Weekly Vulnerabilities Reports > October 18 to 24, 2010

Overview

138 new vulnerabilities reported during this period, including 40 critical vulnerabilities and 9 high severity vulnerabilities. This weekly summary report vulnerabilities in 83 products from 51 vendors including SUN, G Rodola, Mozilla, Google, and Opera. Vulnerabilities are notably categorized as "Improper Input Validation", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Permissions, Privileges, and Access Controls", "Cross-site Scripting", and "Race Condition".

  • 104 reported vulnerabilities are remotely exploitables.
  • 5 reported vulnerabilities have public exploit available.
  • 10 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 126 reported vulnerabilities are exploitable by an anonymous user.
  • SUN has the most reported vulnerabilities, with 27 reported vulnerabilities.
  • SUN has the most reported critical vulnerabilities, with 18 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

40 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2010-10-19 CVE-2010-3574 SUN Remote Networking vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3572 SUN Remote Sound vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3571 SUN ICC Profile vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3569 SUN Unspecified vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3568 SUN Remote Java Runtime Environment vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3567 SUN Remote 2D vulnerability in SUN JDK and JRE

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3566 SUN ICC Profile vulnerability in SUN JDK and JRE

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3565 SUN JPEGImageWriter.writeImage vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3563 SUN BasicServiceImpl vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3562 SUN Remote 2D vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3559 SUN HeadspaceSoundbank.nGetName vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3558 SUN Remote Java Web Start vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3556 SUN Remote 2D vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3554 SUN Remote CORBA vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3553 SUN Remote Swing vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3552 SUN Remote New Java Plug-in vulnerability in SUN JDK and JRE

Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2010-10-19 CVE-2010-3748 Realnetworks Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer and Realplayer SP

Stack-based buffer overflow in the RichFX component in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via unknown vectors.

10.0
2010-10-18 CVE-2010-0219 Apache
SAP
Credentials Management vulnerability in multiple products

Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.

10.0
2010-10-21 CVE-2010-4045 Opera Permissions, Privileges, and Access Controls vulnerability in Opera Browser

Opera before 10.63 does not properly restrict web script in unspecified circumstances involving reloads and redirects, which allows remote attackers to spoof the Address Bar, conduct cross-site scripting (XSS) attacks, and possibly execute arbitrary code by leveraging the ability of a script to interact with a web page from (1) a different domain or (2) a different security context.

9.3
2010-10-21 CVE-2010-4035 Google Improper Input Validation vulnerability in Google Chrome

Google Chrome before 7.0.517.41 does not properly perform autofill operations for forms, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document.

9.3
2010-10-21 CVE-2010-4034 Google Improper Input Validation vulnerability in Google Chrome

Google Chrome before 7.0.517.41 does not properly handle forms, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document.

9.3
2010-10-21 CVE-2010-3183 Mozilla Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a "dangling pointer" and the JS_ValueToId function.

9.3
2010-10-21 CVE-2010-3180 Mozilla Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window.

9.3
2010-10-21 CVE-2010-3179 Mozilla Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method.

9.3
2010-10-21 CVE-2010-3176 Mozilla Memory-Corruption vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

9.3
2010-10-21 CVE-2010-3175 Mozilla Memory-Corruption vulnerability in Mozilla Firefox and Thunderbird

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

9.3
2010-10-21 CVE-2010-3174 Mozilla Memory-Corruption vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

9.3
2010-10-19 CVE-2010-3555 SUN Remote ActiveX Plug-in vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

9.3
2010-10-19 CVE-2010-3550 SUN Remote Java Web Start vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

9.3
2010-10-19 CVE-2010-3976 Adobe
Microsoft
DLL Loading Arbitrary Code Execution vulnerability in Adobe Flash Player

Untrusted search path vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a file that is processed by Flash Player.

9.3
2010-10-19 CVE-2010-3975 Adobe Unspecified vulnerability in Adobe Flash Player 9.0

Untrusted search path vulnerability in Adobe Flash Player 9 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse schannel.dll that is located in the same folder as a file that is processed by Flash.

