Weekly Vulnerabilities Reports > December 12 to 18, 2011
Overview
120 new vulnerabilities reported during this period, including 39 critical vulnerabilities and 20 high severity vulnerabilities. This weekly summary report vulnerabilities in 87 products from 46 vendors including Parallels, Microsoft, Redhat, Joomla, and Adobe. Vulnerabilities are notably categorized as "Information Exposure", "Cross-site Scripting", "SQL Injection", "Code Injection", and "Permissions, Privileges, and Access Controls".
- 114 reported vulnerabilities are remotely exploitables.
- 17 reported vulnerabilities have public exploit available.
- 43 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 117 reported vulnerabilities are exploitable by an anonymous user.
- Parallels has the most reported vulnerabilities, with 52 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 23 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
39 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-12-17 | CVE-2011-4861 | Schneider Electric | Permissions, Privileges, and Access Controls vulnerability in Schneider-Electric products The modbus_125_handler function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device (aka the Quantum 140NOE771* module) allows remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502. | 10.0 |
2011-12-17 | CVE-2011-4860 | Schneider Electric | Improper Authentication vulnerability in Schneider-Electric products The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device (aka the Quantum 140NOE771* module) generates the password for the fwupgrade account by performing a calculation on the MAC address, which makes it easier for remote attackers to obtain access via a (1) ARP request message or (2) Neighbor Solicitation message. | 10.0 |
2011-12-17 | CVE-2011-4859 | Schneider Electric | Multiple Security vulnerability in Schneider Electric Modicon Quantum The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or (c) FTP port. | 10.0 |
2011-12-16 | CVE-2011-4857 | Nullsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Nullsoft Winamp Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. | 10.0 |
2011-12-16 | CVE-2011-4369 | Adobe Apple Microsoft Unix | Unspecified vulnerability in Adobe Acrobat and Acrobat Reader Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. | 10.0 |
2011-12-16 | CVE-2011-4768 | Parallels | Unspecified vulnerability in Parallels Plesk Small Business Panel 10.2.0 The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving Wizard/Edit/Modules/Image and certain other files. | 10.0 |
2011-12-16 | CVE-2011-4762 | Parallels | Unspecified vulnerability in Parallels Plesk Small Business Panel 10.2.0 Parallels Plesk Small Business Panel 10.2.0 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/app/top-categories-data/ and certain other files. | 10.0 |
2011-12-16 | CVE-2011-4761 | Parallels | Unspecified vulnerability in Parallels Plesk Small Business Panel 10.2.0 Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving domains/sitebuilder_edit.php and certain other files. | 10.0 |
2011-12-16 | CVE-2011-4757 | Parallels | Credentials Management vulnerability in Parallels Plesk Small Business Panel 10.2.0 Parallels Plesk Small Business Panel 10.2.0 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in smb/auth and certain other files. | 10.0 |
2011-12-16 | CVE-2011-4755 | Parallels | Improper Input Validation vulnerability in Parallels Plesk Small Business Panel 10.2.0 Parallels Plesk Small Business Panel 10.2.0 does not properly validate string data that is intended for storage in an XML document, which allows remote attackers to cause a denial of service (parsing error) or possibly have unspecified other impact via a crafted cookie, as demonstrated by cookies to client@1/domain@1/hosting/file-manager/ and certain other files. | 10.0 |
2011-12-16 | CVE-2011-4752 | Smartertools | Unspecified vulnerability in Smartertools Smarterstats 6.2.4100 SmarterTools SmarterStats 6.2.4100 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving frmCustomReport.aspx and certain other files. | 10.0 |
2011-12-16 | CVE-2011-4749 | Parallels Redhat | Credentials Management vulnerability in Parallels Plesk Panel 10.3.1Build1013110726.09 The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms on certain pages under admin/index.php/default. | 10.0 |
2011-12-16 | CVE-2011-4744 | Parallels Microsoft Redhat | Unspecified vulnerability in Parallels Plesk Panel 10.2.0Build20110407.20 The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/admin-home/featured-applications/ and certain other files. | 10.0 |
