Weekly Vulnerabilities Reports > October 3 to 9, 2011

Overview

185 new vulnerabilities reported during this period, including 13 critical vulnerabilities and 111 high severity vulnerabilities. This weekly summary report vulnerabilities in 164 products from 119 vendors including Cisco, Joomla, Typo3, Novell, and Google. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "Resource Management Errors", "Code Injection", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 177 reported vulnerabilities are remotely exploitables.
  • 65 reported vulnerabilities have public exploit available.
  • 111 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 183 reported vulnerabilities are exploitable by an anonymous user.
  • Cisco has the most reported vulnerabilities, with 30 reported vulnerabilities.
  • Novell has the most reported critical vulnerabilities, with 4 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

13 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-10-09 CVE-2010-4953 JW Calendar
Typo3
Unspecified vulnerability in JW Calendar JW Calendar

Unspecified vulnerability in the JW Calendar (jw_calendar) extension 1.3.20 and earlier for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors.

10.0
2011-10-09 CVE-2010-4931 PHP Fusion Path Traversal vulnerability in PHP-Fusion

** DISPUTED ** Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote attackers to include and execute arbitrary local files via a ..

10.0
2011-10-08 CVE-2011-2663 Novell Buffer Errors vulnerability in Novell Groupwise 8.0

Array index error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment in an e-mail message.

10.0
2011-10-08 CVE-2011-2662 Novell Numeric Errors vulnerability in Novell Groupwise 8.0

Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message.

10.0
2011-10-08 CVE-2011-0334 Novell Buffer Errors vulnerability in Novell Groupwise 8.0

Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file.

10.0
2011-10-08 CVE-2011-0333 Novell Buffer Errors vulnerability in Novell Groupwise 8.0

Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted TZNAME variable in a VCALENDAR attachment in an e-mail message, related to an "integer truncation error."

10.0
2011-10-07 CVE-2010-4889 Marco Hezel
Typo3
Unspecified vulnerability in Marco Hezel HM Tinymarket

Unspecified vulnerability in the Tiny Market (hm_tinymarket) extension 0.5.4 and earlier for TYPO3 allows attackers to execute arbitrary code via unknown vectors.

10.0
2011-10-07 CVE-2010-4871 Smartftp Unspecified vulnerability in Smartftp 2.0

Unspecified vulnerability in SmartFTP before 4.0 Build 1142 allows attackers to have an unknown impact via a long filename.

10.0
2011-10-06 CVE-2011-3332 Iceni Buffer Errors vulnerability in Iceni Argus and Infix

Stack-based buffer overflow in Iceni Argus 6.20 and earlier and Infix 5.04 allows remote attackers to execute arbitrary code via a crafted PDF document that uses flate compression.

10.0
2011-10-03 CVE-2011-3271 Cisco Unspecified vulnerability in Cisco IOS 12.2/15.1

Unspecified vulnerability in the Smart Install functionality in Cisco IOS 12.2 and 15.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via crafted TCP packets to port 4786, aka Bug ID CSCto10165.

10.0
2011-10-07 CVE-2011-3868 Vmware Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare products

Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image.

9.3
2011-10-05 CVE-2011-1827 Checkpoint Remote Code Execution vulnerability in Multiple Check Point SSL VPN On-Demand Applications

Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote attackers to execute arbitrary code via vectors involving a (1) ActiveX control or (2) Java applet.

9.3
2011-10-04 CVE-2011-2443 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Photoshop Elements

Multiple buffer overflows in Adobe Photoshop Elements 8.0 and earlier allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted (1) .grd or (2) .abr file, a related issue to CVE-2010-1296.

9.3

111 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-10-05 CVE-2008-7300 SUN Permissions, Privileges, and Access Controls vulnerability in SUN Opensolaris and Sunos

The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated users to bypass a Mandatory Access Control (MAC) policy and obtain access to the global zone.

8.5
2011-10-06 CVE-2011-3298 Cisco Improper Authentication vulnerability in Cisco products

Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.3), 8.0 before 8.0(5.24), 8.1 before 8.1(2.50), 8.2 before 8.2(5), 8.3 before 8.3(2.18), 8.4 before 8.4(1.10), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to bypass authentication via a crafted TACACS+ reply, aka Bug IDs CSCto40365 and CSCto74274.

7.9
2011-10-06 CVE-2011-3305 Cisco Path Traversal vulnerability in Cisco NAC Manager 4.8/4.8(1)/4.8(2)

Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary files via crafted traffic to TCP port 443, aka Bug ID CSCtq10755.

7.8
2011-10-06 CVE-2011-3304 Cisco Resource Management Errors vulnerability in Cisco products

Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.2 before 7.2(5.3), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2), and 8.5 before 8.5(1.1) allow remote attackers to cause a denial of service (device reload) via crafted MSN Instant Messenger traffic, aka Bug ID CSCtl67486.

7.8
2011-10-06 CVE-2011-3303 Cisco Resource Management Errors vulnerability in Cisco products

Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.6), 8.3 before 8.3(2.23), 8.4 before 8.4(2.7), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via malformed ILS traffic, aka Bug IDs CSCtq57697 and CSCtq57802.

7.8
2011-10-06 CVE-2011-3302 Cisco Resource Management Errors vulnerability in Cisco products

Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCto92398 and CSCtq09989.

7.8
2011-10-06 CVE-2011-3301 Cisco Resource Management Errors vulnerability in Cisco products

Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCtq06062 and CSCtq09986.

7.8
2011-10-06 CVE-2011-3300 Cisco Resource Management Errors vulnerability in Cisco products

Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCtq06065 and CSCtq09978.

7.8
2011-10-06 CVE-2011-3299 Cisco Resource Management Errors vulnerability in Cisco products

Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCto92380 and CSCtq09972.

7.8
2011-10-06 CVE-2011-3297 Cisco Improper Authentication vulnerability in Cisco products

Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7), when certain authentication configurations are used, allows remote attackers to cause a denial of service (module crash) by making many authentication requests for network access, aka Bug ID CSCtn15697.

