Weekly Vulnerabilities Reports > June 14 to 20, 2010
Overview
144 new vulnerabilities reported during this period, including 52 critical vulnerabilities and 21 high severity vulnerabilities. This weekly summary report vulnerabilities in 80 products from 58 vendors including Adobe, Macromedia, Apple, IBM, and Google. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Improper Input Validation", "Path Traversal", and "SQL Injection".
- 127 reported vulnerabilities are remotely exploitables.
- 28 reported vulnerabilities have public exploit available.
- 41 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 137 reported vulnerabilities are exploitable by an anonymous user.
- Adobe has the most reported vulnerabilities, with 31 reported vulnerabilities.
- Adobe has the most reported critical vulnerabilities, with 29 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
52 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-06-18 | CVE-2010-1769 | Apple Microsoft | Multiple vulnerability in RETIRED: Apple iPhone/iPod touch Prior to iOS 4 WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763. | 10.0 |
2010-06-18 | CVE-2010-1763 | Apple Microsoft | Unspecified vulnerability in Apple Itunes Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769. | 10.0 |
2010-06-18 | CVE-2010-0284 | Novell Microsoft | Path Traversal vulnerability in Novell Access Manager 3.1 Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Access Manager 3.1 before 3.1.2-281 on Windows allows remote attackers to create arbitrary files with any contents, and consequently execute arbitrary code, via a .. | 10.0 |
2010-06-15 | CVE-2010-2302 | Google Opensuse Suse | USE After Free vulnerability in multiple products Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. | 10.0 |
2010-06-15 | CVE-2010-2300 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to handlers for DOM mutation events, aka rdar problem 7948784. | 10.0 | |
2010-06-15 | CVE-2010-2299 | Type Confusion vulnerability in Google Chrome The Clipboard::DispatchObject function in app/clipboard/clipboard.cc in Google Chrome before 5.0.375.70 does not properly handle CBF_SMBITMAP objects in a ViewHostMsg_ClipboardWriteObjectsAsync message, which might allow remote attackers to execute arbitrary code via vectors involving crafted data from the renderer process, related to a "Type Confusion" issue. | 10.0 | |
2010-06-15 | CVE-2010-2298 | Google Linux | Improper Input Validation vulnerability in Google Chrome browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing, which allows remote attackers to bypass intended sandbox restrictions via vectors involving fchdir and chdir calls. | 10.0 |
2010-06-15 | CVE-2010-2276 | Dojotoolkit | Configuration vulnerability in Dojotoolkit Dojo The default configuration of the build process in Dojo 0.4.x before 0.4.4, 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 has the copyTests=true and mini=false options, which makes it easier for remote attackers to have an unspecified impact via a request to a (1) test or (2) demo component. | 10.0 |
2010-06-15 | CVE-2010-2272 | Dojotoolkit | Unspecified vulnerability in Dojotoolkit Dojo Unspecified vulnerability in iframe_history.html in Dojo 0.4.x before 0.4.4 has unknown impact and remote attack vectors. | 10.0 |
2010-06-15 | CVE-2010-1937 | Standards Based Linux Instrumentation | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Standards Based Linux Instrumentation Sblim-Sfcb 1.3.4/1.3.5/1.3.6 Heap-based buffer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB before 1.3.8 might allow remote attackers to execute arbitrary code via a Content-Length HTTP header that specifies a value too small for the amount of POST data, aka bug #3001896. | 10.0 |
2010-06-15 | CVE-2010-0990 | Creative | Buffer Errors vulnerability in Creative Autoupdate and Autoupdate Engine Activex Control Stack-based buffer overflow in Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0, as used in Creative Software AutoUpdate 1.40.01, allows remote attackers to execute arbitrary code via vectors related to the BrowseFolder method. | 10.0 |
2010-06-18 | CVE-2010-2331 | Upredsun | Buffer Errors vulnerability in Upredsun Isharer File Sharing Wizard 1.5.0 Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote attackers to execute arbitrary code via a long HEAD request. | 9.3 |
2010-06-18 | CVE-2010-2330 | Upredsun | Buffer Errors vulnerability in Upredsun Isharer File Sharing Wizard 1.5.0 Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Content-Length header. | 9.3 |
