Weekly Vulnerabilities Reports > August 9 to 15, 2010
Overview
65 new vulnerabilities reported during this period, including 30 critical vulnerabilities and 13 high severity vulnerabilities. This weekly summary report vulnerabilities in 61 products from 16 vendors including Microsoft, Cisco, Adobe, Linux, and HP. Vulnerabilities are notably categorized as "Code Injection", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Improper Input Validation", and "Use of Uninitialized Resource".
- 57 reported vulnerabilities are remotely exploitables.
- 9 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 61 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 23 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 17 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
30 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2010-08-13 | CVE-2010-2995 | Wireshark | Numeric Errors vulnerability in Wireshark The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287. | 10.0 |
| 2010-08-13 | CVE-2010-2994 | Wireshark | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. | 10.0 |
| 2010-08-11 | CVE-2010-2217 | Adobe Linux Microsoft | Code Injection vulnerability in Adobe Flash Media Server and Flash Media Server 2 Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to execute arbitrary code via unspecified vectors, related to a "JS method vulnerability." | 10.0 |
| 2010-08-10 | CVE-2010-2984 | Cisco | Unspecified vulnerability in Cisco Unified Wireless Network Solution Software 7.0/7.0.98.0 Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305. | 10.0 |
| 2010-08-10 | CVE-2010-2978 | Cisco | Cryptographic Issues vulnerability in Cisco Unified Wireless Network Solution Software 7.0/7.0.98.0 Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions, aka Bug ID CSCtd67660. | 10.0 |
| 2010-08-10 | CVE-2010-2977 | Cisco | Configuration vulnerability in Cisco Unified Wireless Network Solution Software 7.0/7.0.98.0 Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not properly implement TLS and SSL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtd01611. | 10.0 |
| 2010-08-10 | CVE-2010-2976 | Cisco | Credentials Management vulnerability in Cisco Unified Wireless Network Solution Software 7.0/7.0.98.0 The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of "default" for the (3) SNMP v3 username, (4) SNMP v3 authentication password, and (5) SNMP v3 privacy password, which makes it easier for remote attackers to obtain access. | 10.0 |
| 2010-08-11 | CVE-2010-2991 | Citrix | Code Injection vulnerability in Citrix Online Plug-In FOR Windows for Xenapp & Xendesktop 11.1 The IICAClient interface in the ICAClient library in the ICA Client ActiveX Object (aka ICO) component in Citrix Online Plug-in for Windows for XenApp & XenDesktop before 12.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document that triggers the reading of a .ICA file. | 9.3 |
| 2010-08-11 | CVE-2010-2990 | Citrix | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Citrix products Citrix Online Plug-in for Windows for XenApp & XenDesktop before 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop before 11.0, Citrix ICA Client for Linux before 11.100, Citrix ICA Client for Solaris before 8.63, and Citrix Receiver for Windows Mobile before 11.5 allow remote attackers to execute arbitrary code via (1) a crafted HTML document, (2) a crafted .ICA file, or (3) a crafted type field in an ICA graphics packet, related to a "heap offset overflow" issue. | 9.3 |
| 2010-08-11 | CVE-2010-2566 | Microsoft | Improper Input Validation vulnerability in Microsoft products The Secure Channel (aka SChannel) security package in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, does not properly validate certificate request messages from TLS and SSL servers, which allows remote servers to execute arbitrary code via a crafted SSL response, aka "SChannel Malformed Certificate Request Remote Code Execution Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-2564 | Microsoft | Code Injection vulnerability in Microsoft Windows Movie Maker 2.1/2.6/6.0 Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted project file, aka "Movie Maker Memory Corruption Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-2562 | Microsoft | Code Injection vulnerability in Microsoft Excel, Office and Open XML File Format Converter Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Excel file, aka "Excel Memory Corruption Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-2561 | Microsoft | Code Injection vulnerability in Microsoft XML Core Services 3.0 Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle HTTP responses, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted response, aka "Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-2560 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 6/7/8 Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Layout Memory Corruption Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-2559 | Microsoft | Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer 8 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, CVE-2010-0245, and CVE-2010-0246. | 9.3 |
