Weekly Vulnerabilities Reports > March 15 to 21, 2010
Overview
119 new vulnerabilities reported during this period, including 12 critical vulnerabilities and 50 high severity vulnerabilities. This weekly summary report vulnerabilities in 118 products from 93 vendors including Typo3, Apple, Microsoft, Joomla, and Linux. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Path Traversal", "Resource Management Errors", and "Permissions, Privileges, and Access Controls".
- 114 reported vulnerabilities are remotely exploitables.
- 41 reported vulnerabilities have public exploit available.
- 80 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 118 reported vulnerabilities are exploitable by an anonymous user.
- Typo3 has the most reported vulnerabilities, with 34 reported vulnerabilities.
- Apple has the most reported critical vulnerabilities, with 8 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
12 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-03-18 | CVE-2010-0104 | Broadcom HP | Remote Code Execution vulnerability in Broadcom NetXtreme ASF Packet Handling Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and 8.x before 8.08 on the HP Small Form Factor and Microtower platforms allows remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
2010-03-19 | CVE-2010-1028 | Mozilla Microsoft | Numeric Errors vulnerability in Mozilla Firefox 3.6/3.6.1/3.7 Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 before 3.6.2 and 3.7 before 3.7 alpha 3 allows remote attackers to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as demonstrated by the vd_ff module in VulnDisco 9.0. | 9.3 |
2010-03-19 | CVE-2010-0688 | Orbitals | Buffer Errors vulnerability in Orbitals Orbital Viewer 1.04 Stack-based buffer overflow in Orbital Viewer 1.04 allows user-assisted remote attackers to execute arbitrary code via a crafted (1) .orb or (2) .ov file. | 9.3 |
2010-03-15 | CVE-2010-0054 | Apple | Resource Management Errors vulnerability in Apple Safari Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML IMG elements. | 9.3 |
2010-03-15 | CVE-2010-0053 | Apple | Resource Management Errors vulnerability in Apple Safari Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the run-in Cascading Style Sheets (CSS) display property. | 9.3 |
2010-03-15 | CVE-2010-0052 | Apple | Resource Management Errors vulnerability in Apple Safari Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements." Per: http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html CVE-ID: CVE-2010-0052 Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 or later, Mac OS X Server v10.6.1 or later, Windows 7, Vista, XP Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A use-after-free issue exists in WebKit's handling of callbacks for HTML elements. | 9.3 |
2010-03-15 | CVE-2010-0049 | Apple | Resource Management Errors vulnerability in Apple Safari Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality. | 9.3 |
2010-03-15 | CVE-2010-0046 | Apple | Code Injection vulnerability in Apple Safari The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments. | 9.3 |
2010-03-15 | CVE-2010-0045 | Apple Microsoft | Improper Input Validation vulnerability in Apple Safari Apple Safari before 4.0.5 on Windows does not properly validate external URL schemes, which allows remote attackers to open local files and execute arbitrary code via a crafted HTML document. | 9.3 |
2010-03-15 | CVE-2010-0043 | Apple Microsoft | Code Injection vulnerability in Apple Safari ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image. | 9.3 |
2010-03-15 | CVE-2010-0040 | Apple Microsoft | Numeric Errors vulnerability in Apple Safari Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow. | 9.3 |
2010-03-15 | CVE-2009-4001 | Xnview | Numeric Errors vulnerability in Xnview Integer overflow in XnView before 1.97.2 might allow remote attackers to execute arbitrary code via a DICOM image with crafted dimensions, leading to a heap-based buffer overflow. | 9.3 |
50 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-03-15 | CVE-2010-0050 | Apple Fedoraproject Canonical Opensuse | Use After Free vulnerability in multiple products Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags. | 8.8 |
