Weekly Vulnerabilities Reports > August 8 to 14, 2011
Overview
90 new vulnerabilities reported during this period, including 36 critical vulnerabilities and 10 high severity vulnerabilities. This weekly summary report vulnerabilities in 49 products from 20 vendors including Microsoft, Adobe, Linux, Google, and Apple. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Improper Input Validation", and "Numeric Errors".
- 82 reported vulnerabilities are remotely exploitables.
- 1 reported vulnerabilities have public exploit available.
- 11 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 88 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 32 reported vulnerabilities.
- Adobe has the most reported critical vulnerabilities, with 20 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
36 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-08-12 | CVE-2011-3137 | IBM | Unspecified vulnerability in IBM products Unspecified vulnerability in the Management Console in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 has unknown impact and attack vectors, aka APAR IV03050. | 10.0 |
2011-08-12 | CVE-2011-3136 | IBM | Unspecified vulnerability in IBM products Unspecified vulnerability in the Management Console in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 has unknown impact and attack vectors, aka APAR IV03048. | 10.0 |
2011-08-12 | CVE-2011-3135 | IBM | Unspecified vulnerability in IBM products Unspecified vulnerability in the Runtime in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 has unknown impact and attack vectors. | 10.0 |
2011-08-11 | CVE-2011-2423 | Adobe | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 10.0 |
2011-08-11 | CVE-2011-2422 | Adobe | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 10.0 |
2011-08-11 | CVE-2011-2420 | Adobe | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 10.0 |
2011-08-11 | CVE-2011-2419 | Adobe | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 10.0 |
2011-08-11 | CVE-2010-4309 | Adobe | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-4308. | 10.0 |
2011-08-11 | CVE-2010-4308 | Adobe | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-4309. | 10.0 |
2011-08-10 | CVE-2011-2425 | Adobe Apple Linux Microsoft SUN | Buffer Errors vulnerability in Adobe AIR and Flash Player Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2417. | 10.0 |
2011-08-10 | CVE-2011-2417 | Adobe Apple Linux Microsoft SUN | Buffer Errors vulnerability in Adobe AIR and Flash Player Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2425. | 10.0 |
2011-08-10 | CVE-2011-2416 | Adobe Apple Linux Microsoft SUN | Numeric Errors vulnerability in Adobe AIR and Flash Player Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138. | 10.0 |
2011-08-10 | CVE-2011-2415 | Adobe Apple Linux Microsoft SUN | Buffer Errors vulnerability in Adobe AIR and Flash Player Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2414. | 10.0 |
2011-08-10 | CVE-2011-2414 | Adobe Apple Linux Microsoft SUN | Buffer Errors vulnerability in Adobe AIR and Flash Player Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2415. | 10.0 |
2011-08-10 | CVE-2011-2140 | Adobe Apple Linux Microsoft SUN | Buffer Errors vulnerability in Adobe AIR and Flash Player Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2417, and CVE-2011-2425. | 10.0 |
2011-08-10 | CVE-2011-2138 | Adobe Apple Linux Microsoft SUN | Numeric Errors vulnerability in Adobe AIR and Flash Player Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2416. | 10.0 |
2011-08-10 | CVE-2011-2136 | Adobe Apple Linux Microsoft SUN | Numeric Errors vulnerability in Adobe AIR and Flash Player Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2138 and CVE-2011-2416. | 10.0 |
2011-08-10 | CVE-2011-2135 | Adobe Apple Linux Microsoft SUN | Buffer Errors vulnerability in Adobe AIR and Flash Player Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2140, CVE-2011-2417, and CVE-2011-2425. | 10.0 |
2011-08-10 | CVE-2011-3125 | Wordpress | Unspecified vulnerability in Wordpress Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Various security hardening." | 10.0 |
2011-08-10 | CVE-2011-2137 | Adobe Apple Linux Microsoft SUN | Buffer Errors vulnerability in Adobe AIR and Flash Player Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415. | 10.0 |
2011-08-10 | CVE-2011-2134 | Adobe Apple Linux Microsoft SUN | Buffer Errors vulnerability in Adobe AIR and Flash Player Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415. | 10.0 |
