Weekly Vulnerabilities Reports > February 14 to 20, 2011

Overview

80 new vulnerabilities reported during this period, including 18 critical vulnerabilities and 17 high severity vulnerabilities. This weekly summary report vulnerabilities in 65 products from 37 vendors including SUN, IBM, Linux, Intellicom, and Redhat. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Input Validation", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "SQL Injection", and "Resource Management Errors".

  • 71 reported vulnerabilities are remotely exploitables.
  • 7 reported vulnerabilities have public exploit available.
  • 19 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 75 reported vulnerabilities are exploitable by an anonymous user.
  • SUN has the most reported vulnerabilities, with 22 reported vulnerabilities.
  • SUN has the most reported critical vulnerabilities, with 8 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

18 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-02-19 CVE-2011-0364 Cisco Code Injection vulnerability in Cisco Security Agent 5.1/5.2/6.0

The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request.

10.0
2011-02-18 CVE-2010-4744 Moinejf
Fedoraproject
Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown impact and attack vectors, a different issue than CVE-2010-3441.
10.0
2011-02-18 CVE-2010-4742 Moxa Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Moxa Activex SDK

Stack-based buffer overflow in a certain ActiveX control in MediaDBPlayback.DLL 2.2.0.5 in the Moxa ActiveX SDK allows remote attackers to execute arbitrary code via a long PlayFileName property value.

10.0
2011-02-17 CVE-2010-4473 SUN Remote Java Runtime Environment vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4454 and CVE-2010-4462.

10.0
2011-02-17 CVE-2010-4469 SUN Remote Java Runtime Environment vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot.

10.0
2011-02-17 CVE-2010-4467 SUN Remote Java Runtime Environment vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 10 through 6 Update 23 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

10.0
2011-02-17 CVE-2010-4465 SUN Unspecified vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing.

10.0
2011-02-17 CVE-2010-4463 SUN Unspecified vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 21 through 6 Update 23 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

10.0
2011-02-17 CVE-2010-4462 SUN Unspecified vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4454 and CVE-2010-4473.

10.0
2011-02-17 CVE-2010-4454 SUN Remote vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4462 and CVE-2010-4473.

10.0
2011-02-17 CVE-2010-4452 SUN Unspecified vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Deployment component in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2011-02-16 CVE-2011-0654 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Windows 2003 Server and Windows Server 2003

Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys in Active Directory in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a malformed BROWSER ELECTION message, leading to a heap-based buffer overflow, aka "Browser Pool Corruption Vulnerability." NOTE: some of these details are obtained from third party information.

10.0
2011-02-15 CVE-2010-4733 Intellicom Credentials Management vulnerability in Intellicom products

WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463.

10.0
2011-02-19 CVE-2011-0724 Ubuntu Cryptographic Issues vulnerability in Ubuntu Edubuntu and Live DVD

The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not correctly regenerate iTALC private keys after installation, which causes each installation to have the same fixed key, which allows remote attackers to gain privileges.

9.3
2011-02-18 CVE-2010-4741 Moxa Buffer Errors vulnerability in Moxa Device Manager and MDM Tool

Stack-based buffer overflow in MDMUtil.dll in MDMTool.exe in MDM Tool before 2.3 in Moxa Device Manager allows remote MDM Gateways to execute arbitrary code via crafted data in a session on TCP port 54321.

9.3
2011-02-16 CVE-2010-4740 Scadaengine Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Scadaengine Bacnet OPC Client

Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC Client before 1.0.25 allows user-assisted remote attackers to execute arbitrary code via a crafted .csv file, related to a status log message.

9.3
2011-02-15 CVE-2011-1033 IBM Buffer Errors vulnerability in IBM Informix Dynamic Server 11.50

Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote attackers to execute arbitrary code via crafted arguments in the USELASTCOMMITTED session environment option in a SQL SET ENVIRONMENT statement.

9.3
2011-02-15 CVE-2010-4732 Intellicom Code Injection vulnerability in Intellicom products

cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page's GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463.

9.0

17 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-02-18 CVE-2011-0709 Linux Null Pointer Dereference vulnerability in Linux Kernel

The br_mdb_ip_get function in net/bridge/br_multicast.c in the Linux kernel before 2.6.35-rc5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an IGMP packet, related to lack of a multicast table.

7.8
2011-02-17 CVE-2011-0355 Cisco
Vmware
Resource Management Errors vulnerability in multiple products

Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451.

7.8
2011-02-17 CVE-2010-4451 SUN Unspecified vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, when using Java Update, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.

