Weekly Vulnerabilities Reports > February 21 to 27, 2011
Overview
66 new vulnerabilities reported during this period, including 20 critical vulnerabilities and 19 high severity vulnerabilities. This weekly summary report vulnerabilities in 64 products from 34 vendors including Cisco, HEX Rays, Fedoraproject, Redhat, and IBM. Vulnerabilities are notably categorized as "Resource Management Errors", "OS Command Injection", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", and "SQL Injection".
- 58 reported vulnerabilities are remotely exploitables.
- 4 reported vulnerabilities have public exploit available.
- 27 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 61 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 22 reported vulnerabilities.
- Cisco has the most reported critical vulnerabilities, with 12 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
20 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2011-02-25 | CVE-2010-4227 | Novell | Buffer Errors vulnerability in Novell Netware 6.5 The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow. | 10.0 |
| 2011-02-25 | CVE-2011-0385 | Cisco | Unspecified vulnerability in Cisco products The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote attackers to create or overwrite arbitrary files, and possibly execute arbitrary code, via a crafted request, aka Bug IDs CSCth85786 and CSCth61065. | 10.0 |
| 2011-02-25 | CVE-2011-0384 | Cisco | Improper Authentication vulnerability in Cisco products The Java Servlet framework on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug ID CSCtf01253. | 10.0 |
| 2011-02-25 | CVE-2011-0383 | Cisco | Improper Authentication vulnerability in Cisco products The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008. | 10.0 |
| 2011-02-25 | CVE-2011-0382 | Cisco | OS Command Injection vulnerability in Cisco products The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 allows remote attackers to execute arbitrary commands via a request to TCP port 443, related to a "command injection vulnerability," aka Bug ID CSCtf97221. | 10.0 |
| 2011-02-25 | CVE-2011-0381 | Cisco | OS Command Injection vulnerability in Cisco Telepresence Manager Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to perform unspecified actions and consequently execute arbitrary code via a crafted request to the Java RMI interface, related to a "command injection vulnerability," aka Bug ID CSCtf97085. | 10.0 |
| 2011-02-25 | CVE-2011-0376 | Cisco | Information Exposure vulnerability in Cisco products The TFTP implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x, 1.6.0, and 1.6.1 allows remote attackers to obtain sensitive information via a GET request, aka Bug ID CSCte43876. | 10.0 |
| 2011-02-25 | CVE-2011-0372 | Cisco | OS Command Injection vulnerability in Cisco products The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31640. | 10.0 |
| 2011-02-21 | CVE-2011-1054 | HEX Rays | Buffer Overflow vulnerability in Hex-Rays IDA 5.7/6.0 Unspecified vulnerability in the PEF input file loader in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors. | 10.0 |
| 2011-02-21 | CVE-2011-1052 | HEX Rays | Numeric Errors vulnerability in Hex-Rays IDA 5.7/6.0 Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation. | 10.0 |
| 2011-02-21 | CVE-2011-1051 | HEX Rays | Numeric Errors vulnerability in Hex-Rays IDA 5.7/6.0 Integer overflow in the COFF/EPOC/EXPLOAD input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation. | 10.0 |
| 2011-02-21 | CVE-2011-1050 | HEX Rays | Buffer Overflow vulnerability in Hex-Rays IDA 5.7/6.0 Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to "converson of string encodings" and "inconsistencies in the handling of UTF8 sequences by the user interface." | 10.0 |
| 2011-02-25 | CVE-2011-0332 | Foxitsoftware | Numeric Errors vulnerability in Foxitsoftware Foxit Phantom and Foxit Reader Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-based buffer overflow. | 9.3 |
| 2011-02-25 | CVE-2011-0926 | Cisco | Improper Input Validation vulnerability in Cisco Secure Desktop A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589. | 9.3 |
| 2011-02-25 | CVE-2011-0386 | Cisco | Code Injection vulnerability in Cisco products The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739. | 9.3 |
| 2011-02-23 | CVE-2011-1065 | Pipi | Buffer Errors vulnerability in Pipi Player 2.8.0.0 Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX control (PIWebPlayer.ocx) in PIPI Player 2.8.0.0 allow remote attackers to execute arbitrary code via long arguments to the (1) PlayURL or (2) PlayURLWithLocalPlayer methods. | 9.3 |
| 2011-02-21 | CVE-2011-0694 | Realnetworks | Unspecified vulnerability in Realnetworks Realplayer and Realplayer SP RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 14.0.0 through 14.0.1, and Enterprise 2.0 through 2.1.4, uses predictable names for temporary files, which allows remote attackers to conduct cross-domain scripting attacks and execute arbitrary code via the OpenURLinPlayerBrowser function. | 9.3 |