2010-06-18 | CVE-2010-2329 | Rosoftengineering | Buffer Errors vulnerability in Rosoftengineering Rosoft Audio Converter 4.4.4 Buffer overflow in Rosoft Audio Converter 4.4.4 allows remote attackers to execute arbitrary code via a long playlist entry in a .m3u file. | 9.3 |
2010-06-18 | CVE-2010-2321 | Adobe | Buffer Errors vulnerability in Adobe Indesign CS3 10.0 Buffer overflow in Adobe InDesign CS3 10.0 allows user-assisted remote attackers to execute arbitrary code via a crafted .indd file. | 9.3 |
2010-06-18 | CVE-2010-1387 | Apple | Resource Management Errors vulnerability in Apple Itunes Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769. | 9.3 |
2010-06-17 | CVE-2010-1377 | Apple | Cryptographic Issues vulnerability in Apple mac OS X and mac OS X Server Open Directory in Apple Mac OS X 10.6 before 10.6.4 creates an unencrypted connection upon certain SSL failures, which allows man-in-the-middle attackers to spoof arbitrary network account servers, and possibly execute arbitrary code, via unspecified vectors. | 9.3 |
2010-06-17 | CVE-2008-4389 | Symantec | Improper Authentication vulnerability in Symantec Appstream and Workspace Streaming Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which allows remote Workspace Streaming servers and man-in-the-middle attackers to download arbitrary executable files onto a client system, and execute these files, via unspecified vectors. | 9.3 |
2010-06-16 | CVE-2010-2311 | Power TAB | Buffer Errors vulnerability in Power-Tab Power TAB Editor 1.7.0.80 Stack-based buffer overflow in Power Tab Editor 1.7 build 80 allows user-assisted remote attackers to execute arbitrary code via a .ptb file with a long font name. | 9.3 |
2010-06-16 | CVE-2010-2305 | Symantec | Buffer Errors vulnerability in Symantec Sygate Personal Firewall 5.6 Buffer overflow in an ActiveX control in SSHelper.dll for Symantec Sygate Personal Firewall 5.6 build 2808 allows remote attackers to execute arbitrary code via a long third argument to the SetRegString method. | 9.3 |
2010-06-16 | CVE-2010-1932 | Xnview | Buffer Errors vulnerability in Xnview 1.97.4 Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allows remote attackers to execute arbitrary code via a MultiBitMap (MBM) file with a Paint Data Section that contains a malformed Encoding field. | 9.3 |
2010-06-15 | CVE-2010-2297 | Google Opensuse Suse | Code Injection vulnerability in multiple products rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table. | 9.3 |
2010-06-15 | CVE-2010-2296 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors. | 9.3 | |
2010-06-15 | CVE-2010-2189 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when used in conjunction with VMWare Tools on a VMWare platform, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | 9.3 |
2010-06-15 | CVE-2010-2188 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187. | 9.3 |
2010-06-15 | CVE-2010-2187 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188. | 9.3 |
2010-06-15 | CVE-2010-2186 | Adobe Macromedia | Code Injection vulnerability in multiple products Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. | 9.3 |
2010-06-15 | CVE-2010-2185 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors. | 9.3 |
2010-06-15 | CVE-2010-2184 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2187, and CVE-2010-2188. | 9.3 |
2010-06-15 | CVE-2010-2183 | Adobe Macromedia | Numeric Errors vulnerability in multiple products Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2181. | 9.3 |
2010-06-15 | CVE-2010-2182 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 9.3 |
2010-06-15 | CVE-2010-2181 | Adobe Macromedia | Numeric Errors vulnerability in multiple products Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2183. | 9.3 |
2010-06-15 | CVE-2010-2180 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 9.3 |
2010-06-15 | CVE-2010-2178 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 9.3 |
2010-06-15 | CVE-2010-2177 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 9.3 |
2010-06-15 | CVE-2010-2176 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 9.3 |
2010-06-15 | CVE-2010-2175 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 9.3 |
2010-06-15 | CVE-2010-2174 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newfunction (0x44) operator, a different vulnerability than CVE-2010-2173. | 9.3 |
2010-06-15 | CVE-2010-2173 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174. | 9.3 |
2010-06-15 | CVE-2010-2171 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to SWF files, decompression of embedded JPEG image data, and the DefineBits and other unspecified tags, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 9.3 |