9.3
2010-10-19 CVE-2010-3157 Kmonos Unspecified vulnerability in Kmonos Xacrett 49

Untrusted search path vulnerability in XacRett before 50 allows attackers to execute arbitrary code via a Trojan horse executable file, related to the explorer.exe filename and use of Windows Explorer.

9.3
2010-10-19 CVE-2010-3751 Realnetworks Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer and Realplayer SP

Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 allow remote attackers to execute arbitrary code via a long .smil argument to the (1) tfile, (2) pnmm, or (3) cdda protocol handler.

9.3
2010-10-19 CVE-2010-3750 Realnetworks Improper Input Validation vulnerability in Realnetworks Realplayer and Realplayer SP

rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly validate file contents that are used during interaction with a heap buffer, which allows remote attackers to execute arbitrary code via crafted Name Value Property (NVP) elements in logical streams in a media file.

9.3
2010-10-19 CVE-2010-3749 Realnetworks Code Injection vulnerability in Realnetworks Realplayer and Realplayer SP

The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a " (double quote) in an argument to the RecordClip method, aka "parameter injection."

9.3
2010-10-19 CVE-2010-3747 Realnetworks Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer and Realplayer SP

An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly initialize an unspecified object component during parsing of a CDDA URI, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and application crash) via a long URI.

9.3
2010-10-19 CVE-2010-2998 Realnetworks Improper Input Validation vulnerability in Realnetworks Realplayer and Realplayer SP

Array index error in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.0.1 allows remote attackers to execute arbitrary code via malformed sample data in a RealMedia .IVR file, related to a "malformed IVR pointer index" issue.

9.3
2010-10-19 CVE-2010-2578 Realnetworks Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer and Realplayer SP

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via a crafted QCP file.

9.3
2010-10-23 CVE-2010-4053 IBM Buffer Errors vulnerability in IBM Informix Dynamic Server 11.10/11.50

Stack-based buffer overflow in an unspecified logging function in oninit.exe in IBM Informix Dynamic Server (IDS) 11.10 before 11.10.xC2W2 and 11.50 before 11.50.xC1 allows remote authenticated users to execute arbitrary code via a crafted EXPLAIN directive, aka idsdb00154125 and idsdb00154243.

9.0
2010-10-18 CVE-2010-3983 SAP Permissions, Privileges, and Access Controls vulnerability in SAP Businessobjects 3.2

CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property.

9.0

9 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2010-10-18 CVE-2010-3287 HP Unspecified vulnerability in HP products

Unspecified vulnerability on HP ProCurve Access Points, Access Controllers, and Mobility Controllers with software 5.1.x through 5.1.9, 5.2.x through 5.2.7, 5.3.x through 5.3.5, and 5.4.x through 5.4.0 allows remote attackers to execute arbitrary code via unknown vectors.

8.3
2010-10-19 CVE-2010-3570 SUN Remote Deployment Toolkit vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Deployment Toolkit component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.6
2010-10-21 CVE-2010-4042 Google
Opensuse
Improper Input Validation vulnerability in Google Chrome

Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements."

7.5
2010-10-21 CVE-2010-4041 Google
Linux
Multiple Security vulnerability in Google Chrome prior to 7.0.517.41

The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unspecified vectors.

7.5
2010-10-21 CVE-2010-4039 Google
Linux
Multiple Security vulnerability in Google Chrome prior to 7.0.517.41

Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which has unspecified impact and attack vectors.

7.5
2010-10-21 CVE-2010-3173 Mozilla Cryptographic Issues vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.

7.5
2010-10-19 CVE-2010-3561 SUN Remote CORBA vulnerability in SUN JDK and JRE

Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5
2010-10-19 CVE-2008-7263 G Rodola Improper Authentication vulnerability in G.Rodola Pyftpdlib

ftpserver.py in pyftpdlib before 0.5.0 does not delay its response after receiving an invalid login attempt, which makes it easier for remote attackers to obtain access via a brute-force attack.

7.5
2010-10-19 CVE-2007-6737 G Rodola Improper Authentication vulnerability in G.Rodola Pyftpdlib 0.1

FTPServer.py in pyftpdlib before 0.2.0 does not increment the attempted_logins count for a USER command that specifies an invalid username, which makes it easier for remote attackers to obtain access via a brute-force attack.