2010-03-19 | CVE-2010-1027 | Dietmar Schffer Typo3 | SQL Injection vulnerability in Dietmar Schffer Travelmate SQL injection vulnerability in the Meet Travelmates (travelmate) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1026 | Mathon Nicolas Typo3 | SQL Injection vulnerability in Mathon Nicolas Tmsw Cleandb 2.0.1 SQL injection vulnerability in the CleanDB - DBAL (tmsw_cleandb) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1024 | Chris Wederka Typo3 | SQL Injection vulnerability in Chris Wederka TGM Newsletter 0.0.2 SQL injection vulnerability in the TGM-Newsletter (tgm_newsletter) extension 0.0.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1022 | Marcus Krause Typo3 | Improper Authentication vulnerability in Marcus Krause T3Sec Saltedpw The TYPO3 Security - Salted user password hashes (t3sec_saltedpw) extension before 0.2.13 for TYPO3 allows remote attackers to bypass authentication via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1019 | SK Typo3 Typo3 | SQL Injection vulnerability in Sk-Typo3 SK Simplegallery 0.0.1 SQL injection vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1018 | Jochen RAU Typo3 | SQL Injection vulnerability in Jochen RAU SK Bookreview SQL injection vulnerability in the Book Reviews (sk_bookreview) extension 0.0.12 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1017 | Laurent Foulloy Typo3 | SQL Injection vulnerability in Laurent Foulloy SAV Filter Months SQL injection vulnerability in the SAV Filter Months (sav_filter_months) extension before 1.0.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1016 | Laurent Foulloy Typo3 | SQL Injection vulnerability in Laurent Foulloy SAV Filter Selectors 1.0.1/1.0.2/1.0.3 SQL injection vulnerability in the SAV Filter Selectors (sav_filter_selectors) extension before 1.0.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1015 | Laurent Foulloy Typo3 | SQL Injection vulnerability in Laurent Foulloy SAV Filter ABC SQL injection vulnerability in the SAV Filter Alphabetic (sav_filter_abc) extension before 1.0.9 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1013 | FR Simon Rundell Typo3 | SQL Injection vulnerability in Fr.Simon Rundell PD Diocesedatabase SQL injection vulnerability in the Diocese of Portsmouth Database (pd_diocesedatabase) extension before 0.7.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1012 | Mathias Schreiber Typo3 | SQL Injection vulnerability in Mathias Schreiber NF Cleandb SQL injection vulnerability in the CleanDB (nf_cleandb) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1010 | Matthias Kall Typo3 | SQL Injection vulnerability in Matthias Kall MK Wastebasket SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1009 | Joachim Ruhs Typo3 | SQL Injection vulnerability in Joachim-Ruhs Educator 0.1.5 SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1006 | Typo3 | SQL Injection vulnerability in Typo3 Brainstorming SQL injection vulnerability in the Brainstorming extension 0.1.8 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-19 | CVE-2010-1004 | Mischa Heimann Typo3 | SQL Injection vulnerability in Mischa Heimann Yatse SQL injection vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-18 | CVE-2009-4735 | Allomani | SQL Injection vulnerability in Allomani Audio & Video Library 2.7.0 SQL injection vulnerability in login.php in Allomani Audio & Video Library (Songs & Clips version) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | 7.5 |
2010-03-18 | CVE-2009-4734 | Allomani | SQL Injection vulnerability in Allomani Movies Library 2.7.0 SQL injection vulnerability in login.php in Allomani Movies Library (Movies & Clips) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action. | 7.5 |
2010-03-18 | CVE-2009-4731 | Boldfx | SQL Injection vulnerability in Boldfx Model Agency Manager PRO SQL injection vulnerability in photos.php in Model Agency Manager PRO (formerly Modeling Agency Content Management Script) allows remote attackers to execute arbitrary SQL commands via the album parameter. | 7.5 |
2010-03-18 | CVE-2009-4730 | X10Media | SQL Injection vulnerability in X10Media Adult Script 1.7 SQL injection vulnerability in report.php in x10 Adult Media Script 1.7 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-03-18 | CVE-2009-4728 | Questions Answered | SQL Injection vulnerability in Questions Answered Questions Answered 1.3 SQL injection vulnerability in the administrative interface in Questions Answered 1.3 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2010-03-18 | CVE-2009-4727 | Junglescripts | SQL Injection vulnerability in Junglescripts Ajax Short URL Script SQL injection vulnerability in x/login in JungleScripts Ajax Short Url Script allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2010-03-18 | CVE-2009-4724 | Paymentprocessorscript | SQL Injection vulnerability in Paymentprocessorscript Ppscript SQL injection vulnerability in shop.htm in PaymentProcessorScript.net PPScript allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