2011-08-10 | CVE-2011-2130 | Adobe Apple Linux Microsoft SUN | Buffer Errors vulnerability in Adobe AIR and Flash Player Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2134, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415. | 10.0 |
2011-08-10 | CVE-2011-1966 | Microsoft | Improper Input Validation vulnerability in Microsoft Windows Server 2008 R2 The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerability." | 10.0 |
2011-08-10 | CVE-2011-3122 | Wordpress | Unspecified vulnerability in Wordpress Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Media security." | 10.0 |
2011-08-09 | CVE-2011-3012 | Ioquake3 Tremulous Urbanterror Worldofpadman | Improper Input Validation vulnerability in multiple products The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror 2007-12-20, does not check for dangerous file extensions before writing to the quake3 directory, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file, a different vulnerability than CVE-2011-2764. | 10.0 |
2011-08-11 | CVE-2011-2421 | Adobe | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Dirapi.dll in Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir media file. | 9.3 |
2011-08-11 | CVE-2011-2131 | Adobe | Buffer Errors vulnerability in Adobe Creative Suite and Photoshop Adobe Photoshop 12.0 in Creative Suite 5 (CS5) and 12.1 in Creative Suite 5.1 (CS5.1) allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GIF file. | 9.3 |
2011-08-10 | CVE-2011-3129 | Wordpress | Permissions, Privileges, and Access Controls vulnerability in Wordpress The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2, when running "on hosts with dangerous security settings," has unknown impact and attack vectors, possibly related to dangerous filenames. | 9.3 |
2011-08-10 | CVE-2011-1979 | Microsoft | Improper Input Validation vulnerability in Microsoft Visio 2003/2007 Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "Move Around the Block RCE Vulnerability." | 9.3 |
2011-08-10 | CVE-2011-1975 | Microsoft | Unspecified vulnerability in Microsoft Windows 7 and Windows Server 2008 Untrusted search path vulnerability in the Data Access Tracing component in Windows Data Access Components (Windows DAC) 6.0 in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an Excel .xlsx file, aka "Data Access Components Insecure Library Loading Vulnerability." Per: http://www.microsoft.com/technet/security/Bulletin/MS11-059.mspx Access Vector: Network per "This is a remote code execution vulnerability" Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path' | 9.3 |
2011-08-10 | CVE-2011-1972 | Microsoft | Improper Input Validation vulnerability in Microsoft Visio 2003/2007/2010 Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "pStream Release RCE Vulnerability." | 9.3 |
2011-08-10 | CVE-2011-1964 | Microsoft | Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corruption Vulnerability." | 9.3 |
2011-08-10 | CVE-2011-1963 | Microsoft | Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer 7/8/9 Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vulnerability." | 9.3 |
2011-08-10 | CVE-2011-1961 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerability." | 9.3 |
2011-08-09 | CVE-2011-2590 | Uusee | Improper Input Validation vulnerability in Uusee Uuplayer Activex Control and Uusee The Play method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 allows remote attackers to execute arbitrary programs via a UNC share pathname in the MPlayerPath parameter. | 9.3 |
2011-08-09 | CVE-2011-2589 | Uusee | Buffer Errors vulnerability in Uusee Uuplayer Activex Control and Uusee Heap-based buffer overflow in the SendLogAction method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 might allow remote attackers to execute arbitrary code via a long argument. | 9.3 |
10 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-08-11 | CVE-2011-2405 | HP | Improper Input Validation vulnerability in HP products The HP ProLiant SL Advanced Power Manager (SL-APM) with firmware before 1.20 does not properly validate users, which allows remote attackers to cause a denial of service via unspecified vectors. | 7.8 |
2011-08-10 | CVE-2011-1257 | Microsoft | Race Condition vulnerability in Microsoft Internet Explorer 6/7/8 Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability." | 7.6 |
2011-08-11 | CVE-2011-2404 | HP | Code Injection vulnerability in HP Easy Printer Care Software A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-4786 and CVE-2011-4787. | 7.5 |