7.5

88 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2010-10-21 CVE-2010-3182 Mozilla Local Privilege Escalation vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-21 CVE-2010-3181 Mozilla Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory.

6.9
2010-10-20 CVE-2010-3394 Texmacs Unspecified vulnerability in Texmacs 1.0.7.4

The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3393 Ecmwf Unspecified vulnerability in Ecmwf Magics++ 2.10.0

magics-config in Magics++ 2.10.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3389 Linux HA Unspecified vulnerability in Linux-Ha OCF Resource Agents 1.0.3

The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or cluster-agents) 1.0.3 in Linux-HA place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3386 Lttng Unspecified vulnerability in Lttng UST 0.7

usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3385 Herac Unspecified vulnerability in Herac Tuxguitar 1.2

TuxGuitar 1.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3384 Bernhard Wymann Unspecified vulnerability in Bernhard Wymann Torcs 1.3.1

The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5) trackgen, and (6) nfs2ac scripts in TORCS 1.3.1 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3383 Teamspeak Unspecified vulnerability in Teamspeak 2.0.32

The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3382 Uoregon Unspecified vulnerability in Uoregon TAU 2.16.4

tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3381 Alex Launi Unspecified vulnerability in Alex Launi Tangerine 0.3.2.2

The (1) tangerine and (2) tangerine-properties scripts in Tangerine 0.3.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3378 Scilab Unspecified vulnerability in Scilab 5.2.2

The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in Scilab 5.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3377 Salome Platform Unspecified vulnerability in Salome-Platform Salome 5.1.3

The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and (4) hxx2salome scripts in SALOME 5.1.3 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3376 Root Unspecified vulnerability in Root 5.18/00

The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in ROOT 5.18/00 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3369 Debian Unspecified vulnerability in Debian Mono-Debugger

The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, and other versions before 2.8.1, place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3366 Zeus Physik UNI Bonn Unspecified vulnerability in Zeus.Physik.Uni-Bonn MN FIT 5.13

Mn_Fit 5.13 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3365 Mistelix Unspecified vulnerability in Mistelix 0.31

Mistelix 0.31 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3364 Vips Unspecified vulnerability in Vips 7.22.2

The vips-7.22 script in VIPS 7.22.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3363 Roaraudio Unspecified vulnerability in Roaraudio 0.3

roarify in roaraudio 0.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3362 Last Unspecified vulnerability in Last Last.Fm 1.5.4

lastfm 1.5.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3361 Shrew Unspecified vulnerability in Shrew VPN Client 2.1.5

The (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3360 Pedro Villavicencio Garrido Unspecified vulnerability in Pedro Villavicencio Garrido Hipo 0.6.1

Hipo 0.6.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3358 Henner Zeller Unspecified vulnerability in Henner Zeller Henplus 0.9.7

HenPlus JDBC SQL-Shell 0.9.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3357 Pedro Castro Unspecified vulnerability in Pedro Castro Gnome-Subtitles 1.0

gnome-subtitles 1.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3355 Erik Hjortsberg Unspecified vulnerability in Erik Hjortsberg Ember 0.5.7

Ember 0.5.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3354 Dropbox Unspecified vulnerability in Dropbox 0.7.110

dropboxd in Dropbox 0.7.110 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3353 More Cowbell Unspecified vulnerability in More-Cowbell Cowbell 0.2.7.1

Cowbell 0.2.7.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3351 Nick Copeland Local Privilege Escalation vulnerability in Bristol 'LD_LIBRARY_PATH'

startBristol in Bristol 0.60.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3350 Bareftp Improper Input Validation vulnerability in Bareftp 0.3.4

bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-20 CVE-2010-3349 Ardour Unspecified vulnerability in Ardour 2.8.11

Ardour 2.8.11 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

6.9
2010-10-19 CVE-2010-3158 Lhaplus Unspecified vulnerability in Lhaplus

Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse executable file in the current working directory.

6.9
2010-10-18 CVE-2010-2369 Susie RO Unspecified vulnerability in Susie RO Lhasa

Untrusted search path vulnerability in Lhasa 0.19 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory.

