Weekly Vulnerabilities Reports > April 12 to 18, 2010

Overview

151 new vulnerabilities reported during this period, including 36 critical vulnerabilities and 29 high severity vulnerabilities. This weekly summary report vulnerabilities in 108 products from 53 vendors including Oracle, Microsoft, Adobe, Apple, and Vmware. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", "SQL Injection", "Cross-site Scripting", and "Permissions, Privileges, and Access Controls".

  • 127 reported vulnerabilities are remotely exploitables.
  • 19 reported vulnerabilities have public exploit available.
  • 30 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 132 reported vulnerabilities are exploitable by an anonymous user.
  • Oracle has the most reported vulnerabilities, with 46 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 26 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

36 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2010-04-16 CVE-2010-1462 Webasyst LLC Path Traversal vulnerability in Webasyst LLC Shop-Script

Directory traversal vulnerability in WebAsyst Shop-Script FREE has unknown impact and attack vectors via the sub parameter.

10.0
2010-04-14 CVE-2010-0073 Oracle Unspecified vulnerability in Oracle Weblogic Server and Weblogic Server Component

Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Server 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, and 10.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-04-14 CVE-2010-0477 Microsoft Resource Management Errors vulnerability in Microsoft Windows 7 and Windows Server 2008

The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly handle (1) SMBv1 and (2) SMBv2 response packets, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted packet that causes the client to read the entirety of the response, and then improperly interact with the Winsock Kernel (WSK), aka "SMB Client Message Size Vulnerability."

10.0
2010-04-14 CVE-2010-0476 Microsoft Resource Management Errors vulnerability in Microsoft products

The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reboot) via a crafted SMB transaction response that uses (1) SMBv1 or (2) SMBv2, aka "SMB Client Response Parsing Vulnerability."

10.0
2010-04-14 CVE-2010-0270 Microsoft Improper Input Validation vulnerability in Microsoft Windows 7 and Windows Server 2008

The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate fields in SMB transaction responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reboot) via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Transaction Vulnerability."

10.0
2010-04-14 CVE-2010-0269 Microsoft Resource Management Errors vulnerability in Microsoft products

The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for SMB responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Memory Allocation Vulnerability."

10.0
2010-04-13 CVE-2010-0888 Oracle Remote Device Services vulnerability in Oracle SUN products Suite 4.0/4.1/4.2

Unspecified vulnerability in the Sun Ray Server Software component in Oracle Sun Product Suite 4.0, 4.1, and 4.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Device Services.

10.0
2010-04-13 CVE-2010-1356 Vsecurity Remote Security vulnerability in Tandberg Video Communication Server

Unspecified vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to execute arbitrary code via unknown vectors, aka Reference ID 69773.

10.0
2010-04-13 CVE-2009-4509 Vsecurity Code Injection vulnerability in Vsecurity Tandberg Video Communication Server

The administrative web console on the TANDBERG Video Communication Server (VCS) before X4.3 uses predictable session cookies in (1) tandberg/web/lib/secure.php and (2) tandberg/web/user/lib/secure.php, which makes it easier for remote attackers to bypass authentication, and execute arbitrary code by loading a custom software update, via a crafted "Cookie: tandberg_login=" HTTP header.

10.0
2010-04-12 CVE-2010-1349 Opera
Microsoft
Numeric Errors vulnerability in Opera Browser 10.10/10.50

Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow.

10.0
2010-04-12 CVE-2009-3732 Vmware USE of Externally-Controlled Format String vulnerability in VMWare Vmrc

Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors.

10.0
2010-04-16 CVE-2010-1465 Trellian Buffer Errors vulnerability in Trellian FTP 3.01/3.1.3.1789

Stack-based buffer overflow in Trellian FTP client 3.01, including 3.1.3.1789, allows remote attackers to execute arbitrary code via a long PASV response.

9.3
2010-04-15 CVE-2010-1424 Justsystems Remote Security vulnerability in Ichitaro

Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file.

9.3
2010-04-15 CVE-2010-1423 Oracle OS Command Injection vulnerability in Oracle JDK and JRE

Argument injection vulnerability in the URI handler in (a) Java NPAPI plugin and (b) Java Deployment Toolkit in Java 6 Update 10, 19, and other versions, when running on Windows and possibly on Linux, allows remote attackers to execute arbitrary code via the (1) -J or (2) -XXaltjvm argument to javaws.exe, which is processed by the launch method.

9.3
2010-04-15 CVE-2010-0589 Cisco Improper Input Validation vulnerability in Cisco Secure Desktop

The Web Install ActiveX control (CSDWebInstaller) in Cisco Secure Desktop (CSD) before 3.5.841 does not properly verify the signatures of downloaded programs, which allows remote attackers to force the download and execution of arbitrary files via a crafted web page, aka Bug ID CSCta25876.

