Weekly Vulnerabilities Reports > March 19 to 25, 2012
Overview
113 new vulnerabilities reported during this period, including 5 critical vulnerabilities and 14 high severity vulnerabilities. This weekly summary report vulnerabilities in 104 products from 76 vendors including Aladdin, CAT, Rising Global, Pandasecurity, and Emsisoft. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Path Traversal", "Information Exposure", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".
- 109 reported vulnerabilities are remotely exploitables.
- 10 reported vulnerabilities have public exploit available.
- 29 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 107 reported vulnerabilities are exploitable by an anonymous user.
- Aladdin has the most reported vulnerabilities, with 22 reported vulnerabilities.
- Google has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
5 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-03-22 | CVE-2012-1846 | Exposure of Resource TO Wrong Sphere vulnerability in Google Chrome Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a sandboxed process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012. | 10.0 | |
2012-03-20 | CVE-2012-1797 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 9.5 IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has unspecified impact and attack vectors. | 10.0 |
2012-03-22 | CVE-2012-1845 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the DEP and ASLR protection mechanisms, and execute arbitrary code, via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012. | 9.3 | |
2012-03-20 | CVE-2012-0402 | RSA | Credentials Management vulnerability in RSA Envision 4.0/4.1 EMC RSA enVision 4.x before 4.1 Patch 4 uses unspecified hardcoded credentials, which makes it easier for remote attackers to obtain access via unknown vectors. | 9.3 |
2012-03-19 | CVE-2012-1776 | Videolan | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Videolan VLC Media Player Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream. | 9.3 |
14 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-03-20 | CVE-2012-0400 | RSA | Improper Authentication vulnerability in RSA Envision 4.0/4.1 EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the number of failed authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. | 7.9 |
2012-03-19 | CVE-2012-1783 | Saurabh Gupta | Improper Input Validation vulnerability in Saurabh Gupta Tiny Server 1.0.5/1.1.5/1.1.9 Tiny Server 1.1.9 and earlier allows remote attackers to cause a denial of service (crash) via a long string in a GET request without an HTTP version number. | 7.8 |
2012-03-22 | CVE-2012-1844 | Quantum Dell IBM | Credentials Management vulnerability in multiple products The Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100) and the IBM TS3310 tape library with firmware before R6C (606G.GS001), uses default passwords for unspecified user accounts, which makes it easier for remote attackers to obtain access via unknown vectors. | 7.5 |
2012-03-22 | CVE-2012-1840 | Ajaxplorer | Improper Authentication vulnerability in Ajaxplorer AjaXplorer 3.2.x before 3.2.5 and 4.0.x before 4.0.4 does not properly perform cookie authentication, which allows remote attackers to obtain login access by leveraging knowledge of a password hash. | 7.5 |
2012-03-22 | CVE-2012-1839 | Ajaxplorer | Path Traversal vulnerability in Ajaxplorer Multiple directory traversal vulnerabilities in the Get Template feature in plugins/gui.ajax/class.AJXP_ClientDriver.php in AjaXplorer 3.2.x before 3.2.5 and 4.0.x before 4.0.4 allow remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2012-03-22 | CVE-2012-1836 | Inspircd | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Inspircd 2.0.5 Heap-based buffer overflow in dns.cpp in InspIRCd 2.0.5 might allow remote attackers to execute arbitrary code via a crafted DNS query that uses compression. | 7.5 |
2012-03-20 | CVE-2012-0711 | IBM Linux SUN | Numeric Errors vulnerability in IBM DB2 9.1/9.5/9.7 Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 through FP11, 9.5 before FP9, and 9.7 through FP5 on UNIX platforms allows remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow. | 7.5 |