7.8
2011-10-06 CVE-2011-3296 Cisco Resource Management Errors vulnerability in Cisco products

Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7), when IPv6 is used, allows remote attackers to cause a denial of service (memory corruption and module crash or hang) via vectors that trigger syslog message 302015, aka Bug ID CSCti83875.

7.8
2011-10-06 CVE-2011-3288 Cisco Resource Management Errors vulnerability in Cisco Unified Presence

Cisco Unified Presence before 8.5(4) does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and process crash) via a crafted XML document containing a large number of nested entity references, aka Bug IDs CSCtq89842 and CSCtq88547, a similar issue to CVE-2003-1564.

7.8
2011-10-06 CVE-2011-3287 Cisco Resource Management Errors vulnerability in Cisco Jabber Extensible Communications Platform 5.0/5.1/5.2

Cisco Jabber Extensible Communications Platform (aka Jabber XCP) 2.x through 5.4.x before 5.4.0.27581 and 5.8.x before 5.8.1.27561 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and process crash) via a crafted XML document containing a large number of nested entity references, aka Bug ID CSCtq78106, a similar issue to CVE-2003-1564.

7.8
2011-10-03 CVE-2011-3282 Cisco Unspecified vulnerability in Cisco IOS and IOS XE

Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x through 3.3.x, when an MPLS domain is configured, allows remote attackers to cause a denial of service (device reload) via an ICMPv6 packet, related to an expired MPLS TTL, aka Bug ID CSCtj30155.

7.8
2011-10-03 CVE-2011-3281 Cisco Unspecified vulnerability in Cisco IOS

Unspecified vulnerability in Cisco IOS 15.0 through 15.1, in certain HTTP Layer 7 Application Control and Inspection configurations, allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTP packet, aka Bug ID CSCto68554.

7.8
2011-10-03 CVE-2011-3280 Cisco Resource Management Errors vulnerability in Cisco IOS and IOS XE

Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672.

7.8
2011-10-03 CVE-2011-3279 Cisco Resource Management Errors vulnerability in Cisco IOS and IOS XE

The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) via a malformed SIP packet to UDP port 5060, aka Bug ID CSCti98219.

7.8
2011-10-03 CVE-2011-3278 Cisco Unspecified vulnerability in Cisco IOS and IOS XE

Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCti48483.

7.8
2011-10-03 CVE-2011-3277 Cisco Unspecified vulnerability in Cisco IOS and IOS XE

Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) by sending crafted H.323 packets to TCP port 1720, aka Bug ID CSCth11006.

7.8
2011-10-03 CVE-2011-3276 Cisco Unspecified vulnerability in Cisco IOS and IOS XE

Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) by sending crafted SIP packets to TCP port 5060, aka Bug ID CSCso02147.

7.8
2011-10-03 CVE-2011-3275 Cisco Resource Management Errors vulnerability in Cisco IOS and IOS XE

Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted SIP message, aka Bug ID CSCti48504.

7.8
2011-10-03 CVE-2011-3273 Cisco Resource Management Errors vulnerability in Cisco IOS

Memory leak in Cisco IOS 15.0 through 15.1, when IPS or Zone-Based Firewall (aka ZBFW) is configured, allows remote attackers to cause a denial of service (memory consumption or device crash) via vectors that trigger many session creation flows, aka Bug ID CSCti79848.

7.8
2011-10-03 CVE-2011-3272 Cisco Resource Management Errors vulnerability in Cisco IOS and IOS XE

The IP Service Level Agreement (IP SLA) functionality in Cisco IOS 15.1, and IOS XE 2.1.x through 3.3.x, allows remote attackers to cause a denial of service (memory corruption and device reload) via malformed IP SLA packets, aka Bug ID CSCtk67073.

7.8
2011-10-03 CVE-2011-3270 Cisco Unspecified vulnerability in Cisco 10008 Router and IOS

Unspecified vulnerability in Cisco IOS 12.2SB before 12.2(33)SB10 and 15.0S before 15.0(1)S3a on Cisco 10000 series routers allows remote attackers to cause a denial of service (device reload) via a sequence of crafted ICMP packets, aka Bug ID CSCtk62453.

7.8
2011-10-03 CVE-2011-2072 Cisco Resource Management Errors vulnerability in Cisco Ios, IOS XE and Unified Communications Manager

Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x through 3.2.x, and Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su4, 8.x before 8.5(1)su2, and 8.6 before 8.6(1) allows remote attackers to cause a denial of service (memory consumption and device reload or process failure) via a malformed SIP message, aka Bug IDs CSCtl86047 and CSCto88686.

7.8
2011-10-03 CVE-2011-0946 Cisco Resource Management Errors vulnerability in Cisco IOS and IOS XE

The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) via malformed NetMeeting Directory (aka Internet Locator Service or ILS) LDAP traffic, aka Bug ID CSCtd10712.

7.8
2011-10-03 CVE-2011-0945 Cisco Resource Management Errors vulnerability in Cisco IOS and IOS XE

Memory leak in the Data-link switching (aka DLSw) feature in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xS before 3.1.3S and 3.2.xS before 3.2.1S, when implemented over Fast Sequence Transport (FST), allows remote attackers to cause a denial of service (memory consumption and device reload or hang) via a crafted IP protocol 91 packet, aka Bug ID CSCth69364.

7.8
2011-10-03 CVE-2011-0944 Cisco Resource Management Errors vulnerability in Cisco IOS 12.4/15.0/15.1

Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets, aka Bug ID CSCtj41194.

7.8
2011-10-03 CVE-2011-0939 Cisco Unspecified vulnerability in Cisco IOS and IOS XE

Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCth03022.

7.8
2011-10-09 CVE-2010-4963 Hulihanapplications SQL Injection vulnerability in Hulihanapplications Hulihan BXR 0.6.8

SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows remote attackers to execute arbitrary SQL commands via the order_by parameter.