2011-12-16 | CVE-2011-4743 | Parallels Microsoft Redhat | Unspecified vulnerability in Parallels Plesk Panel 10.2.0Build20110407.20 The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/user/create and certain other files. | 10.0 |
2011-12-16 | CVE-2011-4739 | Parallels Microsoft Redhat | Credentials Management vulnerability in Parallels Plesk Panel 10.2.0Build20110407.20 The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in smb/my-profile and certain other files. | 10.0 |
2011-12-16 | CVE-2011-4733 | Parallels Microsoft Redhat | Unspecified vulnerability in Parallels Plesk Panel 10.2.0Build1011110331.18 The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/admin-home/disable-featured-applications-promo and certain other files. | 10.0 |
2011-12-16 | CVE-2011-4732 | Parallels Microsoft Redhat | Unspecified vulnerability in Parallels Plesk Panel 10.2.0Build1011110331.18 The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving account/power-mode-logout and certain other files. | 10.0 |
2011-12-16 | CVE-2011-4730 | Parallels Microsoft Redhat | Credentials Management vulnerability in Parallels Plesk Panel 10.2.0Build1011110331.18 The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in admin/reseller/login-info/ and certain other files. | 10.0 |
2011-12-16 | CVE-2011-4727 | Parallels Microsoft Redhat | Improper Input Validation vulnerability in Parallels Plesk Panel 10.2.0Build1011110331.18 The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not properly validate string data that is intended for storage in an XML document, which allows remote attackers to cause a denial of service (parsing error) or possibly have unspecified other impact via a crafted REST URL parameter, as demonstrated by parameters to admin/ and certain other files. | 10.0 |
2011-12-17 | CVE-2011-4141 | RSA | Unspecified vulnerability in RSA Securid 4.1/4.1.0.545 Untrusted search path vulnerability in EMC RSA SecurID Software Token 4.1 before 4.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Software Token file. | 9.3 |
2011-12-16 | CVE-2011-3834 | Nullsoft | Numeric Errors vulnerability in Nullsoft Winamp Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow. | 9.3 |
2011-12-16 | CVE-2011-4856 | Parallels Microsoft | Unspecified vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving admin/health/parameters and certain other files. | 9.3 |
2011-12-16 | CVE-2011-4855 | Parallels Microsoft | Unspecified vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving admin/customer-service-plan/list/reset-search/true/ and certain other files. | 9.3 |
2011-12-16 | CVE-2011-4854 | Parallels Microsoft | Unspecified vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not ensure that Content-Type HTTP headers match the corresponding Content-Type data in HTML META elements, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving the get_enabled_product_icon program. | 9.3 |
2011-12-16 | CVE-2011-4851 | Parallels Microsoft | Credentials Management vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in server/google-tools/ and certain other files. | 9.3 |
2011-12-14 | CVE-2011-3413 | Microsoft | Code Injection vulnerability in Microsoft products Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an invalid OfficeArt record in a PowerPoint document, aka "OfficeArt Shape RCE Vulnerability." | 9.3 |
2011-12-14 | CVE-2011-3412 | Microsoft | Code Injection vulnerability in Microsoft Publisher 2003/2007 Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect memory handling, aka "Publisher Memory Corruption Vulnerability." | 9.3 |
2011-12-14 | CVE-2011-3411 | Microsoft | Code Injection vulnerability in Microsoft Publisher 2003 Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Invalid Pointer Vulnerability." | 9.3 |
2011-12-14 | CVE-2011-3410 | Microsoft | Improper Input Validation vulnerability in Microsoft Publisher 2003/2007 Array index error in Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Out-of-bounds Array Index Vulnerability." | 9.3 |
2011-12-14 | CVE-2011-3403 | Microsoft | Code Injection vulnerability in Microsoft Excel and Office Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet, aka "Record Memory Corruption Vulnerability." | 9.3 |
2011-12-14 | CVE-2011-3400 | Microsoft | Code Injection vulnerability in Microsoft Windows Server 2003 and Windows XP Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 do not properly handle OLE objects in memory, which allows remote attackers to execute arbitrary code via a crafted object in a file, aka "OLE Property Vulnerability." | 9.3 |
