Weekly Vulnerabilities Reports > August 15 to 21, 2011

Overview

59 new vulnerabilities reported during this period, including 30 critical vulnerabilities and 7 high severity vulnerabilities. This weekly summary report vulnerabilities in 50 products from 35 vendors including Mozilla, Realnetworks, Apple, Zabbix, and Symantec. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Resource Management Errors", "Information Exposure", "Cross-site Scripting", and "Permissions, Privileges, and Access Controls".

  • 56 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities have public exploit available.
  • 10 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 58 reported vulnerabilities are exploitable by an anonymous user.
  • Mozilla has the most reported vulnerabilities, with 16 reported vulnerabilities.
  • Mozilla has the most reported critical vulnerabilities, with 12 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

30 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-08-19 CVE-2011-0547 Symantec Numeric Errors vulnerability in Symantec products

Multiple integer overflows in vxsvc.exe in the Veritas Enterprise Administrator service in Symantec Veritas Storage Foundation 5.1 and earlier, Veritas Storage Foundation Cluster File System (SFCFS) 5.1 and earlier, Veritas Storage Foundation Cluster File System Enterprise for Oracle RAC (SFCFSORAC) 5.1 and earlier, Veritas Dynamic Multi-Pathing (DMP) 5.1, and NetBackup PureDisk 6.5.x through 6.6.1.x allow remote attackers to execute arbitrary code via (1) a crafted Unicode string, related to the vxveautil.value_binary_unpack function; (2) a crafted ASCII string, related to the vxveautil.value_binary_unpack function; or (3) a crafted value, related to the vxveautil.kv_binary_unpack function, leading to a buffer overflow.

10.0
2011-08-18 CVE-2011-2953 Realnetworks Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer and Realplayer SP

An unspecified ActiveX control in the browser plugin in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors, related to an out-of-bounds condition.

10.0
2011-08-18 CVE-2011-2946 Realnetworks ActiveX Control Remote Code Execution vulnerability in Real Networks RealPlayer

Unspecified vulnerability in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors.

10.0
2011-08-18 CVE-2011-2992 Mozilla Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

The Ogg reader in the browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

10.0
2011-08-18 CVE-2011-2991 Mozilla Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement JavaScript, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

10.0
2011-08-18 CVE-2011-2989 Mozilla Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement WebGL, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

10.0
2011-08-18 CVE-2011-2988 Mozilla Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader.

10.0
2011-08-18 CVE-2011-2987 Mozilla Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Heap-based buffer overflow in Almost Native Graphics Layer Engine (ANGLE), as used in the WebGL implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products might allow remote attackers to execute arbitrary code via unspecified vectors.

10.0
2011-08-18 CVE-2011-2985 Mozilla Memory Corruption vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10.0
2011-08-18 CVE-2011-2984 Mozilla Code Injection vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events.

10.0
2011-08-18 CVE-2011-2982 Mozilla Memory-Corruption vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10.0
2011-08-18 CVE-2011-2378 Mozilla Code Injection vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling pointer."

10.0
2011-08-18 CVE-2011-0084 Mozilla Code Injection vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."

10.0
2011-08-16 CVE-2011-3143 Aveva
Schneider Electric
Resource Management Errors vulnerability in multiple products

Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified long strings that trigger heap memory corruption.

10.0
2011-08-16 CVE-2011-3142 Wellintech Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wellintech Kingview 6.52/6.53

Stack-based buffer overflow in an ActiveX control in KVWebSvr.dll in WellinTech KingView 6.52 and 6.53 allows remote attackers to execute arbitrary code via a long second argument to the ValidateUser method.

10.0
2011-08-19 CVE-2011-2895 Freetype
X
Freebsd
Netbsd
Openbsd
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.

9.3
2011-08-18 CVE-2011-2955 Realnetworks Resource Management Errors vulnerability in Realnetworks Realplayer and Realplayer SP

Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via vectors related to a modal dialog.

9.3
2011-08-18 CVE-2011-2954 Realnetworks Resource Management Errors vulnerability in Realnetworks Realplayer and Realplayer SP

Use-after-free vulnerability in the AutoUpdate feature in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via unspecified vectors.

9.3
2011-08-18 CVE-2011-2952 Realnetworks Resource Management Errors vulnerability in Realnetworks Realplayer and Realplayer SP

Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via vectors related to a dialog box.

