Weekly Vulnerabilities Reports > June 28 to July 4, 2010
Overview
89 new vulnerabilities reported during this period, including 21 critical vulnerabilities and 29 high severity vulnerabilities. This weekly summary report vulnerabilities in 71 products from 46 vendors including Cisco, Apple, Adobe, Microsoft, and 2Daybiz. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", and "Permissions, Privileges, and Access Controls".
- 84 reported vulnerabilities are remotely exploitables.
- 20 reported vulnerabilities have public exploit available.
- 35 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 82 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 16 reported vulnerabilities.
- Apple has the most reported critical vulnerabilities, with 15 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
21 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-06-29 | CVE-2010-2451 | Kvirc | USE of Externally-Controlled Format String vulnerability in Kvirc 3.4.0/4.0 Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors. | 10.0 |
2010-06-29 | CVE-2009-4919 | Cisco | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco ASA 5580 Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to have an unspecified impact via long IKE attributes, aka Bug ID CSCsu43121. | 10.0 |
2010-06-29 | CVE-2009-4912 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco ASA 5580 Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS client even if this client is unauthorized, which might allow remote attackers to bypass intended access restrictions via an HTTPS session, aka Bug ID CSCso10876. | 10.0 |
2010-06-30 | CVE-2010-1205 | Libpng Apple Fedoraproject Suse Opensuse Vmware Canonical Debian Mozilla | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. | 9.8 |
2010-07-02 | CVE-2010-2620 | Open Ftpd | Improper Authentication vulnerability in Open-Ftpd 1.0 Open&Compact FTP Server (Open-FTPD) 1.2 and earlier allows remote attackers to bypass authentication by sending (1) LIST, (2) RETR, (3) STOR, or other commands without performing the required login steps first. | 9.3 |
2010-06-30 | CVE-2010-2212 | Adobe Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing Flash content with a crafted #1023 (3FFh) tag, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2211. | 9.3 |
2010-06-30 | CVE-2010-2211 | Adobe Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2212. | 9.3 |
2010-06-30 | CVE-2010-2210 | Adobe Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2211, and CVE-2010-2212. | 9.3 |
2010-06-30 | CVE-2010-2209 | Adobe Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. | 9.3 |
2010-06-30 | CVE-2010-2208 | Adobe Apple Microsoft | Code Injection vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, dereference a heap object after this object's deletion, which allows attackers to execute arbitrary code via unspecified vectors. | 9.3 |
2010-06-30 | CVE-2010-2207 | Adobe Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. | 9.3 |
2010-06-30 | CVE-2010-2206 | Adobe Apple Microsoft | Numeric Errors vulnerability in Adobe Acrobat and Acrobat Reader Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow. | 9.3 |
2010-06-30 | CVE-2010-2205 | Adobe Apple Microsoft | Code Injection vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, access uninitialized memory, which allows attackers to execute arbitrary code via unspecified vectors. | 9.3 |
2010-06-30 | CVE-2010-2204 | Adobe Apple Microsoft | Remote Denial of Service vulnerability in Adobe Acrobat and Reader CoolType Typography Engine Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. | 9.3 |
2010-06-30 | CVE-2010-2202 | Adobe Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. | 9.3 |
2010-06-30 | CVE-2010-2201 | Adobe Apple Microsoft | Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content involving the (1) pushstring (0x2C) operator, (2) debugfile (0xF1) operator, and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2168. | 9.3 |