| 2010-08-11 | CVE-2010-2558 | Microsoft | Race Condition vulnerability in Microsoft Internet Explorer 6/7/8 Race condition in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to an object in memory, aka "Race Condition Memory Corruption Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-2557 | Microsoft | Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer 6 Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-2556 | Microsoft | Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer 6/7/8 Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-2216 | Adobe | Code Injection vulnerability in Adobe Air, Flash Player and Flash Player for Linux Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2214. | 9.3 |
| 2010-08-11 | CVE-2010-2214 | Adobe | Code Injection vulnerability in Adobe Air, Flash Player and Flash Player for Linux Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2216. | 9.3 |
| 2010-08-11 | CVE-2010-2213 | Adobe | Code Injection vulnerability in Adobe Air, Flash Player and Flash Player for Linux Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2214, and CVE-2010-2216. | 9.3 |
| 2010-08-11 | CVE-2010-1903 | Microsoft | Code Injection vulnerability in Microsoft Office Word Viewer and Word Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed record in a Word file, aka "Word HTML Linked Objects Memory Corruption Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-1902 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via unspecified properties in the data in a crafted RTF document, aka "Word RTF Parsing Buffer Overflow Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-1901 | Microsoft | Code Injection vulnerability in Microsoft products Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich text data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka "Word RTF Parsing Engine Memory Corruption Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-1900 | Microsoft | Code Injection vulnerability in Microsoft products Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 do not properly handle malformed records in a Word file, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, aka "Word Record Parsing Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-1898 | Microsoft Apple | Code Injection vulnerability in Microsoft .Net Framework and Silverlight The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.5.1, and Microsoft Silverlight 2 and 3 before 3.0.50611.0 on Windows and before 3.0.41130.0 on Mac OS X, does not properly handle interfaces and delegations to virtual methods, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-1882 | Microsoft | Buffer Errors vulnerability in Microsoft products Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in (1) a crafted media file or (2) crafted streaming content, aka "MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability." | 9.3 |
| 2010-08-11 | CVE-2010-0209 | Adobe | Code Injection vulnerability in Adobe Air, Flash Player and Flash Player for Linux Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216. | 9.3 |
| 2010-08-11 | CVE-2010-0019 | Microsoft Apple | Code Injection vulnerability in Microsoft Silverlight 3.0.40624.00/3.0.40723.0/3.0.40818.0 Microsoft Silverlight 3 before 3.0.50611.0 on Windows, and before 3.0.41130.0 on Mac OS X, does not properly handle pointers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and framework outage) via a crafted web site, aka "Microsoft Silverlight Memory Corruption Vulnerability." | 9.3 |
| 2010-08-10 | CVE-2010-0834 | Ubuntu Dell | Improper Authentication vulnerability in Ubuntu Linux 10.04/9.10 The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which allows remote archive servers and man-in-the-middle attackers to execute arbitrary code via a crafted package. | 9.3 |
13 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2010-08-09 | CVE-2010-2707 | HP | Unspecified vulnerability in HP products Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors. | 8.3 |