| 2011-02-25 | CVE-2011-0375 | Cisco | OS Command Injection vulnerability in Cisco products The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCth24671. | 9.0 |
| 2011-02-25 | CVE-2011-0374 | Cisco | OS Command Injection vulnerability in Cisco products The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31659. | 9.0 |
| 2011-02-25 | CVE-2011-0373 | Cisco | OS Command Injection vulnerability in Cisco products The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31685. | 9.0 |
19 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2011-02-25 | CVE-2011-0378 | Cisco | OS Command Injection vulnerability in Cisco products The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a TCP request, related to a "command injection vulnerability," aka Bug ID CSCtb52587. | 8.3 |
| 2011-02-25 | CVE-2011-0387 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco products The administrative web interface on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote authenticated users to cause a denial of service or have unspecified other impact via vectors involving access to a servlet, aka Bug ID CSCtf97164. | 8.0 |
| 2011-02-25 | CVE-2011-0379 | Cisco | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco products Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x; and Cisco TelePresence Manager 1.2.x, 1.3.x, 1.4.x, 1.5.x, and 1.6.2 allows remote attackers to execute arbitrary code via a crafted Cisco Discovery Protocol packet, aka Bug IDs CSCtd75769, CSCtd75766, CSCtd75754, and CSCtd75761. | 7.9 |
| 2011-02-25 | CVE-2011-0391 | Cisco | Resource Management Errors vulnerability in Cisco products Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an "ad hoc recording" issue, aka Bug ID CSCtf97205. | 7.8 |
| 2011-02-25 | CVE-2011-0390 | Cisco | Resource Management Errors vulnerability in Cisco products The XML-RPC implementation on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, 1.6.x, and 1.7.0 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka Bug ID CSCtj44534. | 7.8 |
| 2011-02-25 | CVE-2011-0389 | Cisco | Resource Management Errors vulnerability in Cisco products Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allow remote attackers to cause a denial of service (process crash) via a crafted Real-Time Transport Control Protocol (RTCP) UDP packet, aka Bug ID CSCth60993. | 7.8 |
| 2011-02-25 | CVE-2011-0388 | Cisco | Resource Management Errors vulnerability in Cisco products Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825. | 7.8 |
| 2011-02-25 | CVE-2011-0377 | Cisco | Resource Management Errors vulnerability in Cisco products Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to cause a denial of service (service crash) via a malformed SOAP request in conjunction with a spoofed TelePresence Manager that supplies an invalid IP address, aka Bug ID CSCth03605. | 7.8 |
| 2011-02-25 | CVE-2011-0392 | Cisco | Improper Authentication vulnerability in Cisco products Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833. | 7.5 |
| 2011-02-25 | CVE-2011-0380 | Cisco | Improper Authentication vulnerability in Cisco Telepresence Manager Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to bypass authentication and invoke arbitrary methods via a malformed SOAP request, aka Bug ID CSCtc59562. | 7.5 |
| 2011-02-23 | CVE-2011-0019 | Fedoraproject Redhat | Improper Input Validation vulnerability in multiple products slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat Directory Server 8.2.x or dirsrv) does not properly handle simple paged result searches, which allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via multiple search requests. | 7.5 |
| 2011-02-23 | CVE-2011-1061 | Webmastersite | SQL Injection vulnerability in Webmastersite WSN Guest 1.24 SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter. | 7.5 |
| 2011-02-23 | CVE-2011-1060 | Webmastersite | SQL Injection vulnerability in Webmastersite WSN Guest 1.24 SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php. | 7.5 |
| 2011-02-22 | CVE-2011-0530 | Wouter Verhelst | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wouter Verhelst NBD Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request. | 7.5 |
| 2011-02-21 | CVE-2011-1048 | Mihantools | SQL Injection vulnerability in Mihantools 1.33 SQL injection vulnerability in product.php in MihanTools 1.33 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2011-02-21 | CVE-2011-1047 | Vasthtml Wordpress | SQL Injection vulnerability in Vasthtml Forum Server 1.6.1/1.6.5 Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ForumPress) plugin 1.6.1 and 1.6.5 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) search_max parameter in a search action to index.php, which is not properly handled by wpf.class.php, (2) id parameter in an editpost action to index.php, which is not properly handled by wpf-post.php, or (3) topic parameter to feed.php. | 7.5 |
