Weekly Vulnerabilities Reports > March 22 to 28, 2010
Overview
137 new vulnerabilities reported during this period, including 13 critical vulnerabilities and 50 high severity vulnerabilities. This weekly summary report vulnerabilities in 109 products from 80 vendors including Mozilla, Cisco, Microsoft, Phpkobo, and Apple. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Path Traversal", "Permissions, Privileges, and Access Controls", and "Code Injection".
- 135 reported vulnerabilities are remotely exploitables.
- 35 reported vulnerabilities have public exploit available.
- 73 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 133 reported vulnerabilities are exploitable by an anonymous user.
- Mozilla has the most reported vulnerabilities, with 15 reported vulnerabilities.
- Mozilla has the most reported critical vulnerabilities, with 5 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
13 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-03-26 | CVE-2009-4741 | Skype Microsoft | Unspecified vulnerability in EasyBits Extras Manager Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unknown impact and attack vectors. | 10.0 |
2010-03-25 | CVE-2010-1122 | Mozilla | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.8 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly have unknown other impact via vectors that might involve compressed data, a different vulnerability than CVE-2010-1028. | 10.0 |
2010-03-25 | CVE-2010-1121 | Mozilla | Code Injection vulnerability in Mozilla Firefox 3.6/3.6.1/3.6.2 Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interaction with garbage collection, as demonstrated by Nils during a Pwn2Own competition at CanSecWest 2010. | 10.0 |
2010-03-25 | CVE-2010-1120 | Apple | Code Injection vulnerability in Apple Safari 4.0 Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Charlie Miller during a Pwn2Own competition at CanSecWest 2010. | 10.0 |
2010-03-25 | CVE-2010-1119 | Apple Microsoft | Resource Management Errors vulnerability in Apple products Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database or other data, via vectors related to "attribute manipulation," as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010. | 10.0 |
2010-03-25 | CVE-2010-1118 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 8 Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a use-after-free issue, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010. | 10.0 |
2010-03-25 | CVE-2010-0581 | Cisco | Unspecified vulnerability in Cisco IOS Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability." | 10.0 |
2010-03-25 | CVE-2010-0580 | Cisco | Unspecified vulnerability in Cisco IOS Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability." | 10.0 |
2010-03-23 | CVE-2010-1041 | IBM | Unspecified vulnerability in IBM DB2 Content Manager 8.3 Unspecified vulnerability in the single sign-on functionality in the Web Services implementation in IBM DB2 Content Manager (CM) Toolkit 8.3 before FP13 on z/OS and DB2 Information Integrator for Content 8.3 before FP13 has unknown impact and remote attack vectors. | 10.0 |
2010-03-27 | CVE-2010-1132 | Georg Greve | OS Command Injection vulnerability in Georg Greve Spamassassin Milter Plugin 0.3.1 The mlfi_envrcpt function in spamass-milter.cpp in SpamAssassin Milter Plugin 0.3.1, when using the expand option, allows remote attackers to execute arbitrary system commands via shell metacharacters in the RCPT TO field of an email message. | 9.3 |
2010-03-25 | CVE-2010-0167 | Mozilla | Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors related to (1) layout/generic/nsBlockFrame.cpp and (2) the _evaluate function in modules/plugin/base/src/nsNPAPIPlugin.cpp. | 9.3 |
2010-03-25 | CVE-2010-0165 | Mozilla | Buffer Errors vulnerability in Mozilla Firefox 3.6 The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors involving certain indirect calls to the JavaScript eval function. | 9.3 |
2010-03-25 | CVE-2010-0164 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox 3.6 Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a multipart/x-mixed-replace animation in which the frames have different bits-per-pixel (bpp) values. | 9.3 |
50 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-03-26 | CVE-2010-1124 | IBM | Remote Denial of Service vulnerability in IBM AIX 'getaddrinfo()' bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors, as demonstrated by IBM DB2 crashes on "systems with databases cataloged with alternate servers using IP addresses." | 7.8 |
2010-03-25 | CVE-2010-0586 | Cisco | Unspecified vulnerability in Cisco IOS Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz49741, the "SCCP Request Handling Denial of Service Vulnerability." | 7.8 |
2010-03-25 | CVE-2010-0585 | Cisco | Unspecified vulnerability in Cisco IOS Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz48614, the "SCCP Packet Processing Denial of Service Vulnerability." | 7.8 |