2011-12-14 | CVE-2011-3397 | Microsoft | Code Injection vulnerability in Microsoft Windows Server 2003 and Windows XP The Microsoft Time component in DATIME.DLL in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted web site that leverages an unspecified "binary behavior" in Internet Explorer, aka "Microsoft Time Remote Code Execution Vulnerability." | 9.3 |
2011-12-14 | CVE-2011-3396 | Microsoft | DLL Loading Arbitrary Code Execution vulnerability in Microsoft Powerpoint 2007/2010 Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "PowerPoint Insecure Library Loading Vulnerability." Per: http://technet.microsoft.com/en-us/security/bulletin/ms11-094 'PowerPoint Insecure Library Loading Vulnerability - CVE-2011-3396 A remote code execution vulnerability exists in the way that Microsoft PowerPoint handles the loading of DLL files.' Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path' | 9.3 |
2011-12-14 | CVE-2011-2019 | Microsoft | Untrusted Search Path vulnerability in Microsoft Internet Explorer 9 Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability." | 9.3 |
2011-12-14 | CVE-2011-1983 | Microsoft | Resource Management Errors vulnerability in Microsoft Office 2007/2010/2011 Use-after-free vulnerability in Microsoft Office 2007 SP2 and SP3, Office 2010 Gold and SP1, and Office for Mac 2011 allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Use After Free Vulnerability." | 9.3 |
2011-12-14 | CVE-2011-1508 | Microsoft | Code Injection vulnerability in Microsoft Publisher 2003/2007 Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, does not properly manage memory allocations for function pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Function Pointer Overwrite Vulnerability." | 9.3 |
2011-12-13 | CVE-2011-4266 | Ffftp | Insecure Executable File Loading Arbitrary Code Execution vulnerability in FFFTP Untrusted search path vulnerability in FFFTP before 1.98d allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file, a different vulnerability than CVE-2011-3991. | 9.3 |
2011-12-13 | CVE-2011-4201 | Restorepoint | Code Injection vulnerability in Restorepoint 3.2 remote_support.cgi in the Tadasoft Restorepoint 3.2 evaluation image allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) pid1 or (2) pid2 parameter in a stop_remote_support action. | 9.3 |
2011-12-14 | CVE-2011-4800 | Solarwinds | Path Traversal vulnerability in Solarwinds Serv-U File Server Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get commands. | 9.0 |
20 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-12-16 | CVE-2011-4847 | Parallels Microsoft | SQL Injection vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 SQL injection vulnerability in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 allows remote attackers to execute arbitrary SQL commands via a certificateslist cookie to notification@/. | 7.5 |
2011-12-16 | CVE-2011-4763 | Parallels | SQL Injection vulnerability in Parallels Plesk Small Business Panel 10.2.0 Multiple SQL injection vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by Wizard/Edit/Html and certain other files. | 7.5 |
2011-12-16 | CVE-2011-4753 | Parallels | SQL Injection vulnerability in Parallels Plesk Small Business Panel 10.2.0 Multiple SQL injection vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by domains/sitebuilder_edit.php and certain other files. | 7.5 |
2011-12-16 | CVE-2011-4734 | Parallels Microsoft Redhat | SQL Injection vulnerability in Parallels Plesk Panel 10.2.0Build20110407.20 Multiple SQL injection vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by file-manager/ and certain other files. | 7.5 |
2011-12-16 | CVE-2011-4725 | Parallels Microsoft Redhat | SQL Injection vulnerability in Parallels Plesk Panel 10.2.0Build1011110331.18 Multiple SQL injection vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by login_up.php3 and certain other files. | 7.5 |
2011-12-15 | CVE-2011-4835 | Homeseer | Path Traversal vulnerability in Homeseer HS2 2.5.0.20 Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to access arbitrary files via unspecified vectors. | 7.5 |
2011-12-15 | CVE-2011-4833 | Sugarcrm | SQL Injection vulnerability in Sugarcrm Multiple SQL injection vulnerabilities in the Leads module in SugarCRM 6.1 before 6.1.7, 6.2 before 6.2.4, 6.3 before 6.3.0RC3, and 6.4 before 6.4.0beta1 allow remote attackers to execute arbitrary SQL commands via the (1) where and (2) order parameters in a get_full_list action to index.php. | 7.5 |
2011-12-15 | CVE-2011-4832 | Caupo | Path Traversal vulnerability in Caupo Cauposhop Classic and Cauposhop PRO Directory traversal vulnerability in CaupoShop Pro 2.x, CaupoShop Classic 3.01, and CaupoShop Pro 3.70 and earlier allows remote attackers to read arbitrary files via a .. | 7.5 |