2010-03-18 | CVE-2009-4723 | Netpet | Path Traversal vulnerability in Netpet CMS 1.9 Directory traversal vulnerability in confirm.php in Netpet CMS 1.9 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2010-03-18 | CVE-2009-4721 | Andrews WEB | SQL Injection vulnerability in Andrews-Web Aw-Bannerad 1.0 Multiple SQL injection vulnerabilities in Admin/index.asp in Andrews-Web (A-W) BannerAd 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) User and (2) Password parameters. | 7.5 |
2010-03-18 | CVE-2009-4720 | Gnudip | SQL Injection vulnerability in Gnudip 2.1.1 SQL injection vulnerability in cgi-bin/gnudip.cgi in GnuDIP 2.1.1 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2010-03-18 | CVE-2009-4719 | BOB Jewell | SQL Injection vulnerability in BOB Jewell Discloser 0.0.4 SQL injection vulnerability in index.php in Discloser 0.0.4 rc2 allows remote attackers to execute arbitrary SQL commands via the more parameter. | 7.5 |
2010-03-16 | CVE-2010-0985 | Chris Simon Joomla | Path Traversal vulnerability in Chris Simon COM Abbrev 1.1 Directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2010-03-16 | CVE-2010-0981 | Templateplazza Joomla | SQL Injection vulnerability in Templateplazza COM Tpjobs SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php. | 7.5 |
2010-03-16 | CVE-2010-0980 | Mitchell Sleeper | SQL Injection vulnerability in Mitchell Sleeper L4D Stats 1.1 SQL injection vulnerability in player.php in Left 4 Dead (L4D) Stats 1.1 allows remote attackers to execute arbitrary SQL commands via the steamid parameter. | 7.5 |
2010-03-16 | CVE-2010-0976 | Acidcat | Permissions, Privileges, and Access Controls vulnerability in Acidcat CMS Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might allow remote attackers to restart the installation process and have unspecified other impact via requests to install.asp and other install_*.asp scripts. | 7.5 |
2010-03-16 | CVE-2010-0793 | Barnowl | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Barnowl Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted CC: header. | 7.5 |
2010-03-16 | CVE-2010-0975 | Phpcityportal | Code Injection vulnerability in PHPcityportal PHP remote file inclusion vulnerability in external.php in PHPCityPortal allows remote attackers to execute arbitrary PHP code via a URL in the url parameter. | 7.5 |
2010-03-16 | CVE-2010-0974 | Phpcityportal | SQL Injection vulnerability in PHPcityportal Multiple SQL injection vulnerabilities in PHPCityPortal allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) video_show.php, (2) spotlight_detail.php, (3) real_estate_details.php, and (4) auto_details.php. | 7.5 |
2010-03-16 | CVE-2010-0973 | Scripteverkauf | SQL Injection vulnerability in Scripteverkauf Domain Verkaus and Auktions Portal SQL injection vulnerability in index.php in phppool media Domain Verkaus and Auktions Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-03-16 | CVE-2010-0972 | G4J Laoneo Joomla | Path Traversal vulnerability in G4J.Laoneo COM Gcalendar 2.1.5 Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2010-03-16 | CVE-2010-0970 | Jorik Berkepas | SQL Injection vulnerability in Jorik Berkepas PHPmylogon 2.0 SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2010-03-16 | CVE-2010-0968 | Geekhelps | SQL Injection vulnerability in Geekhelps Admp 1.01 SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 allows remote attackers to execute arbitrary SQL commands via the click parameter. | 7.5 |
2010-03-16 | CVE-2010-0964 | Media Products | SQL Injection vulnerability in Media-Products Eros Webkatalog SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action. | 7.5 |
2010-03-15 | CVE-2009-4718 | Gonafish | SQL Injection vulnerability in Gonafish Webstatcaffe SQL injection vulnerability in visitorduration.php in Gonafish WebStatCaffe allows remote attackers to execute arbitrary SQL commands via the nodayshow parameter. | 7.5 |
