Weekly Vulnerabilities Reports > January 31 to February 6, 2011
Overview
78 new vulnerabilities reported during this period, including 23 critical vulnerabilities and 16 high severity vulnerabilities. This weekly summary report vulnerabilities in 54 products from 36 vendors including Google, Smarty, Novell, Cisco, and Opera. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", and "Information Exposure".
- 73 reported vulnerabilities are remotely exploitables.
- 4 reported vulnerabilities have public exploit available.
- 16 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 74 reported vulnerabilities are exploitable by an anonymous user.
- Google has the most reported vulnerabilities, with 9 reported vulnerabilities.
- Smarty has the most reported critical vulnerabilities, with 7 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
23 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-02-03 | CVE-2010-4727 | Smarty | Improper Input Validation vulnerability in Smarty Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> tags, which has unspecified impact and remote attack vectors. | 10.0 |
2011-02-03 | CVE-2010-4726 | Smarty | Unspecified vulnerability in Smarty Unspecified vulnerability in the math plugin in Smarty before 3.0.0 RC1 has unknown impact and remote attack vectors. | 10.0 |
2011-02-03 | CVE-2010-4725 | Smarty | Unspecified vulnerability in Smarty Smarty before 3.0.0 RC3 does not properly handle an on value of the asp_tags option in the php.ini file, which has unspecified impact and remote attack vectors. | 10.0 |
2011-02-03 | CVE-2010-4724 | Smarty | Unspecified vulnerability in Smarty Multiple unspecified vulnerabilities in the parser implementation in Smarty before 3.0.0 RC3 have unknown impact and remote attack vectors. | 10.0 |
2011-02-03 | CVE-2010-4722 | Smarty | Unspecified vulnerability in Smarty Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote attack vectors. | 10.0 |
2011-02-03 | CVE-2009-5052 | Smarty | Remote Security vulnerability in Smarty Multiple unspecified vulnerabilities in Smarty before 3.0.0 beta 6 have unknown impact and attack vectors. | 10.0 |
2011-02-03 | CVE-2011-0354 | Cisco | Credentials Management vulnerability in Cisco products The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easier for remote attackers to obtain access via an unspecified login method. | 10.0 |
2011-02-02 | CVE-2011-0742 | Novell | Buffer Errors vulnerability in Novell Zenworks Handheld Management 7 Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400. | 10.0 |
2011-02-02 | CVE-2011-0276 | HP | Remote Arbitrary Code Execution vulnerability in HP OpenView Performance Insight Server 'doPost()' HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class. | 10.0 |
2011-02-01 | CVE-2011-0732 | IBM | Unspecified vulnerability in IBM Tivoli Common Reporting and Tivoli Integrated Portal Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1, as used in IBM Tivoli Common Reporting (TCR) 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to "security vulnerabilities of Websphere Application Server bundled within" and "many internal defects and APARs." | 10.0 |
2011-01-31 | CVE-2010-4714 | Novell | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Groupwise Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent. | 10.0 |
2011-01-31 | CVE-2010-4713 | Novell | Numeric Errors vulnerability in Novell Groupwise Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header. | 10.0 |
2011-01-31 | CVE-2010-4712 | Novell | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Groupwise Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon) characters or (2) crafted string data. | 10.0 |
2011-01-31 | CVE-2010-4711 | Novell | Resource Management Errors vulnerability in Novell Groupwise Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command. | 10.0 |
2011-02-03 | CVE-2010-4723 | Smarty | Permissions, Privileges, and Access Controls vulnerability in Smarty Smarty before 3.0.0, when security is enabled, does not prevent access to the (1) dynamic and (2) private object members of an assigned object, which has unspecified impact and remote attack vectors. | 9.3 |
2011-02-02 | CVE-2010-3269 | Cisco | Buffer Errors vulnerability in Cisco products Multiple stack-based buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to use of a function pointer in a callback mechanism. | 9.3 |
2011-02-02 | CVE-2010-3044 | Cisco | Buffer Errors vulnerability in Cisco products Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3043. | 9.3 |
2011-02-02 | CVE-2010-3043 | Cisco | Buffer Errors vulnerability in Cisco products Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3044. | 9.3 |
2011-02-02 | CVE-2010-3042 | Cisco | Buffer Errors vulnerability in Cisco products Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3043, and CVE-2010-3044. | 9.3 |
2011-02-02 | CVE-2010-3041 | Cisco | Buffer Errors vulnerability in Cisco products Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3042, CVE-2010-3043, and CVE-2010-3044. | 9.3 |