9.3
2010-04-14 CVE-2010-0487 Microsoft Improper Input Validation vulnerability in Microsoft products

The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows remote attackers to execute arbitrary code via a modified cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "Cabview Corruption Validation Vulnerability."

9.3
2010-04-14 CVE-2010-0486 Microsoft Improper Input Validation vulnerability in Microsoft products

The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows user-assisted remote attackers to execute arbitrary code via a modified (1) Portable Executable (PE) or (2) cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "WinVerifyTrust Signature Validation Vulnerability."

9.3
2010-04-14 CVE-2010-0480 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products

Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability."

9.3
2010-04-14 CVE-2010-0479 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Publisher 2002/2003/2007

Buffer overflow in Microsoft Office Publisher 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability."

9.3
2010-04-14 CVE-2010-0478 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Windows 2000

Stack-based buffer overflow in nsum.exe in the Windows Media Unicast Service in Media Services for Microsoft Windows 2000 Server SP4 allows remote attackers to execute arbitrary code via crafted packets associated with transport information, aka "Media Services Stack-based Buffer Overflow Vulnerability."

9.3
2010-04-14 CVE-2010-0268 Microsoft Unspecified vulnerability in Microsoft Windows 2000, Windows Media Player and Windows XP

Unspecified vulnerability in the Windows Media Player ActiveX control in Windows Media Player (WMP) 9 on Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted media content, aka "Media Player Remote Code Execution Vulnerability."

9.3
2010-04-14 CVE-2010-0204 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0201.

9.3
2010-04-14 CVE-2010-0203 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0202.

9.3
2010-04-14 CVE-2010-0202 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0203.

9.3
2010-04-14 CVE-2010-0201 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0204.

9.3
2010-04-14 CVE-2010-0199 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0202, and CVE-2010-0203.

9.3
2010-04-14 CVE-2010-0198 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0199, CVE-2010-0202, and CVE-2010-0203.

9.3
2010-04-14 CVE-2010-0197 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0201, and CVE-2010-0204.

9.3
2010-04-14 CVE-2010-0196 Adobe
Apple
Microsoft
Remote vulnerability in RETIRED: Adobe Acrobat and Reader April 2010

Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0193.

9.3
2010-04-14 CVE-2010-0195 Adobe
Apple
Microsoft
Code Injection vulnerability in Adobe Acrobat and Acrobat Reader

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, do not properly handle fonts, which allows attackers to execute arbitrary code via unspecified vectors.

9.3
2010-04-14 CVE-2010-0194 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0197, CVE-2010-0201, and CVE-2010-0204.

9.3
2010-04-14 CVE-2010-0193 Adobe
Apple
Microsoft
Denial of Service vulnerability in Adobe Acrobat and Reader

Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0196.

9.3
2010-04-14 CVE-2010-0192 Adobe
Apple
Microsoft
Denial of Service vulnerability in Adobe Acrobat and Reader

Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0193 and CVE-2010-0196.

9.3
2010-04-14 CVE-2010-0191 Adobe
Apple
Microsoft
Code Injection vulnerability in Adobe Acrobat and Acrobat Reader

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."

9.3
2010-04-12 CVE-2009-1565 Vmware
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare products

vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted HexTile-encoded video chunks that trigger heap-based buffer overflows, related to "integer truncation errors."

9.3
2010-04-12 CVE-2009-1564 Vmware
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare products

Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding.

9.3

29 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2010-04-13 CVE-2009-4510 Vsecurity Cryptographic Issues vulnerability in Vsecurity Tandberg Video Communication Server

The SSH service on the TANDBERG Video Communication Server (VCS) before X5.1 uses a fixed DSA key, which makes it easier for remote attackers to conduct man-in-the-middle attacks and spoof arbitrary servers via crafted SSH packets.

8.5
2010-04-12 CVE-2010-1142 Vmware
Microsoft
Permissions, Privileges, and Access Controls vulnerability in VMWare products

VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk.

8.5
2010-04-12 CVE-2010-1141 Vmware
Microsoft
Permissions, Privileges, and Access Controls vulnerability in VMWare products

VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share.

8.5
2010-04-15 CVE-2010-1329 Imperva
Crossbeamsystems
Unspecified vulnerability in Imperva products

Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation.

7.8
2010-04-12 CVE-2010-0741 Linux
KVM Qumranet
Qemu
Improper Input Validation vulnerability in Linux Kernel

The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service (guest OS crash, and an associated qemu-kvm process exit) by sending a large amount of network traffic to a TCP port on the guest OS, related to a virtio-net whitelist that includes an improper implementation of TCP Segment Offloading (TSO).

