Weekly Vulnerabilities Reports > May 17 to 23, 2010
Overview
83 new vulnerabilities reported during this period, including 6 critical vulnerabilities and 19 high severity vulnerabilities. This weekly summary report vulnerabilities in 83 products from 59 vendors including Joomla, Drupal, Openmairie, Microsoft, and IBM. Vulnerabilities are notably categorized as "Path Traversal", "Cross-site Scripting", "Resource Management Errors", "Permissions, Privileges, and Access Controls", and "Code Injection".
- 81 reported vulnerabilities are remotely exploitables.
- 25 reported vulnerabilities have public exploit available.
- 40 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 65 reported vulnerabilities are exploitable by an anonymous user.
- Joomla has the most reported vulnerabilities, with 13 reported vulnerabilities.
- Bsplayer has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
6 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-05-20 | CVE-2010-1988 | Mozilla Microsoft | Unspecified vulnerability in Mozilla Firefox 3.6.3 Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring operations, a different vulnerability than CVE-2009-1571. | 10.0 |
2010-05-20 | CVE-2010-1039 | HP IBM SGI | USE of Externally-Controlled Format String vulnerability in multiple products Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name. | 10.0 |
2010-05-17 | CVE-2010-0998 | Freedownloadmanager | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freedownloadmanager Free Download Manager Multiple stack-based buffer overflows in Free Download Manager (FDM) before 3.0.852 allow remote attackers to execute arbitrary code via vectors involving (1) the folders feature in Site Explorer, (2) the websites feature in Site Explorer, (3) an FTP URI, or (4) a redirect. | 10.0 |
2010-05-21 | CVE-2010-2009 | Bsplayer | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Bsplayer Bs.Player 2.41/2.51 Stack-based buffer overflow in the media library in BS.Global BS.Player 2.51 build 1022, 2.41 build 1003, and possibly other versions allows user-assisted remote attackers to execute arbitrary code via a long ID3 tag in a .MP3 file. | 9.3 |
2010-05-20 | CVE-2010-2004 | Bsplayer | Buffer Errors vulnerability in Bsplayer Bs.Player 2.51 Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 Free, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via the Skin parameter in the Options section of a skins file (.bsi), a different vulnerability than CVE-2009-1068. | 9.3 |
2010-05-19 | CVE-2010-1628 | Artifex | Buffer Errors vulnerability in Artifex GPL Ghostscript 8.64/8.70 Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter. | 9.3 |
19 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-05-19 | CVE-2010-1447 | Postgresql | Permissions, Privileges, and Access Controls vulnerability in Postgresql The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving subroutine references and delayed execution. | 8.5 |
2010-05-19 | CVE-2010-1169 | Postgresql | Code Injection vulnerability in Postgresql PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. | 8.5 |
2010-05-19 | CVE-2010-1943 | NEC | Remote Denial of Service vulnerability in NEC Capsuite Patchmeister 2.0 Unspecified vulnerability in NEC CapsSuite Small Edition PatchMeister 2.0 Update2 and earlier allows remote attackers to cause a denial of service (OS shutdown or restart) via vectors related to Client Service for PTM and crafted packets to port 56015. | 7.8 |
2010-05-19 | CVE-2010-1941 | NEC | Denial of Service vulnerability in WebSAM DeploymentManager Unspecified vulnerability in NEC WebSAM DeploymentManager 5.13 and earlier, as used in SigmaSystemCenter 2.1 Update2 and earlier, BladeSystemCenter, ExpressSystemCenter, and VirtualPCCenter 2.2 and earlier, allows remote attackers to cause a denial of service (OS shutdown or restart) via unknown vectors related to Client Service for DPM and crafted packets to port 56010. | 7.8 |
2010-05-20 | CVE-2010-2005 | Datalifecms | Code Injection vulnerability in Datalifecms Datalife Engine 8.3 Multiple PHP remote file inclusion vulnerabilities in DataLife Engine (DLE) 8.3 allow remote attackers to execute arbitrary PHP code via a URL in (1) the selected_language parameter to engine/inc/include/init.php, (2) the config[langs] parameter to engine/inc/help.php, (3) the config[lang] parameter to engine/ajax/pm.php, (4) and the _REQUEST[skin] parameter to engine/ajax/addcomments.php. | 7.5 |