7.5
2011-10-09 CVE-2010-4962 DEV Team Typoheads
Typo3
SQL Injection and Remote Command Execution vulnerability in Webkit PDFs For TYPO3

Unspecified vulnerability in the Webkit PDFs (webkitpdf) extension before 1.1.4 for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors.

7.5
2011-10-09 CVE-2010-4961 DEV Team Typoheads
Typo3
SQL Injection vulnerability in Dev-Team Typoheads Webkitpdf

SQL injection vulnerability in the Webkit PDFs (webkitpdf) extension before 1.1.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2011-10-09 CVE-2010-4959 Preproject SQL Injection vulnerability in Preproject PRE Podcast Portal

SQL injection vulnerability in the login feature in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the password parameter.

7.5
2011-10-09 CVE-2010-4958 Pradoportal SQL Injection vulnerability in Pradoportal Prado Portal 1.2.0

SQL injection vulnerability in index.php in Prado Portal 1.2.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.

7.5
2011-10-09 CVE-2010-4957 Nadine Schwingler
Typo3
SQL Injection vulnerability in Nadine Schwingler KE Questionnaire 1.2.1/2.0.0

SQL injection vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2011-10-09 CVE-2010-4955 PHP Programs SQL Injection vulnerability in PHP-Programs Apboard Developers Apboard

SQL injection vulnerability in board/board.php in APBoard Developers APBoard 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-3078.

7.5
2011-10-09 CVE-2010-4954 Gambio SQL Injection vulnerability in Gambio Xt:Commerce Gambio 2008

SQL injection vulnerability in product_reviews_info.php in xt:Commerce Gambio 2008 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.

7.5
2011-10-09 CVE-2010-4952 Joachim Ruhs
Typo3
SQL Injection vulnerability in Joachim Ruhs Festat 0.1.6/0.1.8/0.1.9

SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2011-10-09 CVE-2010-4950 Joachim Ruhs
Typo3
SQL Injection vulnerability in Joachim Ruhs Event

SQL injection vulnerability in the Event (event) extension before 0.3.7 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2011-10-09 CVE-2010-4948 Phpgalleryscript Code Injection vulnerability in PHPgalleryscript PHP Free Photo Gallery

PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in PHP Free Photo Gallery script allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.

7.5
2011-10-09 CVE-2010-4946 Allpcscript SQL Injection vulnerability in Allpcscript Allpc 2.5

SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.

7.5
2011-10-09 CVE-2010-4945 Joomla SQL Injection vulnerability in Joomla COM Camelcitydb2 2.2

SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.

7.5
2011-10-09 CVE-2010-4944 Joomla
Mambo Foundation
SQL Injection vulnerability in Joomla COM Elite Experts

SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showExpertProfileDetailed action to index.php.

7.5
2011-10-09 CVE-2010-4943 Brothersoft Code Injection vulnerability in Brothersoft Saurus CMS 4.7.0

Multiple PHP remote file inclusion vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to execute arbitrary PHP code via a URL in the class_path parameter to (1) file.php or (2) com_del.php.

7.5
2011-10-09 CVE-2010-4942 E Xoopport SQL Injection vulnerability in E-Xoopport Samsara 3.0/3.1

SQL injection vulnerability in location.php in the eCal module in E-Xoopport Samsara 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter.

7.5
2011-10-09 CVE-2010-4941 Joomlamo
Joomla
SQL Injection vulnerability in Joomlamo COM Teams 110281008091711

SQL injection vulnerability in the Teams (com_teams) component 1_1028_100809_1711 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PlayerID parameter in a player save action to index.php.

7.5
2011-10-09 CVE-2010-4940 Wanewsletter SQL Injection vulnerability in Wanewsletter 2.1.2

SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2011-10-09 CVE-2010-4939 Scripts Bdr130 Code Injection vulnerability in Scripts.Bdr130 Mailform 1.2

PHP remote file inclusion vulnerability in index.php in MailForm 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the theme parameter.

7.5
2011-10-09 CVE-2010-4938 Joomla SQL Injection vulnerability in Joomla COM Weblinks

SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a categories action to index.php.

7.5
2011-10-09 CVE-2010-4937 Robitbt
Joomla
SQL Injection vulnerability in Robitbt COM Amblog 1.0

Multiple SQL injection vulnerabilities in the Amblog (com_amblog) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) articleid or (2) catid parameter to index.php.

7.5
2011-10-09 CVE-2010-4936 Webmaster Tips
Joomla
SQL Injection vulnerability in Webmaster-Tips COM Slideshow

SQL injection vulnerability in the Slide Show (com_slideshow) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.

7.5
2011-10-09 CVE-2010-4935 Khader Abbeb SQL Injection vulnerability in Khader Abbeb Entrans

SQL injection vulnerability in poll.php in Entrans 0.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sid parameter.

7.5
2011-10-09 CVE-2010-4934 Svcreation SQL Injection vulnerability in Svcreation GET Tube

SQL injection vulnerability in video.php in Get Tube 4.51 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2011-10-09 CVE-2010-4933 Geeklog SQL Injection vulnerability in Geeklog 1.3.8

SQL injection vulnerability in filemgmt/singlefile.php in Geeklog 1.3.8 allows remote attackers to execute arbitrary SQL commands via the lid parameter.

7.5
2011-10-09 CVE-2010-4929 Joostina CMS
Joomla
SQL Injection vulnerability in Joostina-Cms COM Ezautos

SQL injection vulnerability in the Joostina (com_ezautos) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the firstCode parameter in a helpers action to index.php.

7.5
2011-10-09 CVE-2010-4927 Photoindochina
Joomla
SQL Injection vulnerability in Photoindochina COM Restaurantguide 1.0.0

SQL injection vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a country action to index.php.

7.5
2011-10-09 CVE-2010-4926 Timetrack
Joomla
SQL Injection vulnerability in Timetrack COM Timetrack 1.2.4

SQL injection vulnerability in the TimeTrack (com_timetrack) component 1.2.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the ct_id parameter in a timetrack action to index.php.