| 2011-02-21 | CVE-2011-0449 | Rubyonrails | Permissions, Privileges, and Access Controls vulnerability in Rubyonrails Rails actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of available templates, which allows remote attackers to bypass intended access restrictions via an action name that uses an unintended case for alphabetic characters. | 7.5 |
| 2011-02-25 | CVE-2011-0037 | Microsoft | Improper Input Validation vulnerability in Microsoft products Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted value of an unspecified user registry key. | 7.2 |
| 2011-02-23 | CVE-2011-0414 | ISC | Resource Management Errors vulnerability in ISC Bind 9.7.1/9.7.2 ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update. | 7.1 |
24 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2011-02-25 | CVE-2011-1101 | Citrix | Denial Of Service vulnerability in Citrix Licensing Administration Console 11.6 Multiple unspecified vulnerabilities in a third-party component of the Citrix Licensing Administration Console 11.6, formerly License Management Console, allow remote attackers to (1) access unauthorized "license administration functionality" or (2) cause a denial of service via unknown vectors. | 6.8 |
| 2011-02-23 | CVE-2011-1064 | Qibosoft | SQL Injection vulnerability in Qibosoft QI BO CMS 7 SQL injection vulnerability in member/list.php in qibosoft Qi Bo CMS 7 allows remote attackers to execute arbitrary SQL commands via the aidDB[] parameter. | 6.8 |
| 2011-02-21 | CVE-2011-1049 | HEX Rays | Buffer Errors vulnerability in Hex-Rays IDA 5.7/6.0 Buffer overflow in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Macho-O file. | 6.8 |
| 2011-02-21 | CVE-2011-1045 | IBM | Security Bypass vulnerability in IBM products Unspecified vulnerability in the Rendition Engine (aka P8RE) 4.0.1 through 4.5.1 in IBM FileNet P8 Content Manager (CM) allows remote attackers to gain privileges via unknown vectors. | 6.8 |
| 2011-02-25 | CVE-2011-1100 | Pixelpost | SQL Injection vulnerability in Pixelpost 1.7.3 Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action. | 6.5 |
| 2011-02-24 | CVE-2011-0452 | Lunascape | Unspecified vulnerability in Lunascape Untrusted search path vulnerability in the script function in Lunascape before 6.4.3 allows local users to gain privileges via a Trojan horse executable file in the current working directory. | 6.2 |
| 2011-02-23 | CVE-2011-0532 | Fedoraproject Redhat | Permissions, Privileges, and Access Controls vulnerability in multiple products The (1) backup and restore scripts, (2) main initialization script, and (3) ldap-agent script in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x) place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | 6.2 |
| 2011-02-21 | CVE-2011-1056 | Metasploit Microsoft | Permissions, Privileges, and Access Controls vulnerability in Metasploit Framework 3.5.1 The installer for Metasploit Framework 3.5.1, when running on Windows, uses weak inherited permissions for the Metasploit installation directory, which allows local users to gain privileges by replacing critical files with a Trojan horse. | 6.2 |
| 2011-02-25 | CVE-2011-0718 | Redhat | Improper Authentication vulnerability in Redhat Network Satellite Server 5.4 Red Hat Network (RHN) Satellite Server 5.4 does not use a time delay after a failed login attempt, which makes it easier for remote attackers to conduct brute force password guessing attacks. | 5.8 |
| 2011-02-25 | CVE-2011-1103 | F Secure | Information Exposure vulnerability in F-Secure Policy Manager The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows remote attackers to obtain sensitive information via a request to an invalid report, which reveals the installation path in an error message, as demonstrated with requests to (1) report/infection-table.html or (2) report/productsummary-table.html. | 5.0 |
| 2011-02-23 | CVE-2011-1067 | Fedoraproject | Improper Input Validation vulnerability in Fedoraproject 389 Directory Server slapd (aka ns-slapd) in 389 Directory Server before 1.2.8.a2 does not properly manage the c_timelimit field of the connection table element, which allows remote attackers to cause a denial of service (daemon outage) via Simple Paged Results connections, as demonstrated by using multiple processes to replay TCP sessions, a different vulnerability than CVE-2011-0019. | 5.0 |
| 2011-02-23 | CVE-2010-4746 | Fedoraproject | Resource Management Errors vulnerability in Fedoraproject 389 Directory Server Multiple memory leaks in the normalization functionality in 389 Directory Server before 1.2.7.5 allow remote attackers to cause a denial of service (memory consumption) via "badly behaved applications," related to (1) Slapi_Attr mishandling in the DN normalization code and (2) pointer mishandling in the syntax normalization code, a different issue than CVE-2011-0019. | 5.0 |