2010-03-15 | CVE-2009-4712 | Tukanas | SQL Injection vulnerability in Tukanas Easyclassifieds Script 1.0 SQL injection vulnerability in index.php in Tukanas Classifieds (aka EasyClassifieds) Script 1.0 allows remote attackers to execute arbitrary SQL commands via the b parameter. | 7.5 |
2010-03-15 | CVE-2009-4711 | JAN Bednarik Typo3 | SQL Injection vulnerability in JAN Bednarik Cooluri SQL injection vulnerability in the CoolURI (cooluri) extension before 1.0.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2008-6686. | 7.5 |
2010-03-15 | CVE-2009-4710 | Robert Heel Typo3 | SQL Injection vulnerability in Robert Heel CWT Resetbepassword SQL injection vulnerability in the Reset backend password (cwt_resetbepassword) extension 1.20 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-15 | CVE-2009-4709 | Dirk Maiwert Typo3 | SQL Injection vulnerability in Dirk Maiwert Datamints Newsticker SQL injection vulnerability in the datamints Newsticker (datamints_newsticker) extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-15 | CVE-2009-4708 | Maximo Cuadros Typo3 | SQL Injection vulnerability in Maximo Cuadros GB Fenewssubmit SQL injection vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-15 | CVE-2009-4703 | Typo3 | SQL Injection vulnerability in Typo3 WS Gallery SQL injection vulnerability in the Webesse Image Gallery (ws_gallery) extension 1.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-15 | CVE-2009-4702 | Markus Barchfeld Typo3 | SQL Injection vulnerability in Markus Barchfeld PM Tour SQL injection vulnerability in the Tour Extension (pm_tour) extension before 0.0.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-15 | CVE-2009-4701 | Liviu Mitrofan Typo3 | SQL Injection vulnerability in Liviu Mitrofan Myth Download 0.1.0 SQL injection vulnerability in the Myth download (myth_download) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2010-03-15 | CVE-2009-4698 | Alexandre Amaral Xoops | SQL Injection vulnerability in Alexandre Amaral Xoops Celepar 1.0.1 Multiple SQL injection vulnerabilities in the Qas (aka Quas) module for XOOPS Celepar allow remote attackers to execute arbitrary SQL commands via the codigo parameter to (1) aviso.php and (2) imprimir.php, and the (3) cod_categoria parameter to categoria.php. | 7.5 |
2010-03-15 | CVE-2010-0122 | Timeclock Software | SQL Injection vulnerability in Timeclock-Software Employee Timeclock Software 0.99 Multiple SQL injection vulnerabilities in Employee Timeclock Software 0.99 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to (a) auth.php or (b) login_action.php. | 7.5 |
55 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-03-16 | CVE-2010-0729 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Linux 4 A certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 4 on the ia64 platform allows local users to use ptrace on an arbitrary process, and consequently gain privileges, via vectors related to a missing ptrace_check_attach call. | 6.9 |
2010-03-19 | CVE-2010-1003 | Efrontlearning | Path Traversal vulnerability in Efrontlearning Efront Directory traversal vulnerability in www/editor/tiny_mce/langs/language.php in eFront 3.5.x through 3.5.5 allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2010-03-19 | CVE-2010-0734 | Curl | Permissions, Privileges, and Access Controls vulnerability in Curl Libcurl content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact by sending crafted compressed data to an application that relies on the intended data-length limit. | 6.8 |
2010-03-18 | CVE-2009-4733 | Supercrackmunkey | SQL Injection vulnerability in Supercrackmunkey Simpleloginsys 0.5 SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | 6.8 |
2010-03-18 | CVE-2009-4732 | Technotoad | SQL Injection vulnerability in Technotoad TT web Site Manager 0.5 SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tt_name parameter. | 6.8 |
2010-03-18 | CVE-2009-4722 | Limny | SQL Injection vulnerability in Limny 1.01 SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | 6.8 |
2010-03-16 | CVE-2010-0983 | Utilo | Code Injection vulnerability in Utilo Rezervi PHP remote file inclusion vulnerability in include/mail.inc.php in Rezervi 3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, a different vector than CVE-2007-2156. | 6.8 |
