Weekly Vulnerabilities Reports > May 2 to 8, 2011
Overview
101 new vulnerabilities reported during this period, including 27 critical vulnerabilities and 20 high severity vulnerabilities. This weekly summary report vulnerabilities in 51 products from 28 vendors including Google, HP, Mozilla, Cisco, and Microsoft. Vulnerabilities are notably categorized as "Improper Input Validation", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Resource Management Errors", "Cross-site Scripting", and "Path Traversal".
- 98 reported vulnerabilities are remotely exploitables.
- 19 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 90 reported vulnerabilities are exploitable by an anonymous user.
- Google has the most reported vulnerabilities, with 25 reported vulnerabilities.
- Mozilla has the most reported critical vulnerabilities, with 13 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
27 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-05-07 | CVE-2011-1735 | HP | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Openview Storage Data Protector 6.00/6.10/6.11 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed bm message. | 10.0 |
2011-05-07 | CVE-2011-1734 | HP | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Openview Storage Data Protector 6.00/6.10/6.11 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed omniiaputil message. | 10.0 |
2011-05-07 | CVE-2011-1733 | HP | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Openview Storage Data Protector 6.00/6.10/6.11 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message. | 10.0 |
2011-05-07 | CVE-2011-1732 | HP | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Openview Storage Data Protector 6.00/6.10/6.11 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed stutil message. | 10.0 |
2011-05-07 | CVE-2011-1731 | HP | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Openview Storage Data Protector 6.00/6.10/6.11 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_INTEGUTIL message. | 10.0 |
2011-05-07 | CVE-2011-1730 | HP | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Openview Storage Data Protector 6.00/6.10/6.11 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message. | 10.0 |
2011-05-07 | CVE-2011-1729 | HP | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Openview Storage Data Protector 6.00/6.10/6.11 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GET_FILE message. | 10.0 |
2011-05-07 | CVE-2011-1728 | HP | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Openview Storage Data Protector 6.00/6.10/6.11 Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_BAR message. | 10.0 |
2011-05-07 | CVE-2011-0081 | Mozilla | Unspecified vulnerability in Mozilla Firefox and Thunderbird Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.17 and 4.x before 4.0.1, and Thunderbird 3.1.x before 3.1.10, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 10.0 |
2011-05-07 | CVE-2011-0080 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 10.0 |
2011-05-07 | CVE-2011-0079 | Mozilla | Memory Corruption vulnerability in Mozilla Firefox 4.0 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x before 4.0.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to gfx/layers/d3d10/ReadbackManagerD3D10.cpp and unknown other vectors. | 10.0 |
2011-05-07 | CVE-2011-0078 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0077. | 10.0 |
2011-05-07 | CVE-2011-0077 | Mozilla | Interger Overflow vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, and CVE-2011-0078. | 10.0 |
2011-05-07 | CVE-2011-0075 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0074, CVE-2011-0077, and CVE-2011-0078. | 10.0 |
2011-05-07 | CVE-2011-0074 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0072, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078. | 10.0 |
2011-05-07 | CVE-2011-0073 | Mozilla | Improper Input Validation vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly use nsTreeRange data structures, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer." | 10.0 |
2011-05-07 | CVE-2011-0072 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, and CVE-2011-0078. | 10.0 |
2011-05-07 | CVE-2011-0070 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0069. | 10.0 |
2011-05-07 | CVE-2011-0069 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0070. | 10.0 |
2011-05-07 | CVE-2011-0066 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mObserverList. | 10.0 |
2011-05-07 | CVE-2011-0065 | Mozilla | Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel. | 10.0 |
2011-05-04 | CVE-2011-1900 | Indusoft | Path Traversal vulnerability in Indusoft web Studio 6.1/7.0 Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 6.1 and 7.x before 7.0+Patch 1 allows remote attackers to execute arbitrary code via an invalid request. | 10.0 |