9.3
2011-08-18 CVE-2011-2951 Realnetworks Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer and Realplayer SP

Buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.0.0.1569 allows remote attackers to execute arbitrary code via a crafted raw_data_frame field in an AAC file.

9.3
2011-08-18 CVE-2011-2950 Realnetworks Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer and Realplayer SP

Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file.

9.3
2011-08-18 CVE-2011-2949 Realnetworks Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer and Realplayer SP

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via crafted ID3v2 tags in an MP3 file.

9.3
2011-08-18 CVE-2011-2948 Realnetworks Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer and Realplayer SP

RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted file.

9.3
2011-08-18 CVE-2011-2945 Realnetworks Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer and Realplayer SP

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted SIPR stream.

9.3
2011-08-18 CVE-2011-2993 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox and Seamonkey

The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the Same Origin Policy and gain privileges via a crafted web site, a different vulnerability than CVE-2008-2801.

9.3
2011-08-18 CVE-2011-2981 Mozilla Configuration vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Same Origin Policy or execute arbitrary JavaScript code with chrome privileges via a crafted web site.

9.3
2011-08-16 CVE-2011-3141 Invensys Buffer Errors vulnerability in Invensys Wonderware Inbatch 8.1/9.0

Buffer overflow in the InBatch BatchField ActiveX control for Invensys Wonderware InBatch 8.1 SP1, 9.0, and 9.0 SP1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

9.3
2011-08-15 CVE-2011-2424 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 unique crash signatures."

9.3
2011-08-15 CVE-2011-0257 Apple Numeric Errors vulnerability in Apple Quicktime

Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PnSize opcode in a PICT file that triggers a stack-based buffer overflow.

9.3
2011-08-15 CVE-2011-0256 Apple Numeric Errors vulnerability in Apple Quicktime

Integer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted track run atoms in a QuickTime movie file.

9.3

7 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-08-18 CVE-2011-1624 Cisco Resource Management Errors vulnerability in Cisco IOS 12.2(58)Se

Cisco IOS 12.2(58)SE, when a login banner is configured, allows remote attackers to cause a denial of service (device reload) by establishing two SSH2 sessions, aka Bug ID CSCto62631.

7.8
2011-08-15 CVE-2011-2749 ISC
Debian
Canonical
Improper Input Validation vulnerability in multiple products

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.

7.8
2011-08-15 CVE-2011-2748 ISC
Canonical
Debian
Improper Input Validation vulnerability in multiple products

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.

7.8
2011-08-19 CVE-2011-1342 Aimluck SQL Injection vulnerability in Aimluck Aipo and Aipo-Asp

SQL injection vulnerability in Aimluck Aipo before 5.1.1, and Aipo for ASP before 5.1.1, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

7.5
2011-08-18 CVE-2011-2733 EMC Improper Authentication vulnerability in EMC RSA Adaptive Authentication On-Premise 6.0.2.1

EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not prevent reuse of authentication information during a session, which allows remote authenticated users to bypass intended access restrictions via vectors related to knowledge of the originally used authentication information and unspecified other session information.

7.5
2011-08-15 CVE-2011-2907 Clusterresources Improper Authentication vulnerability in Clusterresources Torque Resource Manager

Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBS_O_HOST variable to the qsub program.

7.5
2011-08-18 CVE-2011-2980 Mozilla Remote Arbitrary Code Execution vulnerability in Mozilla Firefox and Thunderbird

Untrusted search path vulnerability in the ThinkPadSensor::Startup function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, allows local users to gain privileges by leveraging write access in an unspecified directory to place a Trojan horse DLL that is loaded into the running Firefox process.

7.2

21 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-08-19 CVE-2011-1341 Aimluck Cross-Site Request Forgery (CSRF) vulnerability in Aimluck Aipo and Aipo-Asp

Cross-site request forgery (CSRF) vulnerability in Aimluck Aipo before 4.0.4.0, and Aipo for ASP before 4.0.4.0, allows remote attackers to hijack the authentication of administrators for requests that modify data.

6.8
2011-08-15 CVE-2011-0551 Symantec Cross-Site Request Forgery (CSRF) vulnerability in Symantec Endpoint Protection

Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.