2010-03-16 | CVE-2010-0966 | Dzcp | Code Injection vulnerability in Dzcp Dev!L'Z Clanportal 1.5.2 PHP remote file inclusion vulnerability in inc/config.php in deV!L`z Clanportal (DZCP) 1.5.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the basePath parameter. | 6.8 |
2010-03-15 | CVE-2010-0624 | GNU | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GNU Cpio and TAR Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. | 6.8 |
2010-03-15 | CVE-2010-0396 | Debian | Path Traversal vulnerability in Debian Dpkg Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive. | 5.8 |
2010-03-18 | CVE-2009-4725 | Arabportal | Path Traversal vulnerability in Arabportal Arab Portal Directory traversal vulnerability in modules/aljazeera/admin/setup.php in Arab Portal 2.2 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 5.1 |
2010-03-16 | CVE-2010-0967 | Geekhelps | Path Traversal vulnerability in Geekhelps Admp 1.01 Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the style parameter to (1) colorvoid/footer.php, (2) default-green/footer.php, (3) default-orange/footer.php, and (4) default/footer.php in themes/. | 5.1 |
2010-03-19 | CVE-2010-1029 | Apple | Resource Management Errors vulnerability in multiple products Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a STYLE element composed of a large number of *> sequences. | 5.0 |
2010-03-19 | CVE-2010-1007 | CHI Hoang Typo3 | Information Exposure vulnerability in CHI Hoang CH Lightem Unspecified vulnerability in the Power Extension Manager (ch_lightem) extension 1.0.34 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors. | 5.0 |
2010-03-18 | CVE-2009-4726 | Olivier Michaud Pierre Yves | Path Traversal vulnerability in Olivier Michaud Pierre-Yves Quickdev4PHP Directory traversal vulnerability in download.php in Quickdev 4 PHP allows remote attackers to read arbitrary files via a .. | 5.0 |
2010-03-16 | CVE-2010-0984 | Acidcat | Permissions, Privileges, and Access Controls vulnerability in Acidcat CMS Acidcat CMS 3.5.3 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing credentials via a direct request for databases/acidcat_3.mdb. | 5.0 |
2010-03-16 | CVE-2010-0978 | Kmsoft | Permissions, Privileges, and Access Controls vulnerability in Kmsoft Guestbook 1.0 KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb. | 5.0 |
2010-03-16 | CVE-2010-0977 | Pordus | Permissions, Privileges, and Access Controls vulnerability in Pordus PD Portal 4.0 PD PORTAL 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb. | 5.0 |
2010-03-16 | CVE-2010-0397 | PHP | Remote Denial of Service vulnerability in PHP 5.3.1 The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument. | 5.0 |
2010-03-16 | CVE-2010-0969 | Nlnetlabs | Resource Management Errors vulnerability in Nlnetlabs Unbound Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | 5.0 |
2010-03-16 | CVE-2010-0965 | Jevci NET | Permissions, Privileges, and Access Controls vulnerability in Jevci.Net Jevci Siparis Formu Scripti Jevci Siparis Formu Scripti stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for siparis.mdb. | 5.0 |
2010-03-15 | CVE-2009-4704 | Typo3 | Information Disclosure vulnerability in Ws Ecard Unspecified vulnerability in the Webesse E-Card (ws_ecard) extension 1.0.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors. | 5.0 |
2010-03-15 | CVE-2009-4700 | Skadate | Path Traversal vulnerability in Skadate Online Dating Software 5.0/6.0/6.482 Directory traversal vulnerability in index.php in SkaDate Dating allows remote attackers to read arbitrary files via a .. | 5.0 |
2010-03-15 | CVE-2010-0123 | Timeclock Software | Permissions, Privileges, and Access Controls vulnerability in Timeclock-Software Employee Timeclock Software 0.99 The database backup implementation in Employee Timeclock Software 0.99 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for a "semi-predictable file name." | 5.0 |
2010-03-16 | CVE-2010-0727 | Linux Debian Redhat | Resource Management Errors vulnerability in multiple products The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on a (1) GFS or (2) GFS2 filesystem, and then changing this file's permissions. | 4.9 |
2010-03-19 | CVE-2009-4271 | Linux | Unspecified vulnerability in Linux Kernel The Linux kernel 2.6.9 through 2.6.17 on the x86_64 and amd64 platforms allows local users to cause a denial of service (panic) via a 32-bit application that calls mprotect on its Virtual Dynamic Shared Object (VDSO) page and then triggers a segmentation fault. | 4.7 |