2012-03-20 | CVE-2012-1795 | Webglimpse | OS Command Injection vulnerability in Webglimpse webglimpse.cgi in Webglimpse before 2.20.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter, as exploited in the wild in March 2012. | 7.5 |
2012-03-19 | CVE-2012-1785 | Kylegilman Wordpress | Improper Input Validation vulnerability in Kylegilman Video Embed & Thumbnail Generator kg_callffmpeg.php in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to execute arbitrary commands via unspecified vectors. | 7.5 |
2012-03-19 | CVE-2012-1784 | Myjoblist | SQL Injection vulnerability in Myjoblist 0.1.3 SQL injection vulnerability in MyJobList 0.1.3 allows remote attackers to execute arbitrary SQL commands via the eid parameter in a profile action to index.php. | 7.5 |
2012-03-19 | CVE-2012-1780 | Socialcms | SQL Injection vulnerability in Socialcms 1.0.5 SQL injection vulnerability in search.php in SocialCMS 1.0.5 allows remote attackers to execute arbitrary SQL commands via the category parameter. | 7.5 |
2012-03-19 | CVE-2012-1778 | Createvision | SQL Injection vulnerability in Createvision CMS SQL injection vulnerability in artykul_print.php in CreateVision CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2012-03-19 | CVE-2011-5083 | Dotclear | Permissions, Privileges, and Access Controls vulnerability in Dotclear 2.3.1/2.4.2 Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dotclear 2.3.1 and 2.4.2 allows remote attackers to execute arbitrary code by uploading a file with an executable PHP extension, then accessing it via a direct request to the file in an unspecified directory. | 7.5 |
2012-03-20 | CVE-2012-1796 | IBM HP Linux SUN | Local Security vulnerability in IBM DB2 9.5 Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 on UNIX, allows local users to gain privileges via unknown vectors. | 7.2 |
91 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-03-22 | CVE-2011-3056 | Google Opensuse Apple | Origin Validation Error vulnerability in Google Chrome Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe." | 6.8 |
2012-03-22 | CVE-2011-3053 | Google Apple Opensuse | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting. | 6.8 |
2012-03-22 | CVE-2011-3052 | Google Opensuse | Buffer Errors vulnerability in Google Chrome The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | 6.8 |
2012-03-22 | CVE-2011-3051 | Google Opensuse | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function. | 6.8 |
2012-03-22 | CVE-2011-3050 | Google Opensuse Apple | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. | 6.8 |
2012-03-19 | CVE-2012-1236 | Janetter | Cross-Site Request Forgery (CSRF) vulnerability in Janetter Multiple cross-site request forgery (CSRF) vulnerabilities in Janetter before 3.3.0.0 (aka 3.3.0) allow remote attackers to hijack the authentication of arbitrary users for requests that (1) tweet, (2) upload an image file, or (3) execute arbitrary commands. | 6.8 |
2012-03-19 | CVE-2012-1498 | Nikola Posa | Cross-Site Request Forgery (CSRF) vulnerability in Nikola Posa products Multiple cross-site request forgery (CSRF) vulnerabilities in Webfolio CMS 1.1.4 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an administrator via an add action to admin/users/add or (2) modify a web page via a save action to admin/pages/edit/web_page_name. | 6.8 |
2012-03-19 | CVE-2012-1297 | Contao | Cross-Site Request Forgery (CSRF) vulnerability in Contao CMS Multiple cross-site request forgery (CSRF) vulnerabilities in main.php in Contao (formerly TYPOlight) 2.11.0 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) delete users via a delete action in the user module, (2) delete news via a delete action in the news module, or (3) delete newsletters via a delete action in the newsletters module. | 6.8 |