2010-06-15 | CVE-2010-2170 | Adobe Macromedia | Numeric Errors vulnerability in multiple products Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2181 and CVE-2010-2183. | 9.3 |
2010-06-15 | CVE-2010-2169 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of service (pointer memory corruption) or possibly execute arbitrary code via unspecified vectors. | 9.3 |
2010-06-15 | CVE-2010-2167 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to malformed (1) GIF or (2) JPEG data. | 9.3 |
2010-06-15 | CVE-2010-2166 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 9.3 |
2010-06-15 | CVE-2010-2165 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 9.3 |
2010-06-15 | CVE-2010-2164 | Adobe Macromedia | Resource Management Errors vulnerability in multiple products Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function." Per: http://www.adobe.com/support/security/bulletins/apsb10-14.html 'Affected software versions Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris Adobe AIR 1.5.3.9130 and earlier versions for Windows, Macintosh and Linux' | 9.3 |
2010-06-15 | CVE-2010-2163 | Adobe Macromedia | Code Injection vulnerability in multiple products Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unknown vectors. | 9.3 |
2010-06-15 | CVE-2010-2162 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms. | 9.3 |
2010-06-15 | CVE-2010-2161 | Adobe Macromedia | Code Injection vulnerability in multiple products Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified "types of Adobe Flash code." Per: http://www.adobe.com/support/security/bulletins/apsb10-14.html 'Affected software versions Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris Adobe AIR 1.5.3.9130 and earlier versions for Windows, Macintosh and Linux' | 9.3 |
2010-06-15 | CVE-2010-2160 | Adobe Macromedia | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an invalid offset in an unspecified undocumented opcode in ActionScript Virtual Machine 2, related to getouterscope, a different vulnerability than CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 9.3 |
2010-06-15 | CVE-2009-3793 | Adobe Macromedia | Resource Management Errors vulnerability in multiple products Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory consumption) or possibly execute arbitrary code via unknown vectors. | 9.3 |
2010-06-15 | CVE-2010-1885 | Microsoft | OS Command Injection vulnerability in Microsoft products The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist (fromHCP option) and execute arbitrary commands via a crafted hcp:// URL, aka "Help Center URL Validation Vulnerability." Per: http://blogs.technet.com/b/msrc/archive/2010/06/10/windows-help-vulnerability-disclosure.aspx "customers running Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2, are not vulnerable to this issue, or at risk of attack." | 9.3 |
21 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-06-15 | CVE-2010-2287 | Wireshark | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. | 8.3 |
2010-06-15 | CVE-2010-2284 | Wireshark | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. | 8.3 |
2010-06-15 | CVE-2010-2279 | IBM | Remote Security vulnerability in Lotus Connections 2.5.0/2.5.0.1 The Top Updates implementation in the Homepage component in IBM Lotus Connections 2.5.x before 2.5.0.2, when "forced SSL" is enabled, uses http for links, which has unspecified impact and remote attack vectors. | 7.6 |
2010-06-18 | CVE-2010-2341 | Ezpx | Code Injection vulnerability in Ezpx Photoblog 1.2 PHP remote file inclusion vulnerability in system/application/views/public/commentform.php in EZPX Photoblog 1.2 beta allows remote attackers to execute arbitrary PHP code via a URL in the tpl_base_dir parameter. | 7.5 |
2010-06-18 | CVE-2010-2339 | Subdreamer | SQL Injection vulnerability in Subdreamer SQL injection vulnerability in admin/pages.php in Subdreamer CMS 3.x.x allows remote attackers to execute arbitrary SQL commands via the categoryids[] parameter in an update_pages action. | 7.5 |
2010-06-18 | CVE-2010-2338 | Vunet | SQL Injection vulnerability in Vunet VU web Visitor Analyst Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor Analyst allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. | 7.5 |
2010-06-18 | CVE-2010-2335 | Yamamah | SQL Injection vulnerability in Yamamah 1.00 SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter. | 7.5 |
2010-06-18 | CVE-2010-2324 | IBM | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS allows attackers to perform unspecified "link injection" actions via unknown vectors. | 7.5 |
2010-06-17 | CVE-2010-2319 | Idevspot | SQL Injection vulnerability in Idevspot Textads 2.08 SQL injection vulnerability in index.php in IDevSpot TextAds 2.08 allows remote attackers to execute arbitrary SQL commands via the page parameter. | 7.5 |
