal vulnerability in EMC Homebase Server 6.2/6.3 Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. | 9.3 |
2010-02-23 | CVE-2010-0189 | NOS Microsystems Adobe | Improper Input Validation vulnerability in multiple products A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary programs via a crafted name for a download site. | 9.3 |
2010-02-23 | CVE-2010-0107 | Symantec | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Symantec products Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | 9.3 |
2010-02-22 | CVE-2010-0679 | Hyleos | Buffer Errors vulnerability in Hyleos Chemview 1.9.5.1 Multiple stack-based buffer overflows in the HyleosChemView.HLChemView ActiveX control (HyleosChemView.ocx) in Hyleos ChemView 1.9.5.1 allow remote attackers to execute arbitrary code via a large number of white space characters in the filename argument to the (1) SaveasMolFile and (2) ReadMolFile methods. | 9.3 |
2010-02-26 | CVE-2009-4654 | Novell Microsoft | Buffer Errors vulnerability in Novell Edirectory 8.8 Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk. | 9.0 |
2010-02-26 | CVE-2009-4653 | Novell Microsoft | Buffer Errors vulnerability in Novell Edirectory 8.8 Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:. | 9.0 |
31 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-02-23 | CVE-2010-0148 | Cisco Linux | Remote Denial of Service vulnerability in Cisco Security Agent 5.2 Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allows remote attackers to cause a denial of service (kernel panic) via "a series of TCP packets." Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml Only Cisco Security Agent release 5.2 for Linux, either managed or standalone, are affected by the DoS vulnerability (the Windows version is not affected). The Linux version of standalone agents are installed in the following products: * Cisco Unified Communications Manager (CallManager) * IPCC Express * IP Interactive Voice Response (IP IVR) * Cisco Unified Meeting Place * Cisco Personal Assistant (PA) * Cisco Unity Connection Note: The Sun Solaris version of the Cisco Security Agent is not affected by these vulnerabilities. | 7.8 |
2010-02-22 | CVE-2010-0283 | MIT | Improper Input Validation vulnerability in MIT Kerberos and Kerberos 5 The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid (1) AS-REQ or (2) TGS-REQ request. | 7.8 |
2010-02-22 | CVE-2010-0188 | Adobe | Unspecified vulnerability in Adobe Acrobat and Acrobat Reader Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. | 7.8 |
2010-02-27 | CVE-2010-0759 | Greatjoomla Joomla | Path Traversal vulnerability in Greatjoomla Scriptegrator Plugin 1.4.1 Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter, a different vector than CVE-2010-0760. | 7.5 |
2010-02-27 | CVE-2010-0758 | Softbizscripts | SQL Injection vulnerability in Softbizscripts Softbiz Jobs and Recruitment Script SQL injection vulnerability in news_desc.php in Softbiz Jobs allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-02-27 | CVE-2010-0755 | Wikyblog | Code Injection vulnerability in Wikyblog 1.7.3 PHP remote file inclusion vulnerability in include/WBmap.php in WikyBlog 1.7.3 rc2 allows remote attackers to execute arbitrary PHP code via a URL in the langFile parameter. | 7.5 |
2010-02-27 | CVE-2010-0753 | Componentslab Joomla | SQL Injection vulnerability in Componentslab COM Sqlreport 1.1 SQL injection vulnerability in the SQL Reports (com_sqlreport) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter to ajax/print.php. | 7.5 |