2012-03-20 | CVE-2012-0401 | RSA | SQL Injection vulnerability in RSA Envision 4.0/4.1 Multiple SQL injection vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2012-03-20 | CVE-2012-0403 | RSA | Path Traversal vulnerability in RSA Envision 4.0/4.1 Directory traversal vulnerability in EMC RSA enVision 4.x before 4.1 Patch 4 allows remote authenticated users to have an unspecified impact via unknown vectors. | 6.3 |
2012-03-22 | CVE-2012-1843 | Quantum Dell | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to hijack the authentication of users for requests that execute Linux commands via the fileName parameter, related to a "command-injection vulnerability." | 6.0 |
2012-03-23 | CVE-2012-1089 | Apache | Path Traversal vulnerability in Apache Wicket Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package. | 5.0 |
2012-03-23 | CVE-2011-3049 | Google Opensuse | Multiple Security vulnerability in Google Chrome Google Chrome before 17.0.963.83 does not properly restrict the extension web request API, which allows remote attackers to cause a denial of service (disrupted system requests) via a crafted extension. | 5.0 |
2012-03-22 | CVE-2012-1841 | Quantum Dell | Path Traversal vulnerability in multiple products Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to read arbitrary files via a full pathname in the file parameter. | 5.0 |
2012-03-22 | CVE-2012-1838 | LG Nortel | Improper Authentication vulnerability in Lg-Nortel ELO Gs24M Switch The web management interface on the LG-Nortel ELO GS24M switch allows remote attackers to bypass authentication, and consequently obtain cleartext credential and configuration information, via a direct request to a configuration web page. | 5.0 |
2012-03-22 | CVE-2012-1837 | IBM | Information Exposure vulnerability in IBM Tivoli Endpoint Manager 8.0/8.1 The (1) webreports, (2) post/create-role, and (3) post/update-role programs in IBM Tivoli Endpoint Manager (TEM) before 8.2 do not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. | 5.0 |
2012-03-22 | CVE-2012-1662 | Broadcom | Improper Input Validation vulnerability in Broadcom Arcserve Backup R16.0 CA ARCserve Backup r12.0 through SP2, r12.5 before SP2, r15 through SP1, and r16 before SP1 on Windows allows remote attackers to cause a denial of service (service shutdown) via a crafted network request. | 5.0 |
2012-03-20 | CVE-2012-0710 | IBM | Improper Input Validation vulnerability in IBM DB2 IBM DB2 9.1 before FP11, 9.5 before FP9, 9.7 before FP5, and 9.8 before FP4 allows remote attackers to cause a denial of service (daemon crash) via a crafted Distributed Relational Database Architecture (DRDA) request. | 5.0 |
2012-03-19 | CVE-2012-1181 | Apache | Buffer Errors vulnerability in Apache MOD Fcgid 2.3.6 fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit. | 5.0 |
2012-03-19 | CVE-2012-0328 | Janetter | Information Exposure vulnerability in Janetter Janetter before 3.3.0.0 (aka 3.3.0) allows remote attackers to obtain session information for twitter.com web sites via unspecified vectors. | 5.0 |
2012-03-19 | CVE-2012-1466 | Netmechanica | Information Exposure vulnerability in Netmechanica Netdecision The Traffic Grapher Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the source code of NtDecision script files with a .nd extension via an invalid version number in an HTTP request, as demonstrated using default.nd. | 5.0 |
2012-03-19 | CVE-2012-1464 | Netmechanica | Information Exposure vulnerability in Netmechanica Netdecision Dashboard Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the installation path via a request with a trailing "?" character, which causes Dashboard to attempt to access a non-existent resource. | 5.0 |
2012-03-19 | CVE-2012-1790 | Webgrind Project | Path Traversal vulnerability in Webgrind Project Webgrind 1.0 Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows remote attackers to read arbitrary files via a full pathname in the file parameter to index.php. | 5.0 |
2012-03-19 | CVE-2012-1786 | Kylegilman Wordpress | Information Exposure vulnerability in Kylegilman Video Embed & Thumbnail Generator The Media Upload form in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to obtain the installation path via unknown vectors. | 5.0 |