2010-06-17 | CVE-2010-2317 | Wmsdesign | SQL Injection vulnerability in Wmsdesign Wmscms Multiple SQL injection vulnerabilities in WmsCms 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) search, (2) sbr, (3) pid, (4) sbl, and (5) FilePath parameters to default.asp; and the (6) sbr, (7) pr, and (8) psPrice parameters to printpage.asp. | 7.5 |
2010-06-17 | CVE-2010-2315 | Smartisoft | Code Injection vulnerability in Smartisoft PHPbazar 2.1.1 PHP remote file inclusion vulnerability in picturelib.php in SmartISoft phpBazar 2.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the cat parameter. | 7.5 |
2010-06-17 | CVE-2010-1964 | HP | Remote Buffer Overflow vulnerability in HP OpenView Network Node Manager 7.51/7.53 Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683. | 7.5 |
2010-06-17 | CVE-2010-1380 | Apple | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Integer overflow in the cgtexttops CUPS filter in Printing in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page sizes. | 7.5 |
2010-06-16 | CVE-2010-2312 | Hauntmax | SQL Injection vulnerability in Hauntmax Haunted House Directory Listing CMS SQL injection vulnerability in index.php in HauntmAx Haunted House Directory Listing CMS allows remote attackers to execute arbitrary SQL commands via the state parameter in a listings action. | 7.5 |
2010-06-16 | CVE-2010-2309 | Evological | Buffer Errors vulnerability in Evological Evocam 3.6.6/3.6.7 Buffer overflow in the web server for EvoLogical EvoCam 3.6.6 and 3.6.7 allows remote attackers to execute arbitrary code via a long GET request. | 7.5 |
2010-06-16 | CVE-2010-2073 | Debian | Use of Hard-coded Credentials vulnerability in Debian Pyftpd 0.8.4 auth_db_config.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the (1) test, (2) user, and (3) roxon accounts, which allows remote attackers to read arbitrary files from the FTP server. | 7.5 |
2010-06-15 | CVE-2010-2271 | Accoria | USE of Externally-Controlled Format String vulnerability in Accoria Rock web Server 1.4.7 Format string vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to have an unspecified impact via format string specifiers in the path (aka Password File) parameter. | 7.5 |
2010-06-15 | CVE-2010-2270 | Accoria | Cryptographic Issues vulnerability in Accoria Rock web Server 1.4.7 Accoria Web Server (aka Rock Web Server) 1.4.7 uses a predictable httpmod-sessionid cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie. | 7.5 |
2010-06-15 | CVE-2010-2075 | Unrealircd | Improper Input Validation vulnerability in Unrealircd 3.2.8.1 UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands. | 7.5 |
2010-06-17 | CVE-2010-1375 | Apple | Improper Authentication vulnerability in Apple mac OS X and mac OS X Server NetAuthSysAgent in Network Authorization in Apple Mac OS X 10.5.8 does not have the expected authorization requirements, which allows local users to gain privileges via unspecified vectors. | 7.2 |
2010-06-16 | CVE-2010-2308 | Sophos | Local Security vulnerability in Anti-Virus Small Business Edition Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function. | 7.2 |
59 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-06-18 | CVE-2010-2340 | Arabportal | SQL Injection vulnerability in Arabportal Arab Portal 2.2 SQL injection vulnerability in members.php in Arab Portal 2.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the by parameter in the msearch action. | 6.8 |
2010-06-18 | CVE-2010-0407 | Muscle | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Muscle Pcsc-Lite Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled. | 6.8 |
2010-06-18 | CVE-2009-4902 | Muscle | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Muscle Pcsc-Lite Buffer overflow in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite 1.5.4 and earlier might allow local users to gain privileges via crafted SCARD_CONTROL message data, which is improperly demarshalled. | 6.8 |
2010-06-17 | CVE-2010-2314 | Edmondhui Homeip Nucleus Group | Code Injection vulnerability in Edmondhui.Homeip NP Twitter 0.8/0.9 PHP remote file inclusion vulnerability in nucleus/plugins/NP_Twitter.php in the NP_Twitter Plugin 0.8 and 0.9 for Nucleus, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DIR_PLUGINS parameter. | 6.8 |
2010-06-17 | CVE-2010-2313 | Anodyne Productions | Path Traversal vulnerability in Anodyne-Productions Simm Management System 2.6.10 Directory traversal vulnerability in index.php in Anodyne Productions SIMM Management System (SMS) 2.6.10, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. | 6.8 |