2010-03-25 | CVE-2010-0584 | Cisco | Unspecified vulnerability in Cisco IOS Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Protocol (SCCP) packets, aka Bug ID CSCsy09250. | 7.8 |
2010-03-25 | CVE-2010-0583 | Cisco | Resource Management Errors vulnerability in Cisco IOS 12.1Xu/12.1Yd/12.2B Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (memory consumption and device reload) via malformed H.323 packets, aka Bug ID CSCtb93855. | 7.8 |
2010-03-25 | CVE-2010-0582 | Cisco | Unspecified vulnerability in Cisco IOS Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962. | 7.8 |
2010-03-25 | CVE-2010-0579 | Cisco | Unspecified vulnerability in Cisco IOS The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling Denial of Service Vulnerability." | 7.8 |
2010-03-25 | CVE-2010-0578 | Cisco | Cryptographic Issues vulnerability in Cisco IOS The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491. | 7.8 |
2010-03-25 | CVE-2010-0576 | Cisco | Denial of Service vulnerability in Cisco IOS Multiprotocol Label Switching (MPLS) Malformed Packet Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or process restart) via a crafted LDP packet, aka Bug IDs CSCsz45567 and CSCsj25893. | 7.8 |
2010-03-25 | CVE-2010-1117 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer 8.0.6001 Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to discover the base address of a Windows .dll file, and possibly have unspecified other impact, via unknown vectors, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at CanSecWest 2010. | 7.6 |
2010-03-25 | CVE-2010-0168 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox 3.6/3.6.1 The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow remote attackers to cause a denial of service (application crash or hang) or hijack the functionality of the browser's add-ons via a crafted SRC attribute of an IMG element, as demonstrated by remote command execution through an ssh: URL in a configuration that supports gnome-vfs with a nonstandard network.gnomevfs.supported-protocols setting. | 7.6 |
2010-03-27 | CVE-2010-1136 | Tiki | Permissions, Privileges, and Access Controls vulnerability in Tiki Tikiwiki Cms/Groupware The Standard Remember method in TikiWiki CMS/Groupware 3.x before 3.5 allows remote attackers to bypass access restrictions related to "persistent login," probably due to the generation of predictable cookies based on the IP address and User agent in userslib.php. | 7.5 |
2010-03-27 | CVE-2010-1135 | Tiki | Credentials Management vulnerability in Tiki Tikiwiki Cms/Groupware 4.0/4.1 The user_logout function in TikiWiki CMS/Groupware 4.x before 4.2 does not properly delete user login cookies, which allows remote attackers to gain access via cookie reuse. | 7.5 |
2010-03-27 | CVE-2010-1134 | Tiki | SQL Injection vulnerability in Tiki Tikiwiki Cms/Groupware SQL injection vulnerability in the _find function in searchlib.php in TikiWiki CMS/Groupware 3.x before 3.5 allows remote attackers to execute arbitrary SQL commands via the $searchDate variable. | 7.5 |
2010-03-27 | CVE-2010-1133 | Tiki | SQL Injection vulnerability in Tiki Tikiwiki Cms/Groupware 4.0/4.1 Multiple SQL injection vulnerabilities in TikiWiki CMS/Groupware 4.x before 4.2 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to (1) tiki-searchindex.php and (2) tiki-searchresults.php. | 7.5 |
2010-03-26 | CVE-2010-1129 | PHP | Improper Input Validation vulnerability in PHP The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function. | 7.5 |
2010-03-26 | CVE-2009-4752 | Phppower | Code Injection vulnerability in PHPpower Swinger Club Portal PHP remote file inclusion vulnerability in anzeiger/start.php in Swinger Club Portal allows remote attackers to execute arbitrary PHP code via a URL in the go parameter. | 7.5 |
2010-03-26 | CVE-2009-4751 | Phppower | SQL Injection vulnerability in PHPpower Swinger Club Portal SQL injection vulnerability in anzeiger/start.php in Swinger Club Portal allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action. | 7.5 |
2010-03-26 | CVE-2009-4749 | Phplivesupport | SQL Injection vulnerability in PHPlivesupport PHP Live! 3.2.1/3.2.2 Multiple SQL injection vulnerabilities in PHP Live! 3.2.1 and 3.2.2 allow remote attackers to execute arbitrary SQL commands via the x parameter to (1) message_box.php and (2) request.php. | 7.5 |
2010-03-26 | CVE-2009-4748 | Andrew Charlton Wordpress | SQL Injection vulnerability in Andrew Charlton MY Category Order SQL injection vulnerability in mycategoryorder.php in the My Category Order plugin 2.8 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the parentID parameter in an act_OrderCategories action to wp-admin/post-new.php. | 7.5 |
2010-03-26 | CVE-2009-4747 | Tecnick | Code Injection vulnerability in Tecnick Aiocp 1.4.001 PHP remote file inclusion vulnerability in public/code/cp_html2xhtmlbasic.php in All In One Control Panel (AIOCP) 1.4.001 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter, a different vector than CVE-2009-3220. | 7.5 |