7.8
2010-04-14 CVE-2010-0256 Microsoft Code Injection vulnerability in Microsoft Visio 2002/2003/2007

Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly calculate unspecified indexes associated with Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Index Calculation Memory Corruption Vulnerability." Per: http://www.microsoft.com/technet/security/Bulletin/MS10-028.mspx 'Users of Microsoft Office Visio 2002 and later versions of Visio will be prompted with Open, Save, or Cancel before opening a document.

7.6
2010-04-14 CVE-2010-0254 Microsoft Code Injection vulnerability in Microsoft Visio 2002/2003/2007

Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Attribute Validation Memory Corruption Vulnerability." Per: http://www.microsoft.com/technet/security/Bulletin/MS10-028.mspx 'Users of Microsoft Office Visio 2002 and later versions of Visio will be prompted with Open, Save, or Cancel before opening a document.

7.6
2010-04-16 CVE-2010-1467 Francois Raynaud Code Injection vulnerability in Francois Raynaud Openurgence Vaccin 1.03

Multiple PHP remote file inclusion vulnerabilities in openUrgence Vaccin 1.03 allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) collectivite.class.php, (2) injection.class.php, (3) utilisateur.class.php, (4) droit.class.php, (5) laboratoire.class.php, (6) vaccin.class.php, (7) effetsecondaire.class.php, (8) medecin.class.php, (9) individu.class.php, and (10) profil.class.php in gen/obj/.

7.5
2010-04-16 CVE-2010-1463 Webasyst LLC SQL Injection vulnerability in Webasyst LLC Shop-Script

Multiple SQL injection vulnerabilities in WebAsyst Shop-Script FREE allow attackers to execute arbitrary SQL commands via the (1) add2cart, (2) c_id, (3) categoryID, (4) list_price, (5) name, (6) new_offer, (7) price, (8) product_code, (9) productID, (10) rating, and (11) save_product parameters.

7.5
2010-04-15 CVE-2010-1426 Modxcms SQL Injection vulnerability in Modxcms

SQL injection vulnerability in MODx Evolution before 1.0.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors related to WebLogin.

7.5
2010-04-13 CVE-2010-0897 Oracle Remote vulnerability in Oracle Sun Java System Directory Server

Unspecified vulnerability in the Sun Java System Directory Server component in Oracle Sun Product Suite 5.2, 6.0, 6.1, 6.2, 6.3, and 6.3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Directory Service Markup Language.

7.5
2010-04-13 CVE-2010-0853 Oracle Oracle Internet Directory Remote vulnerability in Oracle Fusion Middleware

Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8, 9.2.0.8, and DV; and Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5
2010-04-13 CVE-2010-1372 Hdflvplayer
Joomla
SQL Injection vulnerability in Hdflvplayer COM Hdflvplayer 1.3

SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

7.5
2010-04-13 CVE-2010-1370 Preprojects SQL Injection vulnerability in Preprojects PRE Classified Listings ASP

SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter.

7.5
2010-04-13 CVE-2010-1369 Preprojects SQL Injection vulnerability in Preprojects PRE Classified Listings ASP

SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the email parameter.

7.5
2010-04-13 CVE-2010-1368 Gamescript SQL Injection vulnerability in Gamescript 3.0

SQL injection vulnerability in index.php in GameScript (GS) 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a category action.

7.5
2010-04-13 CVE-2010-1366 Uiga SQL Injection vulnerability in Uiga FAN Club 1.0

Multiple SQL injection vulnerabilities in admin/admin_login.php in Uiga Fan Club 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin_name and (2) admin_password parameters.

7.5
2010-04-13 CVE-2010-1365 Uiga SQL Injection vulnerability in Uiga FAN Club 1.0

SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action.

7.5
2010-04-13 CVE-2010-1364 Uiga SQL Injection vulnerability in Uiga Personal Portal

SQL injection vulnerability in index.php in Uiga Personal Portal, as downloaded on 20100301, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action.

7.5
2010-04-13 CVE-2010-1363 Extremejoomla
Joomla
SQL Injection vulnerability in Extremejoomla COM J-Projects

SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php.

7.5
2010-04-13 CVE-2010-1360 Boesch IT Code Injection vulnerability in Boesch-It Faqengine 4.24.00

Multiple PHP remote file inclusion vulnerabilities in FAQEngine 4.24.00 allow remote attackers to execute arbitrary PHP code via a URL in the path_faqe parameter to (1) attachs.php, (2) backup.php, (3) badwords.php, (4) categories.php, (5) changepw.php, (6) colorchooser.php, (7) colorwheel.php, (8) dbfiles.php, (9) diraccess.php, (10) faq.php, (11) index.php, (12) kb.php, and (13) stats.php.

7.5
2010-04-12 CVE-2010-1350 Joomlaprojects
Joomla
SQL Injection vulnerability in Joomlaprojects COM JP Jobs 1.3.0/1.3.1

SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php.