2010-06-17 | CVE-2010-1411 | Apple | Numeric Errors vulnerability in Apple mac OS X and mac OS X Server Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow. | 6.8 |
2010-06-17 | CVE-2010-1376 | Apple | USE of Externally-Controlled Format String vulnerability in Apple mac OS X and mac OS X Server Multiple format string vulnerabilities in Network Authorization in Apple Mac OS X 10.6 before 10.6.4 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) afp, (2) cifs, or (3) smb URL. | 6.8 |
2010-06-17 | CVE-2010-0543 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with MPEG2 encoding. | 6.8 |
2010-06-16 | CVE-2010-2074 | W3M | Improper Input Validation vulnerability in W3M 0.5.2 istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | 6.8 |
2010-06-15 | CVE-2010-2268 | Accoria | Cross-Site Request Forgery (CSRF) vulnerability in Accoria Rock web Server 1.4.7 Cross-site request forgery (CSRF) vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to hijack the authentication of administrators for requests that create user accounts. | 6.8 |
2010-06-15 | CVE-2010-2294 | Pxsystem | Cross-Site Request Forgery (CSRF) vulnerability in Pxsystem Plume-Cms Cross-site request forgery (CSRF) vulnerability in Plume CMS 1.2.4 and possibly earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via unspecified vectors. | 6.8 |
2010-06-15 | CVE-2010-2293 | D Link | Improper Input Validation vulnerability in D-Link Di-604 The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large "ip textfield" size. | 6.8 |
2010-06-15 | CVE-2009-4893 | Unrealircd | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Unrealircd Buffer overflow in UnrealIRCd 3.2beta11 through 3.2.8, when allow::options::noident is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | 6.8 |
2010-06-17 | CVE-2010-0540 | Apple | Cross-Site Request Forgery (CSRF) vulnerability in Apple mac OS X and mac OS X Server Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for requests that change settings. | 6.0 |
2010-06-15 | CVE-2010-1514 | Tomatocms | Multiple Security vulnerability in TomatoCMS Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and earlier allows remote authenticated users, with certain privileges, to execute arbitrary PHP code by uploading an image file, and then accessing it via a direct request to the file in an unspecified directory. | 6.0 |
2010-06-18 | CVE-2010-0831 | Matthias Klose | Path Traversal vulnerability in Matthias Klose Fastjar 0.98 Directory traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a .. | 5.8 |
2010-06-15 | CVE-2010-2282 | Tomatocms | Cross-Site Request Forgery (CSRF) vulnerability in Tomatocms 2.0.6 Cross-site request forgery (CSRF) vulnerability in TomatoCMS 2.0.6 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password. | 5.1 |
2010-06-18 | CVE-2010-2336 | Yamamah | Information Exposure vulnerability in Yamamah 1.00 index.php in Yamamah Photo Gallery 1.00 allows remote attackers to obtain the source code of executable files within the web document root via the download parameter. | 5.0 |
2010-06-18 | CVE-2010-2334 | Yamamah | Path Traversal vulnerability in Yamamah 1.00 Directory traversal vulnerability in themes/default/download.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to read arbitrary files via a .. | 5.0 |
2010-06-18 | CVE-2010-2333 | Litespeedtech | Information Exposure vulnerability in Litespeedtech Litespeed web Server LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension. | 5.0 |
2010-06-18 | CVE-2010-2332 | Impactfinancials Apple | Improper Input Validation vulnerability in Impactfinancials Impact PDF Reader 1.2/2.0 Impact Financials, Inc. | 5.0 |
2010-06-18 | CVE-2010-2328 | IBM | Unspecified vulnerability in IBM Websphere Application Server The HTTP Channel in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service (NullPointerException) via a large amount of chunked data that uses gzip compression. | 5.0 |
2010-06-18 | CVE-2010-2323 | IBM | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS might allow attackers to obtain sensitive information by reading the default_create.log file that is associated with profile creation by the BBOWWPFx job and the zPMT. | 5.0 |
2010-06-17 | CVE-2010-1379 | Apple | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server Printer Setup in Apple Mac OS X 10.6 before 10.6.4 does not properly interpret character encoding, which allows remote attackers to cause a denial of service (printing failure) by deploying a printing device that has a Unicode character in its printing-service name. | 5.0 |