2012-03-19 | CVE-2010-5086 | Bitweaver | Path Traversal vulnerability in Bitweaver 2.7/2.8.1 Directory traversal vulnerability in wiki/rankings.php in Bitweaver 2.7 and 2.8.1 allows remote attackers to read arbitrary files via a .. | 5.0 |
2012-03-19 | CVE-2009-5114 | Iwork | Path Traversal vulnerability in Iwork Webglimpse Directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2012-03-19 | CVE-2009-5112 | Iwork | Information Exposure vulnerability in Iwork Webglimpse wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to obtain the installation path via a crafted request. | 5.0 |
2012-03-23 | CVE-2012-0047 | Apache | Cross-Site Scripting vulnerability in Apache Wicket Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the wicket:pageMapName parameter. | 4.3 |
2012-03-22 | CVE-2011-3057 | Out-Of-Bounds Read vulnerability in Google Chrome Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation. | 4.3 | |
2012-03-22 | CVE-2011-3055 | Google Opensuse | Missing Authentication for Critical Function vulnerability in Google Chrome The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension. | 4.3 |
2012-03-22 | CVE-2011-3054 | Google Opensuse | Improper Privilege Management vulnerability in Google Chrome The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors. | 4.3 |
2012-03-22 | CVE-2012-0719 | IBM | Cross-Site Scripting vulnerability in IBM Tivoli Endpoint Manager 8.0/8.1/8.2 Cross-site scripting (XSS) vulnerability in IBM Tivoli Endpoint Manager (TEM) 8 before 8.2 patch 3 allows remote attackers to inject arbitrary web script or HTML via the ScheduleParam parameter to the webreports program. | 4.3 |
2012-03-21 | CVE-2012-1463 | Ahnlab Aladdin Authentium Bitdefender CAT Comodo F Prot F Secure Mcafee Norman Nprotect Pandasecurity | Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. | 4.3 |
2012-03-21 | CVE-2012-1462 | Ahnlab Aladdin AVG CAT Emsisoft Fortinet Ikarus Jiangmin Kaspersky Symantec | Permissions, Privileges, and Access Controls vulnerability in multiple products The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, Norman Antivirus 6.06.12, Sophos Anti-Virus 4.61.0, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a ZIP file containing an invalid block of data at the beginning. | 4.3 |
2012-03-21 | CVE-2012-1461 | Anti Virus Authentium AVG Bitdefender Emsisoft Eset F Secure Fortinet Ikarus Jiangmin K7Computing Kaspersky Mcafee Norman Rising Global Sophos Symantec Trendmicro | Permissions, Privileges, and Access Controls vulnerability in multiple products The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. | 4.3 |
2012-03-21 | CVE-2012-1460 | Aladdin Anti Virus Antiy Authentium CAT F Prot Jiangmin K7Computing | Permissions, Privileges, and Access Controls vulnerability in multiple products The Gzip file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with stray bytes at the end. | 4.3 |
2012-03-21 | CVE-2012-1459 | Ahnlab Alwil Anti Virus Antiy Authentium AVG Avira Bitdefender CAT Clamav Comodo Emsisoft Eset F Prot F Secure Fortinet Gdata Software Ikarus Jiangmin K7Computing Kaspersky Mcafee Microsoft Norman Nprotect Pandasecurity PC Tools Rising Global Sophos Symantec Trendmicro Virusbuster | Permissions, Privileges, and Access Controls vulnerability in multiple products The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. | 4.3 |
2012-03-21 | CVE-2012-1458 | Clamav Sophos | Permissions, Privileges, and Access Controls vulnerability in multiple products The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. | 4.3 |
2012-03-21 | CVE-2012-1457 | Aladdin Alwil Anti Virus Antiy Authentium AVG Avira Bitdefender CAT Clamav Emsisoft Eset F Prot Gdata Software Ikarus Jiangmin K7Computing Kaspersky Mcafee Microsoft Norman PC Tools Rising Global Symantec Trendmicro Virusbuster | Permissions, Privileges, and Access Controls vulnerability in multiple products The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. | 4.3 |
