Weekly Vulnerabilities Reports > February 13 to 19, 2012

Overview

113 new vulnerabilities reported during this period, including 23 critical vulnerabilities and 20 high severity vulnerabilities. This weekly summary report vulnerabilities in 90 products from 52 vendors including Typo3, Microsoft, Google, Oracle, and SUN. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "SQL Injection", "Code Injection", and "Cross-Site Request Forgery (CSRF)".

  • 111 reported vulnerabilities are remotely exploitables.
  • 4 reported vulnerabilities have public exploit available.
  • 39 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 105 reported vulnerabilities are exploitable by an anonymous user.
  • Typo3 has the most reported vulnerabilities, with 21 reported vulnerabilities.
  • Adobe has the most reported critical vulnerabilities, with 9 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

23 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-02-15 CVE-2012-0508 Oracle Remote Code Execution vulnerability in Oracle Javafx 1.2/1.2.2/1.3.0

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX, 1.3.0 and earlier, and 1.2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10.0
2012-02-15 CVE-2012-0500 SUN
Oracle
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaFX 2.0.2 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
10.0
2012-02-15 CVE-2012-0499 SUN
Oracle
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier; and JavaFX 2.0.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
10.0
2012-02-15 CVE-2012-0498 SUN
Oracle
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
10.0
2012-02-15 CVE-2012-0497 SUN
Oracle
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
10.0
2012-02-15 CVE-2012-0766 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, and CVE-2012-0764.

10.0
2012-02-15 CVE-2012-0764 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, and CVE-2012-0766.

10.0
2012-02-15 CVE-2012-0763 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0764, and CVE-2012-0766.

10.0
2012-02-15 CVE-2012-0762 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0763, CVE-2012-0764, and CVE-2012-0766.

10.0
2012-02-15 CVE-2012-0761 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0762, CVE-2012-0763, CVE-2012-0764, and CVE-2012-0766.

10.0
2012-02-15 CVE-2012-0760 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, CVE-2012-0764, and CVE-2012-0766.

10.0
2012-02-15 CVE-2012-0759 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0771.

10.0
2012-02-15 CVE-2012-0758 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

Heap-based buffer overflow in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code via unspecified vectors.

10.0
2012-02-15 CVE-2012-0757 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player

The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, CVE-2012-0764, and CVE-2012-0766.

10.0
2012-02-18 CVE-2012-1197 ACD Systems Numeric Errors vulnerability in ACD Systems Acdsee 14.1Build137

Integer overflow in the IDE_ACDStd.apl module for ACDSee 14.1 Build 137 allows remote attackers to execute arbitrary code via crafted "image dimension values" in a BMP file, which triggers a heap-based buffer overflow.

9.3
2012-02-15 CVE-2012-0504 Oracle
SUN
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install and the Java Update mechanism.
9.3
2012-02-14 CVE-2012-0155 Microsoft Code Injection vulnerability in Microsoft Internet Explorer 9

Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Remote Code Execution Vulnerability."

9.3
2012-02-14 CVE-2012-0138 Microsoft Code Injection vulnerability in Microsoft Visio Viewer 2010

Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0137.

9.3
2012-02-14 CVE-2012-0137 Microsoft Code Injection vulnerability in Microsoft Visio Viewer 2010

Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0138.

9.3
2012-02-14 CVE-2012-0136 Microsoft Code Injection vulnerability in Microsoft Visio Viewer 2010

Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0137, and CVE-2012-0138.

9.3
2012-02-14 CVE-2012-0020 Microsoft Code Injection vulnerability in Microsoft Visio Viewer 2010

Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0136, CVE-2012-0137, and CVE-2012-0138.

9.3
2012-02-14 CVE-2012-0019 Microsoft Code Injection vulnerability in Microsoft Visio Viewer 2010

Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0020, CVE-2012-0136, CVE-2012-0137, and CVE-2012-0138.

9.3
2012-02-14 CVE-2012-0011 Microsoft Code Injection vulnerability in Microsoft Internet Explorer 7/8/9

Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."