2011-05-03 | CVE-2010-4803 | Mojolicious | Improper Input Validation vulnerability in Mojolicious Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors. | 10.0 |
2011-05-03 | CVE-2010-4802 | Mojolicious | Improper Input Validation vulnerability in Mojolicious Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, which has unspecified impact and remote attack vectors. | 10.0 |
2011-05-03 | CVE-2009-5074 | Mojolicious | Unspecified vulnerability in Mojolicious Unspecified vulnerability in the MojoX::Dispatcher::Static implementation in Mojolicious before 0.991250 has unknown impact and attack vectors. | 10.0 |
2011-05-04 | CVE-2011-0340 | Advantech Indusoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904.0 in the ISSymbol virtual machine, as distributed in Advantech Studio 6.1 SP6 61.6.01.05, InduSoft Web Studio before 7.0+SP1, and InduSoft Thin Client 7.0, allow remote attackers to execute arbitrary code via a long (1) InternationalOrder, (2) InternationalSeparator, or (3) LogFileName property value; or (4) a long bstrFileName argument to the OpenScreen method. | 9.3 |
2011-05-03 | CVE-2011-0610 | Adobe Microsoft Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 9.3 |
20 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-05-07 | CVE-2011-1736 | HP | Path Traversal vulnerability in HP Openview Storage Data Protector 6.00/6.10/6.11 Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message. | 8.5 |
2011-05-03 | CVE-2011-1609 | Cisco | SQL Injection vulnerability in Cisco Unified Communications Manager SQL injection vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtg85647. | 8.5 |
2011-05-05 | CVE-2011-1208 | IBM | Denial of Service vulnerability in IBM solidDB 'rpc_test_svc' Commands IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and 6.3.x before 6.3 FP8 (aka 6.3.49), and 6.5.x before 6.5 FP4 (aka 6.5.0.4) does not properly handle the (1) rpc_test_svc_readwrite and (2) rpc_test_svc_done commands, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted command. | 7.8 |
2011-05-03 | CVE-2011-1785 | Vmware | Resource Management Errors vulnerability in VMWare ESX and Esxi VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (socket exhaustion) via unspecified network traffic. | 7.8 |
2011-05-03 | CVE-2011-1613 | Cisco | Denial of Service vulnerability in Cisco Wireless LAN Controller ICMP Packet Handling Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 6.0 before 6.0.200.0, 7.0 before 7.0.98.216, and 7.0.1xx before 7.0.112.0 allows remote attackers to cause a denial of service (device reload) via a sequence of ICMP packets, aka Bug ID CSCth74426. | 7.8 |
2011-05-03 | CVE-2011-1606 | Cisco | Denial of Service vulnerability in Cisco Unified Communications Manager SIP Message (CVE-2011-1606) Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCtg62855. | 7.8 |
2011-05-03 | CVE-2011-1605 | Cisco | Denial of Service vulnerability in Cisco Unified Communications Manager SIP Message (CVE-2011-1605) Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su2, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCth39586. | 7.8 |
2011-05-03 | CVE-2011-1845 | Microsoft | Resource Management Errors vulnerability in Microsoft Silverlight Multiple memory leaks in the DataGrid control implementation in Microsoft Silverlight 4 before 4.0.60310.0 allow remote attackers to cause a denial of service (memory consumption) via an application involving (1) subscriptions to an INotifyDataErrorInfo.ErrorsChanged event or (2) a TextBlock or TextBox element. | 7.8 |
2011-05-03 | CVE-2011-1844 | Microsoft | Resource Management Errors vulnerability in Microsoft Silverlight Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows remote attackers to cause a denial of service (memory consumption) via an application involving a popup control and a custom DependencyProperty property, related to lack of garbage collection. | 7.8 |
2011-05-03 | CVE-2011-1087 | Videolan | Buffer Errors vulnerability in Videolan VLC Media Player 1.0.5 Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation. | 7.6 |
2011-05-07 | CVE-2011-0076 | Mozilla Apple | Privilege Escalation vulnerability in Mozilla Firefox/SeaMonkey Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, on Mac OS X allows remote attackers to bypass intended access restrictions via unknown vectors. | 7.5 |
2011-05-05 | CVE-2011-1904 | Proofpoint | OS Command Injection vulnerability in Proofpoint Messaging Security Gateway and Protection Server An unspecified function in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary commands via unknown vectors, related to a "command injection" issue. | 7.5 |