2010-05-20 | CVE-2010-1994 | Tomatocms | SQL Injection vulnerability in Tomatocms SQL injection vulnerability in index.php in TomatoCMS before 2.0.5 allows remote attackers to execute arbitrary SQL commands via the q parameter in conjunction with a /news/search PATH_INFO. | 7.5 |
2010-05-19 | CVE-2010-1630 | Phpbb | Unspecified vulnerability in PHPbb Unspecified vulnerability in posting.php in phpBB before 3.0.5 has unknown impact and attack vectors related to the use of a "forum id" in circumstances related to a "global announcement." | 7.5 |
2010-05-19 | CVE-2010-1983 | Redcomponent Joomla | Path Traversal vulnerability in Redcomponent COM Redtwitter Directory traversal vulnerability in the redTWITTER (com_redtwitter) component 1.0.x including 1.0b11 for Joomla! allows remote attackers to read arbitrary files via a .. | 7.5 |
2010-05-19 | CVE-2010-1980 | Roberto Aloi Joomla | Path Traversal vulnerability in Roberto Aloi COM Joomlaflickr 1.0.3 Directory traversal vulnerability in joomlaflickr.php in the Joomla Flickr (com_joomlaflickr) component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2010-05-19 | CVE-2010-1977 | Gohigheris Joomla | Path Traversal vulnerability in Gohigheris COM Jwhmcs 1.5.0 Directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmcs) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. | 7.5 |
2010-05-19 | CVE-2010-0404 | Phpgroupware | SQL Injection vulnerability in PHPgroupware Multiple SQL injection vulnerabilities in phpGroupWare (phpgw) before 0.9.16.016 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) class.sessions_db.inc.php, (2) class.translation_sql.inc.php, or (3) class.auth_sql.inc.php in phpgwapi/inc/. | 7.5 |
2010-05-19 | CVE-2010-1957 | Thefactory Joomla | Path Traversal vulnerability in Thefactory COM Lovefactory 1.3.4 Directory traversal vulnerability in the Love Factory (com_lovefactory) component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. | 7.5 |
2010-05-19 | CVE-2010-1956 | Thefactory Joomla | Path Traversal vulnerability in Thefactory COM Gadgetfactory 1.0.0/1.5.0 Directory traversal vulnerability in the Gadget Factory (com_gadgetfactory) component 1.0.0 and 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. | 7.5 |
2010-05-19 | CVE-2010-1955 | Thefactory Joomla | Path Traversal vulnerability in Thefactory COM Blogfactory 1.1.2 Directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. | 7.5 |
2010-05-19 | CVE-2010-1954 | Joomlacomponent Inetlanka Joomla | Path Traversal vulnerability in Joomlacomponent.Inetlanka COM Multiroot 1.0/1.1 Directory traversal vulnerability in the iNetLanka Multiple root (com_multiroot) component 1.0 and 1.1 for Joomla! allows remote attackers to read arbitrary files via a .. | 7.5 |
2010-05-19 | CVE-2010-1953 | Joomlacomponent Inetlanka Joomla | Path Traversal vulnerability in Joomlacomponent.Inetlanka COM Multimap 1.0 Directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. | 7.5 |
2010-05-19 | CVE-2010-1952 | Cmstactics Joomla | Path Traversal vulnerability in Cmstactics COM Beeheard and COM Beeheardlite Directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. | 7.5 |
2010-05-19 | CVE-2010-1949 | Emultisoft Joomla | SQL Injection vulnerability in Emultisoft COM Jnewspaper 1.0 SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. | 7.5 |
2010-05-17 | CVE-2010-0999 | Freedownloadmanager | Path Traversal vulnerability in Freedownloadmanager Free Download Manager Directory traversal vulnerability in Free Download Manager (FDM) before 3.0.852 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file. | 7.1 |
44 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-05-21 | CVE-2010-1547 | Chaos Tool Suite Project | Cross-Site Request Forgery (CSRF) vulnerability in Chaos Tool Suite Project Ctools Multiple cross-site request forgery (CSRF) vulnerabilities in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable a page via a q=admin/build/pages/nojs/enable/ value or (2) disable a page via a q=admin/build/pages/nojs/disable/ value. | 6.8 |
2010-05-21 | CVE-2010-0539 | Apple | Numeric Errors vulnerability in Apple Java 1.5 and Java 1.6 Integer signedness error in the window drawing implementation in Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X 10.6 before Update 2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted applet. | 6.8 |
2010-05-21 | CVE-2010-0538 | Apple | Resource Management Errors vulnerability in Apple Java Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X 10.6 before Update 2 do not properly handle mediaLibImage objects, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds memory access and application crash) via a crafted applet, related to the com.sun.medialib.mlib package. | 6.8 |