2010-06-16 | CVE-2010-2310 | Solarwinds | Improper Input Validation vulnerability in Solarwinds Tftp Server 10.4.0.13 SolarWinds TFTP Server 10.4.0.13 allows remote attackers to cause a denial of service (crash) via a long write request. | 5.0 |
2010-06-16 | CVE-2010-2307 | Motorola | Path Traversal vulnerability in Motorola Surfboard Sbv6120E Sbv6X2X1.0.0.5Scm02Shpc Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request. | 5.0 |
2010-06-15 | CVE-2010-2269 | Accoria | Path Traversal vulnerability in Accoria Rock web Server 1.4.7 Directory traversal vulnerability in loadstatic.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to read arbitrary files via a .. | 5.0 |
2010-06-15 | CVE-2010-2266 | F5 | Path Traversal vulnerability in F5 Nginx nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence. | 5.0 |
2010-06-15 | CVE-2010-2263 | F5 | Information Exposure vulnerability in F5 Nginx nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI. | 5.0 |
2010-06-16 | CVE-2010-2070 | Xensource | Local Denial Of Service vulnerability in Xen 'arch/ia64/xen/faults.c' arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and possibly other kernel versions, when running on IA-64 architectures, allows local users to cause a denial of service and "turn on BE by modifying the user mask of the PSR," as demonstrated via exploitation of CVE-2006-0742. | 4.9 |
2010-06-17 | CVE-2010-0545 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X and mac OS X Server The Finder in DesktopServices in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, does not set the expected file ownerships during an "Apply to enclosed items" action, which allows local users to bypass intended access restrictions via normal filesystem operations. | 4.4 |
2010-06-18 | CVE-2010-2327 | IBM | Improper Input Validation vulnerability in IBM Websphere Application Server mod_ibm_ssl in IBM HTTP Server 6.0 before 6.0.2.43, 6.1 before 6.1.0.33, and 7.0 before 7.0.0.11, as used in IBM WebSphere Application Server (WAS) on z/OS, does not properly handle a large HTTP request body in uploading over SSL, which might allow remote attackers to cause a denial of service (daemon fail) via an upload. | 4.3 |
2010-06-18 | CVE-2010-2326 | IBM | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11, when addNode -trace is used during node federation, allows attackers to obtain sensitive information about CIMMetadataCollectorImpl trace actions by reading the addNode.log file. | 4.3 |
2010-06-18 | CVE-2010-2325 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Application Server Cross-site scripting (XSS) vulnerability in the administrative console in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related in part to "URL injection." | 4.3 |
2010-06-17 | CVE-2010-2318 | Phpcityportal | Cross-Site Scripting vulnerability in PHPcityportal 1.3 Cross-site scripting (XSS) vulnerability in cms_data.php in PHPCityPortal 1.3 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | 4.3 |
2010-06-17 | CVE-2010-2316 | Wmsdesign | Cross-Site Scripting vulnerability in Wmsdesign Wmscms Multiple cross-site scripting (XSS) vulnerabilities in default.asp in WmsCms 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) sbr, (3) p, and (4) sbl parameters, different vectors than CVE-2007-3137. | 4.3 |
2010-06-17 | CVE-2010-1748 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Cups The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % (percent) character without two subsequent hex characters, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via a crafted request, as demonstrated by the (1) /admin?OP=redirect&URL=% and (2) /admin?URL=/admin/&OP=% URIs. | 4.3 |
2010-06-17 | CVE-2010-1374 | Apple AOL | Path Traversal vulnerability in Apple mac OS X and mac OS X Server Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, when AIM is used, allows remote attackers to create arbitrary files via directory traversal sequences in an inline image-transfer operation. | 4.3 |
2010-06-17 | CVE-2010-1373 | Apple | Cross-Site Scripting vulnerability in Apple mac OS X and mac OS X Server Cross-site scripting (XSS) vulnerability in Help Viewer in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted help: URL, related to "URL parameters in HTML content." | 4.3 |
2010-06-17 | CVE-2010-0541 | Apple | Cross-Site Scripting vulnerability in Apple mac OS X and mac OS X Server Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page. | 4.3 |
2010-06-16 | CVE-2010-2306 | Sourcefire | Configuration vulnerability in Sourcefire products The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack. | 4.3 |
2010-06-15 | CVE-2010-2301 | Google Opensuse Suse | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. | 4.3 |