7.5
2011-10-09 CVE-2010-4925 Nuked Klan SQL Injection vulnerability in Nuked-Klan Partenaires Module 1.5

SQL injection vulnerability in clic.php in the Partenaires module 1.5 for Nuked-Klan allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2011-10-09 CVE-2010-4924 Clearbudget Code Injection vulnerability in Clearbudget 0.9.8

** DISPUTED ** PHP remote file inclusion vulnerability in logic/controller.class.php in clearBudget 0.9.8 allows remote attackers to execute arbitrary PHP code via a URL in the actionPath parameter.

7.5
2011-10-09 CVE-2010-4923 Virtuenetz SQL Injection vulnerability in Virtuenetz Virtue Book Store

SQL injection vulnerability in book/detail.php in Virtue Netz Virtue Book Store allows remote attackers to execute arbitrary SQL commands via the bid parameter.

7.5
2011-10-09 CVE-2010-4922 Allinta SQL Injection vulnerability in Allinta CMS 22.07.2010

Multiple SQL injection vulnerabilities in Allinta CMS 22.07.2010 allow remote attackers to execute arbitrary SQL commands via the i parameter in an edit action to (1) contentAE.asp or (2) templatesAE.asp.

7.5
2011-10-08 CVE-2010-4921 Dmxready SQL Injection vulnerability in Dmxready Polling Booth Manager

SQL injection vulnerability in inc_pollingboothmanager.asp in DMXReady Polling Booth Manager allows remote attackers to execute arbitrary SQL commands via the QuestionID parameter in a results action.

7.5
2011-10-08 CVE-2010-4920 Micronetsoft SQL Injection vulnerability in Micronetsoft Rental Property Website 1.0

SQL injection vulnerability in detail.asp in Micronetsoft Rental Property Management Website 1.0 allows remote attackers to execute arbitrary SQL commands via the ad_ID parameter.

7.5
2011-10-08 CVE-2010-4919 Micronetsoft SQL Injection vulnerability in Micronetsoft RV Dealer Website 1.0

SQL injection vulnerability in detail.asp in Micronetsoft RV Dealer Website 1.0 allows remote attackers to execute arbitrary SQL commands via the vehicletypeID parameter.

7.5
2011-10-08 CVE-2010-4918 Ijoomla
Joomla
Code Injection vulnerability in Ijoomla COM Magazine 3.0.1

PHP remote file inclusion vulnerability in iJoomla Magazine (com_magazine) component 3.0.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the config parameter to magazine.functions.php.

7.5
2011-10-08 CVE-2010-4917 A Blog SQL Injection vulnerability in A-Blog 2.0

SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows remote attackers to execute arbitrary SQL commands via the words parameter.

7.5
2011-10-08 CVE-2010-4916 Coldgen SQL Injection vulnerability in Coldgen Coldusergroup 1.06

Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote attackers to execute arbitrary SQL commands via the (1) ArticleID or (2) LibraryID parameter.

7.5
2011-10-08 CVE-2010-4915 Coldgen SQL Injection vulnerability in Coldgen Coldbookmarks 1.22

SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to execute arbitrary SQL commands via the BookmarkID parameter in an EditBookmark action.

7.5
2011-10-08 CVE-2010-4914 Deltascripts Code Injection vulnerability in Deltascripts PHP Classifieds 7.3

PHP remote file inclusion vulnerability in tools/phpmailer/class.phpmailer.php in PHP Classifieds 7.3 allows remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter.

7.5
2011-10-08 CVE-2010-4912 Discuz SQL Injection vulnerability in Discuz Ucenter Home 2.0

SQL injection vulnerability in shop.php in UCenter Home 2.0 allows remote attackers to execute arbitrary SQL commands via the shopid parameter in a view action.

7.5
2011-10-08 CVE-2010-4911 Sellatsite SQL Injection vulnerability in Sellatsite PHP Classifieds ADS

SQL injection vulnerability in classi/detail.php in PHP Classifieds Ads allows remote attackers to execute arbitrary SQL commands via the sid parameter.

7.5
2011-10-08 CVE-2010-4910 Coldgen SQL Injection vulnerability in Coldgen Coldcalendar 2.06

SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action.

7.5
2011-10-08 CVE-2010-4908 Virtuenetz SQL Injection vulnerability in Virtuenetz Virtue Shopping Mall

SQL injection vulnerability in detail.php in Virtue Shopping Mall allows remote attackers to execute arbitrary SQL commands via the prodid parameter.

7.5
2011-10-08 CVE-2010-4906 Zenphoto SQL Injection vulnerability in Zenphoto 1.3/1.3.1.2

SQL injection vulnerability in zp-core/full-image.php in Zenphoto 1.3 and 1.3.1.2 allows remote attackers to execute arbitrary SQL commands via the a parameter.

7.5
2011-10-08 CVE-2010-4905 Softbizscripts SQL Injection vulnerability in Softbizscripts Article Directory Script

SQL injection vulnerability in article_details.php in Softbiz Article Directory Script allows remote attackers to execute arbitrary SQL commands via the sbiz_id parameter.

7.5
2011-10-08 CVE-2010-4904 Simon Philips
Joomla
SQL Injection vulnerability in Simon Philips COM Aardvertiser 2.1/2.1.1

SQL injection vulnerability in the Aardvertiser (com_aardvertiser) component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_name parameter in a view action to index.php.

7.5
2011-10-08 CVE-2010-4903 Cubecart SQL Injection vulnerability in Cubecart 4.3.3

SQL injection vulnerability in index.php in CubeCart 4.3.3 allows remote attackers to execute arbitrary SQL commands via the searchStr parameter.

7.5
2011-10-08 CVE-2010-4902 Joomla Clantools
Joomla
SQL Injection vulnerability in Joomla-Clantools Clantools Comclantools

Multiple SQL injection vulnerabilities in the Clantools (com_clantools) component 1.2.3 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) squad or (2) showgame parameter to index.php.