2010-03-26 | CVE-2009-4745 | Dreamlevels | SQL Injection vulnerability in Dreamlevels Dreampoll 3.1 Multiple SQL injection vulnerabilities in index.php in Dreamlevels DreamPoll 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) sortField, (2) sortDesc, or (3) pageNumber parameter in a login action. | 7.5 |
2010-03-26 | CVE-2009-4742 | Docebo | SQL Injection vulnerability in Docebo 3.6.0.3 Multiple SQL injection vulnerabilities in Docebo 3.6.0.3 allow remote attackers to execute arbitrary SQL commands via (1) the word parameter in a play help action to the faq module, reachable through index.php; (2) the word parameter in a play keyw action to the link module, reachable through index.php; (3) the id_certificate parameter in an elemmetacertificate action to the meta_certificate module, reachable through index.php; or (4) the id_certificate parameter in an elemcertificate action to the certificate module, reachable through index.php. | 7.5 |
2010-03-26 | CVE-2009-4740 | Typo3 | Path Traversal vulnerability in Typo3 WS Ecard 1.0.2 Directory traversal vulnerability in the Webesse E-Card (ws_ecard) extension 1.0.2 and earlier for TYPO3 has unspecified impact and remote attack vectors. | 7.5 |
2010-03-26 | CVE-2010-0731 | GNU | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GNU Gnutls The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number. | 7.5 |
2010-03-25 | CVE-2010-1114 | Comscripts | Code Injection vulnerability in Comscripts web Server Creator web Portal 0.1 Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) pg parameter to index.php and the (2) path parameter to news/form.php. | 7.5 |
2010-03-25 | CVE-2010-1106 | Advertisementmanager | Code Injection vulnerability in Advertisementmanager 3.1.0 PHP remote file inclusion vulnerability in cgi/index.php in AdvertisementManager 3.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the req parameter. | 7.5 |
2010-03-24 | CVE-2010-1096 | Scriptsfeed | SQL Injection vulnerability in Scriptsfeed Dating Software Multiple SQL injection vulnerabilities in searchmatch.php in ScriptsFeed Dating Software allow remote attackers to execute arbitrary SQL commands via the (1) txtgender and (2) txtlookgender parameters. | 7.5 |
2010-03-24 | CVE-2010-1094 | Miethner Scripting | SQL Injection vulnerability in Miethner-Scripting DZ Erotik Auktionshaus V4Rgo SQL injection vulnerability in news.php in DZ EROTIK Auktionshaus V4rgo allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-03-24 | CVE-2010-1092 | Scriptsfeed | SQL Injection vulnerability in Scriptsfeed Business Directory Software Multiple SQL injection vulnerabilities in login.php in ScriptsFeed Business Directory Software allow remote attackers to execute arbitrary SQL commands via the (1) us and (2) ps parameters. | 7.5 |
2010-03-24 | CVE-2010-1090 | Phpmysite | SQL Injection vulnerability in PHPmysite SQL injection vulnerability in index.php in phpMySite allows remote attackers to execute arbitrary SQL commands via the action parameter. | 7.5 |
2010-03-24 | CVE-2010-1089 | Phptroubleticket | SQL Injection vulnerability in PHPtroubleticket PHP Trouble Ticket 2.2 SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-03-23 | CVE-2010-1078 | Sphere Xlentprojects | SQL Injection vulnerability in Sphere.Xlentprojects Spherecms 1.1 SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes ("%00") in the view parameter, which bypasses a protection mechanism. | 7.5 |
2010-03-23 | CVE-2010-1075 | Entrylevelcms | SQL Injection vulnerability in Entrylevelcms EL CMS SQL injection vulnerability in index.php in Entry Level CMS (EL CMS) allows remote attackers to execute arbitrary SQL commands via the subj parameter. | 7.5 |
2010-03-23 | CVE-2010-1073 | Joshprakash Joomla | SQL Injection vulnerability in Joshprakash COM Jembed SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to index.php. | 7.5 |
2010-03-23 | CVE-2010-1071 | Phpmdj | SQL Injection vulnerability in PHPmdj 1.0.3 SQL injection vulnerability in profil.php in phpMDJ 1.0.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-03-23 | CVE-2010-1070 | Imagoscripts | SQL Injection vulnerability in Imagoscripts Deviant ART Clone SQL injection vulnerability in index.php in ImagoScripts Deviant Art Clone allows remote attackers to execute arbitrary SQL commands via the seid parameter in a forums viewcat action. | 7.5 |
2010-03-23 | CVE-2010-1069 | Proarcadescript | SQL Injection vulnerability in Proarcadescript SQL injection vulnerability in games/game.php in ProArcadeScript allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-03-23 | CVE-2010-1054 | Parscms | SQL Injection vulnerability in Parscms Multiple SQL injection vulnerabilities in ParsCMS allow remote attackers to execute arbitrary SQL commands via the RP parameter to (1) fa_default.asp and (2) en_default.asp. | 7.5 |