2010-06-30 | CVE-2010-2168 | Adobe Apple Microsoft | Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content, involving the newfunction (0x44) operator and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2201. | 9.3 |
2010-06-30 | CVE-2010-1295 | Adobe Apple Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. | 9.3 |
2010-06-30 | CVE-2010-1285 | Adobe Apple Microsoft | Improper Input Validation vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified manipulations involving the newclass (0x58) operator and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-2168 and CVE-2010-2201. | 9.3 |
2010-06-29 | CVE-2010-2452 | Kvirc | Path Traversal vulnerability in Kvirc 3.4.0/4.0 Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors. | 9.3 |
2010-06-28 | CVE-2010-1929 | Novell | Buffer Errors vulnerability in Novell Imanager 2.7.0/2.7.3 Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc. | 9.0 |
29 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-07-02 | CVE-2010-2625 | Hitachi | Denial-Of-Service vulnerability in Hitachi products Unspecified vulnerability in the Client Service for DPM in Hitachi ServerConductor / Deployment Manager 01-00, 01-01, and 06-00 through 06-00-/A; ServerConductor / Deployment Manager Standard Edition and Enterprise Edition 07-50 through 07-55, and 07-57 through 07-59; and JP1/ServerConductor/Deployment Manager Standard and Enterprise Edition 07-50 through 07-56-/F, 08-00 through 08-09-/E, 08-50 through 08-80-/A, 08-06 through 08-07, and 08-51 through 08-70; allows attackers to cause a denial of service (shutdown and reboot) via unknown vectors. | 7.8 |
2010-06-29 | CVE-2009-4923 | Cisco | Unspecified vulnerability in Cisco ASA 5580 Unspecified vulnerability in the DTLS implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (traceback) via TLS fragments, aka Bug ID CSCso53162. | 7.8 |
2010-06-29 | CVE-2009-4921 | Cisco | Improper Input Validation vulnerability in Cisco ASA 5580 Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (traceback) via malformed TCP packets, aka Bug ID CSCsm84110. | 7.8 |
2010-06-29 | CVE-2009-4920 | Cisco | Unspecified vulnerability in Cisco ASA 5580 Unspecified vulnerability in CTM on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software 8.1(2) allows remote attackers to cause a denial of service (watchdog traceback) via a large amount of small-packet data, aka Bug ID CSCsu11412. | 7.8 |
2010-06-29 | CVE-2009-4918 | Cisco | Improper Input Validation vulnerability in Cisco ASA 5580 Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (IKE process hang) via malformed NAT-T packets, aka Bug ID CSCsr74439. | 7.8 |
2010-06-29 | CVE-2009-4917 | Cisco | Unspecified vulnerability in Cisco ASA 5580 Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via a high volume of SIP traffic, aka Bug ID CSCsr65901. | 7.8 |
2010-06-29 | CVE-2009-4915 | Cisco | Unspecified vulnerability in Cisco ASA 5580 Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via unknown network traffic, as demonstrated by a "connection stress test," aka Bug ID CSCsq68451. | 7.8 |
2010-06-29 | CVE-2009-4914 | Cisco | Resource Management Errors vulnerability in Cisco ASA 5580 Memory leak on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via Subject Alternative Name fields in an X.509 certificate, aka Bug ID CSCsq17879. | 7.8 |
2010-06-29 | CVE-2009-4911 | Cisco | Unspecified vulnerability in Cisco ASA 5580 8.1(1) Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958. | 7.8 |
2010-07-02 | CVE-2010-2626 | Miyabi SEO | Code Injection vulnerability in Miyabi-Seo CGI Tools SEO Links 1.02 index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to execute arbitrary commands via shell metacharacters in the fn command. | 7.5 |
2010-07-02 | CVE-2010-2624 | Iscripts | SQL Injection vulnerability in Iscripts Easysnaps 2.0 Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) comment parameter to add_comments.php, (2) values parameter to tags_details.php, or (3) begin parameter to greetings.php. | 7.5 |
2010-07-02 | CVE-2010-2623 | Internetdm | SQL Injection vulnerability in Internetdm BED and Breakfast SQL injection vulnerability in pages.php in Internet DM Specialist Bed and Breakfast allows remote attackers to execute arbitrary SQL commands via the pp_id parameter. | 7.5 |