2010-02-26 | CVE-2010-0724 | MHD Zaher Ghaibeh | SQL Injection vulnerability in MHD Zaher Ghaibeh Arab Cart 1.0.2.0 SQL injection vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-02-26 | CVE-2010-0723 | Mhproducts | SQL Injection vulnerability in Mhproducts ERO Auktion 2.0/2010 SQL injection vulnerability in news.php in Ero Auktion 2.0 and 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-02-26 | CVE-2010-0722 | Mhproducts | SQL Injection vulnerability in Mhproducts PHP Auktion PRO SQL injection vulnerability in news.php in Php Auktion Pro allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-02-26 | CVE-2010-0721 | Systemsoftware | SQL Injection vulnerability in Systemsoftware Auktionshaus Gelb 3.0 SQL injection vulnerability in news.php in Auktionshaus Gelb 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-02-26 | CVE-2010-0720 | Systemsoftware | SQL Injection vulnerability in Systemsoftware Erotik Auktionshaus SQL injection vulnerability in news.php in Erotik Auktionshaus allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-02-26 | CVE-2010-0717 | Moinmo | Configuration vulnerability in Moinmo Moinmoin The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors. | 7.5 |
2010-02-26 | CVE-2010-0669 | Moinmo | Security vulnerability in MoinMoin MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitize user profiles, which has unspecified impact and attack vectors. | 7.5 |
2010-02-26 | CVE-2009-4655 | Novell | Cryptographic Issues vulnerability in Novell Edirectory 8.8.5 The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie. | 7.5 |
2010-02-25 | CVE-2010-0710 | Aspcodecms | SQL Injection vulnerability in Aspcodecms Aspcode CMS 1.5.8/2.0.0 SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. | 7.5 |
2010-02-25 | CVE-2010-0011 | Uzbl | Permissions, Privileges, and Access Controls vulnerability in Uzbl The eval_js function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl object, which allows remote attackers to execute arbitrary commands via JavaScript code. | 7.5 |
2010-02-23 | CVE-2010-0701 | Newgensoft | SQL Injection vulnerability in Newgensoft Omnidocs SQL injection vulnerability in ForceChangePassword.jsp in Newgen Software OmniDocs allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-02-23 | CVE-2010-0698 | Dynamicsoft | SQL Injection vulnerability in Dynamicsoft WSC CMS 2.2 SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC CMS 2.2 allows remote attackers to execute arbitrary SQL commands via the Password parameter. | 7.5 |
2010-02-23 | CVE-2010-0694 | Percha Joomla | SQL Injection vulnerability in Percha COM Perchagallery SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php. | 7.5 |
2010-02-23 | CVE-2010-0693 | Commodityrentals | SQL Injection vulnerability in Commodityrentals Trade Manager Script SQL injection vulnerability in products.php in CommodityRentals Trade Manager Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2010-02-23 | CVE-2010-0692 | Iptechinside Joomla | SQL Injection vulnerability in Iptechinside COM Jquarks 0.2.2/0.2.3 SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |
2010-02-23 | CVE-2010-0691 | JTL Software | SQL Injection vulnerability in Jtl-Software Jtl-Shop 2 SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows remote attackers to execute arbitrary SQL commands via the s parameter. | 7.5 |
2010-02-23 | CVE-2010-0690 | Commodityrentals | SQL Injection vulnerability in Commodityrentals Video Games Rentals SQL injection vulnerability in index.php in CommodityRentals Video Games Rentals allows remote attackers to execute arbitrary SQL commands via the pfid parameter in a catalog action. | 7.5 |
2010-02-22 | CVE-2010-0680 | Zeuscms | Path Traversal vulnerability in Zeuscms 0.2 Directory traversal vulnerability in index.php in ZeusCMS 0.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter. | 7.5 |
2010-02-22 | CVE-2010-0677 | Katalog Hurricane | SQL Injection vulnerability in Katalog.Hurricane Katalog Stron Hurricane 1.3.5 SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the get parameter. | 7.5 |
2010-02-22 | CVE-2009-4650 | Onnogroen Joomla | SQL Injection vulnerability in Onnogroen COM Webeecomment 1.1.1/1.2/2.0 SQL injection vulnerability in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a default action to index2.php. | 7.5 |
2010-02-22 | CVE-2010-0673 | Copperleaf Wordpress | SQL Injection vulnerability in Copperleaf Photolog 0.16 SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote attackers to execute arbitrary SQL commands via the postid parameter. | 7.5 |
2010-02-22 | CVE-2010-0672 | Webmastersite | SQL Injection vulnerability in Webmastersite WSN Guest 1.02 SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter. | 7.5 |