2010-03-23 | CVE-2010-1051 | Alexandre Dubus | SQL Injection vulnerability in Alexandre Dubus Audistat 1.3 Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) month parameters. | 7.5 |
2010-03-23 | CVE-2010-1050 | Alexandre Dubus | SQL Injection vulnerability in Alexandre Dubus Audistat 1.3 SQL injection vulnerability in index.php in AudiStat 1.3 allows remote attackers to execute arbitrary SQL commands via the mday parameter. | 7.5 |
2010-03-23 | CVE-2010-1049 | Uiga | SQL Injection vulnerability in Uiga Business Portal Multiple SQL injection vulnerabilities in Uiga Business Portal allow remote attackers to execute arbitrary SQL commands via the (1) noentryid parameter to blog/index.php and the (2) p parameter to index2.php. | 7.5 |
2010-03-23 | CVE-2010-1047 | Masa2El | SQL Injection vulnerability in Masa2El Music City 1.0/1.1 SQL injection vulnerability in index.php in MASA2EL Music City 1.0 and 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in a singer action. | 7.5 |
2010-03-23 | CVE-2010-1046 | Ryan Marshall | SQL Injection vulnerability in Ryan Marshall Rostermain Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) userid (username) and (2) password parameters. | 7.5 |
2010-03-23 | CVE-2010-1045 | Design Cars Joomla | SQL Injection vulnerability in Design-Cars COM Productbook 1.0.4 SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | 7.5 |
2010-03-23 | CVE-2010-1044 | Manageengine | SQL Injection vulnerability in Manageengine Oputils 5.0 SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 allows remote attackers to execute arbitrary SQL commands via the isHttpPort parameter. | 7.5 |
2010-03-23 | CVE-2010-1043 | Jaxcms | Path Traversal vulnerability in Jaxcms 1.0 Directory traversal vulnerability in index.php in jaxCMS 1.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter. | 7.5 |
2010-03-24 | CVE-2010-0619 | Lexmark | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Lexmark X94X Stack-based buffer overflow in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser printers and multi-function printers allows remote attackers to execute arbitrary code or cause a denial of service (device hang) via a long argument to a PJL INQUIRE command. | 7.3 |
2010-03-25 | CVE-2010-0577 | Cisco | Resource Management Errors vulnerability in Cisco IOS Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186. | 7.1 |
2010-03-23 | CVE-2009-3385 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Seamonkey The mail component in Mozilla SeaMonkey before 1.1.19 does not properly restrict execution of scriptable plugin content, which allows user-assisted remote attackers to obtain sensitive information via crafted content in an IFRAME element in an HTML e-mail message, as demonstrated by a Flash object that sends arbitrary local files during a reply or forward operation. | 7.1 |
71 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-03-26 | CVE-2010-0439 | Chip Salzenberg | Link Following vulnerability in Chip Salzenberg Deliver 2.1.14 Chip Salzenberg Deliver allows local users to cause a denial of service, obtain sensitive information, and possibly change the ownership of arbitrary files via a symlink attack on an unspecified file. | 6.9 |
2010-03-26 | CVE-2009-4750 | Phppower | Code Injection vulnerability in PHPpower TOP Paidmailer PHP remote file inclusion vulnerability in home.php in Top Paidmailer allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | 6.8 |
2010-03-26 | CVE-2009-4739 | Skadate | Code Injection vulnerability in Skadate Online Dating Software PHP remote file inclusion vulnerability in index.php in SkaDate Dating allows remote attackers to execute arbitrary PHP code via a URL in the language_id parameter. | 6.8 |
2010-03-25 | CVE-2010-1109 | Djayp | SQL Injection vulnerability in Djayp PHPmysport 1.4 Multiple SQL injection vulnerabilities in index.php in phpMySport 1.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) v2 parameter in a member view action, (2) v1 parameter in a news action, (3) v1 parameter in an information action, (4) v2 parameter in a team view action, (5) v2 parameter in a club view action, or (6) v2 parameter in a matches view action. | 6.8 |
2010-03-24 | CVE-2010-1097 | Dedecms | Improper Authentication vulnerability in Dedecms 5.5 include/userlogin.class.php in DeDeCMS 5.5 GBK, when session.auto_start is enabled, allows remote attackers to bypass authentication and gain administrative access via a value of 1 for the _SESSION[dede_admin_id] parameter, as demonstrated by a request to uploads/include/dialog/select_soft_post.php. | 6.8 |
2010-03-24 | CVE-2010-1093 | 1024Cms | SQL Injection vulnerability in 1024Cms 1024 CMS 2.1.1 SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a vp action. | 6.8 |
2010-03-23 | CVE-2010-1077 | Vbseo Vbulletin | Path Traversal vulnerability in Vbseo 3.1.0 Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the vbseourl parameter. | 6.8 |