2011-08-10 | CVE-2011-3130 | Wordpress | Unspecified vulnerability in Wordpress wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Taxonomy query hardening," possibly involving SQL injection. | 7.5 |
2011-08-12 | CVE-2011-1898 | Citrix | Permissions, Privileges, and Access Controls vulnerability in Citrix XEN 4.0.0/4.0.1/4.1.0 Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers." | 7.4 |
2011-08-10 | CVE-2011-1974 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft products NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "NDISTAPI Elevation of Privilege Vulnerability." | 7.2 |
2011-08-10 | CVE-2011-3124 | IBM Linux | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, assigns incorrect ownership to unspecified files, which allows local users to gain privileges via unknown vectors. | 7.2 |
2011-08-10 | CVE-2011-3123 | IBM Linux | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | 7.2 |
2011-08-10 | CVE-2011-1968 | Microsoft | Resource Management Errors vulnerability in Microsoft products The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly process packets in memory, which allows remote attackers to cause a denial of service (reboot) by sending crafted RDP packets triggering access to an object that (1) was not properly initialized or (2) is deleted, as exploited in the wild in 2011, aka "Remote Desktop Protocol Vulnerability." | 7.1 |
2011-08-10 | CVE-2011-1965 | Microsoft | Resource Management Errors vulnerability in Microsoft Windows 7 and Windows Server 2008 Tcpip.sys in the TCP/IP stack in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 does not properly implement URL-based QoS, which allows remote attackers to cause a denial of service (reboot) via a crafted URL to a web server, aka "TCP/IP QOS Denial of Service Vulnerability." | 7.1 |
39 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-08-12 | CVE-2011-1583 | Citrix | Numeric Errors vulnerability in Citrix XEN Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields. | 6.9 |
2011-08-12 | CVE-2009-5083 | IBM | Improper Authentication vulnerability in IBM Tivoli Federated Identity Manager 6.2.0/6.2.0.1 IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID relying party, does not perform the expected login rejection upon receiving an OP-Identifier from an OpenID provider, which allows remote attackers to bypass authentication via unspecified vectors. | 6.8 |
2011-08-10 | CVE-2011-3007 | Mcafee | Code Injection vulnerability in Mcafee Saas Endpoint Protection 5.2.0/5.2.1 The myCIOScn ActiveX control (myCIOScn.dll) in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to write to arbitrary files by specifying an arbitrary filename in the MyCioScan.Scan.ReportFile parameter, as demonstrated by injecting script into a log file and executing arbitrary code using the MyCioScan.Scan.Start method. | 6.8 |
2011-08-10 | CVE-2011-3006 | Mcafee | Permissions, Privileges, and Access Controls vulnerability in Mcafee Saas Endpoint Protection 5.2.0/5.2.1 The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to bypass the MyASUtil.SecureObjectFactory.CreateSecureObject domain execution policy using a cross-site scripting (XSS) attack, execute arbitrary code using the MyASUtil.InstallInfo.RunUserProgram function, and possibly conduct other unspecified attacks. | 6.8 |
2011-08-11 | CVE-2011-2407 | HP | Security Bypass and HTML Injection vulnerability in HP OpenView Performance Insight Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors. | 6.4 |
2011-08-10 | CVE-2011-2139 | Adobe Apple Linux Microsoft SUN | Permissions, Privileges, and Access Controls vulnerability in Adobe AIR and Flash Player Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. | 6.4 |
2011-08-10 | CVE-2011-3127 | Wordpress | Improper Input Validation vulnerability in Wordpress WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not prevent rendering for (1) admin or (2) login pages inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site. | 5.8 |
2011-08-09 | CVE-2008-7298 | Android | Permissions, Privileges, and Access Controls vulnerability in multiple products The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | 5.8 |
2011-08-09 | CVE-2008-7297 | Opera | Permissions, Privileges, and Access Controls vulnerability in Opera Browser Opera cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | 5.8 |
2011-08-09 | CVE-2008-7296 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple Safari Apple Safari cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | 5.8 |
2011-08-09 | CVE-2008-7295 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | 5.8 |