2010-03-16 | CVE-2007-6733 | Linux | Resource Management Errors vulnerability in Linux Kernel 2.6.9 The nfs_lock function in fs/nfs/file.c in the Linux kernel 2.6.9 does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on an NFS filesystem and then changing this file's permissions, a related issue to CVE-2010-0727. | 4.7 |
2010-03-19 | CVE-2010-0736 | Viewvc | Cross-Site Scripting vulnerability in Viewvc Cross-site scripting (XSS) vulnerability in the view_queryform function in lib/viewvc.py in ViewVC before 1.0.10, and 1.1.x before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via "user-provided input." | 4.3 |
2010-03-19 | CVE-2010-0465 | Sugarcrm | Cross-Site Scripting vulnerability in Sugarcrm Cross-site scripting (XSS) vulnerability in the online Documents functionality in SugarCRM 5.2.x before 5.2.0l and 5.5.x before 5.5.0a allows remote authenticated users to inject arbitrary web script or HTML via the Document Name field. | 4.3 |
2010-03-19 | CVE-2010-1025 | Chris Wederka Typo3 | Cross-Site Scripting vulnerability in Chris Wederka TGM Newsletter 0.0.2 Cross-site scripting (XSS) vulnerability in the TGM-Newsletter (tgm_newsletter) extension 0.0.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-19 | CVE-2010-1023 | Taskcenter Recent Project | Cross-Site Scripting vulnerability in Taskcenter Recent Project Taskcenter Recent 0.0.6/0.0.7/0.1.0 Cross-site scripting (XSS) vulnerability in the UserTask Center, Recent (taskcenter_recent) extension 0.1.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-19 | CVE-2010-1021 | Mads Brunn Typo3 | Cross-Site Scripting vulnerability in Mads Brunn T3Quixplorer Cross-site scripting (XSS) vulnerability in the Typo3 Quixplorer (t3quixplorer) extension before 1.7.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-19 | CVE-2010-1020 | SK Typo3 Typo3 | Cross-Site Scripting vulnerability in Sk-Typo3 SK Simplegallery 0.0.1 Cross-site scripting (XSS) vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-19 | CVE-2010-1014 | Steffen Kamper Typo3 | Cross-Site Scripting vulnerability in Steffen Kamper Reports Logview Cross-site scripting (XSS) vulnerability in the Reports Logfile View (reports_logview) extension 1.2.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-19 | CVE-2010-1011 | TIM Lochmueller Typo3 | Cross-Site Scripting vulnerability in TIM Lochmueller Mydashboard Cross-site scripting (XSS) vulnerability in the myDashboard (mydashboard) extension 0.1.13 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-19 | CVE-2010-1008 | Christian Hennecke Typo3 | Cross-Site Scripting vulnerability in Christian Hennecke Chsellector 0.1.0 Cross-site scripting (XSS) vulnerability in the Sellector.com Widget Integration (chsellector) extension before 0.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-19 | CVE-2010-1005 | Mischa Heimann Typo3 | Cross-Site Scripting vulnerability in Mischa Heimann Yatse Cross-site scripting (XSS) vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-18 | CVE-2009-4729 | X10Media | Cross-Site Scripting vulnerability in X10Media Adult Script 1.7 Multiple cross-site scripting (XSS) vulnerabilities in x10 Adult Media Script 1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) pic_id parameter to includes/video_ad.php, (2) category parameter to linkvideos_listing.php, (3) id parameter to templates/header1.php, and (4) key parameter to video_listing.php. | 4.3 |
2010-03-18 | CVE-2010-0421 | Gnome | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gnome Pango Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database. | 4.3 |
2010-03-16 | CVE-2010-0982 | Joomlamo Joomla | Path Traversal vulnerability in Joomlamo COM Cartweberp 1.56.75 Directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. | 4.3 |
2010-03-16 | CVE-2010-0979 | Obsession Design | Cross-Site Scripting vulnerability in Obsession-Design Image-Gallery 1.1 Cross-site scripting (XSS) vulnerability in display.php in Obsession-Design Image-Gallery (ODIG) 1.1 allows remote attackers to inject arbitrary web script or HTML via the folder parameter. | 4.3 |
2010-03-16 | CVE-2010-0963 | Yuri D Elia | Cross-Site Scripting vulnerability in Yuri D'Elia DL Cross-site scripting (XSS) vulnerability in index.php in dl Download Ticket Service before 0.7 allows remote attackers to inject arbitrary web script or HTML via the t parameter, related to an invalid ticket ID. | 4.3 |