2010-02-22 | CVE-2010-0671 | Michalin | SQL Injection vulnerability in Michalin KR Media Pogodny CMS SQL injection vulnerability in index.php in KR MEDIA Pogodny CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a niusy action. | 7.5 |
2010-02-25 | CVE-2010-0705 | Avast Microsoft | Improper Input Validation vulnerability in Avast Antivirus Home and Avast Antivirus Professional Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption. | 7.2 |
50 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-02-24 | CVE-2010-0426 | Todd Miller | Permissions, Privileges, and Access Controls vulnerability in Todd Miller Sudo sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory. | 6.9 |
2010-02-27 | CVE-2010-0760 | Greatjoomla Joomla | Path Traversal vulnerability in Greatjoomla Scriptegrator Plugin 1.4.1 Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) file parameter to libraries/jquery/js/ui/jsloader.php and the (2) files[] parameter to libraries/jquery/js/jsloader.php, a different vector than CVE-2010-0759. | 6.8 |
2010-02-26 | CVE-2010-0715 | IBM | Remote Security vulnerability in Websphere Portal Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string. | 6.8 |
2010-02-26 | CVE-2010-0668 | Moinmo | Security vulnerability in MoinMoin Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured. | 6.8 |
2010-02-26 | CVE-2010-0713 | Zenoss | Cross-Site Request Forgery (CSRF) vulnerability in Zenoss Multiple cross-site request forgery (CSRF) vulnerabilities in Zenoss 2.3.3, and other versions before 2.5, allow remote attackers to hijack the authentication of an administrator for (1) requests that reset user passwords via zport/dmd/ZenUsers/admin, and (2) requests that change user commands, which allows for remote execution of system commands via zport/dmd/userCommands/. | 6.8 |
2010-02-25 | CVE-2010-0711 | Aspcodecms | Cross-Site Request Forgery (CSRF) vulnerability in Aspcodecms Aspcode CMS 1.5.8/2.0.0 Cross-site request forgery (CSRF) vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to hijack the authentication of an administrator for requests that (1) delete users via the delete action in the ma2 parameter or (2) create administrators via the update action in the ma2 parameter. | 6.8 |
2010-02-25 | CVE-2010-0709 | Limny | Cross-Site Request Forgery (CSRF) vulnerability in Limny 2.0 Multiple cross-site request forgery (CSRF) vulnerabilities in Limny 2.0 allow remote attackers to (1) hijack the authentication of users or administrators for requests that change the email address or password via the user action to index.php, and (2) hijack the authentication of the administrator for requests that create a new user via the admin/modules/user/new action to limny/index.php. | 6.8 |
2010-02-25 | CVE-2010-0707 | Timeclock Software | Cross-Site Request Forgery (CSRF) vulnerability in Timeclock-Software Employee Timeclock Software 0.99 Cross-site request forgery (CSRF) vulnerability in add_user.php in Employee Timeclock Software 0.99 allows remote attackers to hijack the authentication of an administrator for requests that create new administrative users. | 6.8 |
2010-02-23 | CVE-2010-0146 | Cisco | Path Traversal vulnerability in Cisco Security Agent 6.0 Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors. | 6.8 |
2010-02-22 | CVE-2010-0678 | Katalog Hurricane | Code Injection vulnerability in Katalog.Hurricane Katalog Stron Hurricane 1.3.5 PHP remote file inclusion vulnerability in includes/moderation.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the includes_directory parameter. | 6.8 |
2010-02-27 | CVE-2010-0757 | Wikyblog | Remote Input Validation vulnerability in Wikyblog 1.7.3 Unrestricted file upload vulnerability in index.php/Attach in WikyBlog 1.7.3rc2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension using the uploadform action, then accessing it via a direct request to the file in userfiles/[username]/uploaded/. | 6.5 |
2010-02-26 | CVE-2010-0712 | Zenoss | SQL Injection vulnerability in Zenoss Multiple SQL injection vulnerabilities in zport/dmd/Events/getJSONEventsInfo in Zenoss 2.3.3, and other versions before 2.5, allow remote authenticated users to execute arbitrary SQL commands via the (1) severity, (2) state, (3) filter, (4) offset, and (5) count parameters. | 6.5 |