9.3

20 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-02-16 CVE-2012-0352 Cisco Resource Management Errors vulnerability in Cisco products

Cisco NX-OS 4.2.x before 4.2(1)SV1(5.1) on Nexus 1000v series switches; 4.x and 5.0.x before 5.0(2)N1(1) on Nexus 5000 series switches; and 4.2.x before 4.2.8, 5.0.x before 5.0.5, and 5.1.x before 5.1.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (netstack process crash and device reload) via a malformed IP packet, aka Bug IDs CSCti23447, CSCti49507, and CSCtj01991.

7.8
2012-02-18 CVE-2012-1200 Nova CMS Code Injection vulnerability in Nova-Cms Nova CMS

Multiple PHP remote file inclusion vulnerabilities in Nova CMS allow remote attackers to execute arbitrary PHP code via a URL in the (1) fileType parameter to optimizer/index.php, (2) id parameter to administrator/modules/moduleslist.php, (3) filename parameter to includes/function/gets.php, or (4) conf[blockfile] parameter to includes/function/usertpl.php.

7.5
2012-02-18 CVE-2012-1199 Secureideas Code Injection vulnerability in Secureideas Basic Analysis and Security Engine 1.4.5

Multiple PHP remote file inclusion vulnerabilities in Basic Analysis and Security Engine (BASE) 1.4.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) BASE_path parameter to base_ag_main.php, (2) base_db_setup.php, (3) base_graph_common.php, (4) base_graph_display.php, (5) base_graph_form.php, (6) base_graph_main.php, (7) base_local_rules.php, (8) base_logout.php, (9) base_main.php, (10) base_maintenance.php, (11) base_payload.php, (12) base_qry_alert.php, (13) base_qry_common.php, (14) base_qry_main.php, (15) base_stat_alerts.php, (16) base_stat_class.php, (17) base_stat_common.php, (18) base_stat_ipaddr.php, (19) base_stat_iplink.php, (20) base_stat_ports.php, (21) base_stat_sensor.php, (22) base_stat_time.php, (23) base_stat_uaddr.php, (24) base_user.php, (25) index.php, (26) admin/base_roleadmin.php, (27) admin/base_useradmin.php, (28) admin/index.php, (29) help/base_setup_help.php, (30) includes/base_action.inc.php, (31) includes/base_cache.inc.php, (32) includes/base_db.inc.php, (33) includes/base_db.inc.php, (34) includes/base_include.inc.php, (35) includes/base_output_html.inc.php, (36) includes/base_output_query.inc.php, (37) includes/base_state_criteria.inc.php, (38) includes/base_state_query.inc.php or (39) setup/base_conf_contents.php; (40) GLOBALS[user_session_path] parameter to includes/base_state_common.inc.php; (41) BASE_Language parameter to setup/base_conf_contents.php; or (42) ado_inc_php parameter to setup/setup2.php.

7.5
2012-02-18 CVE-2012-1198 Secureideas Improper Input Validation vulnerability in Secureideas Basic Analysis and Security Engine 1.4.5

base_ag_main.php in Basic Analysis and Security Engine (BASE) 1.4.5 allows remote attackers to execute arbitrary code by uploading contents of the file with an executable extension via a create action, then accessing it via a view action.

7.5
2012-02-18 CVE-2012-1195 Landesk Permissions, Privileges, and Access Controls vulnerability in Landesk Lenovo Thinkmanagement Console 9.0.3

Unrestricted file upload vulnerability in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via a PutUpdateFileCore command in a RunAMTCommand SOAP request, then accessing the file via a direct request to the file in the web root.

7.5
2012-02-17 CVE-2011-4113 Earl Miles
Drupal
SQL Injection vulnerability in Earl Miles Views

SQL injection vulnerability in the Views module before 6.x-2.13 for Drupal allows remote attackers to execute arbitrary SQL commands via vectors related to "filters/arguments on certain types of views with specific configurations of arguments."

7.5
2012-02-16 CVE-2011-3021 Google
Apple
USE After Free vulnerability in Google Chrome

Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading.