| 2010-08-10 | CVE-2010-2983 | Cisco | Unspecified vulnerability in Cisco Unified Wireless Network Solution Software 7.0/7.0.98.0 The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (dropped connection) via a series of spoofed EAPoL-Logoff frames, related to an "EAPoL logoff attack," aka Bug ID CSCte43374. | 7.8 |
| 2010-08-10 | CVE-2010-2980 | Cisco | Buffer Errors vulnerability in Cisco Unified Wireless Network Solution Software 7.0/7.0.98.0 Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794. | 7.8 |
| 2010-08-10 | CVE-2010-2979 | Cisco | Buffer Errors vulnerability in Cisco Unified Wireless Network Solution Software 7.0/7.0.98.0 Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (buffer leak and device crash) via ARP requests that trigger an ARP storm, aka Bug ID CSCte43508. | 7.8 |
| 2010-08-09 | CVE-2010-2820 | Cisco | Unspecified vulnerability in Cisco products Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61662. | 7.8 |
| 2010-08-09 | CVE-2010-2819 | Cisco | Improper Input Validation vulnerability in Cisco products Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61622. | 7.8 |
| 2010-08-09 | CVE-2010-2818 | Cisco | Unspecified vulnerability in Cisco products Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61710. | 7.8 |
| 2010-08-11 | CVE-2010-2861 | Adobe | Path Traversal vulnerability in Adobe Coldfusion Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm, and (5) enter.cfm in CFIDE/administrator/. | 7.5 |
| 2010-08-11 | CVE-2010-1895 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft products The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, do not properly perform memory allocation before copying user-mode data to kernel mode, which allows local users to gain privileges via a crafted application, aka "Win32k Pool Overflow Vulnerability." | 7.2 |
| 2010-08-11 | CVE-2010-1894 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft products The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, do not properly handle unspecified exceptions, which allows local users to gain privileges via a crafted application, aka "Win32k Exception Handling Vulnerability." | 7.2 |
| 2010-08-10 | CVE-2010-2982 | Cisco | Information Exposure vulnerability in Cisco Unified Wireless Network Solution Software 7.0/7.0.98.0 Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037. | 7.1 |
| 2010-08-10 | CVE-2010-2981 | Cisco | Unspecified vulnerability in Cisco Unified Wireless Network Solution Software 7.0/7.0.98.0 Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370. | 7.1 |
| 2010-08-09 | CVE-2010-2821 | Cisco | Unspecified vulnerability in Cisco products Unspecified vulnerability on the Cisco Firewall Services Module (FWSM) with software 3.2 before 3.2(17.2), 4.0 before 4.0(11.1), and 4.1 before 4.1(1.2) for Catalyst 6500 series switches and 7600 series routers, when multi-mode is enabled, allows remote attackers to cause a denial of service (device reload) via crafted (1) Telnet, (2) SSH, or (3) ASDM traffic over TCP, aka Bug ID CSCtg68694. | 7.1 |
19 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2010-08-11 | CVE-2010-1888 | Microsoft | Race Condition vulnerability in Microsoft Windows XP Race condition in the kernel in Microsoft Windows XP SP3 allows local users to gain privileges via vectors involving thread creation, aka "Windows Kernel Data Initialization Vulnerability." | 6.8 |
| 2010-08-09 | CVE-2010-2708 | HP | Unspecified vulnerability in HP products Unspecified vulnerability on the HP ProCurve 2610 switch before R.11.22, when DHCP is enabled, allows remote attackers to cause a denial of service via unknown vectors. | 6.1 |
| 2010-08-09 | CVE-2010-2706 | HP | Unspecified vulnerability in HP products Unspecified vulnerability in the In-band Agent on the HP ProCurve 2610 switch before R.11.30 allows remote attackers to cause a denial of service via unknown vectors. | 6.1 |
| 2010-08-09 | CVE-2010-2705 | HP | Unspecified vulnerability in HP products Unspecified vulnerability on the HP ProCurve 1800-24G switch with software PB.03.02 and earlier, and the ProCurve 1800-8G switch with software PA.03.02 and earlier, when SNMP is enabled, allows remote attackers to obtain sensitive information via unknown vectors. | 6.1 |
| 2010-08-09 | CVE-2010-2801 | Cabextract Project | Numeric Errors vulnerability in Cabextract Project Cabextract Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library. | 5.1 |
| 2010-08-13 | CVE-2010-2993 | Wireshark | Improper Input Validation vulnerability in Wireshark The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | 5.0 |
| 2010-08-13 | CVE-2010-2992 | Wireshark | Unspecified vulnerability in Wireshark packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference. | 5.0 |
