Weekly Vulnerabilities Reports > April 5 to 11, 2010
Overview
102 new vulnerabilities reported during this period, including 13 critical vulnerabilities and 27 high severity vulnerabilities. This weekly summary report vulnerabilities in 78 products from 66 vendors including Novell, Joomla, Mozilla, Pulsecms, and Microsoft. Vulnerabilities are notably categorized as "Path Traversal", "SQL Injection", "Permissions, Privileges, and Access Controls", "Cross-site Scripting", and "Code Injection".
- 97 reported vulnerabilities are remotely exploitables.
- 34 reported vulnerabilities have public exploit available.
- 45 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 90 reported vulnerabilities are exploitable by an anonymous user.
- Novell has the most reported vulnerabilities, with 18 reported vulnerabilities.
- Mozilla has the most reported critical vulnerabilities, with 5 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
13 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2010-04-07 | CVE-2010-1223 | CA | Buffer Errors vulnerability in CA products Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote attackers to execute arbitrary code via (1) a malformed request to the ws_man/xosoapapi.asmx SOAP endpoint or (2) a long string to the entry_point.aspx service. | 10.0 |
| 2010-04-05 | CVE-2010-0174 | Mozilla | Remote Memory Corruption vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 10.0 |
| 2010-04-05 | CVE-2003-1595 | Novell | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors. | 10.0 |
| 2010-04-06 | CVE-2009-4737 | Justsystems | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Justsystems Ichitaro and Ichitaro Viewer Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to "pvpara ffooter." | 9.3 |
| 2010-04-06 | CVE-2010-1273 | Emweb | Improper Input Validation vulnerability in Emweb WT Emweb Wt before 3.1.1 does not validate the UTF-8 encoding of (1) form values and (2) JSignal arguments, which has unspecified impact and remote attack vectors. | 9.3 |
| 2010-04-05 | CVE-2010-0177 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability." | 9.3 |
| 2010-04-05 | CVE-2010-0176 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a "dangling pointer vulnerability." | 9.3 |
| 2010-04-05 | CVE-2010-0175 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items. | 9.3 |
| 2010-04-05 | CVE-2010-0173 | Mozilla | Remote Memory Corruption vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 9.3 |
| 2010-04-05 | CVE-2010-1241 | Adobe Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat Reader Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005. | 9.3 |
| 2010-04-05 | CVE-2010-1240 | Adobe Microsoft | Permissions, Privileges, and Access Controls vulnerability in Adobe Acrobat Reader 9.3.1 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PDF document, as demonstrated by a text field that claims that the Open button will enable the user to read an encrypted message. | 9.3 |
| 2010-04-05 | CVE-2010-1239 | Foxitsoftware | Code Injection vulnerability in Foxitsoftware Foxit Reader Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute arbitrary local programs via a certain "/Type /Action /S /Launch" sequence, and (2) execute arbitrary programs embedded in a PDF document via an unspecified "/Launch /Action" sequence, a related issue to CVE-2009-0836. | 9.3 |
| 2010-04-05 | CVE-2009-4764 | Adobe Microsoft | Code Injection vulnerability in Adobe Acrobat Reader Adobe Reader 8.x and 9.x on Windows is able to execute EXE files that are embedded in a PDF document, which makes it easier for remote attackers to trick users into executing arbitrary code via a crafted document. | 9.3 |
27 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2010-04-05 | CVE-2010-0178 | Mozilla | Code Injection vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL. | 7.6 |