2011-01-31 | CVE-2011-0688 | Symantec | Improper Authentication vulnerability in Symantec products Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. | 9.3 |
2011-01-31 | CVE-2010-4393 | Realnetworks | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer and Realplayer SP Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted header in an AVI file. | 9.3 |
2011-01-31 | CVE-2010-0111 | Symantec | Improper Input Validation vulnerability in Symantec products HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call. | 9.3 |
16 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-02-02 | CVE-2010-3719 | Symantec | Code Injection vulnerability in Symantec IM Manager Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified parameters to the ScheduleTask method. | 8.5 |
2011-01-31 | CVE-2010-0110 | Symantec | Buffer Errors vulnerability in Symantec products Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service. | 7.9 |
2011-01-31 | CVE-2011-0413 | ISC | Improper Input Validation vulnerability in ISC Dhcp The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address. | 7.8 |
2011-01-31 | CVE-2011-0450 | Opera Microsoft | Remote Security vulnerability in Opera Web Browser The downloads manager in Opera before 11.01 on Windows does not properly determine the pathname of the filesystem-viewing application, which allows user-assisted remote attackers to execute arbitrary code via a crafted web site that hosts an executable file. | 7.6 |
2011-02-04 | CVE-2011-0781 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 9.0.597.84 does not properly handle autofill profile merging, which has unspecified impact and remote attack vectors. | 7.5 | |
2011-02-04 | CVE-2011-0778 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote attackers to bypass the Same Origin Policy via unspecified vectors. | 7.5 | |
2011-02-04 | CVE-2011-0777 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading. | 7.5 | |
2011-02-04 | CVE-2011-0537 | Mediawiki Microsoft | Path Traversal vulnerability in Mediawiki Multiple directory traversal vulnerabilities in (1) languages/Language.php and (2) includes/StubObject.php in MediaWiki 1.8.0 and other versions before 1.16.2, when running on Windows and possibly Novell Netware, allow remote attackers to include and execute arbitrary local PHP files via vectors related to a crafted language file and the Language::factory function. | 7.5 |
2011-02-03 | CVE-2011-0720 | Plone Redhat | Remote Security Bypass vulnerability in Plone Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors. | 7.5 |
2011-02-03 | CVE-2009-5054 | Smarty | Permissions, Privileges, and Access Controls vulnerability in Smarty Smarty before 3.0.0 beta 4 does not consider the umask value when setting the permissions of files, which might allow attackers to bypass intended access restrictions via standard filesystem operations. | 7.5 |
2011-02-03 | CVE-2009-5053 | Smarty | Remote Security vulnerability in Smarty Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote attackers to execute arbitrary PHP code by injecting this code into a cache file. | 7.5 |
2011-02-01 | CVE-2010-4721 | Mhproducts | SQL Injection vulnerability in Mhproducts Immo Makler SQL injection vulnerability in news.php in Immo Makler allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2011-02-01 | CVE-2010-4720 | Harmistechnology Joomla | SQL Injection vulnerability in Harmistechnology COM Jeauto SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the view item page. | 7.5 |
2011-02-01 | CVE-2010-4719 | Fxwebdesign Joomla | Path Traversal vulnerability in Fxwebdesign COM Jradio Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | 7.5 |
2011-02-01 | CVE-2011-0731 | IBM | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM DB2 Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 before FP3 on Linux, UNIX, and Windows allows remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
2011-02-04 | CVE-2011-0649 | Tibco | Local Privilege Escalation vulnerability in Multiple TIBCO Products Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Service (EMS) 5.1.0 through 6.0.0, Runtime Agent (TRA) 5.6.2 through 5.7.0, Silver BPM Service before 1.0.4, Silver CAP Service vebefore 1.0.2, and Silver BusinessWorks Service 1.0.0, when running on Unix systems, allow local users to gain root privileges via unknown vectors related to SUID and (1) Rendezvous Routing Daemon (rvrd), (2) Rendezvous Secure Daemon (rvsd), (3) Rendezvous Secure Routing Daemon (rvsrd), and (4) EMS Server (tibemsd). | 7.2 |
38 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-02-02 | CVE-2011-0017 | Exim | Improper Input Validation vulnerability in Exim The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack. | 6.9 |
2011-02-04 | CVE-2011-0784 | Race Condition vulnerability in Google Chrome Race condition in Google Chrome before 9.0.597.84 allows remote attackers to execute arbitrary code via vectors related to audio. | 6.8 | |