7.5
2011-10-08 CVE-2010-4899 Webmanager PRO SQL Injection vulnerability in Webmanager-Pro CMS Webmanager-Pro

SQL injection vulnerability in c.php in CMS WebManager-Pro before 8.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2011-10-08 CVE-2010-4898 Gantry Framework
Joomla
SQL Injection vulnerability in Gantry-Framework COM Gantry 3.0.10

SQL injection vulnerability in the Gantry (com_gantry) component 3.0.10 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter to index.php.

7.5
2011-10-08 CVE-2010-4897 Bluecms Project SQL Injection vulnerability in Bluecms Project Bluecms 1.6

SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action.

7.5
2011-10-08 CVE-2010-4894 Chillycms SQL Injection vulnerability in Chillycms 1.1.3

SQL injection vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to execute arbitrary SQL commands via the name parameter.

7.5
2011-10-07 CVE-2010-4891 Andreas Kiefer
Typo3
SQL Injection vulnerability in Andreas Kiefer KE YAC

SQL injection vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2011-10-07 CVE-2010-4888 Marco Hezel
Typo3
SQL Injection vulnerability in Marco Hezel HM Tinymarket

SQL injection vulnerability in the Tiny Market (hm_tinymarket) extension 0.5.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2011-10-07 CVE-2010-4887 Raphael Zschorsch
Typo3
SQL Injection vulnerability in Raphael Zschorsch Commentsbe

SQL injection vulnerability in the Commenting system Backend Module (commentsbe) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2011-10-07 CVE-2010-4884 Hinnendahl Code Injection vulnerability in Hinnendahl Gaestebuch 1.2

PHP remote file inclusion vulnerability in guestbook/gbook.php in Gaestebuch 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the script_pfad parameter.

7.5
2011-10-07 CVE-2010-4879 Digitaljunkies Code Injection vulnerability in Digitaljunkies Dompdf 0.6.0

PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 beta1 allows remote attackers to execute arbitrary PHP code via a URL in the input_file parameter.

7.5
2011-10-07 CVE-2010-4878 Hinnendahl Code Injection vulnerability in Hinnendahl Kontakt Formular 1.1

PHP remote file inclusion vulnerability in formmailer.php in Kontakt Formular 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the script_pfad parameter.

7.5
2011-10-07 CVE-2010-4876 Mblogger Project SQL Injection vulnerability in Mblogger Project Mblogger 1.0.04

SQL injection vulnerability in viewpost.php in mBlogger 1.0.04 allows remote attackers to execute arbitrary SQL commands via the postID parameter.

7.5
2011-10-07 CVE-2010-4872 Pilotcart SQL Injection vulnerability in Pilotcart Pilot Cart 7.3

SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the specific parameter.

7.5
2011-10-07 CVE-2010-4870 Bloofox SQL Injection vulnerability in Bloofox Bloofoxcms 0.3.5

SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows remote attackers to execute arbitrary SQL commands via the gender parameter.

7.5
2011-10-05 CVE-2010-4869 Drbenhur SQL Injection vulnerability in Drbenhur Dbhcms 1.1.4

SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote attackers to execute arbitrary SQL commands via the editmenu parameter.

7.5
2011-10-05 CVE-2010-4867 W Agora Path Traversal vulnerability in W-Agora

Directory traversal vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..

7.5
2011-10-05 CVE-2010-4866 Chipmunk Scripts SQL Injection vulnerability in Chipmunk-Scripts Chipmunk Board 1.3

SQL injection vulnerability in index.php in Chipmunk Board 1.3 allows remote attackers to execute arbitrary SQL commands via the forumID parameter.

7.5
2011-10-05 CVE-2010-4865 Harmistechnology
Joomla
SQL Injection vulnerability in Harmistechnology COM Jeguestbook 1.0

SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php.

7.5
2011-10-05 CVE-2010-4864 Danieljamesscott
Joomla
SQL Injection vulnerability in Danieljamesscott COM Clubmanager

SQL injection vulnerability in the Club Manager (com_clubmanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cm_id parameter in an equip presenta action to index.php.

7.5
2011-10-05 CVE-2010-4862 Harmistechnology
Joomla
SQL Injection vulnerability in Harmistechnology COM Jedirectory 1.0

SQL injection vulnerability in the JExtensions JE Directory (com_jedirectory) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.

7.5
2011-10-05 CVE-2010-4861 Webspell SQL Injection vulnerability in Webspell 4.2.1

SQL injection vulnerability in asearch.php in webSPELL 4.2.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.

7.5
2011-10-05 CVE-2010-4860 Galaxyscriptz SQL Injection vulnerability in Galaxyscriptz Myphpauction 2010

SQL injection vulnerability in product_desc.php in MyPhpAuction 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2011-10-05 CVE-2010-4859 Webasyst SQL Injection vulnerability in Webasyst Shop-Script

SQL injection vulnerability in index.php in WebAsyst Shop-Script allows remote attackers to execute arbitrary SQL commands via the blog_id parameter in a news action.

7.5
2011-10-05 CVE-2010-4857 Curtiss Grymala SQL Injection vulnerability in Curtiss Grymala CAG CMS 0.2

SQL injection vulnerability in click.php in CAG CMS 0.2 Beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter.

7.5
2011-10-05 CVE-2010-4856 Aspindir SQL Injection vulnerability in Aspindir Xweblog 2.2

SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the tarih parameter.

7.5
2011-10-05 CVE-2010-4855 Aspindir SQL Injection vulnerability in Aspindir Xweblog 2.2

SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter.

7.5
2011-10-05 CVE-2010-4853 Chillcreations
Joomla
SQL Injection vulnerability in Chillcreations COM Ccinvoices

SQL injection vulnerability in the ccInvoices (com_ccinvoices) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewInv action to index.php.

7.5
2011-10-05 CVE-2011-1764 Exim USE of Externally-Controlled Format String vulnerability in Exim

Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.