| 2010-04-09 | CVE-2010-1344 | Cookex Joomla | SQL Injection vulnerability in Cookex COM Ckforms 1.3.3 SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter in a detail action to index.php. | 7.5 |
| 2010-04-09 | CVE-2010-1343 | Bjsintay | SQL Injection vulnerability in Bjsintay Sitex 0.7.4 SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter. | 7.5 |
| 2010-04-09 | CVE-2010-1341 | Systemsoftware | SQL Injection vulnerability in Systemsoftware Community Black Forum SQL injection vulnerability in index.php in Systemsoftware Community Black Forum allows remote attackers to execute arbitrary SQL commands via the s_flaeche parameter. | 7.5 |
| 2010-04-09 | CVE-2010-1338 | Robertotto Woltlab | SQL Injection vulnerability in Robertotto Teamsite Hack Plugin SQL injection vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in a modboard action. | 7.5 |
| 2010-04-09 | CVE-2010-1337 | Lussumo | Code Injection vulnerability in Lussumo Vanilla Multiple PHP remote file inclusion vulnerabilities in definitions.php in Lussumo Vanilla 1.1.10, and possibly 0.9.2 and other versions, allow remote attackers to execute arbitrary PHP code via a URL in the (1) include and (2) Configuration['LANGUAGE'] parameters. | 7.5 |
| 2010-04-09 | CVE-2010-1336 | Invohost | SQL Injection vulnerability in Invohost 3.4 Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) newlanguage parameters to site.php, (3) search parameter to manuals.php, and (4) unspecified vectors to faq.php. | 7.5 |
| 2010-04-09 | CVE-2010-1331 | Heartlogic | SQL Injection vulnerability in Heartlogic Hl-Sitemanager SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2010-04-08 | CVE-2010-1306 | Roberto Aloi Joomla | Path Traversal vulnerability in Roberto Aloi COM Joomlapicasa2 Directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. | 7.5 |
| 2010-04-07 | CVE-2010-1301 | Merethis | SQL Injection vulnerability in Merethis Centreon 2.1.5 SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the host_id parameter. | 7.5 |
| 2010-04-07 | CVE-2010-1300 | Yamamah | SQL Injection vulnerability in Yamamah 1.00 SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Album) 1.00 allows remote attackers to execute arbitrary SQL commands via the calbums parameter. | 7.5 |
| 2010-04-07 | CVE-2010-0400 | Mahara | SQL Injection vulnerability in Mahara 1.0.4 SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username. | 7.5 |
| 2010-04-06 | CVE-2010-1277 | Zabbix | SQL Injection vulnerability in Zabbix 1.8/1.8.1 SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the user parameter in JSON data to api_jsonrpc.php. | 7.5 |
| 2010-04-06 | CVE-2010-1272 | Komputer BOO | Code Injection vulnerability in Komputer.Boo Gnat-Tgp PHP remote file inclusion vulnerability in includes/tgpinc.php in Gnat-TGP 1.2.20 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. | 7.5 |
| 2010-04-06 | CVE-2010-1271 | Smart Plugs | SQL Injection vulnerability in Smart-Plugs Smartplugs 1.3 SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows remote attackers to execute arbitrary SQL commands via the domain parameter. | 7.5 |
| 2010-04-06 | CVE-2010-1270 | Phpscripte24 | SQL Injection vulnerability in PHPscripte24 Multi Suktions Komplett System 2 SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attackers to execute arbitrary SQL commands via the id_auk parameter. | 7.5 |
| 2010-04-06 | CVE-2010-1269 | Phpscripte24 | SQL Injection vulnerability in PHPscripte24 Niedrig Gebote PRO Auktions System II SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II allows remote attackers to execute arbitrary SQL commands via the id_auk parameter. | 7.5 |
| 2010-04-06 | CVE-2010-1266 | Kjetiltroan | Code Injection vulnerability in Kjetiltroan Webmaid CMS Multiple PHP remote file inclusion vulnerabilities in WebMaid CMS 0.2-6 Beta and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) template, (2) menu, (3) events, and (4) SITEROOT parameters to template/babyweb/index.php; the (5) modules and (6) copyright parameters to template/calm/footer.php; the (7) menu parameter to template/calm/top.php; and the (8) modules, (9) copyright, and (10) menu parameters to template/wm025/footer.php. | 7.5 |
