Weekly Vulnerabilities Reports > August 8 to 14, 2011

Overview

98 new vulnerabilities reported during this period, including 36 critical vulnerabilities and 12 high severity vulnerabilities. This weekly summary report vulnerabilities in 53 products from 21 vendors including Microsoft, Adobe, Google, Linux, and Apple. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Permissions, Privileges, and Access Controls", "Improper Input Validation", "Cross-site Scripting", and "Information Exposure".

  • 87 reported vulnerabilities are remotely exploitables.
  • 1 reported vulnerabilities have public exploit available.
  • 11 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 94 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 37 reported vulnerabilities.
  • Adobe has the most reported critical vulnerabilities, with 20 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

36 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-08-12 CVE-2011-3137 IBM Unspecified vulnerability in IBM products

Unspecified vulnerability in the Management Console in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 has unknown impact and attack vectors, aka APAR IV03050.

10.0
2011-08-12 CVE-2011-3136 IBM Unspecified vulnerability in IBM products

Unspecified vulnerability in the Management Console in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 has unknown impact and attack vectors, aka APAR IV03048.

10.0
2011-08-12 CVE-2011-3135 IBM Unspecified vulnerability in IBM products

Unspecified vulnerability in the Runtime in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 has unknown impact and attack vectors.

10.0
2011-08-11 CVE-2011-2423 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

msvcr90.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10.0
2011-08-11 CVE-2011-2422 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10.0
2011-08-11 CVE-2011-2420 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10.0
2011-08-11 CVE-2011-2419 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10.0
2011-08-11 CVE-2010-4309 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-4308.

10.0
2011-08-11 CVE-2010-4308 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-4309.

10.0
2011-08-10 CVE-2011-2425 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2417.

10.0
2011-08-10 CVE-2011-2417 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2425.

10.0
2011-08-10 CVE-2011-2416 Adobe
Apple
Linux
Microsoft
SUN
Google
Numeric Errors vulnerability in Adobe AIR and Flash Player

Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138.

10.0
2011-08-10 CVE-2011-2415 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2414.

10.0
2011-08-10 CVE-2011-2414 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2415.

10.0
2011-08-10 CVE-2011-2140 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2417, and CVE-2011-2425.

10.0
2011-08-10 CVE-2011-2138 Adobe
Apple
Linux
Microsoft
SUN
Google
Numeric Errors vulnerability in Adobe AIR and Flash Player

Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2416.

10.0
2011-08-10 CVE-2011-2136 Adobe
Apple
Linux
Microsoft
SUN
Google
Numeric Errors vulnerability in Adobe AIR and Flash Player

Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2138 and CVE-2011-2416.

10.0
2011-08-10 CVE-2011-2135 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2140, CVE-2011-2417, and CVE-2011-2425.

10.0
2011-08-10 CVE-2011-3125 Wordpress Unspecified vulnerability in Wordpress

Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Various security hardening."

10.0
2011-08-10 CVE-2011-2137 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415.

10.0
2011-08-10 CVE-2011-2134 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415.

10.0
2011-08-10 CVE-2011-2130 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2134, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415.

10.0
2011-08-10 CVE-2011-1966 Microsoft Improper Input Validation vulnerability in Microsoft Windows Server 2008 R2

The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerability."

10.0
2011-08-10 CVE-2011-3122 Wordpress Unspecified vulnerability in Wordpress

Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Media security."

10.0
2011-08-09 CVE-2011-3012 Ioquake3
Tremulous
Urbanterror
Worldofpadman
Improper Input Validation vulnerability in multiple products

The ioQuake3 engine, as used in World of Padman 1.2 and earlier, Tremulous 1.1.0, and ioUrbanTerror 2007-12-20, does not check for dangerous file extensions before writing to the quake3 directory, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file, a different vulnerability than CVE-2011-2764.

10.0
2011-08-11 CVE-2011-2421 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

Dirapi.dll in Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir media file.

9.3
2011-08-11 CVE-2011-2131 Adobe Buffer Errors vulnerability in Adobe Creative Suite and Photoshop

Adobe Photoshop 12.0 in Creative Suite 5 (CS5) and 12.1 in Creative Suite 5.1 (CS5.1) allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GIF file.

