Weekly Vulnerabilities Reports > November 7 to 13, 2011

Overview

62 new vulnerabilities reported during this period, including 29 critical vulnerabilities and 9 high severity vulnerabilities. This weekly summary report vulnerabilities in 42 products from 18 vendors including Google, Apple, Microsoft, Adobe, and Linux. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Information Exposure", and "Improper Input Validation".

  • 54 reported vulnerabilities are remotely exploitables.
  • 8 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 57 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 19 reported vulnerabilities.
  • Adobe has the most reported critical vulnerabilities, with 16 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

29 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-11-11 CVE-2011-2460 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2459.

10.0
2011-11-11 CVE-2011-2459 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.

10.0
2011-11-11 CVE-2011-2457 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.

10.0
2011-11-11 CVE-2011-2456 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.

10.0
2011-11-11 CVE-2011-2455 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2459, and CVE-2011-2460.

10.0
2011-11-11 CVE-2011-2454 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.

10.0
2011-11-11 CVE-2011-2453 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.

10.0
2011-11-11 CVE-2011-2452 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.

10.0
2011-11-11 CVE-2011-2451 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.

10.0
2011-11-11 CVE-2011-2450 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.

10.0
2011-11-11 CVE-2011-2445 Adobe
Apple
Linux
Microsoft
SUN
Google
Buffer Errors vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.

10.0
2011-11-09 CVE-2011-3654 Mozilla Buffer Errors vulnerability in Mozilla Firefox and Thunderbird

The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

10.0
2011-11-09 CVE-2011-3652 Mozilla Buffer Errors vulnerability in Mozilla Firefox and Thunderbird

The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

10.0
2011-11-09 CVE-2011-3651 Mozilla Memory Corruption vulnerability in Mozilla Firefox and Thunderbird

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10.0
2011-11-08 CVE-2011-2449 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

The TextXtra module in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10.0
2011-11-08 CVE-2011-2448 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2446.

10.0
2011-11-08 CVE-2011-2447 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10.0
2011-11-08 CVE-2011-2446 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

The DIRapi library in Adobe Shockwave Player before 11.6.3.633 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2448.

10.0
2011-11-08 CVE-2011-2013 Microsoft Numeric Errors vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista

Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code by sending a sequence of crafted UDP packets to a closed port, aka "Reference Counter Overflow Vulnerability."

10.0
2011-11-12 CVE-2011-4047 Dell Code Injection vulnerability in Dell Kace K2000 Systems Deployment Appliance

The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access.

9.3
2011-11-11 CVE-2011-3439 Apple Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Iphone OS

FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document.

9.3
2011-11-11 CVE-2011-2458 Adobe
Apple
Linux
Microsoft
SUN
Google
Permissions, Privileges, and Access Controls vulnerability in Adobe AIR and Flash Player

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site.

9.3
2011-11-09 CVE-2011-2740 EMC
Mozilla
Permissions, Privileges, and Access Controls vulnerability in EMC RSA KEY Manager Appliance 2.7

EMC RSA Key Manager (RKM) Appliance 2.7 SP1 before 2.7.1.6, when Firefox 4.x or 5.0 is used, does not properly terminate a user session upon a logout action, which makes it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation.

9.3
2011-11-09 CVE-2011-3655 Mozilla Code Injection vulnerability in Mozilla Firefox and Thunderbird

Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site.

9.3
2011-11-09 CVE-2011-3650 Mozilla Buffer Errors vulnerability in Mozilla Firefox and Thunderbird

Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug.

9.3
2011-11-09 CVE-2011-3647 Mozilla Improper Input Validation vulnerability in Mozilla Firefox and Thunderbird

The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior, a related issue to CVE-2011-3004.

9.3
2011-11-08 CVE-2011-4000 Nara Institute OF Science AND Technology Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Nara Institute of Science and Technology Chasen

Buffer overflow in ChaSen 2.4.x allows remote attackers to execute arbitrary code via a crafted string.