6.9
2010-10-18 CVE-2010-2368 Lhaplus Unspecified vulnerability in Lhaplus

Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

6.9
2010-10-23 CVE-2010-3288 HP Cross-Site Request Forgery (CSRF) vulnerability in HP Systems Insight Manager

Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8
2010-10-21 CVE-2010-4040 Google
Debian
Opensuse
Improper Input Validation vulnerability in Google Chrome

Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted image.

6.8
2010-10-21 CVE-2010-4036 Google Improper Input Validation vulnerability in Google Chrome

Google Chrome before 7.0.517.41 does not properly handle the unloading of a page, which allows remote attackers to spoof URLs via unspecified vectors.

6.8
2010-10-19 CVE-2010-3557 SUN Remote Swing vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

6.8
2010-10-19 CVE-2010-3549 SUN HTTP Response Splitting vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

6.8
2010-10-23 CVE-2010-3290 HP Remote Privilege Escalation vulnerability in HP Systems Insight Manager

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote authenticated users to gain privileges via unknown vectors.

6.5
2010-10-19 CVE-2008-7262 G Rodola Path Traversal vulnerability in G.Rodola Pyftpdlib 0.1/0.1.1

Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.3.0 allow remote authenticated users to access arbitrary files and directories via vectors involving a symlink in a pathname to a (1) CWD, (2) DELE, (3) STOR, or (4) RETR command.

6.5
2010-10-19 CVE-2007-6741 G Rodola Permissions, Privileges, and Access Controls vulnerability in G.Rodola Pyftpdlib 0.1

The ftp_PORT function in FTPServer.py in pyftpdlib before 0.2.0 does not prevent TCP connections to privileged ports if the destination IP address matches the source IP address of the connection from the FTP client, which might allow remote authenticated users to conduct FTP bounce attacks via crafted FTP data, as demonstrated by an FTP bounce attack against a NAT server, a related issue to CVE-1999-0017.

6.5
2010-10-19 CVE-2007-6736 G Rodola Path Traversal vulnerability in G.Rodola Pyftpdlib 0.1

Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and directories via a ..

6.5
2010-10-21 CVE-2010-3178 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document.

5.8
2010-10-19 CVE-2010-3573 SUN Same Origin Bypass vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

5.1
2010-10-19 CVE-2010-3541 SUN Remote Networking vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

5.1
2010-10-23 CVE-2010-4057 IBM Numeric Errors vulnerability in IBM Soliddb

solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via a TCP session on port 1315.

5.0
2010-10-23 CVE-2010-4056 IBM Denial-Of-Service vulnerability in solidDB

solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on port 1315.

5.0
2010-10-23 CVE-2010-4055 IBM Resource Management Errors vulnerability in IBM Soliddb

Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 and earlier allows remote attackers to cause a denial of service (memory consumption and daemon crash) by connecting to TCP port 1315 and sending a packet with many integer fields, which trigger many recursive calls of a certain function.

5.0
2010-10-21 CVE-2010-4038 Google Improper Resource Shutdown OR Release vulnerability in Google Chrome

The Web Sockets implementation in Google Chrome before 7.0.517.41 does not properly handle a shutdown action, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

5.0
2010-10-21 CVE-2010-4033 Google Multiple Security vulnerability in Google Chrome prior to 7.0.517.41

Google Chrome before 7.0.517.41 does not properly implement the autofill and autocomplete functionality, which allows remote attackers to conduct "profile spamming" attacks via unspecified vectors.

5.0
2010-10-20 CVE-2010-4007 Oracle Cryptographic Issues vulnerability in Oracle Mojarra

Oracle Mojarra uses an encrypted View State without a Message Authentication Code (MAC), which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack, a related issue to CVE-2010-2057.

5.0
2010-10-20 CVE-2010-2057 Apache Cryptographic Issues vulnerability in Apache Myfaces

shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, 1.2.x before 1.2.9, and 2.0.x before 2.0.1 uses an encrypted View State without a Message Authentication Code (MAC), which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack.