7.5
2011-10-05 CVE-2008-7302 Netshinesoftware
Joomla
SQL Injection vulnerability in Netshinesoftware COM Netinvoice 1.2.0

SQL injection vulnerability in netinvoice.php in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving "knowledge of ...

7.5
2011-10-05 CVE-2008-7301 Sclek SQL Injection vulnerability in Sclek Jsite 1.0

SQL injection vulnerability in admin/login.php in jSite 1.0 OE allows remote attackers to execute arbitrary SQL commands via the username parameter.

7.5
2011-10-04 CVE-2011-2878 Google Unspecified vulnerability in Google Chrome

Google Chrome before 14.0.835.202 does not properly restrict access to the window prototype, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

7.5
2011-10-04 CVE-2011-3981 Likno
Wordpress
Code Injection vulnerability in Likno Allwebmenus Plugin 1.1.3

PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.

7.5
2011-10-04 CVE-2011-3980 Jerome Schneider
Typo3
Unspecified vulnerability in Jerome Schneider Ameos Dragndropupload 2.0.0/2.0.1

Unspecified vulnerability in the Drag Drop Mass Upload (ameos_dragndropupload) extension 2.0.2 and earlier for TYPO3 allows remote attackers to upload arbitrary files via unknown vectors.

7.5
2011-10-04 CVE-2011-3977 Nomachine Local Privilege Escalation vulnerability in NX Server 'nxconfigure.sh'

Unspecified vulnerability in nxconfigure.sh in NoMachine NX Node 3.x before 3.5.0-4 and NX Server 3.x before 3.5.0-5 allows local users to read arbitrary files via unknown vectors.

7.2

54 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-10-07 CVE-2010-4881 Apphp Cross-Site Request Forgery (CSRF) vulnerability in Apphp Calendar

Multiple cross-site request forgery (CSRF) vulnerabilities in calendar.class.php in ApPHP Calendar (ApPHP CAL) allow remote attackers to hijack the authentication of unspecified victims for requests that use the (1) category_name, (2) category_description, (3) event_name, or (4) event_description parameter.

6.8
2011-10-07 CVE-2011-2191 Cherokee Project Cross-Site Request Forgery (CSRF) vulnerability in Cherokee-Project Cherokee

Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, as demonstrated by a crafted nickname field to vserver/apply.

6.8
2011-10-05 CVE-2010-4854 Zuitu SQL Injection vulnerability in Zuitu 1.6

SQL injection vulnerability in ajax/coupon.php in Zuitu 1.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a consume action.

6.8
2011-10-04 CVE-2011-3873 Google Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome

Google Chrome before 14.0.835.202 does not properly implement shader translation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

6.8
2011-10-04 CVE-2011-2881 Google Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome

Google Chrome before 14.0.835.202 does not properly handle Google V8 hidden objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code.

6.8
2011-10-04 CVE-2011-2880 Google USE After Free vulnerability in Google Chrome

Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings.

6.8
2011-10-04 CVE-2011-2879 Google Unspecified vulnerability in Google Chrome

Google Chrome before 14.0.835.202 does not properly consider object lifetimes and thread safety during the handling of audio nodes, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

6.8
2011-10-04 CVE-2011-2877 Google
Apple
Unspecified vulnerability in Google Chrome

Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale font."

6.8
2011-10-04 CVE-2011-2876 Google USE After Free vulnerability in Google Chrome

Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a text line box.

6.8
2011-10-04 CVE-2011-3976 Ammsoft Buffer Errors vulnerability in Ammsoft Scriptftp 3.3

Stack-based buffer overflow in AmmSoft ScriptFTP 3.3 allows remote FTP servers to execute arbitrary code via a long filename in a response to a LIST command, as demonstrated using (1) GETLIST or (2) GETFILE in a ScriptFTP script.

6.8
2011-10-04 CVE-2011-2894 Vmware Permissions, Privileges, and Access Controls vulnerability in VMWare products

Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, and possibly other versions deserialize objects from untrusted sources, which allows remote attackers to bypass intended security restrictions and execute untrusted code by (1) serializing a java.lang.Proxy instance and using InvocationHandler, or (2) accessing internal AOP interfaces, as demonstrated using deserialization of a DefaultListableBeanFactory instance to execute arbitrary commands via the java.lang.Runtime class.

6.8
2011-10-04 CVE-2011-1572 Gitolite Path Traversal vulnerability in Gitolite

Directory traversal vulnerability in the Admin Defined Commands (ADC) feature in gitolite before 1.5.9.1 allows remote attackers to execute arbitrary commands via ..

6.8
2011-10-03 CVE-2011-3274 Cisco Unspecified vulnerability in Cisco IOS and IOS XE

Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x through 3.3.x, when an MPLS domain is configured, allows remote attackers to cause a denial of service (device crash) via a crafted IPv6 packet, related to an expired MPLS TTL, aka Bug ID CSCto07919.

6.1
2011-10-08 CVE-2010-4900 Webmanager PRO Improper Input Validation vulnerability in Webmanager-Pro CMS Webmanager-Pro 7.4.3

Open redirect vulnerability in c.php in CMS WebManager-Pro 8.1 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.

5.8
2011-10-08 CVE-2011-2219 Novell Unspecified vulnerability in Novell Groupwise 8.0

Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2218.

5.0
2011-10-08 CVE-2011-2218 Novell Unspecified vulnerability in Novell Groupwise 8.0

Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2219.

5.0
2011-10-05 CVE-2011-3368 Apache Improper Input Validation vulnerability in Apache Http Server

The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character.

5.0
2011-10-05 CVE-2010-4858 Joerg Risse Path Traversal vulnerability in Joerg Risse Dnet Live-Stats 0.8

Directory traversal vulnerability in team.rc5-72.php in DNET Live-Stats 0.8 allows remote attackers to read arbitrary files via a ..

5.0
2011-10-04 CVE-2011-3354 Quassel IRC Resource Management Errors vulnerability in Quassel-Irc Quassel

The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September 2011.