| 2011-02-21 | CVE-2011-1046 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM FileNet P8 Content Engine (aka P8CE) 4.0.1 through 5.0.0, as used in FileNet P8 Content Manager (CM) and FileNet P8 Business Process Manager (BPM), does not require the PRIVILEGED_WRITE access role for all intended Object Store modifications, which allows remote attackers to change a privileged property of an object via unspecified vectors. | 5.0 |
| 2011-02-21 | CVE-2011-0330 | Dell | Permissions, Privileges, and Access Controls vulnerability in Dell Dellsystemlite.Scanner Activex Control 1.0.0.0 The Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx 1.0.0.0 does not properly restrict the values of the WMIAttributesOfInterest property, which allows remote attackers to execute arbitrary WMI Query Language (WQL) statements via a crafted value, as demonstrated by a value that triggers disclosure of information about installed software. | 5.0 |
| 2011-02-21 | CVE-2011-0329 | Dell | Path Traversal vulnerability in Dell Dellsystemlite.Scanner Activex Control 1.0.0.0 Directory traversal vulnerability in the GetData method in the Dell DellSystemLite.Scanner ActiveX control in DellSystemLite.ocx 1.0.0.0 allows remote attackers to read arbitrary files via directory traversal sequences in the fileID parameter. | 5.0 |
| 2011-02-23 | CVE-2011-0725 | Sebastian Heinlein Canonical | Path Traversal vulnerability in multiple products Absolute path traversal vulnerability in the org.debian.apt.UpdateCachePartially method in worker.py in Aptdaemon 0.40 in Ubuntu 10.10 and 11.04 allows local users to read arbitrary files via a full pathname in the sources_list argument, related to the D-Bus interface. | 4.9 |
| 2011-02-23 | CVE-2011-0022 | Fedoraproject Redhat | Resource Management Errors vulnerability in multiple products The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service (daemon outage or arbitrary process termination) by replacing PID files contained in this directory. | 4.7 |
| 2011-02-25 | CVE-2011-1102 | F Secure | Cross-Site Scripting vulnerability in F-Secure Policy Manager Cross-site scripting (XSS) vulnerability in the WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-02-23 | CVE-2011-1063 | Cherry Software | Cross-Site Scripting vulnerability in Cherry-Software Photopad 1.2.0 Multiple cross-site scripting (XSS) vulnerabilities in Cherry-Design Photopad 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) data[title] parameters in an edit action to files.php, or (3) id parameter in a view action to gallery.php. | 4.3 |
| 2011-02-23 | CVE-2011-1062 | Taskfreak | Cross-Site Scripting vulnerability in Taskfreak Taskfreak! 0.6.4 Multiple cross-site scripting (XSS) vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 allow remote attackers to inject arbitrary web script or HTML via the (1) sContext, (2) sort, (3) dir, and (4) show parameters in a save action to index.php; the (5) dir and (6) show parameters to print_list.php; and the (7) HTTP referer header to rss.php. | 4.3 |
| 2011-02-22 | CVE-2011-1059 | Apple | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11.0.672.2 and other products, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that entice a user to resubmit a form, related to improper handling of provisional items by the HistoryController component, aka rdar problem 8938557. | 4.3 |
| 2011-02-22 | CVE-2011-1038 | IBM | Cross-Site Scripting vulnerability in IBM Lotus Sametime 8.0.1 Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the messageString parameter in a WebMessage action or (2) the PATH_INFO. | 4.3 |
| 2011-02-21 | CVE-2011-1053 | HEX Rays | Buffer Overflow vulnerability in Hex-Rays IDA 5.7/6.0 Unspecified vulnerability in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service (out-of-memory exception and inability to analyze code) via a crafted Mach-O file. | 4.3 |
| 2011-02-21 | CVE-2010-4745 | Gareth Watts | Cross-Site Scripting vulnerability in Gareth Watts PHPxref Cross-site scripting (XSS) vulnerability in nav.html in PHPXref before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the query string. | 4.3 |
3 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2011-02-23 | CVE-2011-1068 | Microsoft | Improper Input Validation vulnerability in Microsoft Windows Azure SDK 1.3 Microsoft Windows Azure Software Development Kit (SDK) 1.3.x before 1.3.20121.1237, when Full IIS and a Web Role are used with an ASP.NET application, does not properly support the use of cookies for maintaining state, which allows remote attackers to obtain potentially sensitive information by reading an encrypted cookie and performing unspecified other steps. | 2.6 |
| 2011-02-23 | CVE-2011-1066 | Reyero Drupal | Cross-Site Scripting vulnerability in Reyero Messaging Cross-site scripting (XSS) vulnerability in the Messaging module 6.x-2.x before 6.x-2.4 and 6.x-4.x before 6.x-4.0-beta8 for Drupal allows remote attackers with administer messaging permissions to inject arbitrary web script or HTML via unspecified vectors. | 2.6 |
| 2011-02-22 | CVE-2011-1058 | Moinmo | Cross-Site Scripting vulnerability in Moinmo Moinmoin Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. | 2.6 |