2011-12-15 | CVE-2011-4829 | Barter Sites Joomla | SQL Injection vulnerability in Barter-Sites COM Listing 1.3 SQL injection vulnerability in the com_listing component in Barter Sites component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter to index.php. | 7.5 |
2011-12-15 | CVE-2011-4828 | Autosectools | Code Injection vulnerability in Autosectools V-Cms 1.0 Unrestricted file upload vulnerability in includes/inline_image_upload.php in AutoSec Tools V-CMS 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in temp/. | 7.5 |
2011-12-15 | CVE-2011-4825 | Phpletter Phpmyfaq Tinymce | Code Injection vulnerability in multiple products Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters. | 7.5 |
2011-12-15 | CVE-2011-4824 | Cacti | SQL Injection vulnerability in Cacti SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter. | 7.5 |
2011-12-15 | CVE-2011-4823 | Extensionsforjoomla Joomla | SQL Injection vulnerability in Extensionsforjoomla COM Vikrealestate 1.0 Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a results action and (2) imm parameter in a show action to index.php. | 7.5 |
2011-12-14 | CVE-2011-4811 | BST | SQL Injection vulnerability in BST Bestshoppro SQL injection vulnerability in pokaz_podkat.php in BestShopPro allows remote attackers to execute arbitrary SQL commands via the str parameter. | 7.5 |
2011-12-14 | CVE-2011-4808 | Joomlaextensions Joomla | SQL Injection vulnerability in Joomlaextensions COM Hmcommunity SQL injection vulnerability in the HM Community (com_hmcommunity) component before 1.01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a fnd_home action to index.php. | 7.5 |
2011-12-14 | CVE-2011-4803 | Bravenewcode Wordpress | SQL Injection vulnerability in Bravenewcode Wptouch SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2011-12-14 | CVE-2011-4801 | Authenex | SQL Injection vulnerability in Authenex Strong Authentication System Server 3.1.0.2/3.1.0.3 SQL injection vulnerability in akeyActivationLogin.do in Authenex Web Management Control in Authenex Strong Authentication System (ASAS) Server 3.1.0.2 and 3.1.0.3 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2011-12-14 | CVE-2011-2018 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft products The kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, and Windows 7 Gold and SP1 does not properly initialize objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Exception Handler Vulnerability." | 7.2 |
2011-12-14 | CVE-2011-2010 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft products The Microsoft Office Input Method Editor (IME) for Simplified Chinese in Microsoft Pinyin IME 2010, Office Pinyin SimpleFast Style 2010, and Office Pinyin New Experience Style 2010 does not properly restrict access to configuration options, which allows local users to gain privileges via the Microsoft Pinyin (aka MSPY) IME toolbar, aka "Pinyin IME Elevation Vulnerability." | 7.2 |
2011-12-13 | CVE-2011-4202 | Restorepoint | Permissions, Privileges, and Access Controls vulnerability in Restorepoint 3.2 The Tadasoft Restorepoint 3.2 evaluation image uses weak permissions (www write access) for unspecified scripts, which allows local users to gain privileges by modifying a script file. | 7.2 |
58 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-12-15 | CVE-2011-4837 | Homeseer | Cross-Site Request Forgery (CSRF) vulnerability in Homeseer HS2 2.5.0.20 Cross-site request forgery (CSRF) vulnerability in /ctrl in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to hijack the authentication of admins for requests that execute arbitrary programs. | 6.8 |
2011-12-15 | CVE-2011-4826 | Autosectools | SQL Injection vulnerability in Autosectools V-Cms 1.0 SQL injection vulnerability in session.php in AutoSec Tools V-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to process.php. | 6.8 |
2011-12-14 | CVE-2011-2742 | EMC | Permissions, Privileges, and Access Controls vulnerability in EMC RSA Adaptive Authentication On-Premise 6.0.2.1 EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly perform forensic evaluation upon receipt of device tokens from mobile apps, which might allow remote attackers to bypass intended application restrictions via a mobile device. | 6.8 |
2011-12-14 | CVE-2011-2741 | EMC | Permissions, Privileges, and Access Controls vulnerability in EMC RSA Adaptive Authentication On-Premise 6.0.2.1 EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly implement Device Recovery and Device Identification, which might allow remote attackers to bypass intended security restrictions on a (1) previously non-registered device or (2) registered device by sending unspecified "data elements." | 6.8 |