| 2010-08-11 | CVE-2010-2220 | Adobe Linux Microsoft | Unspecified vulnerability in Adobe Flash Media Server and Flash Media Server 2 Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service via unspecified vectors, related to an "input validation issue." | 5.0 |
| 2010-08-11 | CVE-2010-2219 | Adobe Linux Microsoft | Resource Management Errors vulnerability in Adobe Flash Media Server and Flash Media Server 2 Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service (memory consumption) via unknown vectors. | 5.0 |
| 2010-08-11 | CVE-2010-2218 | Adobe Linux Microsoft | Unspecified vulnerability in Adobe Flash Media Server and Flash Media Server 2 Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service via unspecified vectors, related to a "JS method issue." | 5.0 |
| 2010-08-10 | CVE-2010-2989 | Nessus | Information Exposure vulnerability in Nessus web Server Plugin 1.2.4 nessusd_www_server.nbin in the Nessus Web Server plugin 1.2.4 for Nessus allows remote attackers to obtain sensitive information via a request to the /feed method, which reveals the version in a response. | 5.0 |
| 2010-08-10 | CVE-2010-2493 | Redhat | Configuration vulnerability in Redhat Jboss Enterprise SOA Platform The default configuration of the deployment descriptor (aka web.xml) in picketlink-sts.war in (1) the security_saml quickstart, (2) the webservice_proxy_security quickstart, (3) the web-console application, (4) the http-invoker application, (5) the gpd-deployer application, (6) the jbpm-console application, (7) the contract application, and (8) the uddi-console application in JBoss Enterprise SOA Platform before 5.0.2 contains GET and POST http-method elements, which allows remote attackers to bypass intended access restrictions via a crafted HTTP request. | 5.0 |
| 2010-08-11 | CVE-2010-2215 | Adobe | Clickjacking vulnerability in Adobe Air, Flash Player and Flash Player for Linux Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "click-jacking" issue. | 4.3 |
| 2010-08-10 | CVE-2010-2988 | Cisco | Cross-Site Scripting vulnerability in Cisco Unified Wireless Network Solution Software 7.0 Cross-site scripting (XSS) vulnerability in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtf35333. | 4.3 |
| 2010-08-10 | CVE-2010-2987 | Cisco | Cross-Site Scripting vulnerability in Cisco Wireless Control System Software 7.0 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Wireless Control System (WCS) 7.x before 7.0.164, as used in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtg33854. | 4.3 |
| 2010-08-10 | CVE-2010-2986 | Cisco | Cross-Site Scripting vulnerability in Cisco Wireless Control System Software Cross-site scripting (XSS) vulnerability in webacs/QuickSearchAction.do in the search feature in the web interface in Cisco Wireless Control System (WCS) before 6.0(194.0) and 7.x before 7.0.164 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, aka Bug ID CSCtf14288. | 4.3 |
| 2010-08-10 | CVE-2010-2985 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Service Registry and Repository 6.3.0 Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the searchTerm parameter to ServiceRegistry/HelpSearch.do or (2) the queryItems[0].value parameter to ServiceRegistry/QueryWizardProcessStep1.do. | 4.3 |
| 2010-08-09 | CVE-2010-2800 | Cabextract Project | Resource Management Errors vulnerability in Cabextract Project Cabextract The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed MSZIP archive in a .cab file during a (1) test or (2) extract action, related to the libmspack library. | 4.3 |
| 2010-08-10 | CVE-2010-2634 | RSA | Unspecified vulnerability in RSA Envision RSA enVision before 3.7 SP1 allows remote authenticated users to cause a denial of service via unspecified vectors. | 4.0 |
3 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2010-08-10 | CVE-2010-2474 | Redhat | Improper Input Validation vulnerability in Redhat products JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise SOA Platform before 5.0.2 does not properly consider the security domain with which a service is secured, which might allow remote attackers to gain privileges by executing a service. | 3.5 |
| 2010-08-10 | CVE-2010-2574 | Mantisbt | Cross-Site Scripting vulnerability in Mantisbt 1.2.2 Cross-site scripting (XSS) vulnerability in manage_proj_cat_add.php in MantisBT 1.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the name parameter in an Add Category action. | 2.1 |
| 2010-08-10 | CVE-2010-2975 | Cisco | Information Exposure vulnerability in Cisco Unified Wireless Network Solution Software 7.0/7.0.98.0 Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544. | 2.1 |