7.5
2010-04-12 CVE-2010-1348 IBM Security vulnerability in IBM WebSphere Portal Login

Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors.

7.5
2010-04-14 CVE-2010-0236 Microsoft Resource Management Errors vulnerability in Microsoft products

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not properly allocate memory for the destination key associated with a symbolic-link registry key, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Allocation Vulnerability."

7.2
2010-04-13 CVE-2010-0882 Oracle Local Trusted Extensions vulnerability in Oracle Opensolaris and SUN products Suite

Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_134 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Trusted Extensions.

7.2
2010-04-12 CVE-2010-1139 Vmware
Linux
USE of Externally-Controlled Format String vulnerability in VMWare products

Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata.

7.2
2010-04-12 CVE-2010-1347 IBM
Linux
Permissions, Privileges, and Access Controls vulnerability in IBM Director Agent 6.1/6.1.2

Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts.

7.2
2010-04-13 CVE-2010-0896 Oracle Remote Address Book/Mail Filter vulnerability in Oracle SUN products Suite 1.0

Unspecified vulnerability in the Sun Convergence component in Oracle Sun Product Suite 1.0 allows remote attackers to affect confidentiality via unknown vectors related to Address Book and Mail Filter.

7.1
2010-04-13 CVE-2010-0860 Oracle Remote Core RDBMS vulnerability in Oracle Database

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to the Create User privilege.

7.1

73 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2010-04-16 CVE-2010-1163 Todd Miller Improper Input Validation vulnerability in Todd Miller Sudo

The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426.

6.9
2010-04-15 CVE-2010-0436 KDE Race Condition vulnerability in KDE SC

Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm.

6.9
2010-04-14 CVE-2010-0237 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows 2000 and Windows XP

The kernel in Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows local users to gain privileges by creating a symbolic link from an untrusted registry hive to a trusted registry hive, aka "Windows Kernel Symbolic Link Creation Vulnerability."

6.9
2010-04-12 CVE-2010-1146 Linux Permissions, Privileges, and Access Controls vulnerability in Linux Kernel

The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.

6.9
2010-04-12 CVE-2010-1140 Vmware
Microsoft
Permissions, Privileges, and Access Controls vulnerability in VMWare Player and Workstation

The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk.

6.9
2010-04-16 CVE-2010-1466 Francois Raynaud Path Traversal vulnerability in Francois Raynaud Openurgence Vaccin 1.03

Directory traversal vulnerability in scr/soustab.php in openUrgence Vaccin 1.03 allows remote attackers to read arbitrary files via the dsn[phptype] parameter.

6.8
2010-04-16 CVE-2010-1155 Irssi Improper Input Validation vulnerability in Irssi

Irssi before 0.8.15, when SSL is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field or a Subject Alternative Name field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IRC servers via an arbitrary certificate.

6.8
2010-04-16 CVE-2010-0739 TUG Numeric Errors vulnerability in TUG Tetex and TEX Live

Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow.

6.8
2010-04-15 CVE-2010-0994 Visualizationlibrary Buffer Errors vulnerability in Visualizationlibrary Visualization Library 2009.08.812

Multiple buffer overflows in src/vl/vlDAT.cpp in Visualization Library 2009.08.812 allow user-assisted remote attackers to execute arbitrary code via a crafted DAT file, related to the (1) vl::loadDAT and (2) vl::isDAT functions.

6.8
2010-04-13 CVE-2010-0885 Oracle Remote Address Book vulnerability in Oracle Sun Java System Communications Express

Unspecified vulnerability in the Sun Java System Communications Express component in Oracle Sun Product Suite 6 2005Q4 (6.2) and and 6.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Address Book.

6.8
2010-04-13 CVE-2010-1359 Bluegate
XT Commerce
SQL Injection vulnerability in Bluegate Direct URL

SQL injection vulnerability in bluegate_seo.inc.php in the Direct URL module for xt:Commerce, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the coID parameter.

6.8
2010-04-12 CVE-2010-1351 Nodesforum Code Injection vulnerability in Nodesforum 1.033/1.045

Multiple PHP remote file inclusion vulnerabilities in Nodesforum 1.033 and 1.045, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _nodesforum_path_from_here_to_nodesforum_folder parameter to erase_user_data.php and the (2) _nodesforum_code_path parameter to pre_output.php.

6.8
2010-04-13 CVE-2010-0866 Oracle Remote JavaVM vulnerability in Oracle Database

Unspecified vulnerability in the JavaVM component in Oracle Database 11.1.0.7 and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

6.5
2010-04-14 CVE-2010-0812 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to bypass intended IPv4 source-address restrictions via a mismatched IPv6 source address in a tunneled ISATAP packet, aka "ISATAP IPv6 Source Address Spoofing Vulnerability."