7.6
2011-02-17 CVE-2010-4422 SUN Remote vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

7.6
2011-02-19 CVE-2011-1035 Pivotx Credentials Management vulnerability in Pivotx

The password reset in PivotX before 2.2.4 allows remote attackers to modify the passwords of arbitrary users via unspecified vectors.

7.5
2011-02-19 CVE-2011-0706 Redhat
SUN
Permissions, Privileges, and Access Controls vulnerability in multiple products

The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the assignment of "an inappropriate security descriptor."

7.5
2011-02-19 CVE-2011-0430 Openafs Resource Management Errors vulnerability in Openafs 1.4.12/1.4.14/1.4.7

Double free vulnerability in the Rx server process in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions allows remote attackers to cause a denial of service and execute arbitrary code via unknown vectors.

7.5
2011-02-19 CVE-2010-4328 Novell Buffer Errors vulnerability in Novell Iprint Open Enterprise Server 2

Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd in Novell iPrint for Linux Open Enterprise Server 2 SP2 and SP3 allow remote attackers to execute arbitrary code via unspecified LPR opcodes.

7.5
2011-02-19 CVE-2010-4323 Novell Buffer Errors vulnerability in Novell Zenworks Configuration Manager 10.3.1/10.3.2

Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager (ZCM) 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote attackers to execute arbitrary code via a long TFTP request.

7.5
2011-02-18 CVE-2010-3441 Moinejf
Fedoraproject
Classic Buffer Overflow vulnerability in multiple products

Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote attackers to execute arbitrary code via (1) a crafted input file, related to the PUT0 and PUT1 output macros; (2) a crafted input file, related to the trim_title function; and possibly (3) a long -O option on a command line.

7.5
2011-02-16 CVE-2010-4739 Aretimes
Joomla
SQL Injection vulnerability in Aretimes COM Maianmedia

SQL injection vulnerability in the Maian Media Silver (com_maianmedia) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a music action to index.php.

7.5
2011-02-16 CVE-2010-4738 Raemedia SQL Injection vulnerability in Raemedia Real Estate Single and Multi Agent System 3.0

Multiple SQL injection vulnerabilities in Rae Media INC Real Estate Single and Multi Agent System 3.0 allow remote attackers to execute arbitrary SQL commands via the probe parameter to (1) multi/city.asp in the Multi Agent System and (2) resulttype.asp in the Single Agent System.

7.5
2011-02-16 CVE-2010-4737 Hotwebscripts SQL Injection vulnerability in Hotwebscripts Hotweb Rentals

SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PropResort parameter.

7.5
2011-02-16 CVE-2010-4736 Gatesoft SQL Injection vulnerability in Gatesoft Docusafe 4.1.0/4.1.2

SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and 4.1.2 allows remote attackers to execute arbitrary SQL commands via the ECO_ID parameter.

7.5
2011-02-16 CVE-2010-4735 Ecommercemax SQL Injection vulnerability in Ecommercemax Digital-Goods Seller 1.5

SQL injection vulnerability in shoppingcart.asp in Ecommercemax Solutions Digital-goods seller (DGS) 1.5 allows remote attackers to execute arbitrary SQL commands via the d parameter.

7.5
2011-02-14 CVE-2011-0698 Djangoproject
Microsoft
Path Traversal vulnerability in Djangoproject Django

Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 on Windows might allow remote attackers to read or execute files via a / (slash) character in a key in a session cookie, related to session replays.

7.5
2011-02-18 CVE-2011-0712 Linux
Canonical
Classic Buffer Overflow vulnerability in multiple products

Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to (1) the snd_usb_caiaq_audio_init function in sound/usb/caiaq/audio.c and (2) the snd_usb_caiaq_midi_init function in sound/usb/caiaq/midi.c.

7.2

34 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-02-18 CVE-2010-4649 Linux
Redhat
Integer Overflow OR Wraparound vulnerability in multiple products

Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member.

6.9
2011-02-18 CVE-2010-4743 Moinejf
Fedoraproject
Out-Of-Bounds Write vulnerability in multiple products

Heap-based buffer overflow in the getarena function in abc2ps.c in abcm2ps before 5.9.13 might allow remote attackers to execute arbitrary code via a crafted ABC file, a different vulnerability than CVE-2010-3441.

6.8
2011-02-15 CVE-2011-1032 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Lotus Connections 3.0

IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors.

6.8
2011-02-15 CVE-2010-4731 Intellicom Path Traversal vulnerability in Intellicom products

Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463.

6.8
2011-02-15 CVE-2010-4730 Intellicom Path Traversal vulnerability in Intellicom products

Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a ..