2010-05-20 | CVE-2010-2007 | Letodms | Cross-Site Request Forgery (CSRF) vulnerability in Letodms Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) 1.7.2 and earlier allow remote attackers to hijack the authentication of administrators for requests that use (1) op/op.EditUserData.php, (2) op/op.UsrMgr.php, (3) out/out.RemoveVersion.php, (4) op/op.RemoveFolder.php, (5) op/op.DefaultKeywords.php, (6) op/op.GroupMgr.php, (7) op/op.FolderAccess.php, (8) op/op.FolderNotify.php, or (9) op.MoveFolder.php in mydms. | 6.8 |
2010-05-20 | CVE-2010-1999 | Openmairie | Path Traversal vulnerability in Openmairie Opencatalogue 1.024 Directory traversal vulnerability in scr/soustab.php in OpenMairie Opencatalogue 1.024, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069. | 6.8 |
2010-05-19 | CVE-2010-1981 | Fabrikar | Path Traversal vulnerability in Fabrikar Fabrik 2.0 Directory traversal vulnerability in the Fabrik (com_fabrik) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. | 6.8 |
2010-05-19 | CVE-2010-1979 | Affiliatefeeds Joomla | Path Traversal vulnerability in Affiliatefeeds COM Datafeeds Build880 Directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. | 6.8 |
2010-05-19 | CVE-2010-1978 | Freephpblogsoftware | Code Injection vulnerability in Freephpblogsoftware 1.0 PHP remote file inclusion vulnerability in default_theme.php in FreePHPBlogSoftware 1.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpincdir parameter. | 6.8 |
2010-05-19 | CVE-2010-1454 | Vmware | Improper Authentication vulnerability in VMWare TC Server com.springsource.tcserver.serviceability.rmi.JmxSocketListener in VMware SpringSource tc Server Runtime 6.0.19 and 6.0.20 before 6.0.20.D, and 6.0.25.A before 6.0.25.A-SR01, does not properly enforce the requirement for an encrypted (aka s2enc) password, which allows remote attackers to obtain JMX interface access via a blank password. | 6.8 |
2010-05-19 | CVE-2010-1321 | MIT Debian Canonical Oracle Opensuse Suse Fedoraproject | Null Pointer Dereference vulnerability in multiple products The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing. | 6.8 |
2010-05-19 | CVE-2010-0403 | Phpgroupware | Path Traversal vulnerability in PHPgroupware Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2010-05-19 | CVE-2010-1951 | 60Cyclecms Project | Path Traversal vulnerability in 60Cyclecms Project 60Cyclecms 2.5.2 Multiple directory traversal vulnerabilities in 60cycleCMS allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the DOCUMENT_ROOT parameter to (1) news.php, (2) submitComment.php, and (3) sqlConnect.php. | 6.8 |
2010-05-19 | CVE-2010-1950 | Emultisoft Joomla | SQL Injection vulnerability in Emultisoft COM Jnewspaper 1.0 SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the date_info parameter to index.php. | 6.8 |
2010-05-19 | CVE-2010-1948 | Openmairie | Path Traversal vulnerability in Openmairie Openfoncier 2.00 Directory traversal vulnerability in scr/soustab.php in openMairie Openfoncier 2.00, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069. | 6.8 |
2010-05-19 | CVE-2010-1947 | Openmairie | Path Traversal vulnerability in Openmairie Openregistrecil 1.02 Directory traversal vulnerability in scr/soustab.php in openMairie Openregistrecil 1.02, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter. | 6.8 |
2010-05-19 | CVE-2010-1946 | Openmairie | Code Injection vulnerability in Openmairie Openregistrecil 1.02 Multiple PHP remote file inclusion vulnerabilities in openMairie Openregistrecil 1.02, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) autorisation_normale.class.php, (2) collectivite.class.php, (3) dossier.class.php, (4) norme_simplifiee.class.php, (5) registre.class.php, (6) autorisation_unique.class.php, (7) demande_avis.class.php, (8) droit.class.php, (9) organisme.class.php, (10) service.class.php, (11) categorie_donnee.class.php, (12) destinataire.class.php, (13) profil.class.php, (14) tabdyn_visu.class.php, (15) categorie_personne.class.php, (16) dispense.class.php, (17) modificatif.class.php, (18) reference.class.php, and (19) utilisateur.class.php in obj/. | 6.8 |
2010-05-19 | CVE-2010-1945 | Openmairie | Code Injection vulnerability in Openmairie Openfoncier 2.00 Multiple PHP remote file inclusion vulnerabilities in openMairie Openfoncier 2.00, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) action.class.php, (2) architecte.class.php, (3) avis.class.php, (4) bible.class.php, and (5) blocnote.class.php in obj/. | 6.8 |