2010-07-02 | CVE-2010-2622 | Joomanager Joomla | SQL Injection vulnerability in Joomanager 1.1.1 SQL injection vulnerability in the Joomanager component, possibly 1.1.1, for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | 7.5 |
2010-07-02 | CVE-2010-2616 | Paul Mcenery | SQL Injection vulnerability in Paul Mcenery PHP Bible Search 0.99 SQL injection vulnerability in bible.php in PHP Bible Search, probably 0.99, allows remote attackers to execute arbitrary SQL commands via the chapter parameter. | 7.5 |
2010-07-02 | CVE-2010-2614 | Grafik Power | SQL Injection vulnerability in Grafik-Power Grafik CMS 1.1.1 SQL injection vulnerability in admin/admin.php in Grafik CMS 1.1.2, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit_page action. | 7.5 |
2010-07-02 | CVE-2010-2611 | I Netsolution | SQL Injection vulnerability in I-Netsolution JOB Search Engine Script SQL injection vulnerability in show_search_result.php in i-netsolution Job Search Engine allows remote attackers to execute arbitrary SQL commands via the keyword parameter. | 7.5 |
2010-07-02 | CVE-2010-2610 | 2Daybiz | SQL Injection vulnerability in 2Daybiz JOB Site Script Multiple SQL injection vulnerabilities in 2daybiz Job Site Script allow remote attackers to execute arbitrary SQL commands via the (1) jid parameter to view_current_job.php, (2) job_iid parameter to show_search_more.php, and (3) left_cat parameter to show_search_result.php. | 7.5 |
2010-07-02 | CVE-2010-2609 | 2Daybiz | SQL Injection vulnerability in 2Daybiz JOB Search Engine Script SQL injection vulnerability in show_search_result.php in 2daybiz Job Search Engine Script allows remote attackers to execute arbitrary SQL commands via the keyword parameter. | 7.5 |
2010-07-02 | CVE-2010-1522 | Ordasoft Joomla | SQL Injection vulnerability in Ordasoft COM Booklibrary 1.5.3 Multiple SQL injection vulnerabilities in the BookLibrary Basic (com_booklibrary) component 1.5.3 before 1.5.3_2010_06_20 for Joomla! allow remote attackers to execute arbitrary SQL commands via the bid[] parameter in a (1) lend_request or (2) save_lend_request action to index.php, the id parameter in a (3) mdownload or (4) downitsf action to index.php, or (5) the searchtext parameter in a search action to index.php. | 7.5 |
2010-06-30 | CVE-2010-2518 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM P8 Content Engine and P8 Content Search Engine Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1 before FP3 and the P8 Content Search Engine (P8CSE) before 4.5.0 FP3 and 4.5.1 before FP1, as used in IBM FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), allows remote attackers to gain privileges via unknown vectors. | 7.5 |
2010-06-30 | CVE-2010-2517 | IBM | Security vulnerability in IBM Rational ClearQuest Multiple unspecified vulnerabilities in IBM Rational ClearQuest before 7.1.1.02 have unknown impact and attack vectors, as demonstrated by an AppScan report. | 7.5 |
2010-06-30 | CVE-2010-1521 | Taskfreak | SQL Injection vulnerability in Taskfreak Taskfreak! SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php. | 7.5 |
2010-06-29 | CVE-2010-2516 | 2Daybiz | SQL Injection vulnerability in 2Daybiz Multi Level Marketing Software Multiple SQL injection vulnerabilities in 2daybiz Multi Level Marketing (MLM) Software allow remote attackers to execute arbitrary SQL commands via the username parameter to (1) index.php and (2) admin/index.php. | 7.5 |
2010-06-28 | CVE-2010-2513 | Harmistechnology Joomla | SQL Injection vulnerability in Harmistechnology COM Jeajaxeventcalendar 1.0.5 SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php. | 7.5 |
2010-06-28 | CVE-2010-2512 | 2Daybiz | SQL Injection vulnerability in 2Daybiz Matrimonial Script SQL injection vulnerability in customprofile.php in 2daybiz Matrimonial Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2010-06-28 | CVE-2010-2511 | 2Daybiz | SQL Injection vulnerability in 2Daybiz Multi Level Marketing Software SQL injection vulnerability in viewnews.php in 2daybiz Multi Level Marketing (MLM) Software allows remote attackers to execute arbitrary SQL commands via the nwsid parameter. | 7.5 |