2011-12-17 | CVE-2011-4603 | Pidgin | Improper Input Validation vulnerability in Pidgin The silc_channel_message function in ops.c in the SILC protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service (application crash) via a crafted message, a different vulnerability than CVE-2011-3594. | 5.0 |
2011-12-17 | CVE-2011-4602 | Pidgin | Improper Input Validation vulnerability in Pidgin The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in (1) voice-chat and (2) video-chat stanzas, which allows remote attackers to cause a denial of service (application crash) via a crafted message. | 5.0 |
2011-12-16 | CVE-2011-4767 | Parallels | Information Exposure vulnerability in Parallels Plesk Small Business Panel 10.2.0 The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which allows remote attackers to obtain potentially sensitive information by reading a page, as demonstrated by js/Wizard/Status.js and certain other files. | 5.0 |
2011-12-16 | CVE-2011-4760 | Parallels | Information Exposure vulnerability in Parallels Plesk Small Business Panel 10.2.0 Parallels Plesk Small Business Panel 10.2.0 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which allows remote attackers to obtain potentially sensitive information by reading a page, as demonstrated by smb/email-address/list and certain other files. | 5.0 |
2011-12-16 | CVE-2011-4759 | Parallels | Information Exposure vulnerability in Parallels Plesk Small Business Panel 10.2.0 Parallels Plesk Small Business Panel 10.2.0 generates web pages containing external links in response to GET requests with query strings for client@1/domain@1/hosting/file-manager/ and certain other files, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue. | 5.0 |
2011-12-16 | CVE-2011-4758 | Parallels | Cryptographic Issues vulnerability in Parallels Plesk Small Business Panel 10.2.0 Parallels Plesk Small Business Panel 10.2.0 receives cleartext password input over HTTP, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by forms in smb/auth and certain other files. | 5.0 |
2011-12-16 | CVE-2011-4756 | Parallels | Information Exposure vulnerability in Parallels Plesk Small Business Panel 10.2.0 Parallels Plesk Small Business Panel 10.2.0 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, as demonstrated by cookies used by domains/sitebuilder_edit.php and certain other files. | 5.0 |
2011-12-16 | CVE-2011-4751 | Smartertools | Information Exposure vulnerability in Smartertools Smarterstats 6.2.4100 SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET requests with query strings for frmGettingStarted.aspx, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue. | 5.0 |
2011-12-16 | CVE-2011-4748 | Parallels Redhat | Information Exposure vulnerability in Parallels Plesk Panel 10.3.1Build1013110726.09 The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which allows remote attackers to obtain potentially sensitive information by reading a page, as demonstrated by js/ajax/core/ajax.inc.js and certain other files. | 5.0 |
2011-12-16 | CVE-2011-4747 | Parallels Redhat | Cryptographic Issues vulnerability in Parallels Plesk Panel 10.3.1Build1013110726.09 The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 does not prevent the use of weak ciphers for SSL sessions, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a crafted CipherSuite list. | 5.0 |
2011-12-16 | CVE-2011-4746 | Parallels Redhat | Cryptographic Issues vulnerability in Parallels Plesk Panel 10.3.1Build1013110726.09 The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 does not disable the SSL 2.0 protocol, which makes it easier for remote attackers to conduct spoofing attacks by leveraging protocol weaknesses. | 5.0 |
2011-12-16 | CVE-2011-4742 | Parallels Microsoft Redhat | Information Exposure vulnerability in Parallels Plesk Panel 10.2.0Build20110407.20 The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which allows remote attackers to obtain potentially sensitive information by reading a page, as demonstrated by smb/user/list and certain other files. | 5.0 |
2011-12-16 | CVE-2011-4741 | Parallels Microsoft Redhat | Information Exposure vulnerability in Parallels Plesk Panel 10.2.0Build20110407.20 The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 includes a database connection string within a web page, which allows remote attackers to obtain potentially sensitive information by reading this page, as demonstrated by client@2/domain@1/hosting/aspdotnet/. | 5.0 |