6.8
2011-02-14 CVE-2011-0696 Djangoproject Cross-Site Request Forgery (CSRF) vulnerability in Djangoproject Django

Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged AJAX requests that leverage a "combination of browser plugins and redirects," a related issue to CVE-2011-0447.

6.8
2011-02-14 CVE-2011-0447 Rubyonrails Cross-Site Request Forgery (CSRF) vulnerability in Rubyonrails Rails

Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged (1) AJAX or (2) API requests that leverage "combinations of browser plugins and HTTP redirects," a related issue to CVE-2011-0696.

6.8
2011-02-14 CVE-2011-0987 Phpmyadmin Improper Input Validation vulnerability in PHPmyadmin

The PMA_Bookmark_get function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for remote authenticated users to trigger another user's execution of a SQL query by creating a bookmark.

6.5
2011-02-19 CVE-2011-1000 Freedesktop Improper Input Validation vulnerability in Freedesktop Telepathy Gabble

jingle-factory.c in Telepathy Gabble 0.11 before 0.11.7, 0.10 before 0.10.5, and 0.8 before 0.8.15 allows remote attackers to sniff audio and video calls via a crafted google:jingleinfo stanza that specifies an alternate server for streamed media.

6.4
2011-02-19 CVE-2011-0721 Debian Improper Input Validation vulnerability in Debian Shadow 1:4.1.4

Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field.

6.4
2011-02-19 CVE-2011-0431 Openafs Improper Input Validation vulnerability in Openafs 1.4.12/1.4.14/1.4.7

The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel module in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions does not properly handle errors, which allows attackers to cause a denial of service via unknown vectors.

5.0
2011-02-19 CVE-2011-0420 PHP Denial Of Service vulnerability in PHP 5.3.5

The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference.

5.0
2011-02-19 CVE-2011-0014 Openssl Resource Management Errors vulnerability in Openssl

ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability."

5.0
2011-02-18 CVE-2011-0453 F Secure Improper Authentication vulnerability in F-Secure Internet Gatekeeper 3.02.1221

F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not require authentication for reading access logs, which allows remote attackers to obtain potentially sensitive information via a TCP session on the admin UI port.

5.0
2011-02-17 CVE-2010-4476 SUN Remote Security vulnerability in SUN Jdk, JRE and SDK

The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.

5.0
2011-02-17 CVE-2010-4471 SUN Remote Security vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D.

5.0
2011-02-17 CVE-2010-4470 SUN Remote Java Runtime Environment vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs.

5.0
2011-02-17 CVE-2010-4466 SUN Unspecified vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, Solaris, and, Linux; 5.0 Update 27 and earlier for Windows; and 1.4.2_29 and earlier for Windows allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment.

5.0
2011-02-17 CVE-2010-3273 Zohocorp Improper Input Validation vulnerability in Zohocorp Manageengine Adselfservice Plus

ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allows remote attackers to reset user passwords, and consequently obtain access to arbitrary user accounts, by providing a user id to accounts/ValidateUser, and then providing a new password to accounts/ResetResult.

5.0
2011-02-14 CVE-2011-0986 Phpmyadmin Improper Input Validation vulnerability in PHPmyadmin

phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the (1) README, (2) ChangeLog, and (3) LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file.

5.0
2011-02-19 CVE-2011-0050 Cgiirc Cross-Site Scripting vulnerability in Cgiirc Cgi:Irc

Cross-site scripting (XSS) vulnerability in the nonjs interface (interfaces/nonjs.pm) in CGI:IRC before 0.5.10 allows remote attackers to inject arbitrary web script or HTML via the R parameter.

4.3
2011-02-19 CVE-2011-0013 Apache Cross-Site Scripting vulnerability in Apache Tomcat

Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.

4.3
2011-02-18 CVE-2011-1042 Google Resource Management Errors vulnerability in Google Chrome OS

Use-after-free vulnerability in flimflamd in flimflam in Google Chrome OS before 0.9.130.14 Beta allows user-assisted remote attackers to cause a denial of service (daemon crash) by providing the name of a hidden WiFi network that does not respond to connection attempts.

4.3
2011-02-17 CVE-2010-4475 SUN Remote Java Runtime Environment vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment, a different vulnerability than CVE-2010-4447.

4.3
2011-02-17 CVE-2010-4447 SUN Remote Java Runtime Environment vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment, a different vulnerability than CVE-2010-4475.