2011-05-05 | CVE-2011-1903 | Proofpoint | SQL Injection vulnerability in Proofpoint Messaging Security Gateway and Protection Server SQL injection vulnerability in an unspecified function in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2011-05-05 | CVE-2011-1901 | Proofpoint | Improper Authentication vulnerability in Proofpoint Messaging Security Gateway and Protection Server The mail-filter web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to bypass authentication via unspecified vectors. | 7.5 |
2011-05-03 | CVE-2011-1451 | Google Apple | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers." | 7.5 |
2011-05-03 | CVE-2011-1438 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 allows remote attackers to bypass the Same Origin Policy via vectors involving blobs. | 7.5 | |
2011-05-03 | CVE-2011-1303 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 7.5 | |
2011-05-03 | CVE-2011-1522 | Doctrine Project | SQL Injection vulnerability in Doctrine-Project products Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset field. | 7.5 |
2011-05-03 | CVE-2011-1842 | Ubuntu | Improper Input Validation vulnerability in Ubuntu Language-Selector dbus_backend/lsd.py in the D-Bus backend in language-selector before 0.6.7 does not validate the arguments to the (1) SetSystemDefaultLangEnv and (2) SetSystemDefaultLanguageEnv functions, which allows local users to gain privileges via shell metacharacters in a string argument, a different vulnerability than CVE-2011-0729. | 7.2 |
2011-05-03 | CVE-2011-1604 | Cisco | Resource Management Errors vulnerability in Cisco Unified Communications Manager Memory leak in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (memory consumption and process failure) via a malformed SIP message, aka Bug ID CSCti42904. | 7.1 |
51 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-05-07 | CVE-2011-1571 | Liferay Apache | Remote Security vulnerability in Liferay Portal Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote attackers to execute arbitrary commands via unknown vectors. | 6.8 |
2011-05-05 | CVE-2011-1905 | Proofpoint | Cross-Site Request Forgery (CSRF) vulnerability in Proofpoint Messaging Security Gateway and Protection Server Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified administrative modules in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allow remote attackers to hijack the authentication of administrators via unknown vectors. | 6.8 |
2011-05-03 | CVE-2011-1456 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." | 6.8 | |
2011-05-03 | CVE-2011-1455 | Out-Of-Bounds Read vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. | 6.8 | |
2011-05-03 | CVE-2011-1454 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in the DOM id handling functionality in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. | 6.8 | |
2011-05-03 | CVE-2011-1449 | Google Apple | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 6.8 |
2011-05-03 | CVE-2011-1448 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly perform height calculations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 6.8 | |
2011-05-03 | CVE-2011-1447 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly handle drop-down lists, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 6.8 | |
2011-05-03 | CVE-2011-1445 | Out-Of-Bounds Read vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 6.8 | |
2011-05-03 | CVE-2011-1444 | Google Linux Debian | Race Condition vulnerability in Google Chrome Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 6.8 |
2011-05-03 | CVE-2011-1443 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly implement layering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." | 6.8 | |
2011-05-03 | CVE-2011-1442 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly handle mutation events, which allows remote attackers to cause a denial of service (node tree corruption) or possibly have unspecified other impact via unknown vectors. | 6.8 | |
2011-05-03 | CVE-2011-1441 | Incorrect Type Conversion OR Cast vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly perform a cast of an unspecified variable during handling of floating select lists, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document. | 6.8 | |
2011-05-03 | CVE-2011-1440 | Google Debian Apple | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences. | 6.8 |
2011-05-03 | CVE-2011-1439 | Google Linux | Unspecified vulnerability in Google Chrome Google Chrome before 11.0.696.57 on Linux does not properly isolate renderer processes, which has unspecified impact and remote attack vectors. | 6.8 |
2011-05-03 | CVE-2011-1437 | Integer Overflow OR Wraparound vulnerability in Google Chrome Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float rendering. | 6.8 | |