6.8
2011-08-18 CVE-2011-1625 Cisco Race Condition vulnerability in Cisco IOS

Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allows remote attackers to cause a denial of service (device crash) by sending a sequence of malformed packets and leveraging a "narrow timing window," aka Bug ID CSCtf74999, a different vulnerability than CVE-2007-0199, CVE-2008-1152, and CVE-2009-0629.

5.4
2011-08-19 CVE-2011-3170 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Cups

The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896.

5.1
2011-08-19 CVE-2011-2896 SWI Prolog
Apple
Gimp
GNU
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.

5.1
2011-08-19 CVE-2011-3265 Zabbix Information Exposure vulnerability in Zabbix

popup.php in Zabbix before 1.8.7 allows remote attackers to read the contents of arbitrary database tables via a modified srctbl parameter.

5.0
2011-08-19 CVE-2011-3264 Zabbix Information Exposure vulnerability in Zabbix

Zabbix before 1.8.6 allows remote attackers to obtain sensitive information via an invalid srcfld2 parameter to popup.php, which reveals the installation path in an error message.

5.0
2011-08-19 CVE-2011-3263 Zabbix Resource Management Errors vulnerability in Zabbix

zabbix_agentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows context-dependent attackers to cause a denial of service (CPU consumption) by executing the vfs.file.cksum command for a special device, as demonstrated by the /dev/urandom device.

5.0
2011-08-18 CVE-2011-2990 Mozilla Credentials Management vulnerability in Mozilla Firefox and Seamonkey

The implementation of Content Security Policy (CSP) violation reports in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not remove proxy-authorization credentials from the listed request headers, which allows attackers to obtain sensitive information by reading a report, related to incorrect host resolution that occurs with certain redirects.

5.0
2011-08-18 CVE-2011-2986 Mozilla Information Exposure vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D (aka D2D) API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.

5.0
2011-08-15 CVE-2011-3140 IBM Permissions, Privileges, and Access Controls vulnerability in IBM products

IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and GX4004 IPS-GX4004-IB-2 appliances with update 31.030, does not properly handle query strings with multiple instances of the same parameter, which allows remote attackers to bypass intended intrusion prevention by dividing a dangerous parameter value into substrings, as demonstrated by a SQL statement that is split across multiple iid parameters and then sent to a .aspx file on an IIS web server.

5.0
2011-08-15 CVE-2011-2729 Apache
Linux
Permissions, Privileges, and Access Controls vulnerability in Apache Commons Daemon and Tomcat

native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application.

5.0
2011-08-15 CVE-2011-3011 CA Information Exposure vulnerability in CA Arcserve D2D R15

BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors.

5.0
2011-08-15 CVE-2011-0527 Vmware Improper Authentication vulnerability in VMWare TC Server

VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x before 2.0.6.RELEASE and 2.1.x before 2.1.2.RELEASE accepts obfuscated passwords during JMX authentication, which makes it easier for context-dependent attackers to obtain access by leveraging an ability to read stored passwords.

5.0
2011-08-15 CVE-2011-2481 Apache Information Disclosure vulnerability in Apache Tomcat

Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application.

4.6
2011-08-19 CVE-2011-2904 Zabbix Cross-Site Scripting vulnerability in Zabbix

Cross-site scripting (XSS) vulnerability in acknow.php in Zabbix before 1.8.6 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter.

4.3
2011-08-19 CVE-2011-2410 HP Cross-Site Scripting vulnerability in HP Openview Performance Insight

Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2011-08-18 CVE-2011-2947 Realnetworks Cross-Site Scripting vulnerability in Realnetworks Realplayer and Realplayer SP

Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document.

4.3
2011-08-18 CVE-2011-2983 Mozilla Information Exposure vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free.

4.3
2011-08-16 CVE-2011-3144 Aveva
Schneider Electric
Cross-Site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2011-08-15 CVE-2011-0550 Symantec Cross-Site Scripting vulnerability in Symantec Endpoint Protection

Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allow remote attackers to inject arbitrary web script or HTML via (1) the token parameter to portal/Help.jsp or (2) the URI in a console/apps/sepm request.

4.3

1 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-08-19 CVE-2011-3262 Citrix Resource Management Errors vulnerability in Citrix XEN

tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop."

2.1