9.3
2011-11-08 CVE-2011-2016 Microsoft Unspecified vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Vista

Untrusted search path vulnerability in Windows Mail and Windows Meeting Space in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .eml or .wcinv file, aka "Windows Mail Insecure Library Loading Vulnerability." Per: http://technet.microsoft.com/en-us/security/bulletin/ms11-085 'This is a remote code execution vulnerability.' Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'

9.3
2011-11-08 CVE-2011-2014 Microsoft Improper Authentication vulnerability in Microsoft products

The LDAP over SSL (aka LDAPS) implementation in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not examine Certificate Revocation Lists (CRLs), which allows remote authenticated users to bypass intended certificate restrictions and access Active Directory resources by leveraging a revoked X.509 certificate for a domain account, aka "LDAPS Authentication Bypass Vulnerability."

9.0

9 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-11-09 CVE-2011-2739 EMC Permissions, Privileges, and Access Controls vulnerability in EMC Documentum Eroom

The file-blocking feature in EMC Documentum eRoom 7.3.x and 7.4.x before 7.4.3.g does not properly restrict the uploading and opening of files with dangerous file types, which allows remote authenticated users to execute arbitrary code via an uploaded file.

8.5
2011-11-11 CVE-2011-3898 Google Improper Privilege Management vulnerability in Google Chrome

Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request user confirmation before applet execution begins, which allows remote attackers to have an unspecified impact via a crafted applet.

7.5
2011-11-11 CVE-2011-3896 Google Classic Buffer Overflow vulnerability in Google Chrome

Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping.

7.5
2011-11-11 CVE-2011-3895 Google
Debian
Out-Of-Bounds Write vulnerability in Google Chrome

Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.

7.5
2011-11-11 CVE-2011-3894 Google Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome

Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted stream.

7.5
2011-11-11 CVE-2011-3892 Google
Debian
Double Free vulnerability in Google Chrome

Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.

7.5
2011-11-09 CVE-2011-3997 Opengear Improper Authentication vulnerability in Opengear products

Opengear console servers with firmware before 2.2.1 allow remote attackers to bypass authentication, and modify settings or access connected equipment, via unspecified vectors.

7.5
2011-11-11 CVE-2011-3442 Apple Resource Management Errors vulnerability in Apple Iphone OS

The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app.

7.2
2011-11-08 CVE-2011-2004 Microsoft Improper Input Validation vulnerability in Microsoft Windows 7 and Windows Server 2008

Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (reboot) via a crafted TrueType font file, aka "TrueType Font Parsing Vulnerability," a different vulnerability than CVE-2011-3402.

7.1

17 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-11-11 CVE-2011-3897 Google
Apple
USE After Free vulnerability in Google Chrome

Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing.

6.8
2011-11-10 CVE-2011-4431 Merethis Path Traversal vulnerability in Merethis Centreon

Directory traversal vulnerability in main.php in Merethis Centreon before 2.3.2 allows remote authenticated users to execute arbitrary commands via a ..

6.5
2011-11-12 CVE-2011-4046 Dell Cryptographic Issues vulnerability in Dell Kace K2000 Systems Deployment Appliance

The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code.

5.0
2011-11-11 CVE-2011-4435 IBM Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Tools for Z/Os 2.3.0

The web-server component in the Consolidation and Analysis Engine (CAE) Server in DB2 Query Monitor in IBM DB2 Tools 2.3.0 for z/OS does not prevent directory browsing, which allows remote attackers to obtain sensitive information via HTTP requests.

5.0
2011-11-11 CVE-2011-3893 Google Out-Of-Bounds Read vulnerability in Google Chrome

Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

5.0
2011-11-10 CVE-2011-4432 Merethis Cryptographic Issues vulnerability in Merethis Centreon

www/include/configuration/nconfigObject/contact/DB-Func.php in Merethis Centreon before 2.3.2 does not use a salt during calculation of a password hash, which makes it easier for context-dependent attackers to determine cleartext passwords via a rainbow-table approach.

5.0
2011-11-09 CVE-2011-3653 Mozilla
Apple
Information Exposure vulnerability in Mozilla Firefox and Thunderbird

Mozilla Firefox before 8.0 and Thunderbird before 8.0 on Mac OS X do not properly interact with the GPU memory behavior of a certain driver for Intel integrated GPUs, which allows remote attackers to bypass the Same Origin Policy and read image data via vectors related to WebGL textures.