| 2010-04-06 | CVE-2010-1265 | Ekith Joomla | SQL Injection vulnerability in Ekith COM DCS Flashgames 2.0 SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | 7.5 |
| 2010-04-05 | CVE-2010-1243 | IBM | Remote Security vulnerability in IBM Webi 1.0.2 The IBM Web Interface for Content Management (aka WEBi) before 1.0.4 creates persistent cookies on client workstations, which has unspecified impact and attack vectors. | 7.5 |
| 2010-04-05 | CVE-2007-6735 | Novell | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session. | 7.5 |
| 2010-04-05 | CVE-2005-4887 | Novell | Remote Security vulnerability in Netware FTP Server NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords. | 7.5 |
| 2010-04-05 | CVE-2003-1596 | Novell | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session. | 7.5 |
| 2010-04-05 | CVE-2003-1594 | Novell | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session. | 7.5 |
| 2010-04-05 | CVE-2003-1593 | Novell | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection. | 7.5 |
| 2010-04-05 | CVE-2000-1245 | Novell | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors. | 7.5 |
| 2010-04-06 | CVE-2010-1085 | Linux | Numeric Errors vulnerability in Linux Kernel The azx_position_ok function in hda_intel.c in Linux kernel 2.6.33-rc4 and earlier, when running on the AMD780V chip set, allows context-dependent attackers to cause a denial of service (crash) via unknown manipulations that trigger a divide-by-zero error. | 7.1 |
56 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2010-04-05 | CVE-2008-3279 | Mielke | Permissions, Privileges, and Access Controls vulnerability in Mielke Brltty 3.7.2 Untrusted search path vulnerability in libbrlttybba.so in brltty 3.7.2 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting. | 6.9 |
| 2010-04-09 | CVE-2010-1346 | Ribafs | SQL Injection vulnerability in Ribafs Mini CMS Ribafs 1.0 SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the login parameter. | 6.8 |
| 2010-04-09 | CVE-2010-1342 | Directnews | Code Injection vulnerability in Directnews Direct News 4.10.2 Multiple PHP remote file inclusion vulnerabilities in Direct News 4.10.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to (1) admin/menu.php and (2) library/lib.menu.php; and the adminroot parameter to (3) admin/media/update_content.php and (4) library/class.backup.php. | 6.8 |
| 2010-04-09 | CVE-2010-1335 | Miftahovn | Code Injection vulnerability in Miftahovn Insky CMS 0060111 Multiple PHP remote file inclusion vulnerabilities in Insky CMS 006-0111, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the ROOT parameter to (1) city.get/city.get.php, (2) city.get/index.php, (3) message2.send/message.send.php, (4) message.send/message.send.php, and (5) pages.add/pages.add.php in insky/modules/. | 6.8 |
| 2010-04-09 | CVE-2010-0992 | Pulsecms | Cross-Site Request Forgery (CSRF) vulnerability in Pulsecms Pulse CMS 1.2.2/1.2.3/1.3.2 Multiple cross-site request forgery (CSRF) vulnerabilities in Pulse CMS Basic 1.2.2 and 1.2.3, and possibly Pulse Pro before 1.3.2, allow remote attackers to hijack the authentication of users for requests that (1) upload image files, (2) delete image files, or (3) create blocks. | 6.8 |
| 2010-04-07 | CVE-2008-7254 | Ermenegildo Fiorito | Path Traversal vulnerability in Ermenegildo Fiorito Irmin CMS 0.5/0.6 Directory traversal vulnerability in includes/template-loader.php in Irmin CMS (formerly Pepsi CMS) 0.5 and 0.6 BETA2, when register_globals is enabled, allows remote attackers to include and execute arbitrary files via a .. | 6.8 |
| 2010-04-06 | CVE-2010-1268 | Fh54 | Path Traversal vulnerability in Fh54 Justvisual 2.0 Directory traversal vulnerability in index.php in justVisual CMS 2.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files directory traversal sequences in the p parameter. | 6.8 |