5.0
2010-10-19 CVE-2010-3551 SUN Remote Networking vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors.

5.0
2010-10-19 CVE-2010-3548 SUN Remote JNDI vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors.

5.0
2010-10-19 CVE-2010-3492 Python Denial-Of-Service vulnerability in Python

The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections.

5.0
2010-10-19 CVE-2007-6739 G Rodola Improper Input Validation vulnerability in G.Rodola Pyftpdlib 0.1

FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to cause a denial of service via a long command.

5.0
2010-10-19 CVE-2007-6738 G Rodola Unspecified vulnerability in G.Rodola Pyftpdlib

pyftpdlib before 0.1.1 does not choose a random value for the port associated with the PASV command, which makes it easier for remote attackers to obtain potentially sensitive information about the number of in-progress data connections by reading the response to this command.

5.0
2010-10-18 CVE-2010-3982 SAP Information Exposure vulnerability in SAP Businessobjects 3.2

SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigger TCP connections to arbitrary intranet hosts on any port, and obtain potentially sensitive information about open ports, via the apstoken parameter to the CrystalReports/viewrpt.cwr URI, related to an "internal port scanning" issue.

5.0
2010-10-18 CVE-2010-3979 SAP Information Exposure vulnerability in SAP Businessobjects 3.2

Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different error messages depending on whether the Login field corresponds to a valid username, which allows remote attackers to enumerate account names via a login SOAPAction to the dswsbobje/services/session URI.

5.0
2010-10-18 CVE-2010-3286 HP Unspecified vulnerability in HP Systems Insight Manager 6.0/6.1

Unspecified vulnerability in HP Systems Insight Manager (SIM) 6.0 and 6.1 allows remote attackers to read arbitrary files via unknown vectors.

5.0
2010-10-18 CVE-2009-5005 Apache
Redhat
The Cluster::deliveredEvent function in cluster/Cluster.cpp in Apache Qpid, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote attackers to cause a denial of service (daemon crash and cluster outage) via invalid AMQP data.
5.0
2010-10-23 CVE-2010-4054 Artifex Buffer Errors vulnerability in Artifex products

The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043.

4.3
2010-10-23 CVE-2010-3289 HP Cross-Site Scripting vulnerability in HP Systems Insight Manager

Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2010-10-21 CVE-2010-4050 Opera Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opera Browser

Opera before 10.63 allows remote attackers to cause a denial of service (memory corruption) by referencing an SVG document in an IMG element.

4.3
2010-10-21 CVE-2010-4049 Opera Improper Input Validation vulnerability in Opera Browser

Opera before 10.63 allows remote attackers to cause a denial of service (application crash) via a Flash movie with a transparent Window Mode (aka wmode) property, which is not properly handled during navigation away from the containing HTML document.

4.3
2010-10-21 CVE-2010-4048 Opera Improper Input Validation vulnerability in Opera Browser

Opera before 10.63 allows user-assisted remote web servers to cause a denial of service (application crash) by sending a redirect during the saving of a file.

4.3
2010-10-21 CVE-2010-4047 Opera Cross-Site Scripting vulnerability in Opera Browser

Opera before 10.63 does not properly select the security context of JavaScript code associated with an error page, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site.

4.3
2010-10-21 CVE-2010-4046 Opera Information Exposure vulnerability in Opera Browser

Opera before 10.63 does not properly verify the origin of video content, which allows remote attackers to obtain sensitive information by using a video stream as HTML5 canvas content.

4.3
2010-10-21 CVE-2010-4044 Opera Improper Input Validation vulnerability in Opera Browser

Opera before 10.63 does not ensure that the portion of a URL shown in the Address Bar contains the beginning of the URL, which allows remote attackers to spoof URLs by changing a window's size.

4.3
2010-10-21 CVE-2010-4043 Opera Permissions, Privileges, and Access Controls vulnerability in Opera Browser

Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive information via a crafted document.

4.3
2010-10-21 CVE-2010-4037 Google Multiple Security vulnerability in Google Chrome prior to 7.0.517.41

Unspecified vulnerability in Google Chrome before 7.0.517.41 allows remote attackers to bypass the pop-up blocker via unknown vectors.