2011-12-16 | CVE-2011-4738 | Parallels Microsoft Redhat | Information Exposure vulnerability in Parallels Plesk Panel 10.2.0Build20110407.20 The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, as demonstrated by cookies used by get_password.php and certain other files. | 5.0 |
2011-12-16 | CVE-2011-4737 | Parallels Microsoft Redhat | Information Exposure vulnerability in Parallels Plesk Panel 10.2.0Build20110407.20 The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 includes a submitted password within an HTTP response body, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by password handling in client@2/domain@1/odbc/dsn@1/properties/. | 5.0 |
2011-12-16 | CVE-2011-4736 | Parallels Microsoft Redhat | Cryptographic Issues vulnerability in Parallels Plesk Panel 10.2.0Build20110407.20 The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 receives cleartext password input over HTTP, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by forms in login_up.php3 and certain other files. | 5.0 |
2011-12-16 | CVE-2011-4731 | Parallels Microsoft Redhat | Information Exposure vulnerability in Parallels Plesk Panel 10.2.0Build1011110331.18 The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 includes an RFC 1918 IP address within a web page, which allows remote attackers to obtain potentially sensitive information by reading this page, as demonstrated by admin/home/admin and certain other files. | 5.0 |
2011-12-16 | CVE-2011-4729 | Parallels Microsoft Redhat | Unspecified vulnerability in Parallels Plesk Panel 10.2.0Build1011110331.18 The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, as demonstrated by cookies used by login_up.php3 and certain other files. | 5.0 |
2011-12-16 | CVE-2011-4728 | Parallels Microsoft Redhat | Information Exposure vulnerability in Parallels Plesk Panel 10.2.0Build1011110331.18 The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session, as demonstrated by cookies used by login_up.php3 and certain other files. | 5.0 |
2011-12-15 | CVE-2011-4597 | Digium | Information Exposure vulnerability in Digium Asterisk The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and 1.8.x before 1.8.7.2 uses different port numbers for responses to invalid requests depending on whether a SIP username exists, which allows remote attackers to enumerate usernames via a series of requests. | 5.0 |
2011-12-14 | CVE-2011-4813 | Whmcs | Path Traversal vulnerability in Whmcs Whmcompletesolution 3.0.0 Directory traversal vulnerability in clientarea.php in WHMCompleteSolution (WHMCS) 3.x.x allows remote attackers to read arbitrary files via an invalid action and a ../ (dot dot slash) in the templatefile parameter. | 5.0 |
2011-12-14 | CVE-2011-4810 | Whmcs | Path Traversal vulnerability in Whmcs Whmcompletesolution Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to (1) submitticket.php and (2) downloads.php, and (3) the report parameter to admin/reports.php. | 5.0 |
2011-12-14 | CVE-2011-4807 | Phpalbum | Path Traversal vulnerability in PHPalbum Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2011-12-14 | CVE-2011-4804 | Foobla Joomla | Path Traversal vulnerability in Foobla COM Obsuggest Directory traversal vulnerability in the obSuggest (com_obsuggest) component before 1.8 for Joomla! allows remote attackers to read arbitrary files via a .. | 5.0 |
2011-12-15 | CVE-2011-4834 | HP IBM SUN | Permissions, Privileges, and Access Controls vulnerability in HP Application Lifestyle Management 11 The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tmp/tmp.txt FIFO or (2) a symlink attack on /tmp/tmp.txt. | 4.6 |
2011-12-17 | CVE-2011-3339 | 7T Safenet INC Mozilla | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier in SafeNet Sentinel HASP (formerly Aladdin HASP SRM) run-time installer before 6.x and SDK before 5.11, as used in 7 Technologies (7T) IGSS 7 and other products, when Firefox 2.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger write access to a configuration file. | 4.3 |
2011-12-16 | CVE-2011-4853 | Parallels Microsoft | Information Exposure vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 includes an RFC 1918 IP address within a web page, which allows remote attackers to obtain potentially sensitive information by reading this page, as demonstrated by smb/user/list-data/items-per-page/ and certain other files. | 4.3 |