2010-03-23 | CVE-2010-1063 | Phpkobo | Path Traversal vulnerability in PHPkobo Free Real Estate Contact Form Script 1.09 Multiple directory traversal vulnerabilities in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANG_CODE parameter to (1) codelib/cfg/common.inc.php, (2) form/app/common.inc.php, and (3) staff/app/common.inc.php. | 6.8 |
2010-03-23 | CVE-2010-1062 | Phpkobo | Path Traversal vulnerability in PHPkobo Free Real Estate Contact Form Script 1.09 Directory traversal vulnerability in codelib/sys/common.inc.php in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2010-03-23 | CVE-2010-1061 | Phpkobo | Path Traversal vulnerability in PHPkobo Short URL 1.01 Multiple directory traversal vulnerabilities in Phpkobo Short URL 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANG_CODE parameter to (1) url/app/common.inc.php and (2) codelib/cfg/common.inc.php. | 6.8 |
2010-03-23 | CVE-2010-1060 | Phpkobo | Path Traversal vulnerability in PHPkobo Short URL 1.01 Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Short URL 1.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2010-03-23 | CVE-2010-1059 | Phpkobo | Path Traversal vulnerability in PHPkobo Address Book Script 1.09 Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Address Book Script 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANG_CODE parameter. | 6.8 |
2010-03-23 | CVE-2010-1058 | Phpkobo | Path Traversal vulnerability in PHPkobo Address Book Script 1.09 Directory traversal vulnerability in codelib/cfg/common.inc.php in Phpkobo Address Book Script 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2010-03-23 | CVE-2010-1057 | Phpkobo | Path Traversal vulnerability in PHPkobo Adfreely 1.01 Multiple directory traversal vulnerabilities in Phpkobo AdFreely (aka Ad Board Script) 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a ..// (dot dot slash slash) in the LANG_CODE parameter to common.inc.php in (1) codelib/cfg/, (2) codelib/sys/, (3) staff/, and (4) staff/app/; and (5) staff/file.php. | 6.8 |
2010-03-23 | CVE-2010-1056 | Rockettheme Joomla | Path Traversal vulnerability in Rockettheme COM Rokdownloads Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2010-03-23 | CVE-2010-1053 | Zentracking | SQL Injection vulnerability in Zentracking ZEN Time Tracking Multiple SQL injection vulnerabilities in Zen Time Tracking 2.2 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to (a) userlogin.php and (b) managerlogin.php. | 6.8 |
2010-03-26 | CVE-2010-1128 | PHP | Cryptographic Issues vulnerability in PHP The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function. | 6.4 |
2010-03-26 | CVE-2010-0988 | Pulsecms | Code Injection vulnerability in Pulsecms Pulse CMS Multiple unspecified vulnerabilities in Pulse CMS before 1.2.3 allow (1) remote attackers to write to arbitrary files and execute arbitrary PHP code via vectors related to improper handling of login failures by includes/login.php; and allow remote authenticated users to write to arbitrary files and execute arbitrary PHP code via vectors involving the (2) filename and (3) block parameters to view.php. | 6.0 |
2010-03-26 | CVE-2010-1126 | Apple | Information Exposure vulnerability in Apple Webkit The JavaScript implementation in WebKit allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method. | 5.8 |
2010-03-26 | CVE-2010-1125 | Mozilla | Information Exposure vulnerability in Mozilla Firefox and Seamonkey The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method. | 5.8 |
2010-03-23 | CVE-2010-1040 | Tejimaya | Improper Authentication vulnerability in Tejimaya Openpne The "IP address range limitation" function in OpenPNE 1.6 through 1.8, 2.0 through 2.8, 2.10 through 2.14, and 3.0 through 3.4, when mobile device support is enabled, allows remote attackers to bypass the "simple login" functionality via unknown vectors related to spoofing. | 5.8 |
2010-03-26 | CVE-2010-0989 | Pulsecms | Path Traversal vulnerability in Pulsecms Pulse CMS Directory traversal vulnerability in delete.php in Pulse CMS before 1.2.3 allows remote authenticated users to delete arbitrary files via directory traversal sequences in the f parameter. | 5.5 |
2010-03-25 | CVE-2010-0166 | Mozilla Apple | Buffer Errors vulnerability in Mozilla Firefox 3.6 The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via an HTML document containing invisible Unicode characters, as demonstrated by the U+FEFF, U+FFF9, U+FFFA, and U+FFFB characters. | 5.1 |
2010-03-23 | CVE-2010-1055 | Tufat | Code Injection vulnerability in Tufat Osdate 2.1.9/2.5.4 Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and 2.5.4, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the config[forum_installed] parameter to (1) forum/adminLogin.php and (2) forum/userLogin.php. | 5.1 |