7.5
2012-02-16 CVE-2011-3018 Google Out-Of-Bounds Write vulnerability in Google Chrome

Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to path rendering.

7.5
2012-02-15 CVE-2012-0505 SUN
Oracle
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.
7.5
2012-02-15 CVE-2012-0503 SUN
Oracle
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to I18n.
7.5
2012-02-14 CVE-2010-5083 Phpnuke SQL Injection vulnerability in PHPnuke PHP-Nuke and web Links Module

SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the url parameter in an Add action to modules.php.

7.5
2012-02-14 CVE-2012-1077 Manfred Egger
Typo3
SQL Injection vulnerability in Manfred Egger BC Post2Facebook 0.2.0

SQL injection vulnerability in the Post data records to facebook (bc_post2facebook) extension before 0.2.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2012-02-14 CVE-2012-1075 Robert Gonda
Typo3
SQL Injection vulnerability in Robert Gonda RTG Files

SQL injection vulnerability in the Documents download (rtg_files) extension before 1.5.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2012-02-14 CVE-2012-1074 Typo3 SQL Injection vulnerability in Typo3 MM Whtppr

SQL injection vulnerability in the White Papers (mm_whtppr) extension 0.0.4 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2012-02-14 CVE-2012-1072 Typo3 SQL Injection vulnerability in Typo3 TOI Category

SQL injection vulnerability in the Category-System (toi_category) extension 0.6.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2012-02-14 CVE-2012-1071 Mathieu Vidal
Typo3
SQL Injection vulnerability in Mathieu Vidal MV Cooking 0.1.0/0.3.0/0.4.0

SQL injection vulnerability in the Kitchen recipe (mv_cooking) extension before 0.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild as of February 2012.

7.5
2012-02-14 CVE-2012-1067 Mg12
Wordpress
SQL Injection vulnerability in Mg12 Wp-Recentcomments 2.0.7

SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in an rc-content action to index.php.

7.5
2012-02-14 CVE-2012-1063 Manageengine SQL Injection vulnerability in Manageengine Applications Manager

Multiple SQL injection vulnerabilities in ManageEngine Applications Manager 9.x and 10.x allow remote attackers to execute arbitrary SQL commands via the (1) viewId parameter to fault/AlarmView.do or (2) period parameter to showHistoryData.do.

7.5
2012-02-14 CVE-2012-1061 Gforgegroup SQL Injection vulnerability in Gforgegroup Gforge 6.0.0

SQL injection vulnerability in GForge Advanced Server 6.0.0 and other versions before 6.0.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2012-02-14 CVE-2012-0149 Microsoft Improper Input Validation vulnerability in Microsoft Windows Server 2003

afd.sys in the Ancillary Function Driver in Microsoft Windows Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."

7.2

67 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-02-18 CVE-2011-4614 Typo3 Code Injection vulnerability in Typo3

PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x before 4.6.2, and development versions of 4.7 allows remote attackers to execute arbitrary PHP code via a URL in the BACK_PATH parameter.

6.8
2012-02-16 CVE-2011-3026 Google
Apple
Opensuse
Suse
Integer Overflow OR Wraparound vulnerability in Google Chrome

Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.

6.8
2012-02-16 CVE-2011-3023 Google USE After Free vulnerability in Google Chrome

Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations.

6.8
2012-02-16 CVE-2011-3020 Google Unspecified vulnerability in Google Chrome

Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0.963.56 has unknown impact and remote attack vectors.

6.8
2012-02-16 CVE-2011-3019 Google Out-Of-Bounds Write vulnerability in Google Chrome

Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file.

6.8
2012-02-16 CVE-2011-3017 Google USE After Free vulnerability in Google Chrome

Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to database handling.

6.8
2012-02-16 CVE-2011-3016 Google
Apple
USE After Free vulnerability in Google Chrome

Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue.