2011-08-09 | CVE-2008-7294 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google Chrome before 4.0.211.0 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | 5.8 | |
2011-08-09 | CVE-2008-7293 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox Mozilla Firefox before 4 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | 5.8 |
2011-08-12 | CVE-2011-3138 | IBM | Unspecified vulnerability in IBM products The LTPA STS module support implementation in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 relies on a static instance of a Java Development Kit (JDK) class, which might allow attackers to bypass LTPA token signature verification by leveraging lack of thread safety. | 5.0 |
2011-08-12 | CVE-2008-7299 | IBM | Improper Input Validation vulnerability in IBM Tivoli Federated Identity Manager 6.2.0/6.2.0.1 IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2 uses an incomplete SAML 1.x browser-artifact, which allows remote OpenID providers to spoof assertions via vectors related to the Issuer field. | 5.0 |
2011-08-11 | CVE-2011-2132 | Adobe | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Flash Media Server Adobe Flash Media Server (FMS) before 3.5.7, and 4.x before 4.0.3, allows attackers to cause a denial of service (memory corruption) via unspecified vectors. | 5.0 |
2011-08-10 | CVE-2011-3128 | Wordpress | Information Exposure vulnerability in Wordpress WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which might allow remote attackers to obtain sensitive data via vectors related to wp-includes/post.php. | 5.0 |
2011-08-10 | CVE-2011-3126 | Wordpress | Information Exposure vulnerability in Wordpress WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 allows remote attackers to determine usernames of non-authors via canonical redirects. | 5.0 |
2011-08-10 | CVE-2011-1970 | Microsoft | Buffer Errors vulnerability in Microsoft products The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka "DNS Uninitialized Memory Corruption Vulnerability." | 5.0 |
2011-08-09 | CVE-2011-3014 | Novell | Permissions, Privileges, and Access Controls vulnerability in Novell Data Synchronizer and Mobility Pack The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not properly restrict caching of HTTPS responses, which makes it easier for remote attackers to obtain sensitive information by leveraging an unattended workstation. | 5.0 |
2011-08-09 | CVE-2011-3013 | Novell | Cryptographic Issues vulnerability in Novell Data Synchronizer and Mobility Pack WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 supports weak SSL ciphers, which makes it easier for remote attackers to obtain access via a brute-force attack. | 5.0 |
2011-08-09 | CVE-2011-2223 | Novell | Cryptographic Issues vulnerability in Novell Data Synchronizer and Mobility Pack The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network. | 5.0 |
2011-08-09 | CVE-2011-2221 | Novell | Permissions, Privileges, and Access Controls vulnerability in Novell Data Synchronizer and Mobility Pack The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to bypass WebAdmin authentication and obtain sensitive GroupWise information via unspecified vectors. | 5.0 |
2011-08-09 | CVE-2011-2979 | Mozilla | Multiple Security vulnerability in Mozilla Bugzilla 4.1/4.1.1/4.1.2 Bugzilla 4.1.x before 4.1.3 generates different responses for certain assignee queries depending on whether the group name is valid, which allows remote attackers to determine the existence of private group names via a custom search. | 5.0 |
2011-08-09 | CVE-2011-2978 | Mozilla | Improper Input Validation vulnerability in Mozilla Bugzilla Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail address (aka old_email field) for e-mail change notifications, which makes it easier for remote attackers to perform arbitrary address changes by leveraging an unattended workstation. | 5.0 |
2011-08-09 | CVE-2011-2380 | Mozilla | Information Exposure vulnerability in Mozilla Bugzilla Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to determine the existence of private group names via a crafted parameter during (1) bug creation or (2) bug editing. | 5.0 |