4.3
2011-02-17 CVE-2011-0533 Apache Cross-Site Scripting vulnerability in Apache Archiva and Continuum

Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta; and Archiva 1.3.0 through 1.3.3 and 1.0 through 1.22 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to the autoIncludeParameters setting for the extremecomponents table.

4.3
2011-02-17 CVE-2010-3274 Zohocorp Cross-Site Scripting vulnerability in Zohocorp Manageengine Adselfservice Plus

Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in the Employee Search Engine in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allow remote attackers to inject arbitrary web script or HTML via the searchString parameter in a (1) showList or (2) Search action.

4.3
2011-02-17 CVE-2010-3272 Zohocorp Improper Input Validation vulnerability in Zohocorp Manageengine Adselfservice Plus

accounts/ValidateAnswers in the security-questions implementation in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 makes it easier for remote attackers to reset user passwords, and consequently obtain access to arbitrary user accounts, via a modified (1) Hide_Captcha or (2) quesList parameter in a validateAll action.

4.3
2011-02-16 CVE-2011-1034 IBM Cross-Site Scripting vulnerability in IBM Rational Build Forge 7.0.2

Cross-site scripting (XSS) vulnerability in the UI in IBM Rational Build Forge 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter to the fullcontrol program.

4.3
2011-02-15 CVE-2008-7274 IBM Improper Input Validation vulnerability in IBM Websphere Application Server 6.1.0.9

IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by (1) not providing a password or (2) providing an empty password.

4.3
2011-02-14 CVE-2011-1030 IBM Cross-Site Scripting vulnerability in IBM Lotus Connections 3.0

Cross-site scripting (XSS) vulnerability in the Wikis component in IBM Lotus Connections 3.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "Confirm New Page scene."

4.3
2011-02-14 CVE-2011-0697 Djangoproject Cross-Site Scripting vulnerability in Djangoproject Django

Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload.

4.3
2011-02-14 CVE-2011-0446 Rubyonrails Cross-Site Scripting vulnerability in Rubyonrails Rails

Multiple cross-site scripting (XSS) vulnerabilities in the mail_to helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) name or (2) email value.

4.3
2011-02-17 CVE-2010-4468 SUN Remote Java Runtime Environment vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity via unknown vectors related to JDBC.

4.0

11 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-02-17 CVE-2010-4450 SUN Remote Java Runtime Environment vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher.

3.7
2011-02-14 CVE-2011-1029 IBM Cross-Site Scripting vulnerability in IBM Rational Team Concert 2.0.0.1/2.0.0.2

Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert (RTC) 2.0.0.x allows remote authenticated users to inject arbitrary web script or HTML via the name of a shared report.

3.5
2011-02-14 CVE-2011-1031 FEH Project Link Following vulnerability in FEH Project FEH

The feh_unique_filename function in utils.c in feh 1.11.2 and earlier might allow local users to create arbitrary files via a symlink attack on a /tmp/feh_ temporary file, a different vulnerability than CVE-2011-0702.

3.3
2011-02-14 CVE-2011-0702 FEH Project Link Following vulnerability in FEH Project FEH

The feh_unique_filename function in utils.c in feh before 1.11.2 might allow local users to overwrite arbitrary files via a symlink attack on a /tmp/feh_ temporary file.

3.3
2011-02-17 CVE-2010-4472 SUN Remote Java Runtime Environment vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs.

2.6
2011-02-17 CVE-2010-4448 SUN Remote Java Runtime Environment vulnerability in SUN Jdk, JRE and SDK

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Networking.

2.6
2011-02-16 CVE-2010-4734 Amix Cross-Site Scripting vulnerability in Amix Skeletonz CMS 1.0

Multiple cross-site scripting (XSS) vulnerabilities in the comment feature in Skeletonz CMS 1.0, when the Blog plugin is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Website, and (3) Email parameters.

2.6
2011-02-18 CVE-2011-1044 Linux
Redhat
Missing Initialization of Resource vulnerability in multiple products

The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649.

2.1
2011-02-18 CVE-2011-0710 Linux Information Exposure vulnerability in Linux Kernel

The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/.

2.1
2011-02-17 CVE-2010-4474 SUN Remote Java DB vulnerability in SUN JDK and JRE

Unspecified vulnerability in the Java DB component in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows local users to affect confidentiality via unknown vectors related to Security, a similar vulnerability to CVE-2009-4269.

2.1
2011-02-16 CVE-2010-2928 Vmware Credentials Management vulnerability in VMWare Vcenter Server 4.1

The vCenter Tomcat Management Application in VMware vCenter Server 4.1 before Update 1 stores log-on credentials in a configuration file, which allows local users to gain privileges by reading this file.

2.1