9.3
2011-08-10 CVE-2011-3129 Wordpress Permissions, Privileges, and Access Controls vulnerability in Wordpress

The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2, when running "on hosts with dangerous security settings," has unknown impact and attack vectors, possibly related to dangerous filenames.

9.3
2011-08-10 CVE-2011-1979 Microsoft Improper Input Validation vulnerability in Microsoft Visio 2003/2007

Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "Move Around the Block RCE Vulnerability."

9.3
2011-08-10 CVE-2011-1975 Microsoft Unspecified vulnerability in Microsoft Windows 7 and Windows Server 2008

Untrusted search path vulnerability in the Data Access Tracing component in Windows Data Access Components (Windows DAC) 6.0 in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an Excel .xlsx file, aka "Data Access Components Insecure Library Loading Vulnerability." Per: http://www.microsoft.com/technet/security/Bulletin/MS11-059.mspx Access Vector: Network per "This is a remote code execution vulnerability" Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'

9.3
2011-08-10 CVE-2011-1972 Microsoft Improper Input Validation vulnerability in Microsoft Visio 2003/2007/2010

Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "pStream Release RCE Vulnerability."

9.3
2011-08-10 CVE-2011-1964 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corruption Vulnerability."

9.3
2011-08-10 CVE-2011-1963 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer 7/8/9

Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vulnerability."

9.3
2011-08-10 CVE-2011-1961 Microsoft Improper Input Validation vulnerability in Microsoft Internet Explorer

The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerability."

9.3
2011-08-09 CVE-2011-2590 Uusee Improper Input Validation vulnerability in Uusee Uuplayer Activex Control and Uusee

The Play method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 allows remote attackers to execute arbitrary programs via a UNC share pathname in the MPlayerPath parameter.

9.3
2011-08-09 CVE-2011-2589 Uusee Buffer Errors vulnerability in Uusee Uuplayer Activex Control and Uusee

Heap-based buffer overflow in the SendLogAction method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 might allow remote attackers to execute arbitrary code via a long argument.

9.3

12 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-08-11 CVE-2011-2405 HP Improper Input Validation vulnerability in HP products

The HP ProLiant SL Advanced Power Manager (SL-APM) with firmware before 1.20 does not properly validate users, which allows remote attackers to cause a denial of service via unspecified vectors.

7.8
2011-08-10 CVE-2011-1871 Microsoft Resource Management Errors vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista

Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (reboot) via a series of crafted ICMP messages, aka "ICMP Denial of Service Vulnerability."

7.8
2011-08-10 CVE-2011-1257 Microsoft Race Condition vulnerability in Microsoft Internet Explorer 6/7/8

Race condition in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors involving access to an object, aka "Window Open Race Condition Vulnerability."

7.6
2011-08-11 CVE-2011-2404 HP Code Injection vulnerability in HP Easy Printer Care Software

A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-4786 and CVE-2011-4787.

7.5
2011-08-10 CVE-2011-3130 Wordpress Unspecified vulnerability in Wordpress

wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Taxonomy query hardening," possibly involving SQL injection.

7.5
2011-08-12 CVE-2011-1898 Citrix Permissions, Privileges, and Access Controls vulnerability in Citrix XEN 4.0.0/4.0.1/4.1.0

Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt injection registers."

7.4
2011-08-10 CVE-2011-1974 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "NDISTAPI Elevation of Privilege Vulnerability."

7.2
2011-08-10 CVE-2011-1967 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft products

Winsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process device-event messages from low-integrity processes to high-integrity processes, which allows local users to gain privileges via a crafted application, aka "CSRSS Vulnerability."

7.2
2011-08-10 CVE-2011-3124 IBM
Linux
Permissions, Privileges, and Access Controls vulnerability in IBM products

IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, assigns incorrect ownership to unspecified files, which allows local users to gain privileges via unknown vectors.

7.2
2011-08-10 CVE-2011-3123 IBM
Linux
Permissions, Privileges, and Access Controls vulnerability in IBM products

IBM InfoSphere Information Server 8.5 and 8.5.0.1 on Unix and Linux, as used in IBM InfoSphere DataStage 8.5 and 8.5.0.1 and other products, uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.