6.8
2012-02-16 CVE-2011-3015 Google Integer Overflow OR Wraparound vulnerability in Google Chrome

Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

6.8
2012-02-14 CVE-2010-5085 Hulihanapplications Cross-Site Request Forgery (CSRF) vulnerability in Hulihanapplications Amethyst 0.1.5

Multiple cross-site request forgery (CSRF) vulnerabilities in admin/update_user in Hulihan Amethyst 0.1.5, and possibly earlier, allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrative password or (2) change the site's configuration.

6.8
2012-02-14 CVE-2012-1083 Typo3 Cross-Site Request Forgery (CSRF) vulnerability in Typo3 Terminal

Cross-site request forgery (CSRF) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8
2012-02-14 CVE-2012-1055 Pl32 Buffer Errors vulnerability in Pl32 Photoline 17.01

Heap-based buffer overflow in PhotoLine 17.01 and possibly other versions before 17.02 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.

6.8
2012-02-13 CVE-2012-1052 Ivanview Buffer Errors vulnerability in Ivanview 1.2.15

Buffer overflow in IvanView 1.2.15 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.

6.8
2012-02-13 CVE-2012-1051 Xnview Buffer Errors vulnerability in Xnview 1.98.5

Heap-based buffer overflow in Xjp2.dll in the JPEG2000 plug-in in XnView 1.98.5 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.

6.8
2012-02-14 CVE-2012-1079 Helmut Hummel
Typo3
Remote Code Execution vulnerability in TYPO3 Webservices Extension

Unspecified vulnerability in the Webservices for TYPO3 (typo3_webservice) extension before 0.3.8 for TYPO3 allows remote authenticated users to execute arbitrary code via unknown vectors.

6.5
2012-02-17 CVE-2012-1194 Microsoft Remote Security vulnerability in Windows Server 2008 Standard Edition

The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.

6.4
2012-02-17 CVE-2012-1193 Powerdns Security Bypass vulnerability in Powerdns Recursor 3.3

The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.

6.4
2012-02-17 CVE-2012-1192 Unbound Remote Security vulnerability in Unbound

The resolver in Unbound before 1.4.11 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.

6.4
2012-02-17 CVE-2012-1191 D J Bernstein Improper Input Validation vulnerability in D.J.Bernstein Djbdns 1.05

The resolver in dnscache in Daniel J.

6.4
2012-02-15 CVE-2012-0502 SUN
Oracle
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and availability, related to AWT.
6.4
2012-02-15 CVE-2011-3563 SUN
Oracle
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Sound.
6.4
2012-02-14 CVE-2010-5084 E107 Cross-Site Request Forgery (CSRF) vulnerability in E107

The cross-site request forgery (CSRF) protection mechanism in e107 before 0.7.23 uses a predictable random token based on the creation date of the administrator account, which allows remote attackers to hijack the authentication of administrators for requests that add new users via e107_admin/users.php.

6.0
2012-02-14 CVE-2012-1058 Flyspray Cross-Site Request Forgery (CSRF) vulnerability in Flyspray 0.9.9.6

Cross-site request forgery (CSRF) vulnerability in Flyspray 0.9.9.6 allows remote attackers to hijack the authentication of admins for requests that add admin accounts via an admin.newuser action to index.php.

6.0
2012-02-14 CVE-2012-1057 Sean Robertson
Drupal
Cross-Site Request Forgery (CSRF) vulnerability in Sean Robertson Forward

Cross-site request forgery (CSRF) vulnerability in the clickthrough tracking functionality in the Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that increase node rankings via the tracking code, possibly related to improper "flood control."

6.0
2012-02-14 CVE-2012-0829 Mibew Cross-Site Request Forgery (CSRF) vulnerability in Mibew Messenger

Multiple cross-site request forgery (CSRF) vulnerabilities in Mibew Messenger 1.6.4 and earlier allow remote attackers to hijack the authentication of operators for requests that insert cross-site scripting (XSS) sequences via the (1) address or (2) threadid parameters to operator/ban.php; or (3) geolinkparams, (4) title, or (5) chattitle parameters to operator/settings.php.