5.0
2011-11-07 CVE-2011-3169 HP Unspecified vulnerability in HP TCP IP Services Openvms 5.6/5.7

Unspecified vulnerability in the SMTP service implementation in HP TCP/IP Services 5.6 and 5.7 for OpenVMS allows remote attackers to cause a denial of service via unknown vectors.

5.0
2011-11-07 CVE-2011-3168 HP Unauthorized Access Security Bypass vulnerability in HP TCP IP Services Openvms 5.6/5.7

Unspecified vulnerability in the POP and IMAP service implementations in HP TCP/IP Services 5.6 and 5.7 for OpenVMS allows remote attackers to obtain sensitive information via unknown vectors.

5.0
2011-11-11 CVE-2011-1375 IBM Permissions, Privileges, and Access Controls vulnerability in IBM AIX 6.1/7.1

IBM AIX 6.1 and 7.1 does not restrict the wpar_limits_config and wpar_limits_modify system calls, which allows local users to cause a denial of service (system crash) via a crafted call.

4.9
2011-11-11 CVE-2011-3376 Apache Permissions, Privileges, and Access Controls vulnerability in Apache Tomcat

org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.

4.4
2011-11-08 CVE-2011-3607 Apache Numeric Errors vulnerability in Apache Http Server

Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.

4.4
2011-11-12 CVE-2011-4048 Dell Credentials Management vulnerability in Dell Kace K2000 Systems Deployment Appliance

The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials.

4.3
2011-11-11 CVE-2011-3441 Apple Information Exposure vulnerability in Apple Iphone OS

libinfo in Apple iOS before 5.0.1 does not properly formulate domain-name queries, which allows remote attackers to obtain sensitive information via a crafted DNS hostname.

4.3
2011-11-09 CVE-2011-3999 IBC CO JP Cross-Site Scripting vulnerability in Ibc.Co.Jp Iwate Portal BAR

Cross-site scripting (XSS) vulnerability in the RSS/Atom feed-reader implementation in Iwate Portal Bar allows remote attackers to inject arbitrary web script or HTML via a crafted feed.

4.3
2011-11-09 CVE-2011-3998 Apple Cross-Site Scripting vulnerability in Apple Webobjects

Cross-site scripting (XSS) vulnerability in Apple WebObjects 5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2011-11-09 CVE-2011-3648 Mozilla Cross-Site Scripting vulnerability in Mozilla Firefox and Thunderbird

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding.

4.3

7 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2011-11-11 CVE-2011-4434 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows 7 and Windows Server 2008

Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 do not properly enforce AppLocker rules, which allows local users to bypass intended access restrictions via a (1) macro or (2) scripting feature in an application, as demonstrated by Microsoft Office applications and the SANDBOX_INERT and LOAD_IGNORE_CODE_AUTHZ_LEVEL flags.

3.6
2011-11-12 CVE-2011-4436 Dell Cross-Site Scripting vulnerability in Dell Kace K2000 Systems Deployment Appliance

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

3.5
2011-11-09 CVE-2011-3985 Plume CMS Cross-Site Scripting vulnerability in Plume-Cms Plume CMS

Cross-site scripting (XSS) vulnerability in Plume before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

2.6
2011-11-09 CVE-2011-3649 Mozilla
Microsoft
Information Exposure vulnerability in Mozilla Firefox and Thunderbird

Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D (aka D2D) API is used on Windows in conjunction with the Azure graphics back-end, allow remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas.

2.6
2011-11-09 CVE-2011-1373 IBM Remote Denial of Service vulnerability in IBM DB2

Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured, allows local users to cause a denial of service (daemon crash) via unknown vectors.

1.5
2011-11-11 CVE-2011-3440 Apple Permissions, Privileges, and Access Controls vulnerability in Apple Ipad2 and Iphone OS

The Passcode Lock feature in Apple iOS before 5.0.1 on the iPad 2 does not properly implement the locked state, which allows physically proximate attackers to access data by opening a Smart Cover during power-off confirmation.

1.2
2011-11-08 CVE-2011-4415 Apache Improper Input Validation vulnerability in Apache Http Server

The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.

1.2