2010-03-26 | CVE-2010-1130 | PHP | Permissions, Privileges, and Access Controls vulnerability in PHP session.c in the session extension in PHP before 5.2.13, and 5.3.1, does not properly interpret ; (semicolon) characters in the argument to the session_save_path function, which allows context-dependent attackers to bypass open_basedir and safe_mode restrictions via an argument that contains multiple ; characters in conjunction with a .. | 5.0 |
2010-03-26 | CVE-2010-1127 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 and 7 does not initialize certain data structures during execution of the createElement method, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code, as demonstrated by setting the (1) outerHTML or (2) value property of an object returned by createElement. | 5.0 |
2010-03-25 | CVE-2010-0628 | MIT | Denial Of Service vulnerability in MIT Kerberos 'gss_accept_sec_context()' The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid packet that triggers incorrect preparation of an error token. | 5.0 |
2010-03-25 | CVE-2010-0169 | Mozilla | Multiple vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to the XUL cache, which might allow remote attackers to modify the browser's font and other CSS attributes, and potentially disrupt rendering of a web page, by forcing the browser to perform this erroneous stylesheet caching. | 5.0 |
2010-03-25 | CVE-2010-1116 | Aspindir | Permissions, Privileges, and Access Controls vulnerability in Aspindir Lookmer Muzik Portal LookMer Music Portal stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for dbmdb/LookMerSarkiMDB.mdb. | 5.0 |
2010-03-25 | CVE-2010-1115 | Comscripts | Path Traversal vulnerability in Comscripts web Server Creator web Portal 0.1 Directory traversal vulnerability in news/include/customize.php in Web Server Creator - Web Portal 0.1 allows remote attackers to read arbitrary files via a .. | 5.0 |
2010-03-25 | CVE-2010-1110 | Djayp | Path Traversal vulnerability in Djayp PHPmysport 1.4 Directory traversal vulnerability in index.php in phpMySport 1.4 allows remote attackers to list arbitrary directories via a .. | 5.0 |
2010-03-24 | CVE-2010-1103 | Mesadynamics | Numeric Errors vulnerability in Mesadynamics Stainless Integer overflow in Stainless allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | 5.0 |
2010-03-24 | CVE-2010-1102 | Omnigroup | Numeric Errors vulnerability in Omnigroup Omniweb Integer overflow in OmniWeb allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | 5.0 |
2010-03-24 | CVE-2010-1101 | Icab | Numeric Errors vulnerability in Icab Integer overflow in Alexander Clauss iCab allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | 5.0 |
2010-03-24 | CVE-2010-1100 | Arora Browser | Numeric Errors vulnerability in Arora-Browser Arora Integer overflow in Arora allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | 5.0 |
2010-03-24 | CVE-2010-1099 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple Safari Integer overflow in Apple Safari allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | 5.0 |
2010-03-24 | CVE-2010-0618 | Lexmark | Remote Denial of Service vulnerability in Multiple Lexmark Laser Printers FTP Service The flood-protection feature in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser and inkjet printers and MarkNet devices allows remote attackers to cause a denial of service (TCP outage) by making many passive FTP connections and then aborting these connections. | 5.0 |
2010-03-23 | CVE-2010-1081 | Corejoomla Joomla | Path Traversal vulnerability in Corejoomla COM Communitypolls Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
2010-03-23 | CVE-2010-1067 | Hasmir Alic | Permissions, Privileges, and Access Controls vulnerability in Hasmir Alic E-Membres 1.0 E-membres 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/bdEMembres.mdb. | 5.0 |
2010-03-23 | CVE-2010-1066 | THE Ghost | Permissions, Privileges, and Access Controls vulnerability in The-Ghost AR web Content Manager 2.1 AR Web Content Manager (AWCM) 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for control/db_backup.php. | 5.0 |
2010-03-23 | CVE-2010-1065 | Lebisoft | Permissions, Privileges, and Access Controls vulnerability in Lebisoft Ziyaretci Defteri 7.4/7.5 Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/lebisoft.mdb. | 5.0 |
2010-03-23 | CVE-2010-1064 | Aspindir | Permissions, Privileges, and Access Controls vulnerability in Aspindir Erolife Ajxgaleri VT Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/ajxgaleri.mdb. | 5.0 |
2010-03-27 | CVE-2010-1131 | Apple Microsoft | Remote Denial Of Service vulnerability in Apple Safari 4.0.5 JavaScriptCore.dll, as used in Apple Safari 4.0.5 on Windows XP SP3, allows remote attackers to cause a denial of service (application crash) via an HTML document composed of many successive occurrences of the <object> substring. | 4.3 |
2010-03-26 | CVE-2009-4746 | Dreamlevels | Cross-Site Scripting vulnerability in Dreamlevels Dreampoll 3.1 Cross-site scripting (XSS) vulnerability in index.php in Dreamlevels DreamPoll 3.1 allows remote attackers to inject arbitrary web script or HTML via the recordsPerPage parameter in a poll_default login action. | 4.3 |