2010-06-15 | CVE-2010-2295 | Improper Input Validation vulnerability in Google Chrome page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not properly handle a change of the focused frame during the dispatching of keydown, which allows user-assisted remote attackers to redirect keystrokes via a crafted HTML document, aka rdar problem 7018610. | 4.3 | |
2010-06-15 | CVE-2010-2179 | Adobe | Cross-site Scripting vulnerability in Adobe Flash Player Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing. | 4.3 |
2010-06-15 | CVE-2010-2172 | Adobe | Remote vulnerability in RETIRED: Adobe Flash Player 10.0.45.2 and AIR 1.5.3.9130 Adobe Flash Player 9 before 9.0.277.0 on unspecified UNIX platforms allows attackers to cause a denial of service via unknown vectors. | 4.3 |
2010-06-15 | CVE-2010-2281 | Tomatocms | Cross-Site Scripting vulnerability in Tomatocms 2.0.6 Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS 2.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) keyword or (2) bannerid parameter in conjunction with a /admin/ad/banner/list PATH_INFO; and allow remote authenticated users, with certain privileges, to inject arbitrary web script or HTML via the (3) title or (4) answers parameter in conjunction with a /admin/poll/add PATH_INFO, or the (5) name parameter in conjunction with a /admin/category/add PATH_INFO. | 4.3 |
2010-06-15 | CVE-2010-2280 | IBM | Remote Security vulnerability in Lotus Connections 2.5.0/2.5.0.1 Open redirect vulnerability in the Mobile component in IBM Lotus Connections 2.5.x before 2.5.0.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "mobile edit actions," aka SPR ASRE83PPVH. | 4.3 |
2010-06-15 | CVE-2010-2277 | IBM | Cross-Site Scripting vulnerability in IBM Lotus Connections 2.5.0/2.5.0.1 Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.5.x before 2.5.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) create or (2) edit form in the Communities component, the (3) verbiage field in the Bookmarks component, or (4) unspecified vectors related to the Mobile Blogs component. | 4.3 |
2010-06-15 | CVE-2010-2275 | Dojotoolkit | Cross-Site Scripting vulnerability in Dojotoolkit Dojo Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js in Dojo Toolkit SDK before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the theme parameter, as demonstrated by an attack against dijit/tests/form/test_Button.html. | 4.3 |
2010-06-15 | CVE-2010-2274 | Dojotoolkit | Unspecified vulnerability in Dojotoolkit Dojo Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, possibly related to dojo/resources/iframe_history.html, dojox/av/FLAudio.js, dojox/av/FLVideo.js, dojox/av/resources/audio.swf, dojox/av/resources/video.swf, util/buildscripts/jslib/build.js, util/buildscripts/jslib/buildUtil.js, and util/doh/runner.html. | 4.3 |
2010-06-15 | CVE-2010-2273 | Dojotoolkit | Cross-Site Scripting vulnerability in Dojotoolkit Dojo Multiple cross-site scripting (XSS) vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to dojo/resources/iframe_history.html, dojox/av/FLAudio.js, dojox/av/FLVideo.js, dojox/av/resources/audio.swf, dojox/av/resources/video.swf, util/buildscripts/jslib/build.js, and util/buildscripts/jslib/buildUtil.js, as demonstrated by the (1) dojoUrl and (2) testUrl parameters to util/doh/runner.html. | 4.3 |
2010-06-15 | CVE-2010-2267 | Accoria | Cross-Site Scripting vulnerability in Accoria Rock web Server 1.4.7 Multiple cross-site scripting (XSS) vulnerabilities in Accoria Web Server (aka Rock Web Server) 1.4.7 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the getenv sample program, (2) the desc parameter to loadstatic.cgi, (3) the name parameter to httpdcfg.cgi, or (4) the dns parameter to servercfg.cgi. | 4.3 |
2010-06-15 | CVE-2010-2292 | D Link | Cross-Site Scripting vulnerability in D-Link Di-604 Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field. | 4.3 |
2010-06-15 | CVE-2010-2290 | Mcafee | Cross-Site Scripting vulnerability in Mcafee Unified Threat Management Firewall Firmware 3.0.0/3.1.5/4.0.6 Cross-site scripting (XSS) vulnerability in cgi-bin/cgix/help in McAfee Unified Threat Management (UTM) Firewall (formerly SnapGear) firmware 3.0.0 through 4.0.6 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | 4.3 |
2010-06-15 | CVE-2010-2289 | Juniper | Improper Input Validation vulnerability in Juniper Secure Access 6.5 Open redirect vulnerability in dana/home/homepage.cgi in Juniper Networks IVE 6.5R1 (Build 14599) and 6.5R2 (Build 14951) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the Location parameter. | 4.3 |