2010-06-28 | CVE-2010-2510 | 2Daybiz | SQL Injection vulnerability in 2Daybiz web Template Software SQL injection vulnerability in customize.php in 2daybiz Web Template Software allows remote attackers to execute arbitrary SQL commands via the tid parameter. | 7.5 |
2010-06-28 | CVE-2010-2508 | 2Daybiz | SQL Injection vulnerability in 2Daybiz Video Community Portal Script 1.0 SQL injection vulnerability in user-profile.php in 2daybiz Video Community Portal Script allows remote attackers to execute arbitrary SQL commands via the userid parameter. | 7.5 |
2010-06-28 | CVE-2010-2502 | Splunk | Path Traversal vulnerability in Splunk Multiple directory traversal vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow (1) remote attackers to read arbitrary files, aka SPL-31194; (2) remote authenticated users to modify arbitrary files, aka SPL-31063; or (3) have an unknown impact via redirects, aka SPL-31067. | 7.5 |
34 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-07-02 | CVE-2010-2627 | EA | Path Traversal vulnerability in EA Battlefield 2 and Battlefield 2142 Multiple directory traversal vulnerabilities in the Refractor 2 engine, as used in Battlefield 2 1.50 (1.5.3153-802.0) and earlier, and Battlefield 2142 (1.10.48.0) and earlier, allow remote servers to overwrite arbitrary files on the client via "..\" (dot dot backslash) sequences in URLs for the (1) sponsor or (2) community logos, and other URLs related to (3) DemoDownloadURL, (4) DemoIndexURL and (5) CustomMapsURL. | 6.8 |
2010-07-02 | CVE-2010-1666 | DAN Pascu | Buffer Errors vulnerability in DAN Pascu Python-Cjson 1.0.5 Buffer overflow in Dan Pascu python-cjson 1.0.5, when UCS-4 encoding is enabled, allows context-dependent attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors involving crafted Unicode input to the cjson.encode function. | 6.8 |
2010-07-02 | CVE-2010-2618 | Insanevisions | Code Injection vulnerability in Insanevisions Adapcms 2.0.0/2.0.1 PHP remote file inclusion vulnerability in inc/smarty/libs/init.php in AdaptCMS 2.0.0 Beta, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter. | 6.8 |
2010-06-30 | CVE-2010-2203 | Adobe Unix | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3.3 on UNIX allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 6.8 |
2010-06-29 | CVE-2009-4922 | Cisco | Unspecified vulnerability in Cisco ASA 5580 Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (traceback) by establishing many IPsec L2L tunnels from remote peer IP addresses, aka Bug ID CSCso15583. | 6.8 |
2010-06-28 | CVE-2010-2515 | Dacian Strain Joomla | SQL Injection vulnerability in Dacian Strain COM Jfaq 1.2 Multiple SQL injection vulnerabilities in index.php in the JFaq (com_jfaq) component 1.2 for Joomla!, when magic_quotes_gpc is disabled, allow (1) remote attackers to execute arbitrary SQL commands via the id parameter, and (2) remote authenticated users with "Public Front-end" permissions to execute arbitrary SQL commands via the titlu parameter (title field). | 6.8 |
2010-06-28 | CVE-2010-2507 | Masselink Joomla | Path Traversal vulnerability in Masselink COM Picasa2Gallery Directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. | 6.8 |
2010-06-28 | CVE-2010-2231 | Moodle | Cross-Site Request Forgery (CSRF) vulnerability in Moodle Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attemptid parameter. | 6.8 |
2010-06-30 | CVE-2010-2249 | Libpng Apple Fedoraproject Suse Opensuse Vmware Canonical Debian | Memory Leak vulnerability in multiple products Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. | 6.5 |
2010-06-28 | CVE-2010-2504 | Splunk | Information Disclosure vulnerability in Splunk Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066. | 6.0 |
2010-07-02 | CVE-2010-2621 | QT Digia | Improper Input Validation vulnerability in multiple products The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request. | 5.0 |