2011-02-04 | CVE-2011-0780 | Unspecified vulnerability in Google Chrome The PDF event handler in Google Chrome before 9.0.597.84 does not properly interact with print operations, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. | 6.8 | |
2011-02-04 | CVE-2011-0771 | Janrain Drupal | Improper Input Validation vulnerability in Janrain RPX 6.X1.3 The Janrain Engage (formerly RPX) module 6.x-1.3 for Drupal does not validate the file for a profile image, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks and possibly execute arbitrary PHP code by causing a crafted avatar to be downloaded from an external login provider site. | 6.8 |
2011-02-04 | CVE-2004-0694 | Tsugio Okamoto | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Tsugio Okamoto LHA Buffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to "command line processing," a different vulnerability than CVE-2004-0771. | 6.8 |
2011-02-02 | CVE-2010-3270 | Cisco | Buffer Errors vulnerability in Cisco Webex Meeting Center 27.0 Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users to execute arbitrary code by providing a crafted .atp file and then disconnecting from a meeting. | 6.8 |
2011-02-02 | CVE-2011-0739 | Mikel Lindsaar | Improper Input Validation vulnerability in Mikel Lindsaar Mail The deliver function in the sendmail delivery agent (lib/mail/network/delivery_methods/sendmail.rb) in Ruby Mail gem 2.2.14 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail address. | 6.8 |
2011-02-02 | CVE-2010-4652 | Proftpd | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Proftpd Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query. | 6.8 |
2011-02-02 | CVE-2011-0757 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL statements by leveraging previous possession of this authority. | 6.5 |
2011-01-31 | CVE-2010-4717 | Novell | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Groupwise Multiple stack-based buffer overflows in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long (1) LIST or (2) LSUB command. | 6.5 |
2011-02-01 | CVE-2011-0321 | EMC | Permissions, Privileges, and Access Controls vulnerability in EMC Networker librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands. | 6.4 |
2011-02-04 | CVE-2011-0782 | Unspecified vulnerability in Google Chrome Google Chrome before 9.0.597.84 on Mac OS X does not properly mitigate an unspecified flaw in the Mac OS X 10.5 SSL libraries, which allows remote attackers to cause a denial of service (application crash) via unknown vectors. | 5.0 | |
2011-02-04 | CVE-2011-0779 | Google Debian | Improper Input Validation vulnerability in Google Chrome Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension. | 5.0 |
2011-02-04 | CVE-2011-0776 | Information Exposure vulnerability in Google Chrome The sandbox implementation in Google Chrome before 9.0.597.84 on Mac OS X might allow remote attackers to obtain potentially sensitive information about local files via vectors related to the stat system call. | 5.0 | |
2011-02-04 | CVE-2011-0775 | Pivotx | Information Exposure vulnerability in Pivotx 2.2.2 pivotx/modules/module_image.php in PivotX 2.2.2 allows remote attackers to obtain sensitive information via a non-existent file in the image parameter, which reveals the installation path in an error message. | 5.0 |
2011-02-04 | CVE-2011-0774 | Pivotx | Information Exposure vulnerability in Pivotx 2.2.2 PivotX before 2.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) includes/ping.php and (2) includes/spamping.php, which reveals the installation path in an error message. | 5.0 |
2011-02-02 | CVE-2011-0755 | PHP | Numeric Errors vulnerability in PHP Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, as demonstrated by a value that exceeds mt_getrandmax. | 5.0 |
2011-02-02 | CVE-2011-0752 | PHP | Improper Input Validation vulnerability in PHP The extract function in PHP before 5.2.15 does not prevent use of the EXTR_OVERWRITE parameter to overwrite (1) the GLOBALS superglobal array and (2) the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended to depend on external input, a related issue to CVE-2005-2691 and CVE-2006-3758. | 5.0 |
2011-01-31 | CVE-2011-0686 | Opera | Multiple Security vulnerability in Opera Web Browser Unspecified vulnerability in Opera before 11.01 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by vkontakte.ru. | 5.0 |
2011-01-31 | CVE-2011-0684 | Opera | Improper Input Validation vulnerability in Opera Browser Opera before 11.01 does not properly handle redirections and unspecified other HTTP responses, which allows remote web servers to obtain sufficient access to local files to use these files as page resources, and consequently obtain potentially sensitive information from the contents of the files, via an unknown response manipulation. | 5.0 |