6.4
2010-04-13 CVE-2010-0859 Oracle Remote Oracle Application Object Library vulnerability in Oracle E-Business Suite 11.5.10.2

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 ATG RUP6 allows remote attackers to affect confidentiality and integrity via unknown vectors.

6.4
2010-04-13 CVE-2010-0894 Oracle Remote vulnerability in Oracle Opensso Enterprise and SUN products Suite

Unspecified vulnerability in the Sun Java System Access Manager component in Oracle Sun Product Suite 7.1, 7 2005Q4, and OpenSSO Enterprise 8.0 allows remote attackers to affect confidentiality and integrity via unknown vectors.

5.8
2010-04-13 CVE-2010-0891 Oracle Remote vulnerability in Oracle SUN products Suite 3.6.1/4.0

Unspecified vulnerability in the Sun Management Center component in Oracle Sun Product Suite 3.6.1 and 4.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Solaris Container Manager.

5.8
2010-04-13 CVE-2010-0868 Oracle Oracle iStore Remote vulnerability in Oracle E-Business Suite 11.5.10.2/12.0.6/12.1.2

Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect confidentiality and integrity via unknown vectors.

5.8
2010-04-13 CVE-2010-0852 Oracle Remote XML DB vulnerability in Oracle Database

Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5
2010-04-16 CVE-2010-1461 Gogoritas
Joomla
Path Traversal vulnerability in Gogoritas COM Photobattle 1.0.1

Directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php.

5.0
2010-04-16 CVE-2010-1460 IBM Resource Management Errors vulnerability in IBM Advanced Management Module

The IBM BladeCenter with Advanced Management Module (AMM) firmware before bpet50g does not properly perform interrupt sharing for USB and iSCSI, which allows remote attackers to cause a denial of service (management module reboot) via TCP packets with malformed application data.

5.0
2010-04-15 CVE-2010-1425 F Secure Denial-Of-Service vulnerability in F-Secure Anti-Virus

F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection.

5.0
2010-04-14 CVE-2010-1316 Tembria Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Tembria Server Monitor

Multiple stack-based buffer overflows in Tembria Server Monitor before 5.6.1 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted (1) GET, (2) PUT, or (3) HEAD request, as demonstrated by a malformed GET request containing a long PATH_INFO to index.asp.

5.0
2010-04-14 CVE-2010-0025 Microsoft Information Exposure vulnerability in Microsoft products

The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2000 SP3, does not properly allocate memory for SMTP command replies, which allows remote attackers to read fragments of e-mail messages by sending a series of invalid commands and then sending a STARTTLS command, aka "SMTP Memory Allocation Vulnerability."

5.0
2010-04-14 CVE-2010-0024 Microsoft Improper Input Validation vulnerability in Microsoft products

The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2003 SP2, does not properly parse MX records, which allows remote DNS servers to cause a denial of service (service outage) via a crafted response to a DNS MX record query, aka "SMTP Server MX Record Vulnerability."

5.0
2010-04-13 CVE-2010-0877 Oracle PeopleTools vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne

Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.26 and 8.50.07 allows remote attackers to affect integrity via unknown vectors.

5.0
2010-04-13 CVE-2010-0872 Oracle Remote Oracle Internet Directory vulnerability in Oracle Fusion Middleware 10.1.2.3/10.1.4.3

Unspecified vulnerability in the Oracle Internet Directory component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3 allows remote attackers to affect availability via unknown vectors.

5.0
2010-04-13 CVE-2010-0861 Oracle Oracle HRMS (Self Service) Remote vulnerability in Oracle E-Business Suite 11.5.10.2/12.0.6/12.1.2

Unspecified vulnerability in the Oracle HRMS (Self Service) component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect confidentiality via unknown vectors.

5.0
2010-04-13 CVE-2010-0856 Oracle Remote Portal vulnerability in Oracle Fusion Middleware 10.1.2.3/10.1.4.2

Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.2 allows remote attackers to affect availability via unknown vectors.

5.0
2010-04-13 CVE-2009-4766 Yasirpro Permissions, Privileges, and Access Controls vulnerability in Yasirpro Ms-Pro Portal Scripti 1.0/1.2

YP Portal MS-Pro Surumu (aka MS-Pro Portal Scripti) 1.0 and 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for galeri/database/db.mdb.

5.0
2010-04-13 CVE-2009-4765 CNR Somee Permissions, Privileges, and Access Controls vulnerability in Cnr.Somee Hikaye Portal 2.0

CNR Hikaye Portal 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/hikaye.mdb.

5.0
2010-04-12 CVE-2010-1354 Ternaria
Joomla
Path Traversal vulnerability in Ternaria COM Vjdeo 1.0/1.0.1

Directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a ..