2010-02-23 | CVE-2010-0147 | Cisco | SQL Injection vulnerability in Cisco Security Agent 5.1/5.2/6.0 SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2010-02-25 | CVE-2010-0683 | Tibco | Unspecified vulnerability in Tibco Administrator 5.4.0/5.6.0 Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator 5.4.0 through 5.6.0, when JMS transport is used, allows remote authenticated users to execute arbitrary code on all domain nodes via vectors related to leveraging administrative credentials. | 6.0 |
2010-02-27 | CVE-2010-0756 | Wikyblog | Improper Authentication vulnerability in Wikyblog 1.7.3 Session fixation vulnerability in WikyBlog 1.7.3 rc2 allows remote attackers to hijack web sessions by setting the jsessionid parameter to (1) index.php/Comment/Main, (2) index.php/Comment/Main/Home_Wiky, or (3) index.php/Edit/Main. | 5.8 |
2010-02-24 | CVE-2010-0285 | Gnome | Unspecified vulnerability in Gnome Screensaver gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the X configuration enables the extend screen option, allows physically proximate attackers to bypass screen locking, access an unattended workstation, and view half of the GNOME desktop by attaching an external monitor. | 5.6 |
2010-02-22 | CVE-2010-0286 | Typo3 | Security Bypass vulnerability in Typo3 4.3.0 Unspecified vulnerability in the OpenID Identity Authentication extension in TYPO3 4.3.0 allows remote attackers to bypass authentication and gain access to a backend user account via unknown attack vectors in which both the attacker and victim have an OpenID provider that discards identities during authentication. | 5.1 |
2010-02-27 | CVE-2010-0752 | Earl Dunovant Drupal | Permissions, Privileges, and Access Controls vulnerability in Earl Dunovant Week The week_post_page function in the Weekly Archive by Node Type module 6.x before 6.x-2.7 for Drupal does not properly implement node access restrictions when constructing SQL queries, which allows remote attackers to read restricted node listings via unspecified vectors. | 5.0 |
2010-02-26 | CVE-2010-0667 | Moinmo | Information Exposure vulnerability in Moinmo Moinmoin 1.9.0 MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2010-02-25 | CVE-2010-0708 | SUN | Unspecified vulnerability in SUN Java System Directory Server Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allow remote attackers to cause a denial of service (daemon crash) via a crafted LDAP search request. | 5.0 |
2010-02-25 | CVE-2003-1590 | SUN Microsoft | Denial Of Service vulnerability in SUN ONE web Server 6.0 Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 6.0 SP3 through SP5 on Windows allows remote attackers to cause a denial of service (daemon crash) via unknown vectors. | 5.0 |
2010-02-25 | CVE-2003-1589 | SUN Microsoft | Denial Of Service vulnerability in SUN ONE web Server 4.1/6.0 Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 4.1 before SP13 and 6.0 before SP6 on Windows allows attackers to cause a denial of service (daemon crash) via unknown vectors. | 5.0 |
2010-02-24 | CVE-2010-0423 | Pidgin | Resource Management Errors vulnerability in Pidgin gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service (CPU consumption and application hang) by sending many smileys in a (1) IM or (2) chat. | 5.0 |
2010-02-23 | CVE-2010-0685 | Digium | Remote Security vulnerability in Asterisk The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the ${EXTEN} channel variable and wildcard pattern matches, allows context-dependent attackers to inject strings into the dialplan using metacharacters that are injected when the variable is expanded, as demonstrated using the Dial application to process a crafted SIP INVITE message that adds an unintended outgoing channel leg. | 5.0 |
2010-02-23 | CVE-2010-0696 | Joomlaworks Joomla | Path Traversal vulnerability in Joomlaworks JW Allvideos 3.0/3.1/3.2 Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter. | 5.0 |
