Weekly Vulnerabilities Reports > February 27 to March 4, 2012
Overview
27 new vulnerabilities reported during this period, including 5 critical vulnerabilities and 12 high severity vulnerabilities. This weekly summary report vulnerabilities in 46 products from 13 vendors including Cisco, Movabletype, IBM, Sixapart, and Google. Vulnerabilities are notably categorized as "Resource Management Errors", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Code Injection", and "Information Exposure".
- 26 reported vulnerabilities are remotely exploitables.
- 1 reported vulnerabilities have public exploit available.
- 6 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 24 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 11 reported vulnerabilities.
- Cisco has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
5 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2012-03-02 | CVE-2012-0838 | Apache | Improper Input Validation vulnerability in Apache Struts Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field. | 10.0 |
| 2012-02-29 | CVE-2012-1418 | Google Acer Samsung | Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.60 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | 10.0 |
| 2012-03-02 | CVE-2012-0201 | IBM | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Personal Communications 5.9.7.0/5.9.7.1/6.0.3.0 Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before 5.9.8 and 6.0.x before 6.0.4 might allow remote attackers to execute arbitrary code via a long profile string in a WorkStation (aka .ws) file. | 9.3 |
| 2012-03-01 | CVE-2012-0371 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco products Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709. | 9.3 |
| 2012-03-01 | CVE-2012-0366 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Unity Connection Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141. | 9.0 |
12 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2012-03-02 | CVE-2011-1385 | IBM | Resource Management Errors vulnerability in IBM AIX and Vios IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194. | 7.8 |
| 2012-03-01 | CVE-2012-0370 | Cisco | Resource Management Errors vulnerability in Cisco products Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435. | 7.8 |
| 2012-03-01 | CVE-2012-0369 | Cisco | Resource Management Errors vulnerability in Cisco products Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (device reload) via a sequence of IPv6 packets, aka Bug ID CSCtt07949. | 7.8 |
| 2012-03-01 | CVE-2012-0368 | Cisco | Resource Management Errors vulnerability in Cisco products The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows remote attackers to cause a denial of service (device crash) via a malformed URL in an HTTP request, aka Bug ID CSCts81997. | 7.8 |
| 2012-03-01 | CVE-2012-0367 | Cisco | Resource Management Errors vulnerability in Cisco Unity Connection Cisco Unity Connection before 7.1.5b(Su5), 8.0 and 8.5 before 8.5.1(Su3), and 8.6 before 8.6.2 allows remote attackers to cause a denial of service (services crash) via a series of crafted TCP segments, aka Bug ID CSCtq67899. | 7.8 |
| 2012-03-01 | CVE-2012-0359 | Cisco | Resource Management Errors vulnerability in Cisco Cius and Cius Software The Cisco Cius with software before 9.2(1) SR2 allows remote attackers to cause a denial of service (device crash or hang) via malformed network traffic, aka Bug ID CSCto71445. | 7.8 |
| 2012-03-01 | CVE-2012-0330 | Cisco | Resource Management Errors vulnerability in Cisco products Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a malformed SIP message, aka Bug ID CSCtr20426. | 7.8 |
| 2012-03-01 | CVE-2011-4486 | Cisco | Resource Management Errors vulnerability in Cisco products Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allow remote attackers to cause a denial of service (device reload) via a crafted SCCP registration, aka Bug ID CSCtu73538. | 7.8 |
| 2012-03-03 | CVE-2012-0320 | Sixapart | Remote vulnerability in Movable Type Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the (1) commenting feature and (2) community script. | 7.5 |
| 2012-03-02 | CVE-2011-4189 | Novell | Code Injection vulnerability in Novell Groupwise 8.0/8.0.1/8.0.2 The client in Novell GroupWise 8.0x through 8.02HP3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via a long e-mail address in an Address Book (aka .NAB) file. | 7.5 |
| 2012-03-02 | CVE-2011-3443 | Apple | Resource Management Errors vulnerability in Apple Safari Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors related to improper list management for Cascading Style Sheets (CSS) @font-face rules. | 7.5 |
| 2012-03-01 | CVE-2012-0331 | Cisco | Resource Management Errors vulnerability in Cisco products Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP packet, as demonstrated by a SIP INVITE message from a Tandberg device, aka Bug ID CSCtq73319. | 7.5 |
9 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2012-03-03 | CVE-2012-0317 | Sixapart | Cross-Site Request Forgery (CSRF) vulnerability in Sixapart Movable Type Multiple cross-site request forgery (CSRF) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to hijack the authentication of arbitrary users for requests that modify data via the (1) commenting feature or (2) community script. | 6.8 |
| 2012-03-01 | CVE-2011-4487 | Cisco | SQL Injection vulnerability in Cisco products SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allows remote attackers to execute arbitrary SQL commands via a crafted SCCP registration, aka Bug ID CSCtu73538. | 6.8 |
| 2012-03-03 | CVE-2012-0319 | Movabletype | Code Injection vulnerability in Movabletype products The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, related to an "OS Command Injection" issue. | 6.5 |
| 2012-03-02 | CVE-2012-0316 | Cookpad | Information Exposure vulnerability in Cookpad Android Activities and Android Mykitchen The Cookpad 1.5.16 and earlier and Cookpad Noseru 1.1.1 and earlier applications for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | 5.0 |
| 2012-03-03 | CVE-2012-1262 | Movabletype | Cross-Site Scripting vulnerability in Movabletype products Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318. | 4.3 |
| 2012-03-03 | CVE-2012-0318 | Movabletype | Cross-Site Scripting vulnerability in Movabletype products Multiple cross-site scripting (XSS) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to inject arbitrary web script or HTML via vectors involving templates, a different issue than CVE-2012-1262. | 4.3 |
| 2012-03-02 | CVE-2012-0715 | IBM | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in the Gantt applet viewer in IBM Tivoli Change and Configuration Management Database (CCMDB) 7.2.1 and IBM ILOG JViews Gantt allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2012-02-29 | CVE-2012-1410 | Kadu | Cross-Site Scripting vulnerability in Kadu 0.10.0/0.11.0/0.9.0 Multiple cross-site scripting (XSS) vulnerabilities in the History Window implementation in Kadu 0.9.0 through 0.11.0 allow remote attackers to inject arbitrary web script or HTML via a crafted (1) SMS message, (2) presence message, or (3) status description. | 4.3 |
| 2012-03-03 | CVE-2012-1497 | Movabletype | Path Traversal vulnerability in Movabletype products The default configuration of Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 supports the "mt:Include file=" attribute, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files by leveraging the template-designer role. | 4.0 |
1 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2012-03-02 | CVE-2012-0321 | Kingsoft | Local Denial Of Service vulnerability in Kingsoft Internet Security 2011 Unspecified vulnerability in the device driver in Kingsoft Internet Security 2011 allows local users to cause a denial of service via a crafted application. | 2.1 |