2011-12-16 | CVE-2011-4852 | Parallels Microsoft | Information Exposure vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates web pages containing external links in response to GET requests with query strings for enterprise/mobile-monitor/ and certain other files, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue. | 4.3 |
2011-12-16 | CVE-2011-4850 | Parallels Microsoft | Information Exposure vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, as demonstrated by cookies used by help.php and certain other files. | 4.3 |
2011-12-16 | CVE-2011-4849 | Parallels Microsoft | Information Exposure vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session, as demonstrated by cookies used by help.php and certain other files. | 4.3 |
2011-12-16 | CVE-2011-4848 | Parallels Microsoft | Information Exposure vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 includes a submitted password within an HTTP response body, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by password handling in certain files under client@1/domain@1/backup/local-repository/. | 4.3 |
2011-12-16 | CVE-2011-4777 | Parallels Microsoft | Cross-Site Scripting vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 Cross-site scripting (XSS) vulnerability in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Panel 10.4.4_build20111103.18 allows remote attackers to inject arbitrary web script or HTML via the login parameter to preferences.html. | 4.3 |
2011-12-16 | CVE-2011-4776 | Parallels Microsoft | Cross-Site Scripting vulnerability in Parallels Plesk Panel 10.4.4Build20111103.18 Multiple cross-site scripting (XSS) vulnerabilities in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by admin/update/settings/ and certain other files. | 4.3 |
2011-12-16 | CVE-2011-4765 | Parallels | Information Exposure vulnerability in Parallels Plesk Small Business Panel 10.2.0 The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, as demonstrated by cookies used by Wizard/Edit/Modules/ImageGallery/MultiImagesUpload and certain other files. | 4.3 |
2011-12-16 | CVE-2011-4764 | Parallels | Cross-Site Scripting vulnerability in Parallels Plesk Small Business Panel 10.2.0 Multiple cross-site scripting (XSS) vulnerabilities in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by Wizard/Edit/Modules/Image and certain other files. | 4.3 |
2011-12-16 | CVE-2011-4754 | Parallels | Cross-Site Scripting vulnerability in Parallels Plesk Small Business Panel 10.2.0 Multiple cross-site scripting (XSS) vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by smb/app/available/id/apscatalog/ and certain other files. | 4.3 |
2011-12-16 | CVE-2011-4750 | Smartertools | Cross-Site Scripting vulnerability in Smartertools Smarterstats 6.2.4100 Multiple cross-site scripting (XSS) vulnerabilities in SmarterTools SmarterStats 6.2.4100 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by Default.aspx and certain other files. | 4.3 |
2011-12-16 | CVE-2011-4745 | Parallels Redhat | Cross-Site Scripting vulnerability in Parallels Plesk Panel 10.3.1Build1013110726.09 Multiple cross-site scripting (XSS) vulnerabilities in the billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by admin/index.php/default and certain other files. | 4.3 |
2011-12-16 | CVE-2011-4740 | Parallels Microsoft Redhat | Information Exposure vulnerability in Parallels Plesk Panel 10.2.0Build20110407.20 The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates web pages containing external links in response to GET requests with query strings for smb/app/search-data/catalogId/marketplace and certain other files, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue. | 4.3 |
2011-12-16 | CVE-2011-4735 | Parallels Microsoft Redhat | Cross-Site Scripting vulnerability in Parallels Plesk Panel 10.2.0Build20110407.20 Multiple cross-site scripting (XSS) vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by smb/user/create and certain other files. | 4.3 |
2011-12-16 | CVE-2011-4726 | Parallels Microsoft Redhat | Cross-Site Scripting vulnerability in Parallels Plesk Panel 10.2.0Build1011110331.18 Multiple cross-site scripting (XSS) vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by admin/health/ and certain other files. | 4.3 |
2011-12-15 | CVE-2011-4836 | Homeseer | Cross-Site Scripting vulnerability in Homeseer HS2 2.5.0.20 Cross-site scripting (XSS) vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to inject arbitrary web script or HTML via a request for a crafted URI. | 4.3 |
2011-12-15 | CVE-2011-4827 | Autosectools | Cross-Site Scripting vulnerability in Autosectools V-Cms 1.0 Multiple cross-site scripting (XSS) vulnerabilities in AutoSec Tools V-CMS 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) p parameter to redirect.php and (2) box parameter to includes/TrueColorPicker/index.php, which is not properly handled in includes/TrueColorPicker/class.TrueColorPicker.php. | 4.3 |