2010-06-29 | CVE-2009-4913 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco ASA 5580 The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) exposes IP services on the "far side of the box," which might allow remote attackers to bypass intended access restrictions via IPv6 packets, aka Bug ID CSCso58622. | 5.0 |
2010-06-28 | CVE-2010-2505 | Saschart | Improper Input Validation vulnerability in Saschart Sascam Webcam Server 2.6.5 Soft SaschArt SasCAM Webcam Server 2.6.5, 2.7, and earlier allows remote attackers to cause a denial of service (crash) via a large number of requests with a long line, as demonstrated using a long GET request. | 5.0 |
2010-06-28 | CVE-2010-1930 | Novell | Numeric Errors vulnerability in Novell Imanager 2.7.0/2.7.3 Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc. | 5.0 |
2010-06-28 | CVE-2010-1204 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Bugzilla Search.pm in Bugzilla 2.17.1 through 3.2.6, 3.3.1 through 3.4.6, 3.5.1 through 3.6, and 3.7 allows remote attackers to obtain potentially sensitive time-tracking information via a crafted search URL, related to a "boolean chart search." | 5.0 |
2010-07-02 | CVE-2009-4924 | DAN Pascu | Cross-Site Scripting vulnerability in DAN Pascu Python-Cjson 1.0.5 Dan Pascu python-cjson 1.0.5 does not properly handle a ['/'] argument to cjson.encode, which makes it easier for remote attackers to conduct certain cross-site scripting (XSS) attacks involving Firefox and the end tag of a SCRIPT element. | 4.3 |
2010-07-02 | CVE-2010-2617 | Paul Mcenery | Cross-Site Scripting vulnerability in Paul Mcenery PHP Bible Search 0.99 Cross-site scripting (XSS) vulnerability in bible.php in PHP Bible Search allows remote attackers to inject arbitrary web script or HTML via the chapter parameter. | 4.3 |
2010-07-02 | CVE-2010-2615 | Grafik Power | Cross-Site Scripting vulnerability in Grafik-Power Grafik CMS 1.1.1 Multiple cross-site scripting (XSS) vulnerabilities in admin/admin.php in Grafik CMS 1.1.2, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) page_menu and (2) description parameters in an edit_page action. | 4.3 |
2010-07-02 | CVE-2010-2613 | Harmistechnology Joomla | Cross-Site Scripting vulnerability in Harmistechnology COM AWD Song Cross-site scripting (XSS) vulnerability in the JExtensions JE Awd Song (com_awd_song) component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the song review field, which is not properly handled in a view action to index.php. | 4.3 |
2010-07-02 | CVE-2010-2598 | Redhat | Improper Input Validation vulnerability in Redhat Enterprise Linux 3/3.0 LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to "downsampled OJPEG input." | 4.3 |
2010-07-02 | CVE-2010-2597 | Libtiff | Improper Input Validation vulnerability in Libtiff 3.9.0/3.9.2 The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image, related to "downsampled OJPEG input" and possibly related to a compiler optimization that triggers a divide-by-zero error. | 4.3 |
2010-07-02 | CVE-2010-2596 | Libtiff | Improper Input Validation vulnerability in Libtiff 3.9.0/3.9.2 The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF image, related to "downsampled OJPEG input." | 4.3 |
2010-07-02 | CVE-2010-2595 | Libtiff | Improper Input Validation vulnerability in Libtiff 3.9.0/3.9.2 The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to "downsampled OJPEG input." | 4.3 |
2010-06-30 | CVE-2010-1520 | Taskfreak | Cross-Site Scripting vulnerability in Taskfreak Taskfreak! Cross-site scripting (XSS) vulnerability in logout.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to inject arbitrary web script or HTML via the tznMessage parameter. | 4.3 |
2010-06-29 | CVE-2009-4910 | Cisco | Cross-Site Scripting vulnerability in Cisco ASA 5580 Cross-site scripting (XSS) vulnerability in the WebVPN portal on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCsq78418. | 4.3 |