5.0
2010-04-12 CVE-2010-1353 Wowjoomla
Joomla
Path Traversal vulnerability in Wowjoomla COM Loginbox

Directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a ..

5.0
2010-04-12 CVE-2010-1352 Jooforge
Joomla
Path Traversal vulnerability in Jooforge COM Jukebox 1.0/1.7

Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a ..

5.0
2010-04-12 CVE-2010-1152 Memcachedb Improper Input Validation vulnerability in Memcachedb Memcached

memcached.c in memcached before 1.4.3 allows remote attackers to cause a denial of service (daemon hang or crash) via a long line that triggers excessive memory allocation.

5.0
2010-04-12 CVE-2010-1138 Vmware
Microsoft
Information Exposure vulnerability in VMWare products

The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process.

5.0
2010-04-14 CVE-2010-0238 Microsoft Improper Input Validation vulnerability in Microsoft products

Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Registry Key Vulnerability."

4.9
2010-04-13 CVE-2010-0889 Oracle Local Information Disclosure vulnerability in Oracle Opensolaris Snv128

Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite OpenSolaris snv_68 through snv_128 allows local users to affect confidentiality via unknown vectors related to the Kernel.

4.9
2010-04-14 CVE-2010-0810 Microsoft Unspecified vulnerability in Microsoft Windows Server 2008 and Windows Vista

The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, does not properly handle unspecified exceptions, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability."

4.7
2010-04-14 CVE-2010-0482 Microsoft Improper Input Validation vulnerability in Microsoft Windows 7 and Windows Server 2008

The kernel in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate relocation sections of image files, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kernel Malformed Image Vulnerability."

4.7
2010-04-14 CVE-2010-0481 Microsoft Unspecified vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista

The kernel in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly translate a registry key's virtual path to its real path, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Virtual Path Parsing Vulnerability."

4.7
2010-04-14 CVE-2010-0235 Microsoft Improper Input Validation vulnerability in Microsoft products

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not perform the expected validation before creating a symbolic link, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Symbolic Link Value Vulnerability."

4.7
2010-04-14 CVE-2010-0234 Microsoft Improper Input Validation vulnerability in Microsoft products

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate a registry-key argument to an unspecified system call, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Null Pointer Vulnerability."

4.7
2010-04-12 CVE-2010-1148 Linux Null Pointer Dereference vulnerability in Linux Kernel

The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a NULL nameidata (aka nd) field in a POSIX file-creation request to a server that supports UNIX extensions.

4.7
2010-04-16 CVE-2010-1464 Webasyst Cross-Site Scripting vulnerability in Webasyst Shop-Script

Multiple cross-site scripting (XSS) vulnerabilities in WebAsyst Shop-Script FREE allow remote attackers to inject arbitrary web script or HTML via the (1) currency_id_left, (2) currency_id_right, (3) darkcolor, (4) lightcolor, (5) middlecolor, and (6) w parameters.

4.3
2010-04-16 CVE-2010-1156 Irssi Unspecified vulnerability in Irssi

core/nicklist.c in Irssi before 0.8.15 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an attempted fuzzy nick match at the instant that a victim leaves a channel.

4.3
2010-04-15 CVE-2010-1427 Modxcms Cross-Site Scripting vulnerability in Modxcms Evolution

Cross-site scripting (XSS) vulnerability in the SearchHighlight plugin in MODx Evolution before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to AjaxSearch.

4.3
2010-04-15 CVE-2010-0432 Apache Cross-Site Scripting vulnerability in Apache Ofbiz 09.04/9.04

Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open For Business Project (aka OFBiz) 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via (1) the productStoreId parameter to control/exportProductListing, (2) the partyId parameter to partymgr/control/viewprofile (aka partymgr/control/login), (3) the start parameter to myportal/control/showPortalPage, (4) an invalid URI beginning with /facility/control/ReceiveReturn (aka /crmsfa/control/ReceiveReturn or /cms/control/ReceiveReturn), (5) the contentId parameter (aka the entityName variable) to ecommerce/control/ViewBlogArticle, (6) the entityName parameter to webtools/control/FindGeneric, or the (7) subject or (8) content parameter to an unspecified component under ecommerce/control/contactus.

4.3
2010-04-14 CVE-2010-0881 Oracle Remote User Interface Components vulnerability in Oracle Collaboration Suite 10.1.2.4

Unspecified vulnerability in the User Interface Components in Oracle Collaboration Suite 10.1.2.4 allows remote attackers to affect integrity via unknown vectors.

4.3
2010-04-14 CVE-2010-0190 Adobe
Apple
Microsoft
Cross-Site Scripting vulnerability in Adobe Acrobat and Acrobat Reader

Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2010-04-13 CVE-2010-0893 Oracle Remote vulnerability in Oracle SUN products Suite 1.0

Unspecified vulnerability in the Sun Convergence component in Oracle Sun Product Suite 1.0 allows remote attackers to affect confidentiality via unknown vectors related to Mail.