6.0
2012-02-14 CVE-2011-5079 Netcreators
Typo3
Improper Input Validation vulnerability in Netcreators Irfaq

Open redirect vulnerability in the Modern FAQ (irfaq) extension 1.1.2 and other versions before 1.1.4 for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL, probably in the "return url parameter."

5.8
2012-02-18 CVE-2012-1196 Landesk Path Traversal vulnerability in Landesk Lenovo Thinkmanagement Console 9.0.3

Directory traversal vulnerability in the VulCore web service (WSVulnerabilityCore/VulCore.asmx) in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to delete arbitrary files via a ..

5.0
2012-02-17 CVE-2012-0206 Powerdns Resource Management Errors vulnerability in Powerdns Authoritative Server 2.9.22/3.0

common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 allows remote attackers to cause a denial of service (packet loop) via a crafted UDP DNS response.

5.0
2012-02-16 CVE-2011-3022 Google Cleartext Transmission of Sensitive Information vulnerability in Google Chrome

translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network.

5.0
2012-02-15 CVE-2012-0501 SUN
Oracle
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect availability via unknown vectors.
5.0
2012-02-14 CVE-2012-1085 Typo3 Cross-Site Scripting and Information Disclosure vulnerability in Typo3 Beuserswitch 0.0.1

Unspecified vulnerability in the BE User Switch (beuserswitch) extension 0.0.1 for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors.

5.0
2012-02-14 CVE-2012-1078 Claus DUE
Typo3
Permissions, Privileges, and Access Controls vulnerability in Claus DUE Sysutils

The System Utilities (sysutils) extension 1.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unspecified vectors related to improper "protection" of the "backup output directory."

5.0
2012-02-14 CVE-2012-1009 Netsarang Remote Denial of Service vulnerability in NetSarang Xlpd

NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote attackers to cause a denial of service (daemon crash) via a malformed LPD request.

5.0
2012-02-14 CVE-2012-0789 PHP Resource Management Errors vulnerability in PHP

Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache.

5.0
2012-02-14 CVE-2012-0788 PHP Improper Input Validation vulnerability in PHP

The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.

5.0
2012-02-14 CVE-2012-1056 Sean Robertson
Drupal
Permissions, Privileges, and Access Controls vulnerability in Sean Robertson Forward

The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal does not properly enforce permissions for (1) Recent forwards, (2) Most forwarded, or (3) Dynamic blocks, which allows remote attackers to obtain node titles via unspecified vectors.

5.0
2012-02-18 CVE-2011-5081 Craig Barratt Cross-Site Scripting vulnerability in Craig Barratt Backuppc 3.1.0/3.2.1

Cross-site scripting (XSS) vulnerability in RestoreFile.pm in BackupPC 3.1.0, 3.2.1, and possibly other earlier versions allows remote attackers to inject arbitrary web script or HTML via the share parameter in a RestoreFile action to index.cgi.

4.3
2012-02-18 CVE-2011-4923 Craig Barratt Cross-Site Scripting vulnerability in Craig Barratt Backuppc

Cross-site scripting (XSS) vulnerability in View.pm in BackupPC 3.0.0, 3.1.0, 3.2.0, 3.2.1, and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the num parameter in a view action to index.cgi, related to the log file viewer, a different vulnerability than CVE-2011-3361.

4.3
2012-02-18 CVE-2011-3361 Craig Barratt Cross-Site Scripting vulnerability in Craig Barratt Backuppc 3.2.0

Cross-site scripting (XSS) vulnerability in CGI/Browse.pm in BackupPC 3.2.0 and possibly other versions before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a browse action to index.cgi.

4.3
2012-02-16 CVE-2011-3027 Google
Apple
Incorrect Type Conversion OR Cast vulnerability in Google Chrome

Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during handling of columns, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

4.3
2012-02-16 CVE-2011-3025 Google Out-Of-Bounds Read vulnerability in Google Chrome

Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

4.3
2012-02-16 CVE-2011-3024 Google Improper Certificate Validation vulnerability in Google Chrome

Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application crash) via an empty X.509 certificate.