2011-05-03 | CVE-2011-1434 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not ensure thread safety during handling of MIME data, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 6.8 | |
2011-05-03 | CVE-2011-1305 | Race Condition vulnerability in Google Chrome Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database. | 6.8 | |
2011-05-03 | CVE-2011-1545 | HP | Cross-Site Request Forgery (CSRF) vulnerability in HP Insight Control Performance Management Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before 6.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2011-05-03 | CVE-2011-1843 | Banu | Numeric Errors vulnerability in Banu Tinyproxy Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opportunistic circumstances via a TCP connection, related to improper handling of invalid port numbers. | 6.8 |
2011-05-03 | CVE-2011-1607 | Cisco | Path Traversal vulnerability in Cisco Unified Communications Manager Directory traversal vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su1, and 8.5 before 8.5(1) allows remote authenticated users to upload files to arbitrary directories via a modified pathname in an upload request, aka Bug ID CSCti81603. | 6.5 |
2011-05-03 | CVE-2011-1846 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role membership from groups, which allows remote authenticated users to execute non-DDL statements by leveraging previous inherited possession of a role, a different vulnerability than CVE-2011-0757. | 6.5 |
2011-05-03 | CVE-2011-1610 | Cisco | SQL Injection vulnerability in Cisco Unified Communications Manager Multiple SQL injection vulnerabilities in xmldirectorylist.jsp in the embedded Apache HTTP Server component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5)su4, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1)su1 allow remote attackers to execute arbitrary SQL commands via the (1) f, (2) l, or (3) n parameter, aka Bug ID CSCtj42064. | 6.4 |
2011-05-03 | CVE-2011-1724 | HP | Unspecified vulnerability in HP Virtual Server Environment 6.0/6.0.1 Unspecified vulnerability in HP Virtual Server Environment before 6.3 allows remote authenticated users to gain privileges via unknown vectors. | 6.0 |
2011-05-03 | CVE-2011-1544 | HP | Unspecified vulnerability in HP Insight Control Performance Management Unspecified vulnerability in HP Insight Control Performance Management before 6.3 allows remote authenticated users to gain privileges via unknown vectors. | 6.0 |
2011-05-03 | CVE-2011-1452 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redirect and a manual reload. | 5.8 | |
2011-05-03 | CVE-2011-1446 | Unspecified vulnerability in Google Chrome Google Chrome before 11.0.696.57 allows remote attackers to spoof the URL bar via vectors involving (1) a navigation error or (2) an interrupted load. | 5.8 | |
2011-05-04 | CVE-2011-0714 | Linux Redhat | Resource Management Errors vulnerability in multiple products Use-after-free vulnerability in a certain Red Hat patch for the RPC server sockets functionality in the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 might allow remote attackers to cause a denial of service (crash) via malformed data in a packet, related to lockd and the svc_xprt_received function. | 5.7 |
2011-05-07 | CVE-2011-0071 | Mozilla Microsoft | Path Traversal vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Directory traversal vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 on Windows allows remote attackers to determine the existence of arbitrary files, and possibly load resources, via vectors involving a resource: URL. | 5.0 |
2011-05-07 | CVE-2011-0067 | Mozilla | Improper Input Validation vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls. | 5.0 |
2011-05-05 | CVE-2011-1906 | Trustwave | Credentials Management vulnerability in Trustwave Webdefend 2.0/3.0 Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756. | 5.0 |
2011-05-05 | CVE-2011-1902 | Proofpoint | Path Traversal vulnerability in Proofpoint Messaging Security Gateway and Protection Server Directory traversal vulnerability in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to read arbitrary files via unspecified vectors. | 5.0 |
2011-05-05 | CVE-2011-0756 | Trustwave | Credentials Management vulnerability in Trustwave Webdefend 2.0 The application server in Trustwave WebDefend Enterprise before 5.0 uses hardcoded console credentials, which makes it easier for remote attackers to read security-event data by using the remote console GUI to connect to the management port. | 5.0 |