4.3
2010-04-13 CVE-2010-0876 Oracle Remote vulnerability in Oracle Life Sciences Industry Suite 4.5.3/4.6

Unspecified vulnerability in the Life Sciences - Oracle Clinical Remote Data Capture Option component in Oracle Industry Product Suite 4.5.3 and 4.6 allows remote attackers to affect integrity, related to RDC Onsite.

4.3
2010-04-13 CVE-2010-0875 Oracle Remote Thesaurus Management System vulnerability in Oracle Industry Product Suite 4.5.2/4.6/4.6.1

Unspecified vulnerability in the Life Sciences - Oracle Thesaurus Management System component in Oracle Industry Product Suite 4.5.2, 4.6, and 4.6.1 allows remote attackers to affect integrity, related to TMS Browser.

4.3
2010-04-13 CVE-2010-0874 Oracle Remote vulnerability in Oracle Industry Product Suite 7.1

Unspecified vulnerability in the Communications - Oracle Communications Unified Inventory Management component in Oracle Industry Product Suite 7.1 allows remote attackers to affect integrity via unknown vectors.

4.3
2010-04-13 CVE-2010-0871 Oracle Oracle Application Object Library Remote vulnerability in Oracle E-Business Suite 11.5.10.2/12.0.6/12.1.2

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect integrity via unknown vectors.

4.3
2010-04-13 CVE-2010-0869 Oracle Oracle Transportation Management Remote vulnerability in Oracle E-Business Suite 5.5.05.07/5.5.06.00/6.0.03

Unspecified vulnerability in the Oracle Transportation Management component in Oracle E-Business Suite 5.5.05.07, 5.5.06.00, and 6.0.03 allows remote attackers to affect confidentiality via unknown vectors.

4.3
2010-04-13 CVE-2010-0865 Oracle Oracle Agile Engineering Data Management Remote vulnerability in Oracle E-Business Suite 6.1.1.0

Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle E-Business Suite 6.1.1.0 allows remote attackers to affect confidentiality via unknown vectors.

4.3
2010-04-13 CVE-2010-0864 Oracle Remote Retail Place In-Season vulnerability in Oracle Industry Product Suite 12.2

Unspecified vulnerability in the Retail - Oracle Retail Place In-Season component in Oracle Industry Product Suite 12.2 allows remote attackers to affect integrity via unknown vectors related to Online Help.

4.3
2010-04-13 CVE-2010-0863 Oracle Oracle Retail Plan In-Season vulnerability in Oracle Industry Product Suite 12.2

Unspecified vulnerability in the Retail - Oracle Retail Plan In-Season component in Oracle Industry Product Suite 12.2 allows remote attackers to affect integrity via unknown vectors related to Online Help.

4.3
2010-04-13 CVE-2010-0862 Oracle Remote vulnerability in Oracle Industry Product Suite 13.1

Unspecified vulnerability in the Retail - Oracle Retail Markdown Optimization component in Oracle Industry Product Suite 13.1 allows remote attackers to affect integrity via unknown vectors related to Online Help.

4.3
2010-04-13 CVE-2010-0855 Oracle Remote Portal vulnerability in Oracle Fusion Middleware 10.1.2.3

Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0086.

4.3
2010-04-13 CVE-2010-0086 Oracle Remote Portal vulnerability in Oracle Fusion Middleware 10.1.2.3

Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0855.

4.3
2010-04-13 CVE-2010-1371 Preprojects Cross-Site Scripting vulnerability in Preprojects PRE Classified Listings ASP

Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to inject arbitrary web script or HTML via the address parameter.

4.3
2010-04-13 CVE-2010-1367 Uiga Cross-Site Scripting vulnerability in Uiga FAN Club 1.0

Multiple cross-site scripting (XSS) vulnerabilities in admin/admin_login.php in Uiga Fan Club, as downloaded on 20100310, allow remote attackers to inject arbitrary web script or HTML via the (1) admin_name and (2) admin_password parameters.

4.3
2010-04-13 CVE-2010-1361 Glarotech Cross-Site Scripting vulnerability in Glarotech PHPeppershop 2.5

Cross-site scripting (XSS) vulnerability in shop/USER_ARTIKEL_HANDLING_AUFRUF.php in PHPepperShop 2.5 allows remote attackers to inject arbitrary web script or HTML via the darstellen parameter.

4.3
2010-04-13 CVE-2010-1357 Sbddirectorysoftware Cross-Site Scripting vulnerability in Sbddirectorysoftware SBD Directory Software 4.0

Cross-site scripting (XSS) vulnerability in editors/logindialogue.php in SBD Directory Software 4.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

4.3
2010-04-13 CVE-2010-1355 Vsecurity Cross-Site Scripting vulnerability in Vsecurity Tandberg Video Communication Server

Cross-site scripting (XSS) vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Reference ID 66316.