2010-02-22 | CVE-2010-0681 | Zeuscms | Permissions, Privileges, and Access Controls vulnerability in Zeuscms 0.2 ZeusCMS 0.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request for admin/backup.sql. | 5.0 |
2010-02-22 | CVE-2010-0676 | Weberr Joomla | Path Traversal vulnerability in Weberr COM Rwcards 3.0.18 Directory traversal vulnerability in index.php in the RWCards (com_rwcards) component 3.0.18 for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
2010-02-22 | CVE-2010-0674 | 2Enetworx | Permissions, Privileges, and Access Controls vulnerability in 2Enetworx Statcountex 3.1 StatCounteX 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for path/stats.mdb. | 5.0 |
2010-02-22 | CVE-2010-0670 | Iptechinside Joomla | Information Exposure vulnerability in Iptechinside COM Jquarks 0.2.2 Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) Component before 0.2.4 for Joomla! allows attackers to obtain the installation path for Joomla! via unknown vectors. | 5.0 |
2010-02-22 | CVE-2009-3988 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via crafted dialogArguments values. | 5.0 |
2010-02-26 | CVE-2010-0719 | Microsoft | Improper Input Validation vulnerability in Microsoft products An unspecified API in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 does not validate arguments, which allows local users to cause a denial of service (system crash) via a crafted application. | 4.7 |
2010-02-25 | CVE-2010-0427 | Todd Miller | Permissions, Privileges, and Access Controls vulnerability in Todd Miller Sudo sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command. | 4.4 |
2010-02-27 | CVE-2010-0754 | Wikyblog | Cross-Site Scripting vulnerability in Wikyblog 1.7.2/1.7.3 Cross-site scripting (XSS) vulnerability in index.php/Special/Main/Templates in WikyBlog 1.7.2 and 1.7.3 rc2 allows remote attackers to inject arbitrary web script or HTML via the which parameter in a copy action. | 4.3 |
2010-02-26 | CVE-2010-0725 | MHD Zaher Ghaibeh | Cross-Site Scripting vulnerability in MHD Zaher Ghaibeh Arab Cart 1.0.2.0 Cross-site scripting (XSS) vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 4.3 |
2010-02-26 | CVE-2010-0718 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Windows Media Player 11.0.5721.5145/9 Buffer overflow in Microsoft Windows Media Player 9 and 11.0.5721.5145 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted .mpg file. | 4.3 |
2010-02-26 | CVE-2010-0714 | IBM | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to inject arbitrary web script or HTML via the query string. | 4.3 |
2010-02-25 | CVE-2010-0706 | Subexworld | Cross-Site Scripting vulnerability in Subexworld Nikira Fraud Management System Cross-site scripting (XSS) vulnerability in the login/prompt component in Subex Nikira Fraud Management System allows remote attackers to inject arbitrary web script or HTML via the message parameter. | 4.3 |
2010-02-25 | CVE-2010-0704 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Portal 6.0.1.5 Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM WebSphere Portal 6.0.1.5 wp6015_008_01 allows remote attackers to inject arbitrary web script or HTML via the search field. | 4.3 |
2010-02-24 | CVE-2010-0420 | Pidgin | Improper Input Validation vulnerability in Pidgin libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nicknames containing <br> sequences, which allows remote attackers to cause a denial of service (application crash) via a crafted nickname. | 4.3 |
2010-02-23 | CVE-2010-0703 | Portwise | Cross-Site Scripting vulnerability in Portwise SSL VPN 4.6 Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL VPN 4.6 allows remote attackers to inject arbitrary web script or HTML via the reloadFrame parameter. | 4.3 |
2010-02-23 | CVE-2010-0700 | Wampserver | Cross-Site Scripting vulnerability in Wampserver 2.0I Cross-site scripting (XSS) vulnerability in index.php in WampServer 2.0i allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | 4.3 |
2010-02-23 | CVE-2010-0699 | Videosearchscript | Cross-Site Scripting vulnerability in Videosearchscript PRO 3.5 Cross-site scripting (XSS) vulnerability in index.php in VideoSearchScript Pro 3.5 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | 4.3 |