2010-06-15 | CVE-2010-2288 | Juniper | Cross-Site Scripting vulnerability in Juniper Secure Access 6.5 Cross-site scripting (XSS) vulnerability in dana/nc/ncrun.cgi in Juniper Networks IVE 6.5R1 (Build 14599) and 6.5R2 (Build 14951) allows remote attackers to inject arbitrary web script or HTML via the DSSignInURL cookie. | 4.3 |
2010-06-15 | CVE-2010-2265 | Microsoft | Cross-Site Scripting vulnerability in Microsoft products Cross-site scripting (XSS) vulnerability in the GetServerName function in sysinfo/commonFunc.js in Microsoft Windows Help and Support Center for Windows XP and Windows Server 2003 allows remote attackers to inject arbitrary web script or HTML via the svr parameter to sysinfo/sysinfomain.htm. | 4.3 |
2010-06-15 | CVE-2009-4894 | Punbb | Cross-Site Scripting vulnerability in Punbb Multiple cross-site scripting (XSS) vulnerabilities in profile.php in PunBB before 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) password or (2) e-mail. | 4.3 |
2010-06-15 | CVE-2010-2278 | IBM | Remote Security vulnerability in Lotus Connections 2.5.0/2.5.0.1 The bookmarklet pop-up in the Bookmarks component in IBM Lotus Connections 2.5.x before 2.5.0.2 does not properly follow the "force SSL" setting, which might make it easier for remote attackers to obtain the cleartext of network communication by sniffing the network, or spoof arbitrary servers via a man-in-the-middle attack. | 4.0 |
12 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-06-16 | CVE-2010-2072 | Radovan Garabik | Cryptographic Issues vulnerability in Radovan Garabik Pyftpd 0.8.4 Pyftpd 0.8.4 creates log files with predictable names in a temporary directory, which allows local users to cause a denial of service and obtain sensitive information. | 3.6 |
2010-06-17 | CVE-2010-1382 | Apple | Cross-Site Scripting vulnerability in Apple mac OS X and mac OS X Server Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote authenticated users to inject arbitrary web script or HTML via crafted Wiki content, related to lack of a charset field. | 3.5 |
2010-06-17 | CVE-2010-1381 | Apple | Configuration vulnerability in Apple mac OS X and mac OS X Server The default configuration of SMB File Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, enables support for wide links, which allows remote authenticated users to access arbitrary files via vectors involving symbolic links. | 3.5 |
2010-06-17 | CVE-2010-0546 | Apple | Link Following vulnerability in Apple mac OS X and mac OS X Server Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete arbitrary folders via a symlink attack in conjunction with an unmount operation on a crafted volume, related to the Cleanup At Startup folder. | 3.3 |
2010-06-15 | CVE-2010-2291 | Snom | Permissions, Privileges, and Access Controls vulnerability in Snom Voip Phone Firmware Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors. | 3.3 |
2010-06-15 | CVE-2010-2286 | Wireshark | Resource Management Errors vulnerability in Wireshark The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | 3.3 |
2010-06-15 | CVE-2010-2285 | Wireshark | Multiple vulnerability in Wireshark 0.8.20 through 1.2.8 The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. | 3.3 |
2010-06-15 | CVE-2010-2283 | Wireshark | Multiple vulnerability in Wireshark 0.8.20 through 1.2.8 The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. | 3.3 |
2010-06-18 | CVE-2010-2322 | Matthias Klose | Path Traversal vulnerability in Matthias Klose Fastjar 0.98 Absolute path traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a full pathname for a file within a .jar archive, a related issue to CVE-2010-0831. | 2.6 |
2010-06-15 | CVE-2010-1515 | Tomatocms | Cross-Site Scripting vulnerability in Tomatocms Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS 2.0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) keyword or (2) article-id parameter in conjunction with a /admin/news/article/list PATH_INFO; the (3) keyword parameter in conjunction with a /admin/multimedia/set/list PATH_INFO; the (4) keyword or (5) fileId parameter in conjunction with a /admin/multimedia/file/list PATH_INFO; or the (6) name, (7) email, or (8) address parameter in conjunction with a /admin/ad/client/list PATH_INFO. | 2.6 |
2010-06-18 | CVE-2009-4901 | Muscle | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Muscle Pcsc-Lite The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a denial of service (daemon crash) via crafted SCARD_SET_ATTRIB message data, which is improperly demarshalled and triggers a buffer over-read, a related issue to CVE-2010-0407. | 2.1 |
2010-06-18 | CVE-2010-2192 | Vincent Fourmond | Link Following vulnerability in Vincent Fourmond Pmount 0.9.18 The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/. | 1.9 |