5.0
2011-10-05 CVE-2011-1076 Linux Null Pointer Dereference vulnerability in Linux Kernel

net/dns_resolver/dns_key.c in the Linux kernel before 2.6.38 allows remote DNS servers to cause a denial of service (NULL pointer dereference and OOPS) by not providing a valid response to a DNS query, as demonstrated by an erroneous grand.centrall.org query, which triggers improper handling of error data within a DNS resolver key.

4.9
2011-10-09 CVE-2010-4960 Martin Hesse
Typo3
Cross-Site Scripting vulnerability in Martin Hesse MH Branchenbuch

Cross-site scripting (XSS) vulnerability in the Branchenbuch (aka Yellow Pages or mh_branchenbuch) extension before 0.9.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2011-10-09 CVE-2010-4956 Nadine Schwingler
Typo3
Cross-Site Scripting vulnerability in Nadine Schwingler KE Questionnaire 1.2.1/2.0.0

Cross-site scripting (XSS) vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2011-10-09 CVE-2010-4951 Thomas Mammitzsch
Typo3
Cross-Site Scripting vulnerability in Thomas Mammitzsch VX Xajax Shoutbox

Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox (vx_xajax_shoutbox) extension before 1.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2011-10-09 CVE-2010-4949 Evnix
Joomla
Cross-Site Scripting vulnerability in Evnix Freichat and Freichatpure

Cross-site scripting (XSS) vulnerability in the (1) FreiChat component before 2.1.2 for Joomla! and the (2) FreiChatPure component before 1.2.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML by entering it in an unspecified window.

4.3
2011-10-09 CVE-2010-4947 Allpcscript Cross-Site Scripting vulnerability in Allpcscript Allpc 2.5

Cross-site scripting (XSS) vulnerability in advanced_search_result.php in ALLPC 2.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.

4.3
2011-10-09 CVE-2010-4932 Khader Abbeb Cross-Site Scripting vulnerability in Khader Abbeb Entrans

Cross-site scripting (XSS) vulnerability in search.php in Entrans before 0.3.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter.

4.3
2011-10-09 CVE-2010-4930 Atmail Cross-Site Scripting vulnerability in Atmail Webmail

Cross-site scripting (XSS) vulnerability in index.php in @mail Webmail before 6.2.0 allows remote attackers to inject arbitrary web script or HTML via the MailType parameter in a mail/auth/processlogin action.

4.3
2011-10-09 CVE-2010-4928 Photoindochina
Joomla
Cross-Site Scripting vulnerability in Photoindochina COM Restaurantguide 1.0.0

Cross-site scripting (XSS) vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML by placing it after a > (greater than) character.

4.3
2011-10-08 CVE-2010-4913 Coldgen Cross-Site Scripting vulnerability in Coldgen Coldusergroup 1.06

Cross-site scripting (XSS) vulnerability in the search feature in ColdGen ColdUserGroup 1.06 allows remote attackers to inject arbitrary web script or HTML via the Keywords parameter.

4.3
2011-10-08 CVE-2010-4909 Mechbunny Cross-Site Scripting vulnerability in Mechbunny Paysitereviewcms 1.1

Multiple cross-site scripting (XSS) vulnerabilities in PaysiteReviewCMS 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) q parameter to search.php or the (2) image parameter to image.php.

4.3
2011-10-08 CVE-2010-4907 Zenphoto Cross-Site Scripting vulnerability in Zenphoto 1.3

Cross-site scripting (XSS) vulnerability in zp-core/admin.php in Zenphoto 1.3 allows remote attackers to inject arbitrary web script or HTML via the user parameter.

4.3
2011-10-08 CVE-2010-4901 Squiz Cross-Site Scripting vulnerability in Squiz Mysource Matrix 3.28.3

Multiple cross-site scripting (XSS) vulnerabilities in char_map.php in MySource Matrix 3.28.3 allow remote attackers to inject arbitrary web script or HTML via the (1) height or (2) width parameter.

4.3
2011-10-08 CVE-2010-4896 Expinion NET Cross-Site Scripting vulnerability in Expinion.Net Member Management System 4.0

Cross-site scripting (XSS) vulnerability in admin/index.asp in Member Management System 4.0 allows remote attackers to inject arbitrary web script or HTML via the REF_URL parameter.

4.3
2011-10-08 CVE-2010-4895 Chillycms Cross-Site Scripting vulnerability in Chillycms 1.1.3

Cross-site scripting (XSS) vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the username field).

4.3
2011-10-08 CVE-2010-4893 Festengine Cross-Site Scripting vulnerability in Festengine Festos 2.3B

Cross-site scripting (XSS) vulnerability in foodvendors.php in FestOS 2.3b allows remote attackers to inject arbitrary web script or HTML via the category parameter in a details action.

4.3
2011-10-08 CVE-2011-3598 Phppgadmin Cross-Site Scripting vulnerability in PHPpgadmin

Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or the (2) return_url or (3) return_desc parameter to display.php.

4.3
2011-10-08 CVE-2011-2661 Novell Cross-Site Scripting vulnerability in Novell Groupwise 8.0

Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 8.0 before HP3 allow remote attackers to inject arbitrary web script or HTML via the (1) Directory.Item.name or (2) Directory.Item.displayName parameter.

4.3
2011-10-08 CVE-2011-2227 Novell Cross-Site Scripting vulnerability in Novell products

Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 709603.

4.3
2011-10-08 CVE-2011-1696 Novell Cross-Site Scripting vulnerability in Novell products

Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 692972.