2011-01-31 | CVE-2010-4715 | Novell | Path Traversal vulnerability in Novell Groupwise Multiple directory traversal vulnerabilities in the (1) WebAccess Agent and (2) Document Viewer Agent components in Novell GroupWise before 8.02HP allow remote attackers to read arbitrary files via unspecified vectors. | 5.0 |
2011-02-02 | CVE-2011-0754 | PHP Microsoft | Link Following vulnerability in PHP The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack of a FILE_ATTRIBUTE_REPARSE_POINT check. | 4.4 |
2011-02-04 | CVE-2011-0783 | Google Debian | Unspecified vulnerability in Google Chrome Unspecified vulnerability in Google Chrome before 9.0.597.84 allows user-assisted remote attackers to cause a denial of service (application crash) via vectors involving a "bad volume setting." | 4.3 |
2011-02-04 | CVE-2011-0773 | Pivotx | Cross-Site Scripting vulnerability in Pivotx Cross-site scripting (XSS) vulnerability in pivotx/modules/module_image.php in PivotX before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the image parameter. | 4.3 |
2011-02-04 | CVE-2011-0772 | Pivotx | Cross-Site Scripting vulnerability in Pivotx Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow remote attackers to inject arbitrary web script or HTML via the (1) color parameter to includes/blogroll.php or (2) src parameter to includes/timwrapper.php. | 4.3 |
2011-02-04 | CVE-2011-0047 | Mediawiki | Cross-Site Scripting vulnerability in Mediawiki Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka "CSS injection vulnerability." | 4.3 |
2011-02-03 | CVE-2011-0451 | Lockon | Cross-Site Scripting vulnerability in Lockon Ec-Cube Multiple cross-site scripting (XSS) vulnerabilities in (1) data/Smarty/templates/default/list.tpl and (2) data/Smarty/templates/default/campaign/bloc/cart_tag.tpl in EC-CUBE before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-02-02 | CVE-2011-0753 | PHP | Race Condition vulnerability in PHP Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a large number of concurrent signals. | 4.3 |
2011-02-02 | CVE-2011-0740 | Pleer Wordpress | Cross-Site Scripting vulnerability in Pleer RSS Feed Reader 0.1 Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter. | 4.3 |
2011-02-02 | CVE-2011-0738 | Ncsa Globus | Improper Input Validation vulnerability in multiple products MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through 5.0.2, does not properly verify the (1) hostname or (2) identity in the X.509 certificate for the myproxy-server, which allows remote attackers to spoof the server and conduct man-in-the-middle (MITM) attacks via a crafted certificate when executing (a) myproxy-logon or (b) myproxy-get-delegation. | 4.3 |
2011-02-01 | CVE-2010-4718 | Lyften Joomla | Cross-Site Scripting vulnerability in Lyften COM Lyftenbloggie 1.1.0 Multiple cross-site scripting (XSS) vulnerabilities in the Lyftenbloggie (com_lyftenbloggie) component 1.1.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) tag and (2) category parameters to index.php. | 4.3 |
2011-02-01 | CVE-2011-0735 | Adobe | Cross-Site Scripting vulnerability in Adobe Coldfusion Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via vectors involving a "tag script." | 4.3 |
2011-02-01 | CVE-2011-0734 | Adobe | Cross-Site Scripting vulnerability in Adobe Coldfusion Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via an id parameter containing a JavaScript onLoad event handler for a BODY element, related to a "tag body" attack. | 4.3 |
2011-02-01 | CVE-2011-0733 | Adobe | Cross-Site Scripting vulnerability in Adobe Coldfusion Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header in an id=- query to a .cfm file. | 4.3 |
2011-01-31 | CVE-2011-0687 | Opera | Improper Input Validation vulnerability in Opera Browser Opera before 11.01 does not properly implement Wireless Application Protocol (WAP) dropdown lists, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted WAP document. | 4.3 |
2011-01-31 | CVE-2011-0683 | Opera | Permissions, Privileges, and Access Controls vulnerability in Opera Browser Opera before 11.01 does not properly restrict the use of opera: URLs, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site. | 4.3 |
2011-01-31 | CVE-2011-0681 | Opera | Multiple Security vulnerability in Opera Web Browser The Cascading Style Sheets (CSS) Extensions for XML implementation in Opera before 11.01 recognizes links to javascript: URLs in the -o-link property, which makes it easier for remote attackers to bypass CSS filtering via a crafted URL. | 4.3 |
2011-01-31 | CVE-2010-4716 | Novell | Cross-Site Scripting vulnerability in Novell Groupwise Cross-site scripting (XSS) vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
1 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-01-31 | CVE-2011-0685 | Opera | Improper Input Validation vulnerability in Opera Browser The Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all email account passwords" option, which might allow physically proximate attackers to access an e-mail account via an unattended workstation. | 2.1 |