7.2
2011-08-10 CVE-2011-1968 Microsoft Resource Management Errors vulnerability in Microsoft products

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly process packets in memory, which allows remote attackers to cause a denial of service (reboot) by sending crafted RDP packets triggering access to an object that (1) was not properly initialized or (2) is deleted, as exploited in the wild in 2011, aka "Remote Desktop Protocol Vulnerability."

7.1
2011-08-10 CVE-2011-1965 Microsoft Resource Management Errors vulnerability in Microsoft Windows 7 and Windows Server 2008

Tcpip.sys in the TCP/IP stack in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 does not properly implement URL-based QoS, which allows remote attackers to cause a denial of service (reboot) via a crafted URL to a web server, aka "TCP/IP QOS Denial of Service Vulnerability."

7.1

45 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-08-12 CVE-2011-1583 Citrix Numeric Errors vulnerability in Citrix XEN

Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields.

6.9
2011-08-12 CVE-2009-5083 IBM Improper Authentication vulnerability in IBM Tivoli Federated Identity Manager 6.2.0/6.2.0.1

IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID relying party, does not perform the expected login rejection upon receiving an OP-Identifier from an OpenID provider, which allows remote attackers to bypass authentication via unspecified vectors.

6.8
2011-08-10 CVE-2011-3007 Mcafee Code Injection vulnerability in Mcafee Saas Endpoint Protection 5.2.0/5.2.1

The myCIOScn ActiveX control (myCIOScn.dll) in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to write to arbitrary files by specifying an arbitrary filename in the MyCioScan.Scan.ReportFile parameter, as demonstrated by injecting script into a log file and executing arbitrary code using the MyCioScan.Scan.Start method.

6.8
2011-08-10 CVE-2011-3006 Mcafee Permissions, Privileges, and Access Controls vulnerability in Mcafee Saas Endpoint Protection 5.2.0/5.2.1

The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to bypass the MyASUtil.SecureObjectFactory.CreateSecureObject domain execution policy using a cross-site scripting (XSS) attack, execute arbitrary code using the MyASUtil.InstallInfo.RunUserProgram function, and possibly conduct other unspecified attacks.

6.8
2011-08-11 CVE-2011-2407 HP Security Bypass and HTML Injection vulnerability in HP OpenView Performance Insight

Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors.

6.4
2011-08-10 CVE-2011-2139 Adobe
Apple
Linux
Microsoft
SUN
Google
Permissions, Privileges, and Access Controls vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.

6.4
2011-08-10 CVE-2011-3127 Wordpress Improper Input Validation vulnerability in Wordpress

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not prevent rendering for (1) admin or (2) login pages inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

5.8
2011-08-09 CVE-2008-7298 Android
Google
Permissions, Privileges, and Access Controls vulnerability in multiple products

The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.

5.8
2011-08-09 CVE-2008-7297 Opera Permissions, Privileges, and Access Controls vulnerability in Opera Browser

Opera cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.

5.8
2011-08-09 CVE-2008-7296 Apple Permissions, Privileges, and Access Controls vulnerability in Apple Safari

Apple Safari cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.

5.8
2011-08-09 CVE-2008-7295 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.

5.8
2011-08-09 CVE-2008-7294 Google Permissions, Privileges, and Access Controls vulnerability in Google Chrome

Google Chrome before 4.0.211.0 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.

5.8
2011-08-09 CVE-2008-7293 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox

Mozilla Firefox before 4 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.

5.8
2011-08-12 CVE-2011-3138 IBM Unspecified vulnerability in IBM products

The LTPA STS module support implementation in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 relies on a static instance of a Java Development Kit (JDK) class, which might allow attackers to bypass LTPA token signature verification by leveraging lack of thread safety.

5.0
2011-08-12 CVE-2008-7299 IBM Improper Input Validation vulnerability in IBM Tivoli Federated Identity Manager 6.2.0/6.2.0.1

IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2 uses an incomplete SAML 1.x browser-artifact, which allows remote OpenID providers to spoof assertions via vectors related to the Issuer field.

5.0
2011-08-11 CVE-2011-2132 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Flash Media Server

Adobe Flash Media Server (FMS) before 3.5.7, and 4.x before 4.0.3, allows attackers to cause a denial of service (memory corruption) via unspecified vectors.