| 2010-04-05 | CVE-2010-1244 | Apache | Cross-Site Request Forgery (CSRF) vulnerability in Apache Activemq Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action. | 6.8 |
| 2010-04-05 | CVE-2009-2822 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple Airport Utility AirPort Utility before 5.5.1 for Apple AirPort Base Station does not properly distribute MAC address ACLs to network extenders, which allows remote attackers to bypass intended access restrictions via an 802.11 authentication frame. | 6.8 |
| 2010-04-07 | CVE-2010-0629 | MIT Fedoraproject Opensuse Suse Canonical | Use After Free vulnerability in multiple products Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number. | 6.5 |
| 2010-04-05 | CVE-2010-0625 | Novell | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Netware and Netware FTP Server Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command. | 6.5 |
| 2010-04-09 | CVE-2010-1334 | Pulsecms | Unspecified vulnerability in Pulsecms Pulse CMS 1.2.4 Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in an unspecified directory, a different vulnerability than CVE-2010-0993. | 6.0 |
| 2010-04-09 | CVE-2010-0993 | Pulsecms | Unspecified vulnerability in Pulsecms Pulse CMS 1.2.2/1.2.3/1.3.2 Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.2 and 1.2.3, and possibly Pulse Pro before 1.3.2, allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. | 6.0 |
| 2010-04-06 | CVE-2010-1147 | Roshan Singh | Buffer Errors vulnerability in Roshan Singh Open Direct Connect HUB 0.8.1 Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC Hub or OpenDCHub) 0.8.1 allows remote authenticated users to execute arbitrary code via a long MyINFO message. | 6.0 |
| 2010-04-05 | CVE-2010-0179 | Mozilla | Code Injection vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. | 5.1 |
| 2010-04-09 | CVE-2010-1345 | Cookex Joomla | Path Traversal vulnerability in Cookex COM Ckforms 1.3.3 Directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2010-04-09 | CVE-2010-1340 | Joomla Research Joomla | Path Traversal vulnerability in Joomla-Research COM Jresearch 1.1.4.1 Directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2010-04-08 | CVE-2010-1315 | Joomlamo Joomla | Path Traversal vulnerability in Joomlamo COM Weberpcustomer 1.2.1 Directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2010-04-08 | CVE-2010-1314 | Joomlanook Joomla | Path Traversal vulnerability in Joomlanook COM Hsconfig 1.5/2.0.9 Directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2010-04-08 | CVE-2010-1312 | Ijoomla Joomla | Path Traversal vulnerability in Ijoomla COM News Portal Directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2010-04-08 | CVE-2010-1310 | Opera | Information Exposure vulnerability in Opera Browser 10.50 Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, which cause Opera to return cached contents of other pages. | 5.0 |
| 2010-04-08 | CVE-2010-1309 | Ermenegildo Fiorito | Path Traversal vulnerability in Ermenegildo Fiorito Irmin CMS 0.6 Directory traversal vulnerability in Irmin CMS (formerly Pepsi CMS) 0.6 BETA2 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2010-04-08 | CVE-2010-1308 | LA Souris Verte Joomla | Path Traversal vulnerability in La-Souris-Verte COM Svmap 1.1.1 Directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2010-04-08 | CVE-2010-1307 | Software Realtyna Joomla | Path Traversal vulnerability in Software.Realtyna COM Joomlaupdater Directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2010-04-08 | CVE-2010-1305 | Joomlamo Joomla | Path Traversal vulnerability in Joomlamo COM Jinventory 1.23.02 Directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2010-04-08 | CVE-2010-1304 | Joomlamo Joomla | Path Traversal vulnerability in Joomlamo COM Userstatus 1.21.16 Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2010-04-07 | CVE-2010-1302 | Decryptweb Joomla | Path Traversal vulnerability in Decryptweb COM Dwgraphs 1.0 Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | 5.0 |