4.3
2012-02-15 CVE-2012-0506 SUN
Oracle
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to CORBA.
4.3
2012-02-15 CVE-2012-0765 Adobe
Microsoft
Cross-Site Scripting vulnerability in Adobe Robohelp

Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 8 and 9 for Word allow remote attackers to inject arbitrary web script or HTML via a crafted URL, related to certain .htm files in (1) template_stock and (2) template_csh directories.

4.3
2012-02-14 CVE-2012-0145 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Cross-site scripting (XSS) vulnerability in wizardlist.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via JavaScript sequences in a URL, aka "XSS in wizardlist.aspx Vulnerability."

4.3
2012-02-14 CVE-2012-0144 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Cross-site scripting (XSS) vulnerability in themeweb.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via JavaScript sequences in a URL, aka "XSS in themeweb.aspx Vulnerability."

4.3
2012-02-14 CVE-2012-0017 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Foundation 2010

Cross-site scripting (XSS) vulnerability in inplview.aspx in Microsoft SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via JavaScript sequences in a URL, aka "XSS in inplview.aspx Vulnerability."

4.3
2012-02-14 CVE-2012-0012 Microsoft Improper Initialization vulnerability in Microsoft Internet Explorer 9

Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka "Null Byte Information Disclosure Vulnerability."

4.3
2012-02-14 CVE-2012-0010 Microsoft Information Exposure vulnerability in Microsoft Internet Explorer

Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability."

4.3
2012-02-14 CVE-2012-1087 Bluechip
Typo3
Cross-Site Scripting vulnerability in Bluechip BC Post2Facebook 0.2.0/0.2.1

Cross-site scripting (XSS) vulnerability in the Post data records to facebook (bc_post2facebook) extension before 0.2.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-02-14 CVE-2012-1086 Typo3 Cross-Site Scripting vulnerability in Typo3 Aeurltool 0.1.0

Cross-site scripting (XSS) vulnerability in the UrlTool (aeurltool) extension 0.1.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-02-14 CVE-2012-1084 Typo3 Cross-Site Scripting vulnerability in Typo3 Beuserswitch 0.0.1

Cross-site scripting (XSS) vulnerability in the BE User Switch (beuserswitch) extension 0.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-02-14 CVE-2012-1081 Roderick Braun
Typo3
Cross-Site Scripting vulnerability in Roderick Braun YA Googlesearch

Cross-site scripting (XSS) vulnerability in the Yet another Google search (ya_googlesearch) extension before 0.3.10 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-02-14 CVE-2012-1080 Typo3 Cross-Site Scripting vulnerability in Typo3 SKT Eurocalc 0.0.1

Cross-site scripting (XSS) vulnerability in the Euro Calculator (skt_eurocalc) extension 0.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-02-14 CVE-2012-1076 Robert Gonda
Typo3
Cross-Site Scripting vulnerability in Robert Gonda RTG Files

Cross-site scripting (XSS) vulnerability in the Documents download (rtg_files) extension before 1.5.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-02-14 CVE-2012-1073 Typo3 Cross-Site Scripting vulnerability in Typo3 TOI Category

Cross-site scripting (XSS) vulnerability in the Category-System (toi_category) extension 0.6.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-02-14 CVE-2012-1070 Netcreators
Typo3
Cross-Site Scripting vulnerability in Netcreators Irfaq

Cross-site scripting (XSS) vulnerability in the Modern FAQ (irfaq) extension 1.1.2 and other versions before 1.1.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the "return url parameter."

4.3
2012-02-14 CVE-2012-1069 Instantphp Cross-Site Scripting vulnerability in Instantphp Lknsupport

Cross-site scripting (XSS) vulnerability in module/kb/search_word in the search module in lknSupport allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

4.3
2012-02-14 CVE-2012-1068 Mg12
Wordpress
Cross-Site Scripting vulnerability in Mg12 Wp-Recentcomments

Cross-site scripting (XSS) vulnerability in the rc_ajax function in core.php in the WP-RecentComments plugin before 2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter, related to AJAX paging.