2011-05-03 | CVE-2011-1786 | Likewise Vmware | Resource Management Errors vulnerability in multiple products lsassd in Likewise Open /Enterprise 5.3 before build 7845, Open 6.0 before build 8325, and Enterprise 6.0 before build 178, as distributed in VMware ESXi 4.1 and ESX 4.1 and possibly other products, allows remote attackers to cause a denial of service (daemon crash) via an Active Directory login attempt that provides a username containing an invalid byte sequence. | 5.0 |
2011-05-03 | CVE-2011-1450 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers." | 5.0 | |
2011-05-03 | CVE-2011-1436 | Google Linux | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 on Linux does not properly interact with the X Window System, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | 5.0 |
2011-05-03 | CVE-2011-1435 | Incorrect Default Permissions vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension. | 5.0 | |
2011-05-03 | CVE-2011-1304 | Unspecified vulnerability in Google Chrome Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the pop-up blocker via vectors related to plug-ins. | 5.0 | |
2011-05-03 | CVE-2011-1539 | HP | Unspecified vulnerability in HP Proliant Support Pack 8.5 Unspecified vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote attackers to obtain sensitive information via unknown vectors. | 5.0 |
2011-05-03 | CVE-2011-1847 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. | 4.9 |
2011-05-03 | CVE-2011-1577 | Linux | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Linux Kernel Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media. | 4.9 |
2011-05-03 | CVE-2011-1538 | HP | Improper Input Validation vulnerability in HP Proliant Support Pack 8.5 Open redirect vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote authenticated users to redirect other users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 4.9 |
2011-05-05 | CVE-2011-1423 | EMC | Cross-Site Scripting vulnerability in EMC Data Loss Prevention Enterprise Manager 8.0/8.5 Cross-site scripting (XSS) vulnerability in RSA Data Loss Prevention (DLP) Enterprise Manager 8.x before 8.5 SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-05-04 | CVE-2011-1209 | IBM | Cryptographic Issues vulnerability in IBM Websphere Application Server IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 before 7.0.0.17 uses a weak WS-Security XML encryption algorithm, which makes it easier for remote attackers to obtain plaintext data from a (1) JAX-RPC or (2) JAX-WS Web Services request via unspecified vectors related to a "decryption attack." | 4.3 |
2011-05-03 | CVE-2011-1739 | Freebsd | Improper Input Validation vulnerability in Freebsd The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request. | 4.3 |
2011-05-03 | CVE-2011-1727 | HP | Cross-Site Scripting vulnerability in HP Sitescope Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an "HTML injection" issue. | 4.3 |
2011-05-03 | CVE-2011-1726 | HP | Cross-Site Scripting vulnerability in HP Sitescope Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-05-03 | CVE-2011-1537 | HP | Cross-Site Scripting vulnerability in HP Proliant Support Pack 8.5 Cross-site scripting (XSS) vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-05-03 | CVE-2011-1523 | Nagios | Cross-Site Scripting vulnerability in Nagios Cross-site scripting (XSS) vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the layer parameter. | 4.3 |
2011-05-03 | CVE-2011-1841 | Mojolicious | Cross-Site Scripting vulnerability in Mojolicious Cross-site scripting (XSS) vulnerability in the link_to helper in Mojolicious before 1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-05-07 | CVE-2011-1502 | Liferay Apache | Information Exposure vulnerability in Liferay Portal Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to read arbitrary files via an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue. | 4.0 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-05-07 | CVE-2011-1570 | Liferay Apache Microsoft | Cross-Site Scripting vulnerability in Liferay Portal Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to inject arbitrary web script or HTML via a message title, a different vulnerability than CVE-2004-2030. | 3.5 |
2011-05-07 | CVE-2011-1504 | Liferay | Cross-Site Scripting vulnerability in Liferay Portal Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA allows remote authenticated users to inject arbitrary web script or HTML via a blog title. | 3.5 |
2011-05-07 | CVE-2011-1503 | Liferay Apache Oracle Linux Microsoft | Information Exposure vulnerability in Liferay Portal The XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x before 6.0.6 GA, when Apache Tomcat or Oracle GlassFish is used, allows remote authenticated users to read arbitrary (1) XSL and (2) XML files via a file:/// URL. | 3.5 |