2010-03-15 | CVE-2009-4717 | Gonafish | Cross-Site Scripting vulnerability in Gonafish Webstatcaffe Multiple cross-site scripting (XSS) vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the (1) host parameter to stat/host.php, nodayshow parameter to (2) mostvisitpage.php and (3) visitorduration.php in stat/, (4) nopagesmost parameter to stat/mostvisitpagechart.php, and date parameter to (5) pageviewers.php, (6) pageviewerschart.php, and (7) referer.php in stat/. | 4.3 |
2010-03-15 | CVE-2009-4716 | Edgephp | Cross-Site Scripting vulnerability in Edgephp Ezwebsearch Cross-site scripting (XSS) vulnerability in results.php in EDGEPHP EZWebSearch allows remote attackers to inject arbitrary web script or HTML via the language parameter. | 4.3 |
2010-03-15 | CVE-2009-4715 | Phpscriptsnow | Cross-Site Scripting vulnerability in PHPscriptsnow Real Time Currency Exchange Cross-site scripting (XSS) vulnerability in rates.php in Real Time Currency Exchange allows remote attackers to inject arbitrary web script or HTML via the Amount parameter. | 4.3 |
2010-03-15 | CVE-2009-4714 | Alexandre Amaral | Cross-Site Scripting vulnerability in Alexandre Amaral Xoops Celepar 1.0.1 Cross-site scripting (XSS) vulnerability in the quiz module for XOOPS Celepar allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to cadastro_usuario.php. | 4.3 |
2010-03-15 | CVE-2009-4713 | Alexandre Amaral | Cross-Site Scripting vulnerability in Alexandre Amaral Xoops Celepar 1.0.1 Multiple cross-site scripting (XSS) vulnerabilities in the Qas (aka Quas) module for XOOPS Celepar allow remote attackers to inject arbitrary web script or HTML via (1) the cod_categoria parameter to categoria.php, (2) the opcao parameter to index.php, and the PATH_INFO to (3) categoria.php and (4) index.php. | 4.3 |
2010-03-15 | CVE-2009-4707 | Maximo Cuadros Typo3 | Cross-Site Scripting vulnerability in Maximo Cuadros GB Fenewssubmit Cross-site scripting (XSS) vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-15 | CVE-2009-4706 | Sebastian Winterhalder Typo3 | Cross-Site Scripting vulnerability in Sebastian Winterhalder Mailform Cross-site scripting (XSS) vulnerability in the Mailform (mailform) extension before 0.9.24 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-15 | CVE-2009-4705 | Thomas Loeffler Typo3 | Cross-Site Scripting vulnerability in Thomas Loeffler Twittersearch 0.0.1/0.0.2 Cross-site scripting (XSS) vulnerability in the Twitter Search (twittersearch) extension before 0.1.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-15 | CVE-2009-4699 | Skadate | Cross-Site Scripting vulnerability in Skadate Online Dating Software 5.0/6.0/6.482 Multiple cross-site scripting (XSS) vulnerabilities in SkaDate Dating allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/auth.php and (2) file_uploader.php. | 4.3 |
2010-03-15 | CVE-2010-0051 | Apple | Improper Input Validation vulnerability in Apple Safari WebKit in Apple Safari before 4.0.5 does not properly validate the cross-origin loading of stylesheets, which allows remote attackers to obtain sensitive information via a crafted HTML document. | 4.3 |
2010-03-15 | CVE-2010-0044 | Apple | Configuration vulnerability in Apple Safari PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed. | 4.3 |
2010-03-15 | CVE-2010-0042 | Apple Microsoft | Information Exposure vulnerability in Apple Safari ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted TIFF image. | 4.3 |
2010-03-15 | CVE-2010-0041 | Apple Microsoft | Information Exposure vulnerability in Apple Safari ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted BMP image. | 4.3 |
2 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-03-16 | CVE-2010-0971 | Atutor | Cross-Site Scripting vulnerability in Atutor 1.6.4 Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.6.4 allow remote authenticated users, with Instructor privileges, to inject arbitrary web script or HTML via the (1) Question and (2) Choice fields in tools/polls/add.php, the (3) Type and (4) Title fields in tools/groups/create_manual.php, and the (5) Title field in assignments/add_assignment.php. | 2.1 |
2010-03-15 | CVE-2010-0124 | Timeclock Software | Credentials Management vulnerability in Timeclock-Software Employee Timeclock Software 0.99 Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process. | 2.1 |