2011-08-11 | CVE-2011-2409 | HP | Cross-Site Scripting vulnerability in HP Palm Webos 3.0.0 Cross-site scripting (XSS) vulnerability in the Calendar application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-08-11 | CVE-2011-2408 | HP | Cross-Site Scripting vulnerability in HP Palm Webos 3.0.0 Cross-site scripting (XSS) vulnerability in the Contacts application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-08-11 | CVE-2011-2133 | Adobe | Cross-Site Scripting vulnerability in Adobe Robohelp and Robohelp Server Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 8 and 9 before 9.0.1.262, and RoboHelp Server 8 and 9, allows remote attackers to inject arbitrary web script or HTML via the URI, related to template_stock/whutils.js. | 4.3 |
2011-08-11 | CVE-2011-1357 | IBM | Cross-Site Scripting vulnerability in IBM Websphere Service Registry and Repository Cross-site scripting (XSS) vulnerability in agentDetect.jsp in the web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3 before 6.3.0.5, 7.0 before 7.0.0.5, and 7.5 before 7.5.0.1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header. | 4.3 |
2011-08-10 | CVE-2011-1976 | Microsoft | Cross-Site Scripting vulnerability in Microsoft Report Viewer and Visual Studio Cross-site scripting (XSS) vulnerability in the Report Viewer Control in Microsoft Visual Studio 2005 SP1 and Report Viewer 2005 SP1 allows remote attackers to inject arbitrary web script or HTML via a parameter in a data source, aka "Report Viewer Controls XSS Vulnerability." | 4.3 |
2011-08-10 | CVE-2011-1962 | Microsoft | Improper Input Validation vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Shift JIS Character Encoding Vulnerability." | 4.3 |
2011-08-10 | CVE-2011-1960 | Microsoft | Exposure of Resource to Wrong Sphere vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclosure Vulnerability." | 4.3 |
2011-08-10 | CVE-2011-1263 | Microsoft | Cross-Site Scripting vulnerability in Microsoft Windows Server 2008 R2 Cross-site scripting (XSS) vulnerability in the logon page in Remote Desktop Web Access (RD Web Access) in Microsoft Windows Server 2008 R2 and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "Remote Desktop Web Access Vulnerability." | 4.3 |
2011-08-09 | CVE-2011-2224 | Novell | Cross-Site Scripting vulnerability in Novell Data Synchronizer and Mobility Pack The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors. | 4.3 |
2011-08-09 | CVE-2011-2222 | Novell | Remote Security vulnerability in Novell Data Synchronizer Mobility Pack Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vectors. | 4.3 |
2011-08-09 | CVE-2011-2976 | Mozilla | Cross-Site Scripting vulnerability in Mozilla Bugzilla Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, and 3.4.x before 3.4.12 allows remote attackers to inject arbitrary web script or HTML via vectors involving a BUGLIST cookie. | 4.3 |
2011-08-09 | CVE-2011-2381 | Mozilla | Code Injection vulnerability in Mozilla Bugzilla CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject arbitrary e-mail headers via an attachment description in a flagmail notification. | 4.3 |
2011-08-09 | CVE-2011-2379 | Mozilla | Cross-Site Scripting vulnerability in Mozilla Bugzilla Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9 or Safari before 5.0.6 is used for Raw Unified mode, allows remote attackers to inject arbitrary web script or HTML via a crafted patch, related to content sniffing. | 4.3 |
5 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-08-11 | CVE-2011-2406 | HP | Cross-Site Scripting vulnerability in HP Openview Performance Insight Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2011-08-12 | CVE-2009-5085 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Federated Identity Manager 6.2.0/6.2.0.1 IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID provider, does not delete the site information cookie in response to a user's deletion of a relying-party trust entry, which allows user-assisted remote attackers to bypass intended trust restrictions via vectors that trigger absence of the consent-to-authenticate page. | 2.6 |
2011-08-09 | CVE-2011-2977 | Mozilla Microsoft | Multiple Security vulnerability in Bugzilla Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. | 2.1 |
2011-08-09 | CVE-2008-7292 | Mozilla Microsoft | Information Exposure vulnerability in Mozilla Bugzilla Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2011-2977. | 2.1 |
2011-08-12 | CVE-2009-5084 | IBM | Cryptographic Issues vulnerability in IBM Tivoli Federated Identity Manager 6.2.0/6.2.0.1 IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when com.tivoli.am.fim.infocard.delegates.InfoCardSTSDelegate tracing is enabled, creates a cleartext log entry containing a password, which might allow local users to obtain sensitive information by reading the log data. | 1.9 |