4.3
2012-02-14 CVE-2012-1066 Smartycms Cross-Site Scripting vulnerability in Smartycms 0.9.4

Cross-site scripting (XSS) vulnerability in the template module in SmartyCMS 0.9.4 allows remote attackers to inject arbitrary web script or HTML via the title bar.

4.3
2012-02-14 CVE-2012-1065 2X Insecure Method vulnerability in 2X Applicationserver 10.1

Insecure method vulnerability in TuxScripting.dll in the TuxSystem ActiveX control in 2X ApplicationServer 10.1 Build 1224 allows remote attackers to create or overwrite arbitrary files via the ExportSettings method.

4.3
2012-02-14 CVE-2011-5080 Juergen Furrer
Typo3
Cross-Site Scripting vulnerability in Juergen Furrer Jftcaforms

Cross-site scripting (XSS) vulnerability in lib/class.tx_jftcaforms_tceFunc.php in the Additional TCA Forms (jftcaforms) extension before 0.2.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-02-14 CVE-2012-1062 Manageengine Cross-Site Scripting vulnerability in Manageengine Applications Manager

Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Applications Manager 9.x and 10.x allow remote attackers to inject arbitrary web script or HTML via the (1) period parameter to showHistoryData.do; (2) selectedNetwork, (3) network, or (4) group parameters to showresource.do; (5) header parameter to AlarmView.do; or (6) attName parameter to jsp/PopUp_Graph.jsp.

4.3
2012-02-14 CVE-2012-1059 Oscommerce Cross-Site Scripting vulnerability in Oscommerce Online Merchant 3.0.2

Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Shop/Application/Cart/pages/main.php in OSCommerce Online Merchant 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the value_title parameter, as demonstrated using the "Front" field in the shirt module.

4.3
2012-02-13 CVE-2012-0340 Cisco Cross-Site Scripting vulnerability in Cisco Ironport Encryption Appliance

Cross-site scripting (XSS) vulnerability in the management interface on the Cisco IronPort Encryption Appliance with software before 6.5.3 allows remote attackers to inject arbitrary web script or HTML via the header parameter to the default URI under admin/, aka bug ID 72410.

4.3
2012-02-13 CVE-2012-1050 Mathopd Path Traversal vulnerability in Mathopd 1.4/1.5

Directory traversal vulnerability in Mathopd 1.4.x and 1.5.x before 1.5p7, when configured with the * construct for mass virtual hosting, allows remote attackers to read arbitrary files via a crafted Host header.

4.3
2012-02-13 CVE-2012-1049 Manageengine Cross-Site Scripting vulnerability in Manageengine Admanager Plus 5.2

Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ADManager Plus 5.2 Build 5210 allow remote attackers to inject arbitrary web script or HTML via the (1) domainName parameter to jsp/AddDC.jsp or (2) operation parameter to DomainConfig.do.

4.3
2012-02-18 CVE-2011-4320 Process ONE Resource Management Errors vulnerability in Process-One Ejabberd 2.1.8/3.0.0

The mod_pubsub module (mod_pubsub.erl) in ejabberd 2.1.8 and 3.0.0-alpha-3 allows remote authenticated users to cause a denial of service (infinite loop) via a stanza with a publish tag that lacks a node attribute.

4.0

3 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-02-14 CVE-2012-1082 Typo3 Cross-Site Scripting vulnerability in Typo3 Terminal

Cross-site scripting (XSS) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2012-02-14 CVE-2012-1060 RIK DE Boer
Drupal
Cross-Site Scripting vulnerability in RIK DE Boer Revisioning 6.X3.13

Multiple cross-site scripting (XSS) vulnerabilities in revisioning_theme.inc in the Taxonomy module in the Revisioning module 6.x-3.13 and other versions before 6.x-3.14 for Drupal allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) tags or (2) term parameters.

2.1
2012-02-17 CVE-2011-4105 Robert Ancell Link Following vulnerability in Robert Ancell Lightdm

LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority.

1.9