2010-05-19 | CVE-2010-1944 | Openmairie | Code Injection vulnerability in Openmairie Opencimetiere 2.01 Multiple PHP remote file inclusion vulnerabilities in openMairie openCimetiere 2.01, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) autorisation.class.php, (2) courrierautorisation.class.php, (3) droit.class.php, (4) profil.class.php, (5) temp_defunt_sansemplacement.class.php, (6) utils.class.php, (7) cimetiere.class.php, (8) defunt.class.php, (9) emplacement.class.php, (10) tab_emplacement.class.php, (11) temp_emplacement.class.php, (12) voie.class.php, (13) collectivite.class.php, (14) defunttransfert.class.php, (15) entreprise.class.php, (16) temp_autorisation.class.php, (17) travaux.class.php, (18) zone.class.php, (19) courrier.class.php, (20) dossier.class.php, (21) plans.class.php, (22) temp_defunt.class.php, and (23) utilisateur.class.php in obj/. | 6.8 |
2010-05-20 | CVE-2010-2006 | Letodms | Path Traversal vulnerability in Letodms Directory traversal vulnerability in op/op.Login.php in LetoDMS (formerly MyDMS) 1.7.2 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. | 6.5 |
2010-05-19 | CVE-2010-1942 | Fujitsu | Unspecified vulnerability in Fujitsu Interstage Application Server Unspecified vulnerability in the Servlet service in Fujitsu Limited Interstage Application Server 3.0 through 7.0, as used in Interstage Application Framework Suite, Interstage Business Application Server, and Interstage List Manager, allows attackers to obtain sensitive information or force invalid requests to be processed via unknown vectors related to unspecified invalid requests and settings on the load balancing device. | 6.4 |
2010-05-17 | CVE-2010-1511 | KDE | Permissions, Privileges, and Access Controls vulnerability in KDE SC and Kget KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file. | 6.4 |
2010-05-21 | CVE-2010-1546 | Chaos Tool Suite Project | Code Injection vulnerability in Chaos Tool Suite Project Ctools Multiple eval injection vulnerabilities in the import functionality in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with "administer page manager" privileges, to execute arbitrary PHP code via input to a text area, related to (1) the page_manager_page_import_subtask_validate function in page_manager/plugins/tasks/page.admin.inc and (2) the page_manager_handler_import_validate function in page_manager/page_manager.admin.inc. | 6.0 |
2010-05-19 | CVE-2010-1170 | Postgresql | Permissions, Privileges, and Access Controls vulnerability in Postgresql The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltcl_modules table regardless of the table's ownership and permissions, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Tcl code by creating this table and inserting a crafted Tcl script. | 6.0 |
2010-05-17 | CVE-2010-1000 | KDE | Path Traversal vulnerability in KDE SC Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file. | 5.8 |
2010-05-19 | CVE-2010-1975 | Postgresql | Permissions, Privileges, and Access Controls vulnerability in Postgresql PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, and 8.4 before 8.4.4 does not properly check privileges during certain RESET ALL operations, which allows remote authenticated users to remove arbitrary parameter settings via a (1) ALTER USER or (2) ALTER DATABASE statement. | 5.5 |
2010-05-20 | CVE-2010-1993 | Opera | Resource Management Errors vulnerability in Opera Browser 9.52 Opera 9.52 does not properly handle an IFRAME element with a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (resource consumption) via an HTML document with many IFRAME elements. | 5.0 |
2010-05-20 | CVE-2010-1992 | Resource Management Errors vulnerability in Google Chrome 1.0.154.48 Google Chrome 1.0.154.48 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements. | 5.0 | |
2010-05-20 | CVE-2010-1991 | Microsoft | Resource Management Errors vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements. | 5.0 |
2010-05-20 | CVE-2010-1990 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox 3.6.x, 3.5.x, 3.0.19, and earlier, and SeaMonkey, executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements. | 5.0 |
2010-05-20 | CVE-2010-1989 | Opera | Resource Management Errors vulnerability in Opera Browser 9.52 Opera 9.52 executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images, a related issue to CVE-2010-0181. | 5.0 |