2010-03-26 | CVE-2009-4744 | Oicgroup | Cross-Site Scripting vulnerability in Oicgroup Exponent CMS 0.97Ga20090213 Cross-site scripting (XSS) vulnerability in the Contact module in Exponent CMS 0.97-GA20090213 allows remote attackers to inject arbitrary web script or HTML via the email parameter. | 4.3 |
2010-03-26 | CVE-2009-4743 | Afterlogic | Cross-Site Scripting vulnerability in Afterlogic Webmail PRO 4.5 Multiple cross-site scripting (XSS) vulnerabilities in history-storage.aspx in AfterLogic WebMail Pro 4.7.10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) HistoryStorageObjectName and (2) HistoryKey parameters. | 4.3 |
2010-03-26 | CVE-2009-4505 | Alkacon | Cross-Site Scripting vulnerability in Alkacon Oamp Comments 1.0.1 Multiple cross-site scripting (XSS) vulnerabilities in OpenCMS OAMP Comments Module 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the name field in a comment, and other unspecified vectors. | 4.3 |
2010-03-25 | CVE-2010-0172 | Mozilla | Multiple vulnerability in Mozilla Firefox 3.6 toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6 before 3.6.2 does not properly handle concurrent authorization requests from multiple web sites, which might allow remote web servers to spoof an authorization dialog and capture credentials by demanding HTTP authentication in opportunistic circumstances. | 4.3 |
2010-03-25 | CVE-2010-0171 | Mozilla | Cross-Site Scripting vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) attacks, by using the addEventListener and setTimeout functions in conjunction with a wrapped object. | 4.3 |
2010-03-25 | CVE-2010-0170 | Mozilla | Cross-Site Scripting vulnerability in Mozilla Firefox 3.6 Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mechanism, which might allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors that are specific to each affected plugin. | 4.3 |
2010-03-25 | CVE-2010-1113 | Comscripts | Cross-Site Scripting vulnerability in Comscripts web Server Creator web Portal 0.1 Cross-site scripting (XSS) vulnerability in the forum page in Web Server Creator - Web Portal 0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to index.php. | 4.3 |
2010-03-25 | CVE-2010-1112 | Tristan Barczyk | Cross-Site Scripting vulnerability in Tristan Barczyk Klonews 2.0 Cross-site scripting (XSS) vulnerability in cat.php in KloNews 2.0 allows remote attackers to inject arbitrary web script or HTML via the cat parameter. | 4.3 |
2010-03-25 | CVE-2010-1111 | Easysitenetwork | Cross-Site Scripting vulnerability in Easysitenetwork Jokes Complete Website Multiple cross-site scripting (XSS) vulnerabilities in Jokes Complete Website allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to joke.php and the (2) searchingred parameter to results.php. | 4.3 |
2010-03-25 | CVE-2010-1105 | Advertisementmanager | Cross-Site Scripting vulnerability in Advertisementmanager 3.1.0/3.6 Cross-site scripting (XSS) vulnerability in cgi/index.php in AdvertisementManager 3.1.0 and 3.6 allows remote attackers to inject arbitrary web script or HTML via the usr parameter. | 4.3 |
2010-03-25 | CVE-2010-1104 | Zope | Cross-Site Scripting vulnerability in Zope Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages. | 4.3 |
2010-03-24 | CVE-2009-2907 | Springsource | Cross-Site Scripting vulnerability in Springsource Application Management Suite, Hyperic HQ and TC Server Multiple cross-site scripting (XSS) vulnerabilities in SpringSource tc Server 6.0.20.B and earlier, Application Management Suite (AMS) before 2.0.0.SR4, Hyperic HQ Open Source before 4.2.x, Hyperic HQ 4.0 Enterprise before 4.0.3.2, and Hyperic HQ 4.1 Enterprise before 4.1.2.1 allow remote attackers to inject arbitrary web script or HTML via the description field and unspecified "input fields." Per: http://www.springsource.com/security/cve-2009-2907 'Mitigation: * Hyperic HQ Open Source users should upgrade to Hyperic HQ 4.2.x * Hyperic HQ 4.0 Enterprise users should upgrade to 4.2.x or 4.0.3.2 * Hyperic HQ 4.1 Enterprise users should upgrade to 4.2.x or 4.1.2.1 * Users of any earlier Enterprise version should upgrade to 4.2.x * AMS users should upgrade to 2.0.0.SR4 * tc Server users should upgrade to AMS 2.0.0.SR4 To protect against this issue until systems have been upgraded and/or patches have been applied, system administrators should ensure untrusted users do not have the necessary privileges to create alerts.' | 4.3 |
2010-03-24 | CVE-2010-1095 | JAN Schutze | Cross-Site Scripting vulnerability in JAN Schutze Truc 0.10.0/0.11.0/0.9.0 Cross-site scripting (XSS) vulnerability in login_reset_password_page.php in Tracking Requirements & Use Cases (TRUC) 0.11.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter. | 4.3 |
2010-03-24 | CVE-2010-1091 | Phpmysite | Cross-Site Scripting vulnerability in PHPmysite Multiple cross-site scripting (XSS) vulnerabilities in contact.php in phpMySite allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) city, (3) email, (4) state, and (5) message parameters. | 4.3 |