4.3
2011-10-07 CVE-2010-4892 Alex Kellner
Typo3
Cross-Site Scripting vulnerability in Alex Kellner Powermail

Cross-site scripting (XSS) vulnerability in the powermail extension before 1.5.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2011-10-07 CVE-2010-4890 Andreas Kiefer
Typo3
Cross-Site Scripting vulnerability in Andreas Kiefer KE YAC

Cross-site scripting (XSS) vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2011-10-07 CVE-2010-4886 Peter Proell
Typo3
Cross-Site Scripting vulnerability in Peter Proell Tweetbutton 1.0.0/1.0.2/1.0.3

Cross-site scripting (XSS) vulnerability in the "official twitter tweet button for your page" (tweetbutton) extension before 1.0.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2011-10-07 CVE-2010-4885 Peter Proell
Typo3
Cross-Site Scripting vulnerability in Peter Proell Xing 1.0.0

Cross-site scripting (XSS) vulnerability in the XING Button (xing) extension before 1.0.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2011-10-07 CVE-2010-4882 Ventics Cross-Site Scripting vulnerability in Ventics Auto CMS 1.6

Cross-site scripting (XSS) vulnerability in autocms.php in Auto CMS 1.6 allows remote attackers to inject arbitrary web script or HTML via the sitetitle parameter.

4.3
2011-10-07 CVE-2010-4880 Apphp Cross-Site Scripting vulnerability in Apphp Calendar

Multiple cross-site scripting (XSS) vulnerabilities in calendar.class.php in ApPHP Calendar (ApPHP CAL) allow remote attackers to inject arbitrary web script or HTML via the (1) category_name, (2) category_description, (3) event_name, or (4) event_description parameter.

4.3
2011-10-07 CVE-2010-4877 Insanevisions Cross-Site Scripting vulnerability in Insanevisions Onecms 2.6.1

Cross-site scripting (XSS) vulnerability in index.php in OneCMS 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the view parameter.

4.3
2011-10-07 CVE-2010-4875 Xondie
Wordpress
Cross-Site Scripting vulnerability in Xondie Vodpod Video Gallery 3.1.5

Cross-site scripting (XSS) vulnerability in vodpod-video-gallery/vodpod_gallery_thumbs.php in the Vodpod Video Gallery Plugin 3.1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the gid parameter.

4.3
2011-10-07 CVE-2010-4874 Ninkobb Cross-Site Scripting vulnerability in Ninkobb 1.3

Multiple cross-site scripting (XSS) vulnerabilities in users.php in NinkoBB 1.3 RC5 allow remote attackers to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, (3) msn, or (4) aim parameter.

4.3
2011-10-07 CVE-2010-4873 Webidsupport Cross-Site Scripting vulnerability in Webidsupport Webid 0.8.5

Cross-site scripting (XSS) vulnerability in confirm.php in WeBid 0.8.5 P1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

4.3
2011-10-05 CVE-2010-4868 W Agora Cross-Site Scripting vulnerability in W-Agora

Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the bn parameter.

4.3
2011-10-05 CVE-2010-4863 GET Simple Cross-Site Scripting vulnerability in Get-Simple Getsimple CMS 2.01

Cross-site scripting (XSS) vulnerability in admin/changedata.php in GetSimple CMS 2.01 allows remote attackers to inject arbitrary web script or HTML via the post-title parameter.

4.3
2011-10-05 CVE-2011-0459 Cyber ARK Cross-Site Scripting vulnerability in Cyber-Ark Password Vault web Access 4.0/5.5/6.0

Cross-site scripting (XSS) vulnerability in Cyber-Ark Password Vault Web Access (PVWA) 5.0 and earlier, 5.5 through 5.5 patch 4, and 6.0 through 6.0 patch 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2011-10-04 CVE-2011-1221 Realnetworks Cross-Site Scripting vulnerability in Realnetworks Realplayer and Realplayer SP

Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document, a different vulnerability than CVE-2011-2947.

4.3
2011-10-04 CVE-2011-3979 Zikula Cross-Site Scripting vulnerability in Zikula Application Framework 1.2.7/1.3.0

Cross-site scripting (XSS) vulnerability in ztemp/view_compiled/Theme/theme_admin_setasdefault.php in the theme module in Zikula Application Framework 1.3.0 build 3168, 1.2.7, and probably other versions allows remote attackers to inject arbitrary web script or HTML via the themename parameter in the setasdefault action to index.php.

4.3

7 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-10-04 CVE-2011-3978 Lightneasy Cross-Site Scripting vulnerability in Lightneasy 3.2.4

Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy.php in LightNEasy 3.2.4 allow remote authenticated users to inject arbitrary web script or HTML via the (1) commentemail, (2) commentmessage, or (3) commentname parameter in a sendcomment action for the news page.

3.5
2011-10-07 CVE-2010-4883 Modx Cross-Site Scripting vulnerability in Modx Revolution 2.0.2Pl

Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote attackers to inject arbitrary web script or HTML via the modhash parameter.

2.6
2011-10-03 CVE-2011-3975 Google
HTC
Information Exposure vulnerability in multiple products

A certain HTC update for Android 2.3.4 build GRJ22, when the Sense interface is used on the HTC EVO 3D, EVO 4G, ThunderBolt, and unspecified other devices, provides the HtcLoggers.apk application, which allows user-assisted remote attackers to obtain a list of telephone numbers from a log, and other sensitive information, by leveraging the android.permission.INTERNET application permission and establishing TCP sessions to 127.0.0.1 on port 65511 and a second port.

2.6
2011-10-07 CVE-2011-2190 Cherokee Project Cryptographic Issues vulnerability in Cherokee-Project Cherokee

The generate_admin_password function in Cherokee before 1.2.99 uses time and PID values for seeding of a random number generator, which makes it easier for local users to determine admin passwords via a brute-force attack.

2.1
2011-10-05 CVE-2011-3982 IBM Resource Management Errors vulnerability in IBM AIX 6.1/7.1

The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors that generate a large amount of DMA I/O, related to a deadlock in timer processing across CPUs.

2.1
2011-10-05 CVE-2011-1159 Tedfelix Improper Input Validation vulnerability in Tedfelix Acpid

acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that performs a connect system call but no read system calls.

2.1
2011-10-05 CVE-2000-1247 Apache Configuration vulnerability in Apache Jserv 1.1.2

The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensitive information via a direct request to the jserv/ URI.

2.1