2010-05-20 | CVE-2010-1987 | Mozilla Microsoft | Resource Management Errors vulnerability in Mozilla Firefox 3.6.3 Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory consumption, out-of-bounds read, and application crash) via JavaScript code that appends long strings to the content of a P element, and performs certain other string concatenation and substring operations, related to the DoubleWideCharMappedString class in USP10.dll and the gfxWindowsFontGroup::GetUnderlineOffset function in xul.dll, a different vulnerability than CVE-2009-1571. | 5.0 |
2010-05-20 | CVE-2010-1986 | Mozilla Microsoft | Resource Management Errors vulnerability in Mozilla Firefox 3.6.3 Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory consumption and application crash) via JavaScript code that creates multiple arrays containing elements with long string values, and then appends long strings to the content of a P element, related to the gfxWindowsFontGroup::MakeTextRun function in xul.dll, a different vulnerability than CVE-2009-1571. | 5.0 |
2010-05-20 | CVE-2010-0745 | Dovecot | Resource Management Errors vulnerability in Dovecot Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message. | 5.0 |
2010-05-19 | CVE-2010-1982 | Joomlart Joomla | Path Traversal vulnerability in Joomlart COM Javoice 2.0 Directory traversal vulnerability in the JA Voice (com_javoice) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
2010-05-17 | CVE-2010-0776 | IBM | Improper Input Validation vulnerability in IBM Websphere Application Server The Web Container in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 does not properly handle chunked transfer encoding during a call to response.sendRedirect, which allows remote attackers to cause a denial of service via a GET request. | 5.0 |
2010-05-17 | CVE-2010-0775 | IBM | Resource Management Errors vulnerability in IBM Websphere Application Server Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a crafted request, related to the nodeagent and Deployment Manager components. | 5.0 |
2010-05-21 | CVE-2010-2010 | Chaos Tool Suite Project | Cross-Site Scripting vulnerability in Chaos Tool Suite Project Ctools Multiple cross-site scripting (XSS) vulnerabilities in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4 for Drupal allow remote attackers to inject arbitrary web script or HTML via a node title. | 4.3 |
2010-05-20 | CVE-2010-2003 | Proxy2 | Cross-Site Scripting vulnerability in Proxy2 Advanced Poll 2.08 Cross-site scripting (XSS) vulnerability in misc/get_admin.php in Advanced Poll 2.08 allows remote attackers to inject arbitrary web script or HTML via the mysql_host parameter. | 4.3 |
2010-05-19 | CVE-2010-1985 | Sixapart | Cross-Site Scripting vulnerability in Sixapart Movable Type 5.0/5.01 Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in Six Apart Movable Type 5.0 and 5.01 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
2010-05-19 | CVE-2010-1629 | Phorum | Cross-Site Scripting vulnerability in Phorum Cross-site scripting (XSS) vulnerability in Phorum before 5.2.15 allows remote attackers to inject arbitrary web script or HTML via an invalid email address. | 4.3 |
2010-05-19 | CVE-2010-1627 | Phpbb | Permissions, Privileges, and Access Controls vulnerability in PHPbb 3.0.7 feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds, which allows remote attackers to bypass intended access restrictions via unspecified attack vectors related to permission settings on a private forum. | 4.3 |
2010-05-17 | CVE-2010-0774 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Application Server The (1) JAX-RPC WS-Security 1.0 and (2) JAX-WS runtime implementations in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 do not properly handle WebServices PKCS#7 and PKIPath tokens, which allows remote attackers to bypass intended access restrictions via unspecified vectors. | 4.3 |
2010-05-17 | CVE-2010-1512 | Tatsuhiro Tsujikawa | Path Traversal vulnerability in Tatsuhiro Tsujikawa Aria2 Directory traversal vulnerability in aria2 before 1.9.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file. | 4.3 |
2010-05-21 | CVE-2010-2011 | Microsoft | Cryptographic Issues vulnerability in Microsoft Dynamics GP Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive information by decrypting a field's contents. | 4.0 |
14 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-05-21 | CVE-2010-1626 | Mysql Oracle | Permissions, Privileges, and Access Controls vulnerability in multiple products MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247. | 3.6 |