2010-02-23 | CVE-2009-3036 | Symantec | Cross-Site Scripting vulnerability in Symantec IM Manager 8.3/8.4 Cross-site scripting (XSS) vulnerability in the console in Symantec IM Manager 8.3 and 8.4 before 8.4.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-02-23 | CVE-2010-0695 | Basic CMS | Cross-Site Scripting vulnerability in Basic-Cms Cross-site scripting (XSS) vulnerability in pages/index.php in BASIC-CMS allows remote attackers to inject arbitrary web script or HTML via the nav_id parameter. | 4.3 |
2010-02-22 | CVE-2009-4651 | Onnogroen Joomla | Cross-Site Scripting vulnerability in Onnogroen COM Webeecomment 1.1.1/1.2/2.0 Multiple cross-site scripting (XSS) vulnerabilities in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) color, (2) img, or (3) url BBCode tags in unspecified vectors. | 4.3 |
2010-02-22 | CVE-2010-0675 | Bgsvetionik | Cross-Site Scripting vulnerability in Bgsvetionik BGS CMS 2.2.1 Cross-site scripting (XSS) vulnerability in index.php in BGSvetionik BGS CMS 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action. | 4.3 |
2010-02-22 | CVE-2009-4649 | Geccbblite | Cross-Site Scripting vulnerability in Geccbblite 0.1 Multiple cross-site scripting (XSS) vulnerabilities in geccBBlite 0.1 allow remote attackers to inject arbitrary web script or HTML via the postatoda parameter to (1) rispondi.php and (2) scrivi.php, which is not properly handled in forum.php. | 4.3 |
2010-02-22 | CVE-2010-0162 | Mozilla | Cross-Site Scripting vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly support the application/octet-stream content type as a protection mechanism against execution of web script in certain circumstances involving SVG and the EMBED element, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via an embedded SVG document. | 4.3 |
2010-02-24 | CVE-2010-0422 | Gnome | Unspecified vulnerability in Gnome Screensaver 2.28.0/2.28.1/2.28.2 gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate attackers to bypass screen locking and access an unattended workstation by connecting and disconnecting monitors multiple times, a related issue to CVE-2010-0414. | 4.0 |
2010-02-23 | CVE-2010-0682 | Wordpress | Permissions, Privileges, and Access Controls vulnerability in Wordpress 2.9/2.9.1 WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter. | 4.0 |
5 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-02-26 | CVE-2010-0716 | Microsoft | Cross-Site Scripting vulnerability in Microsoft Sharepoint Server 2007 _layouts/Upload.aspx in the Documents module in Microsoft SharePoint before 2010 uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files (aka attachments), which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting (XSS) attacks by uploading TXT files, a related issue to CVE-2008-5026. | 3.5 |
2010-02-23 | CVE-2010-0697 | Ilya Ivanchenko Drupal | Cross-Site Scripting vulnerability in Ilya Ivanchenko Itweak Upload Cross-site scripting (XSS) vulnerability in the iTweak Upload module 6.x-1.x before 6.x-1.2 and 6.x-2.x before 6.x-2.3 for Drupal allows remote authenticated users, with create content and upload file permissions, to inject arbitrary web script or HTML via the file name of an uploaded file. | 3.5 |
2010-02-25 | CVE-2010-0118 | Becauseinter | Link Following vulnerability in Becauseinter Bournal Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files associated with a --hack_the_gibson update check. | 3.3 |
2010-02-24 | CVE-2010-0640 | CA | Cross-Site Scripting vulnerability in CA Ehealth Performance Manager 6.0/6.1/6.2 Cross-site scripting (XSS) vulnerability in CA eHealth Performance Manager 6.0.x through 6.2.x, when malicious HTML detection is disabled, allows remote attackers to inject arbitrary web script or HTML via a crafted request. | 2.6 |
2010-02-25 | CVE-2010-0119 | Becauseinter Freebsd | Information Exposure vulnerability in Becauseinter Bournal Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the command line, which allows local users to obtain sensitive information by listing the process and its arguments, related to "echoing." | 2.1 |