4.3
2010-04-13 CVE-2010-0880 Oracle PeopleTools vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne

Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.26 and 8.50.07 allows remote attackers to affect confidentiality and integrity via unknown vectors.

4.0
2010-04-13 CVE-2010-0879 Oracle Remote PeopleTools vulnerability in PeopleSoft Enterprise and JD Edwards EnterpriseOne

Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.26 and 8.50.07 allows remote authenticated users to affect confidentiality via unknown vectors.

4.0
2010-04-13 CVE-2010-0878 Oracle PeopleTools vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne

Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.26 and 8.50.07 allows remote authenticated users to affect integrity via unknown vectors.

4.0
2010-04-13 CVE-2010-0867 Oracle Remote JavaVM vulnerability in Oracle Database Server 10.2.0.4/11.1.0.7/11.2.0.1.0

Unspecified vulnerability in the JavaVM component in Oracle Database 10.2.0.4, 11.1.0.7, and 11.2.0.1.0 allows remote authenticated users to affect integrity via unknown vectors.

4.0
2010-04-13 CVE-2010-0851 Oracle Remote XML DB vulnerability in Oracle Database

Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality via unknown vectors.

4.0
2010-04-13 CVE-2009-4511 Vsecurity Information Exposure vulnerability in Vsecurity Tandberg Video Communication Server

Multiple directory traversal vulnerabilities in the web administration interface on the TANDBERG Video Communication Server (VCS) before X5.1 allow remote authenticated users to read arbitrary files via a ..

4.0

13 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2010-04-16 CVE-2010-1161 GNU Race Condition vulnerability in GNU Nano

Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files.

3.7
2010-04-13 CVE-2010-0895 Oracle Local vulnerability in Oracle Opensolaris Snv119

Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite OpenSolaris snv_119 allows local users to affect integrity and availability via unknown vectors related to IP Filter.

3.6
2010-04-13 CVE-2010-0870 Oracle Unspecified vulnerability in Oracle Database Server 9.2.0.8/9.2.0.8Dv

Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_CDC_PUBLISH.

3.6
2010-04-13 CVE-2010-0858 Oracle Remote E-Business Intelligence vulnerability in Oracle E-Business Suite 11.5.10.2/12.0.6/12.1.2

Unspecified vulnerability in the E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote authenticated users to affect integrity via unknown vectors.

3.5
2010-04-13 CVE-2010-0857 Oracle Remote Oracle Workflow Cartridge vulnerability in Oracle E-Business Suite 11.5.10.2

Unspecified vulnerability in the Oracle Workflow Cartridge component in Oracle E-Business Suite 11.5.10.2 allows remote authenticated users to affect integrity via unknown vectors.

3.5
2010-04-13 CVE-2010-0890 Oracle Local vulnerability in Oracle Opensolaris and SUN products Suite

Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_01 through snv_98 allows local users to affect availability via unknown vectors related to the Kernel.

2.1
2010-04-13 CVE-2010-0884 Oracle Local vulnerability in Oracle SUN products Suite 3.1/3.2

Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite, a different vulnerability than CVE-2010-0883.

2.1
2010-04-13 CVE-2010-0883 Oracle Local vulnerability in Oracle SUN products Suite 3.1/3.2

Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite, a different vulnerability than CVE-2010-0884.

2.1
2010-04-13 CVE-2010-0854 Oracle Remote Audit vulnerability in Oracle Database

Unspecified vulnerability in the Audit component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to "SELECT, INSERT or DELETE on tables subject to auditing."

2.1
2010-04-13 CVE-2010-1362 BEN Jeavons
Drupal
Cross-Site Scripting vulnerability in BEN Jeavons Ownterm 6.X1.0

Cross-site scripting (XSS) vulnerability in the Own Term module 6.x-1.0 for Drupal allows remote authenticated users, with "create additional terms" privileges, to inject arbitrary web script or HTML via the term description field in a term listing page.

2.1
2010-04-13 CVE-2010-1358 RON Jerome
Drupal
Cross-Site Scripting vulnerability in RON Jerome Bibliography

Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privileges, to inject arbitrary web script or HTML via unspecified vectors.

2.1
2010-04-12 CVE-2010-1149 Freedesktop Information Exposure vulnerability in Freedesktop Udisks 1.0

probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to udev even for a crypt UDISKS_DM_TARGETS_TYPE, which allows local users to discover encryption keys by (1) running a certain udevadm command or (2) reading a certain file under /dev/.udev/db/.

2.1
2010-04-16 CVE-2010-1160 GNU Link Following vulnerability in GNU Nano

GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim.

1.9