2010-05-21 | CVE-2010-1548 | Chaos Tool Suite Project | Permissions, Privileges, and Access Controls vulnerability in Chaos Tool Suite Project Ctools The auto-complete functionality in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4 for Drupal does not follow access restrictions, which allows remote authenticated users, with "access content" privileges, to read the title of an unpublished node via a q=ctools/autocomplete/node/ value accompanied by the first character of the node's title. | 3.5 |
2010-05-20 | CVE-2010-2001 | Ninjitsuweb Drupal | Cross-Site Scripting vulnerability in Ninjitsuweb Civiregister 6.X1.0 Cross-site scripting (XSS) vulnerability in the CiviRegister module before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the URI. | 2.6 |
2010-05-17 | CVE-2010-0777 | IBM | Improper Input Validation vulnerability in IBM Websphere Application Server The Web Container in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.11 does not properly handle long filenames and consequently sends an incorrect file in some responses, which allows remote attackers to obtain sensitive information by reading the retrieved file. | 2.6 |
2010-05-20 | CVE-2010-2002 | Addison Berry Jeff Warrington Drupal | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x before 5.x-1.1 and 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with "administer words filtered" privileges, to inject arbitrary web script or HTML via the word list. | 2.1 |
2010-05-20 | CVE-2010-2000 | RON Jerome Drupal | Cross-Site Scripting vulnerability in RON Jerome Bibliography Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privileges, to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-1358. | 2.1 |
2010-05-20 | CVE-2010-1998 | Kevinhankens Drupal | Cross-Site Scripting vulnerability in Kevinhankens Tablefield 6.X1.0/6.X1.1 Cross-site scripting (XSS) vulnerability in the CCK TableField module 6.x before 6.x-1.2 for Drupal allows remote authenticated users, with certain node creation or editing privileges, to inject arbitrary web script or HTML via table headers. | 2.1 |
2010-05-20 | CVE-2010-1997 | Saurus | Cross-Site Scripting vulnerability in Saurus CMS 4.7.0 Cross-site scripting (XSS) vulnerability in admin/edit.php in Saurus CMS 4.7.0 allows remote authenticated users, with "Article list" edit privileges, to inject arbitrary web script or HTML via the pealkiri parameter. | 2.1 |
2010-05-20 | CVE-2010-1996 | Tomatocms | Cross-Site Scripting vulnerability in Tomatocms Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS before 2.0.5 allow remote authenticated users, with certain creation privileges, to inject arbitrary web script or HTML via the (1) content parameter in conjunction with a /admin/poll/add PATH_INFO, the (2) meta parameter in conjunction with a /admin/category/add PATH_INFO, and the (3) keyword parameter in conjunction with a /admin/tag/add PATH_INFO. | 2.1 |
2010-05-20 | CVE-2010-1995 | Tomatocms | Cross-Site Scripting vulnerability in Tomatocms Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS before 2.0.5 allow remote authenticated users, with "Add new article" privileges, to inject arbitrary web script or HTML via the (1) title, (2) subTitle, and (3) author parameters in conjunction with a /admin/news/article/add PATH_INFO. | 2.1 |
2010-05-19 | CVE-2010-1984 | Michael Nichols Drupal | Cross-Site Scripting vulnerability in Michael Nichols Taxonomy Breadcrumb Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb module 5.x before 5.x-1.5 and 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via the taxonomy term name in a Breadcrumb display. | 2.1 |
2010-05-19 | CVE-2010-1976 | Michael Nichols Drupal | Cross-Site Scripting vulnerability in Michael Nichols Taxonomy Breadcrumb 6.X0.1/6.X1.0/6.X1.X Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb module 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via the node title in a Breadcrumb display. | 2.1 |
2010-05-19 | CVE-2010-1584 | Steven Jones Drupal | Cross-Site Scripting vulnerability in Steven Jones Context 6.X2.0 Cross-site scripting (XSS) vulnerability in the Context module before 6.x-2.0-rc4 for Drupal allows remote authenticated users, with Administer Blocks privileges, to inject arbitrary web script or HTML via a block description. | 2.1 |
2010-05-21 | CVE-2010-1446 | Linux | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel arch/powerpc/mm/fsl_booke_mmu.c in KGDB in the Linux kernel 2.6.30 and other versions before 2.6.33, when running on PowerPC, does not properly perform a security check for access to a kernel page, which allows local users to overwrite arbitrary kernel memory, related to Fsl booke. | 1.9 |