4.3
2010-10-21 CVE-2010-3291 HP Cross-Site Scripting vulnerability in HP Assetcenter and Assetmanager

Cross-site scripting (XSS) vulnerability in HP AssetCenter 5.0x through AC_5.03, and AssetManager 5.1x through AM_5.12 and 5.2x through AM_5.22, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2010-10-21 CVE-2010-3177 Mozilla Cross-Site Scripting vulnerability in Mozilla Firefox and Seamonkey

Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server.

4.3
2010-10-21 CVE-2010-3170 Mozilla Cryptographic Issues vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

4.3
2010-10-20 CVE-2010-0782 IBM Unspecified vulnerability in IBM Websphere MQ

IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows remote attackers to spoof X.509 certificate authentication, and send or receive channel messages, via a crafted Subject Distinguished Name (DN) value in a certificate.

4.3
2010-10-19 CVE-2010-3495 Zope Race Condition vulnerability in Zope Zodb

Race condition in ZEO/StorageServer.py in Zope Object Database (ZODB) before 3.10.0 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, a related issue to CVE-2010-3492.

4.3
2010-10-19 CVE-2010-3494 G Rodola Race Condition vulnerability in G.Rodola Pyftpdlib

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, a related issue to CVE-2010-3492.

4.3
2010-10-19 CVE-2010-3493 Python Race Condition vulnerability in Python 3.1/3.2

Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492.

4.3
2010-10-19 CVE-2009-5011 G Rodola Race Condition vulnerability in G.Rodola Pyftpdlib

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerability than CVE-2010-3494.

4.3
2010-10-19 CVE-2009-5010 G Rodola Race Condition vulnerability in G.Rodola Pyftpdlib

Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.1 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, a different vulnerability than CVE-2010-3494.

4.3
2010-10-18 CVE-2010-3981 SAP Cross-Site Scripting vulnerability in SAP Businessobjects 3.2

Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to inject arbitrary web script or HTML via the ServiceClass field to the Edit Service Parameters page.

4.3
2010-10-18 CVE-2010-3841 Twiki Cross-Site Scripting vulnerability in Twiki

Multiple cross-site scripting (XSS) vulnerabilities in lib/TWiki.pm in TWiki before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the rev parameter to the view script or (2) the query string to the login script.

4.3
2010-10-19 CVE-2009-5013 G Rodola Resource Management Errors vulnerability in G.Rodola Pyftpdlib

Memory leak in the on_dtp_close function in ftpserver.py in pyftpdlib before 0.5.2 allows remote authenticated users to cause a denial of service (memory consumption) by sending a QUIT command during a data transfer.

4.0
2010-10-19 CVE-2009-5012 G Rodola Permissions, Privileges, and Access Controls vulnerability in G.Rodola Pyftpdlib

ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to bypass intended access restrictions and list the root directory via an FTP session.

4.0
2010-10-19 CVE-2008-7264 G Rodola Improper Input Validation vulnerability in G.Rodola Pyftpdlib

The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows remote authenticated users to cause a denial of service (file descriptor exhaustion and daemon outage) by sending a QUIT command during a disallowed data-transfer attempt.

4.0
2010-10-19 CVE-2007-6740 G Rodola Permissions, Privileges, and Access Controls vulnerability in G.Rodola Pyftpdlib 0.1

The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit the number of attempts to discover a unique filename, which might allow remote authenticated users to cause a denial of service via a STOU command.

4.0
2010-10-18 CVE-2010-3980 SAP Unspecified vulnerability in SAP Businessobjects 3.2

Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the number of CUIDs that may be requested, which allows remote authenticated users to cause a denial of service via a large numCuids value in a GenerateCuids SOAPAction to the dswsbobje/services/biplatform URI.

4.0
2010-10-18 CVE-2009-5006 Apache
Redhat
The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote authenticated users to cause a denial of service (NULL pointer dereference, daemon crash, and cluster outage) by attempting to modify the alternate of an exchange.
4.0

1 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2010-10-19 CVE-2010-3560 SUN Remote Networking vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality via unknown vectors.

2.6