5.0
2011-08-10 CVE-2011-3128 Wordpress Information Exposure vulnerability in Wordpress

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which might allow remote attackers to obtain sensitive data via vectors related to wp-includes/post.php.

5.0
2011-08-10 CVE-2011-3126 Wordpress Information Exposure vulnerability in Wordpress

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 allows remote attackers to determine usernames of non-authors via canonical redirects.

5.0
2011-08-10 CVE-2011-1970 Microsoft Buffer Errors vulnerability in Microsoft products

The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka "DNS Uninitialized Memory Corruption Vulnerability."

5.0
2011-08-09 CVE-2011-3014 Novell Permissions, Privileges, and Access Controls vulnerability in Novell Data Synchronizer and Mobility Pack

The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not properly restrict caching of HTTPS responses, which makes it easier for remote attackers to obtain sensitive information by leveraging an unattended workstation.

5.0
2011-08-09 CVE-2011-3013 Novell Cryptographic Issues vulnerability in Novell Data Synchronizer and Mobility Pack

WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 supports weak SSL ciphers, which makes it easier for remote attackers to obtain access via a brute-force attack.

5.0
2011-08-09 CVE-2011-2223 Novell Cryptographic Issues vulnerability in Novell Data Synchronizer and Mobility Pack

The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

5.0
2011-08-09 CVE-2011-2221 Novell Permissions, Privileges, and Access Controls vulnerability in Novell Data Synchronizer and Mobility Pack

The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to bypass WebAdmin authentication and obtain sensitive GroupWise information via unspecified vectors.

5.0
2011-08-09 CVE-2011-2979 Mozilla Multiple Security vulnerability in Mozilla Bugzilla 4.1/4.1.1/4.1.2

Bugzilla 4.1.x before 4.1.3 generates different responses for certain assignee queries depending on whether the group name is valid, which allows remote attackers to determine the existence of private group names via a custom search.

5.0
2011-08-09 CVE-2011-2978 Mozilla Improper Input Validation vulnerability in Mozilla Bugzilla

Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 does not prevent changes to the confirmation e-mail address (aka old_email field) for e-mail change notifications, which makes it easier for remote attackers to perform arbitrary address changes by leveraging an unattended workstation.

5.0
2011-08-09 CVE-2011-2380 Mozilla Information Exposure vulnerability in Mozilla Bugzilla

Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to determine the existence of private group names via a crafted parameter during (1) bug creation or (2) bug editing.

5.0
2011-08-10 CVE-2011-1971 Microsoft Resource Management Errors vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly parse file metadata, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kernel Metadata Parsing DOS Vulnerability."

4.7
2011-08-10 CVE-2011-2178 Redhat Unspecified vulnerability in Redhat Libvirt 0.8.8/0.9.0/0.9.1

The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users to read arbitrary files on the host OS.

4.4
2011-08-12 CVE-2011-2357 Google Improper Input Validation vulnerability in Google Android 2.3.4/3.1

Cross-application scripting vulnerability in the Browser URL loading functionality in Android 2.3.4 and 3.1 allows local applications to bypass the sandbox and execute arbitrary Javascript in arbitrary domains by (1) causing the MAX_TAB number of tabs to be opened, then loading a URI to the targeted domain into the current tab, or (2) making two startActivity function calls beginning with the targeted domain's URI followed by the malicious Javascript while the UI focus is still associated with the targeted domain.

4.3
2011-08-11 CVE-2011-2409 HP Cross-Site Scripting vulnerability in HP Palm Webos 3.0.0

Cross-site scripting (XSS) vulnerability in the Calendar application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2011-08-11 CVE-2011-2408 HP Cross-Site Scripting vulnerability in HP Palm Webos 3.0.0

Cross-site scripting (XSS) vulnerability in the Contacts application in HP Palm webOS 3.x before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2011-08-11 CVE-2011-2133 Adobe Cross-Site Scripting vulnerability in Adobe Robohelp and Robohelp Server

Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 8 and 9 before 9.0.1.262, and RoboHelp Server 8 and 9, allows remote attackers to inject arbitrary web script or HTML via the URI, related to template_stock/whutils.js.

4.3
2011-08-11 CVE-2011-1357 IBM Cross-Site Scripting vulnerability in IBM Websphere Service Registry and Repository

Cross-site scripting (XSS) vulnerability in agentDetect.jsp in the web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3 before 6.3.0.5, 7.0 before 7.0.0.5, and 7.5 before 7.5.0.1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.