| 2010-04-07 | CVE-2010-1222 | CA | Improper Authentication vulnerability in CA products CA XOsoft r12.5 does not properly perform authentication, which allows remote attackers to obtain potentially sensitive information via a SOAP request. | 5.0 |
| 2010-04-07 | CVE-2010-1221 | CA | Improper Authentication vulnerability in CA products CA XOsoft r12.0 and r12.5 does not properly perform authentication, which allows remote attackers to enumerate usernames via a SOAP request. | 5.0 |
| 2010-04-06 | CVE-2010-0751 | Libnids Project Fedoraproject | Null Pointer Dereference vulnerability in multiple products The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets. | 5.0 |
| 2010-04-06 | CVE-2010-1267 | Kjetiltroan | Path Traversal vulnerability in Kjetiltroan Webmaid CMS Multiple directory traversal vulnerabilities in WebMaid CMS 0.2-6 Beta and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the com parameter to (1) cContactus.php, (2) cGuestbook.php, and (3) cArticle.php. | 5.0 |
| 2010-04-05 | CVE-2010-1238 | Moinmo | Permissions, Privileges, and Access Controls vulnerability in Moinmo Moinmoin 1.7.1 MoinMoin 1.7.1 allows remote attackers to bypass the textcha protection mechanism by modifying the textcha-question and textcha-answer fields to have empty values. | 5.0 |
| 2010-04-05 | CVE-2005-4888 | Novell | Denial-Of-Service vulnerability in Novell NetWare NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed. | 5.0 |
| 2010-04-05 | CVE-2003-1592 | Novell | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Netware and Netware FTP Server Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password. | 5.0 |
| 2010-04-05 | CVE-2002-2434 | Novell | Denial-Of-Service vulnerability in Netware NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions. | 5.0 |
| 2010-04-05 | CVE-2002-2432 | Novell | Denial-Of-Service vulnerability in Netware FTP Server Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username. | 5.0 |
| 2010-04-05 | CVE-2001-1587 | Novell | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Netware NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command. | 5.0 |
| 2010-04-06 | CVE-2010-1083 | Linux | Resource Management Errors vulnerability in Linux Kernel The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensitive information (kernel memory). | 4.7 |
| 2010-04-05 | CVE-2010-0825 | GNU | Permissions, Privileges, and Access Controls vulnerability in GNU Emacs lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks. | 4.4 |
| 2010-04-09 | CVE-2010-1339 | Robertotto Woltlab | Cross-Site Scripting vulnerability in Robertotto Teamsite Hack Plugin Cross-site scripting (XSS) vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to inject arbitrary web script or HTML via the userid parameter in a modboard action, which is not properly handled in a forced SQL error message. | 4.3 |
| 2010-04-09 | CVE-2010-1333 | Almas | Cross-Site Scripting vulnerability in Almas Compiere J253Ba02/J300A01/J300A02 Multiple cross-site scripting (XSS) vulnerabilities in Almas Inc. | 4.3 |
| 2010-04-09 | CVE-2010-1332 | Prettybook | Cross-Site Scripting vulnerability in Prettybook Prettyformmail Cross-site scripting (XSS) vulnerability in PrettyBook PrettyFormMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-04-08 | CVE-2010-1313 | Seber Joomla | Path Traversal vulnerability in Seber COM Sebercart 1.0.0.12/1.0.0.13 Directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. | 4.3 |
| 2010-04-07 | CVE-2010-1186 | Alex Rabe Wordpress | Cross-Site Scripting vulnerability in Alex Rabe Nextgen Gallery Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter. | 4.3 |