2010-03-23 | CVE-2010-1082 | Openinferno | Path Traversal vulnerability in Openinferno Oi.Blogs 1.0.0 Multiple directory traversal vulnerabilities in OI.Blogs 1.0.0, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via directory traversal sequences in the (1) theme parameter to loadStyles.php and the (2) scripts parameter to javascript/loadScripts.php. | 4.3 |
2010-03-23 | CVE-2010-1080 | Pulsecms | Cross-Site Scripting vulnerability in Pulsecms Pulse CMS 1.2.2 Cross-site scripting (XSS) vulnerability in view.php in Pulse CMS 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter. | 4.3 |
2010-03-23 | CVE-2010-1079 | Sawmill | Cross-Site Scripting vulnerability in Sawmill Cross-site scripting (XSS) vulnerability in Sawmill before 7.2.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-03-23 | CVE-2010-1076 | Entrylevelcms | Cross-Site Scripting vulnerability in Entrylevelcms EL CMS Cross-site scripting (XSS) vulnerability in index.php in Entry Level CMS (EL CMS) allows remote attackers to inject arbitrary web script or HTML via the subj parameter, which is not properly handled in a forced SQL error message. | 4.3 |
2010-03-23 | CVE-2010-1074 | 2Bits Drupal | Cross-Site Scripting vulnerability in 2Bits Currency Cross-site scripting (XSS) vulnerability in the Currency Exchange module before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to watchdog logging. | 4.3 |
2010-03-23 | CVE-2010-1072 | Sniggabo | Cross-Site Scripting vulnerability in Sniggabo CMS 2.21 Cross-site scripting (XSS) vulnerability in search.php in Sniggabo CMS 2.21 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | 4.3 |
2010-03-23 | CVE-2010-1068 | Netwin | Cross-Site Scripting vulnerability in Netwin Surgeftp 2.3A6 Multiple cross-site scripting (XSS) vulnerabilities in surgeftpmgr.cgi in NetWin SurgeFTP 2.3a6 allow remote attackers to inject arbitrary web script or HTML via the (1) domainid or (2) classid parameter in a class action. | 4.3 |
2010-03-23 | CVE-2009-4736 | Sensesites | Cross-Site Scripting vulnerability in Sensesites Commonsense CMS 5.0 Cross-site scripting (XSS) vulnerability in search.php in CommonSense CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | 4.3 |
2010-03-23 | CVE-2010-1052 | Alexandre Dubus | Cross-Site Scripting vulnerability in Alexandre Dubus Audistat 1.3 Multiple cross-site scripting (XSS) vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) year and (2) mday parameters. | 4.3 |
2010-03-23 | CVE-2010-1048 | Uiga | Cross-Site Scripting vulnerability in Uiga Business Portal Cross-site scripting (XSS) vulnerability in blog/index.php in Uiga Business Portal allows remote attackers to inject arbitrary web script or HTML via the textcomment parameter (aka the Comment Box) in a noentryid action. | 4.3 |
2010-03-23 | CVE-2010-1042 | Microsoft | Remote Memory Corruption vulnerability in Microsoft Windows Media Player AVI File Colorspace Conversion Microsoft Windows Media Player 11 does not properly perform colorspace conversion, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .AVI file. | 4.3 |
2010-03-23 | CVE-2010-0163 | Mozilla | Denial of Service vulnerability in Mozilla Seamonkey and Thunderbird Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing. | 4.3 |
2010-03-23 | CVE-2010-0161 | Mozilla Microsoft | Resource Management Errors vulnerability in Mozilla Seamonkey and Thunderbird The nsAuthSSPI::Unwrap function in extensions/auth/nsAuthSSPI.cpp in Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 on Windows Vista, Windows Server 2008 R2, and Windows 7 allows remote SMTP, IMAP, and POP servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via crafted data in a session that uses SSPI. | 4.3 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-03-25 | CVE-2010-1108 | Hashmarkconsulting Drupal | Cross-Site Scripting vulnerability in Hashmarkconsulting Controlpanel Cross-site scripting (XSS) vulnerability in the Control Panel module 5.x through 5.x-1.5 and 6.x through 6.x-1.2 for Drupal allows remote authenticated users, with "administer blocks" privileges, to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2010-03-25 | CVE-2010-1107 | Fourkitchens Drupal | Cross-Site Scripting vulnerability in Fourkitchens Recent Comments Cross-site scripting (XSS) vulnerability in the Recent Comments module 5.x through 5.x-1.2 and 6.x through 6.x-1.0 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a "custom block title interface." | 3.5 |
2010-03-26 | CVE-2010-1123 | Chip Salzenberg | Race Condition vulnerability in Chip Salzenberg Deliver 2.1.14 Chip Salzenberg Deliver does not properly associate a lockfile with the user who created the file, which allows local users to cause a denial of service (blockage of incoming e-mail) by creating lockfiles for arbitrary mailboxes. | 2.1 |