2010-06-29 | CVE-2008-7257 | Cisco | Improper Input Validation vulnerability in Cisco ASA 5580 8.1(1) CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary HTTP headers as demonstrated by a redirect attack involving a %0d%0aLocation%3a sequence in a URI, or conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCsr09163. | 4.3 |
2010-06-28 | CVE-2010-2514 | Dacian Strain Joomla | Cross-Site Scripting vulnerability in Dacian Strain COM Jfaq 1.2 Cross-site scripting (XSS) vulnerability in the JFaq (com_jfaq) component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the question parameter in an add2 action to index.php. | 4.3 |
2010-06-28 | CVE-2010-2509 | 2Daybiz | Cross-Site Scripting vulnerability in 2Daybiz web Template Software Multiple cross-site scripting (XSS) vulnerabilities in 2daybiz Web Template Software allow remote attackers to inject arbitrary web script or HTML via the (1) keyword parameter to category.php and the (2) password parameter to memberlogin.php. | 4.3 |
2010-06-28 | CVE-2010-2503 | Splunk | Cross-Site Scripting vulnerability in Splunk Multiple cross-site scripting (XSS) vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow remote attackers to inject arbitrary web script or HTML via (1) redirects, aka SPL-31067; (2) unspecified "user->user or user->admin" vectors, aka SPL-31084; or (3) unspecified "user input," aka SPL-31085. | 4.3 |
2010-06-28 | CVE-2010-2229 | Moodle | Cross-Site Scripting vulnerability in Moodle Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 4.3 |
2010-06-28 | CVE-2010-2228 | Moodle | Cross-Site Scripting vulnerability in Moodle Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via vectors involving extended characters in a username. | 4.3 |
2010-07-02 | CVE-2004-2769 | Cerberusftp | Permissions, Privileges, and Access Controls vulnerability in Cerberusftp FTP Server Cerberus FTP Server before 4.0.3.0 allows remote authenticated users to list hidden files, even when the "Display hidden files" option is enabled, via the (1) MLSD or (2) MLST commands. | 4.0 |
2010-06-29 | CVE-2009-4916 | Cisco | Unspecified vulnerability in Cisco ASA 5580 Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (console hang) via a login action during failover replication, aka Bug ID CSCsq80095. | 4.0 |
2010-06-28 | CVE-2010-2230 | Moodle | Cross-Site Scripting vulnerability in Moodle The KSES text cleaning filter in lib/weblib.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via HTML input. | 4.0 |
5 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2010-06-28 | CVE-2010-2506 | Cisco | Cross-Site Scripting vulnerability in Cisco Linksys Firmware and Linksys Wap54G Cross-site scripting (XSS) vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04.03 allows remote attackers to inject arbitrary web script or HTML via the data1 parameter. | 2.9 |
2010-07-02 | CVE-2010-2612 | HP | Information Exposure vulnerability in HP Openvms and Openvms FOR Integrity Servers Unspecified vulnerability in the HP OpenVMS Auditing feature in OpenVMS ALPHA 7.3-2, 8.2, and 8.3; and OpenVMS for Integrity Servers 8.3 AND 8.3-1H1; allows local users to obtain sensitive information via unknown vectors. | 2.1 |
2010-07-02 | CVE-2010-2619 | Citrix | Denial-Of-Service vulnerability in XenServer Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger "incorrectly set flags." | 1.9 |
2010-06-28 | CVE-2010-2470 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Bugzilla Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when use_suexec is enabled, uses world-readable permissions within (1) .bzr/ and (2) data/webdot/, which allows local users to obtain potentially sensitive data by reading files in these directories, a different vulnerability than CVE-2010-0180. | 1.9 |
2010-06-28 | CVE-2010-0180 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Bugzilla Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when use_suexec is enabled, uses world-readable permissions for the localconfig files, which allows local users to read sensitive configuration fields, as demonstrated by the database password field and the site_wide_secret field. | 1.9 |