| 2010-04-06 | CVE-2010-1276 | Bbsxp | Cross-Site Scripting vulnerability in Bbsxp 2008 Multiple cross-site scripting (XSS) vulnerabilities in BBSXP 2008 SP2 allow remote attackers to inject arbitrary web script or HTML via the URI in a request to (1) AddPost.asp, (2) AddTopic.asp, (3) Admin_Default.asp, (4) Bank.asp, (5) Manage.asp, and (6) ShowPost.asp. | 4.3 |
| 2010-04-06 | CVE-2010-1275 | Bbsxp | Cross-Site Scripting vulnerability in Bbsxp 2008 Cross-site scripting (XSS) vulnerability in ShowPost.asp in BBSXP 2008 allows remote attackers to inject arbitrary web script or HTML via the ThreadID parameter. | 4.3 |
| 2010-04-06 | CVE-2010-1274 | Webtoolkit | Cross-Site Scripting vulnerability in Webtoolkit WT Cross-site scripting (XSS) vulnerability in Emweb Wt before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to "insertions of the URL" that occur during a redirection. | 4.3 |
| 2010-04-05 | CVE-2010-0182 | Mozilla | Improper Input Validation vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content. | 4.3 |
| 2010-04-05 | CVE-2010-0181 | Mozilla | Improper Input Validation vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images. | 4.3 |
| 2010-04-05 | CVE-2010-0009 | Apache | Information Exposure vulnerability in Apache Couchdb Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify (1) hashes or (2) passwords. | 4.3 |
| 2010-04-05 | CVE-2010-1242 | IBM | Cross-Site Scripting vulnerability in IBM Webi 1.0.2 Multiple cross-site scripting (XSS) vulnerabilities in the IBM Web Interface for Content Management (aka WEBi) before 1.0.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-04-05 | CVE-2004-2767 | Novell | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session. | 4.3 |
| 2010-04-05 | CVE-2003-1591 | Novell | Denial-Of-Service vulnerability in Novell Netware 6.0/6.5 NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assisted remote attackers to cause a denial of service (console hang) via a large number of FTP sessions, which are not properly handled during an NLM unload. | 4.3 |
| 2010-04-06 | CVE-2010-1298 | Pulsecms | Path Traversal vulnerability in Pulsecms Pulse CMS 1.2.2 Directory traversal vulnerability in view.php in Pulse CMS 1.2.2 allows remote attackers to read arbitrary files via directory traversal sequences in the f parameter. | 4.0 |
| 2010-04-05 | CVE-2007-6734 | Novell | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors. | 4.0 |
| 2010-04-05 | CVE-2002-2433 | Novell | Improper Input Validation vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command. | 4.0 |
6 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2010-04-05 | CVE-2010-0684 | Apache | Cross-Site Scripting vulnerability in Apache Activemq Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action. | 3.5 |
| 2010-04-05 | CVE-2010-0828 | Moinmo | Cross-Site Scripting vulnerability in Moinmo Moinmoin 1.8.7/1.9.2 Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI. | 3.5 |
| 2010-04-05 | CVE-2000-1246 | Novell | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command. | 3.5 |
| 2010-04-08 | CVE-2010-1303 | JIM Berry Drupal | Cross-Site Scripting vulnerability in JIM Berry Taxonomy Filter 6.X1.0/6.X1.Xdev Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Filter module 6.x before 6.x-1.1 for Drupal allow remote authenticated users, with administer taxonomy permissions or create node permissions when free tagging is enabled, to inject arbitrary web script or HTML via vocabulary (1) names, (2) terms, and (3) filter menus. | 2.1 |
| 2010-04-06 | CVE-2010-0750 | Freedesktop | Information Exposure vulnerability in Freedesktop Policykit 0.96 pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users to determine the existence of arbitrary files via the argument. | 2.1 |
| 2010-04-05 | CVE-2010-0826 | Piotr Roszatycki | Information Exposure vulnerability in Piotr Roszatycki Libnss-Db 2.2.3 The Free Software Foundation (FSF) Berkeley DB NSS module (aka libnss-db) 2.2.3pre1 reads the DB_CONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module. | 1.9 |