2011-12-15 | CVE-2011-4822 | Atlassian | Cross-Site Scripting vulnerability in Atlassian Fisheye Multiple cross-site scripting (XSS) vulnerabilities in the user profile feature in Atlassian FishEye before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) snippets in a user comment, which is not properly handled in a Confluence page, or (2) the user profile display name, which is not properly handled in a FishEye page. | 4.3 |
2011-12-15 | CVE-2011-4598 | Digium | Information Exposure vulnerability in Digium Asterisk The handle_request_info function in channels/chan_sip.c in Asterisk Open Source 1.6.2.x before 1.6.2.21 and 1.8.x before 1.8.7.2, when automon is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted sequence of SIP requests. | 4.3 |
2011-12-14 | CVE-2011-4368 | Adobe | Cross-Site Scripting vulnerability in Adobe Coldfusion Cross-site scripting (XSS) vulnerability in Remote Development Services (RDS) in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-12-14 | CVE-2011-2463 | Adobe | Cross-Site Scripting vulnerability in Adobe Coldfusion Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving the cfform tag. | 4.3 |
2011-12-14 | CVE-2011-4812 | BST | Cross-Site Scripting vulnerability in BST Bestshoppro Cross-site scripting (XSS) vulnerability in nowosci.php in BestShopPro allows remote attackers to inject arbitrary web script or HTML via the str parameter. | 4.3 |
2011-12-14 | CVE-2011-4809 | Joomlaextensions Joomla | Cross-Site Scripting vulnerability in Joomlaextensions COM Hmcommunity Multiple cross-site scripting (XSS) vulnerabilities in the HM Community (com_hmcommunity) component before 1.01 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) language[], (2) university[], (3) persent[], (4) company_name[], (5) designation[], (6) music[], (7) books[], (8) movies[], (9) games[], (10) syp[], (11) ft[], and (12) fa[] parameters in a save task for a profile to index.php. | 4.3 |
2011-12-14 | CVE-2011-4806 | Phpalbum | Cross-Site Scripting vulnerability in PHPalbum Multiple cross-site scripting (XSS) vulnerabilities in main.php in phpAlbum 0.4.1.16 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) var1 and (2) keyword parameters. | 4.3 |
2011-12-14 | CVE-2011-4805 | SAP | Cross-Site Scripting vulnerability in SAP Crystal Reports Server 2008 Cross-site scripting (XSS) vulnerability in pubDBLogon.jsp in SAP Crystal Report Server 2008 allows remote attackers to inject arbitrary web script or HTML via the service parameter. | 4.3 |
2011-12-14 | CVE-2011-3404 | Microsoft | Information Exposure vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to control rendering of the HTTP response body, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Content-Disposition Information Disclosure Vulnerability." | 4.3 |
2011-12-14 | CVE-2011-1992 | Microsoft | Cross-site Scripting vulnerability in Microsoft Internet Explorer 8 The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability." | 4.3 |
2011-12-15 | CVE-2011-4831 | David Azoulay | Path Traversal vulnerability in David Azoulay web File Browser 0.4B14 Directory traversal vulnerability in webFileBrowser.php in Web File Browser 0.4b14 allows remote authenticated users to read arbitrary files via a ..%2f (encoded dot dot) in the file parameter in a download action. | 4.0 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2011-12-15 | CVE-2011-4606 | Artsoft | Permissions, Privileges, and Access Controls vulnerability in Artsoft Rocks'N'Diamonds 3.3.0.1 Artsoft Entertainment Rocks'n'Diamonds (aka rocksndiamonds) 3.3.0.1 allows local users to overwrite arbitrary files via a symlink attack on .rocksndiamonds/cache/artworkinfo.cache under a user's home directory. | 3.6 |
2011-12-15 | CVE-2011-4339 | Ipmitool Project | Incorrect Permission Assignment for Critical Resource vulnerability in Ipmitool Project Ipmitool 1.8.11 ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file. | 3.6 |
2011-12-15 | CVE-2011-4830 | Barter Sites Joomla | Cross-Site Scripting vulnerability in Barter-Sites COM Listing 1.3 Multiple cross-site scripting (XSS) vulnerabilities in the com_listing component in Barter Sites component 1.3 for Joomla! allow remote authenticated users to inject arbitrary web script or HTML via the (1) listing_title, (2) description, (3) homeurl (aka Website Address), (4) paystring (aka Payment types accepted), (5) sell_price, (6) shipping_cost, and (7) quantity parameters to index.php. | 3.5 |