4.3
2011-08-10 CVE-2011-1978 Microsoft Information Exposure vulnerability in Microsoft .Net Framework 2.0/3.5.1/4.0

Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote attackers to obtain sensitive information or trigger arbitrary outbound network traffic via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Socket Restriction Bypass Vulnerability."

4.3
2011-08-10 CVE-2011-1977 Microsoft Information Exposure vulnerability in Microsoft products

The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Control for Microsoft .NET Framework 3.5 SP1, do not properly verify functions in URIs, which allows remote attackers to read arbitrary files via special characters in a URI in an HTTP request, aka "Chart Control Information Disclosure Vulnerability."

4.3
2011-08-10 CVE-2011-1976 Microsoft Cross-Site Scripting vulnerability in Microsoft Report Viewer and Visual Studio

Cross-site scripting (XSS) vulnerability in the Report Viewer Control in Microsoft Visual Studio 2005 SP1 and Report Viewer 2005 SP1 allows remote attackers to inject arbitrary web script or HTML via a parameter in a data source, aka "Report Viewer Controls XSS Vulnerability."

4.3
2011-08-10 CVE-2011-1962 Microsoft Information Exposure vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Shift JIS Character Encoding Vulnerability."

4.3
2011-08-10 CVE-2011-1960 Microsoft Information Exposure vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclosure Vulnerability."

4.3
2011-08-10 CVE-2011-1263 Microsoft Cross-Site Scripting vulnerability in Microsoft Windows Server 2008 R2

Cross-site scripting (XSS) vulnerability in the logon page in Remote Desktop Web Access (RD Web Access) in Microsoft Windows Server 2008 R2 and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via the URI, aka "Remote Desktop Web Access Vulnerability."

4.3
2011-08-09 CVE-2011-2224 Novell Cross-Site Scripting vulnerability in Novell Data Synchronizer and Mobility Pack

The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

4.3
2011-08-09 CVE-2011-2222 Novell Remote Security vulnerability in Novell Data Synchronizer Mobility Pack

Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vectors.

4.3
2011-08-09 CVE-2011-2976 Mozilla Cross-Site Scripting vulnerability in Mozilla Bugzilla

Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, and 3.4.x before 3.4.12 allows remote attackers to inject arbitrary web script or HTML via vectors involving a BUGLIST cookie.

4.3
2011-08-09 CVE-2011-2381 Mozilla Code Injection vulnerability in Mozilla Bugzilla

CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject arbitrary e-mail headers via an attachment description in a flagmail notification.

4.3
2011-08-09 CVE-2011-2379 Mozilla Cross-Site Scripting vulnerability in Mozilla Bugzilla

Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9 or Safari before 5.0.6 is used for Raw Unified mode, allows remote attackers to inject arbitrary web script or HTML via a crafted patch, related to content sniffing.

4.3
2011-08-10 CVE-2011-2511 Redhat Numeric Errors vulnerability in Redhat Libvirt

Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.

4.0

5 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-08-11 CVE-2011-2406 HP Cross-Site Scripting vulnerability in HP Openview Performance Insight

Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2011-08-12 CVE-2009-5085 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Federated Identity Manager 6.2.0/6.2.0.1

IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID provider, does not delete the site information cookie in response to a user's deletion of a relying-party trust entry, which allows user-assisted remote attackers to bypass intended trust restrictions via vectors that trigger absence of the consent-to-authenticate page.

2.6
2011-08-09 CVE-2011-2977 Mozilla
Microsoft
Multiple Security vulnerability in Bugzilla

Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files.

2.1
2011-08-09 CVE-2008-7292 Mozilla
Microsoft
Information Exposure vulnerability in Mozilla Bugzilla

Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2011-2977.

2.1
2011-08-12 CVE-2009-5084 IBM Cryptographic Issues vulnerability in IBM Tivoli Federated Identity Manager 6.2.0/6.2.0.1

IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when com.tivoli.am.fim.infocard.delegates.InfoCardSTSDelegate tracing is enabled, creates a cleartext log entry containing a password, which might allow local users to obtain sensitive information by reading the log data.

1.9