2012-03-21 | CVE-2012-1456 | Aladdin AVG CAT Comodo Emsisoft Eset F Prot Fortinet Ikarus Jiangmin Kaspersky Mcafee Norman Pandasecurity Rising Global Sophos Symantec Trendmicro | Permissions, Privileges, and Access Controls vulnerability in multiple products The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a TAR file with an appended ZIP file. | 4.3 |
2012-03-21 | CVE-2012-1455 | Eset Rising Global | Permissions, Privileges, and Access Controls vulnerability in multiple products The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMinor version field. | 4.3 |
2012-03-21 | CVE-2012-1454 | Aladdin Drweb Fortinet Mcafee Pandasecurity Rising Global | Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified ei_version field. | 4.3 |
2012-03-21 | CVE-2012-1453 | Antiy CA Drweb Emsisoft Fortinet Ikarus Kaspersky Mcafee Microsoft Pandasecurity Rising Global Sophos Trendmicro | Permissions, Privileges, and Access Controls vulnerability in multiple products The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via a CAB file with a modified coffFiles field. | 4.3 |
2012-03-21 | CVE-2012-1452 | CAT Emsisoft Ikarus | Permissions, Privileges, and Access Controls vulnerability in multiple products The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a CAB file with a modified reserved1 field. | 4.3 |
2012-03-21 | CVE-2012-1451 | Emsisoft Ikarus | Permissions, Privileges, and Access Controls vulnerability in multiple products The CAB file parser in Emsisoft Anti-Malware 5.1.0.1 and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0 allows remote attackers to bypass malware detection via a CAB file with a modified reserved2 field. | 4.3 |
2012-03-21 | CVE-2012-1450 | Emsisoft Ikarus Sophos | Permissions, Privileges, and Access Controls vulnerability in multiple products The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Sophos Anti-Virus 4.61.0, and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0 allows remote attackers to bypass malware detection via a CAB file with a modified reserved3 field. | 4.3 |
2012-03-21 | CVE-2012-1449 | Eset Rising Global | Permissions, Privileges, and Access Controls vulnerability in multiple products The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMajor field. | 4.3 |
2012-03-21 | CVE-2012-1448 | CAT Emsisoft Ikarus Trendmicro | Permissions, Privileges, and Access Controls vulnerability in multiple products The CAB file parser in Quick Heal (aka Cat QuickHeal) 11.00, Trend Micro AntiVirus 9.120.0.1004, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Trend Micro HouseCall 9.120.0.1004, and Emsisoft Anti-Malware 5.1.0.1 allows remote attackers to bypass malware detection via a CAB file with a modified cbCabinet field. | 4.3 |
2012-03-21 | CVE-2012-1447 | Aladdin Drweb Fortinet Pandasecurity | Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified e_version field. | 4.3 |
2012-03-21 | CVE-2012-1446 | Aladdin Antiy CA CAT Fortinet Kaspersky Mcafee Norman Pandasecurity PC Tools Rising Global Sophos Symantec | Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. | 4.3 |
2012-03-21 | CVE-2012-1445 | Aladdin Fortinet Pandasecurity Rising Global | Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified abi field. | 4.3 |
2012-03-21 | CVE-2012-1444 | Aladdin Fortinet Pandasecurity Prevx | Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in eSafe 7.0.17.0, Prevx 3.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified abiversion field. | 4.3 |
2012-03-21 | CVE-2012-1443 | Ahnlab Aladdin Alwil Anti Virus Antiy Authentium AVG Avira Bitdefender CAT Clamav Comodo Emsisoft Eset F Prot F Secure Fortinet Gdata Software Ikarus Jiangmin K7Computing Kaspersky Mcafee Microsoft Norman Nprotect Pandasecurity PC Tools Rising Global Sophos Symantec Trendmicro Virusbuster | Permissions, Privileges, and Access Controls vulnerability in multiple products The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. | 4.3 |
2012-03-21 | CVE-2012-1442 | Aladdin Antiy CAT F Secure Fortinet Kaspersky Mcafee Pandasecurity Rising Global Sophos | Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. | 4.3 |
2012-03-21 | CVE-2012-1441 | Aladdin Prevx | Permissions, Privileges, and Access Controls vulnerability in multiple products The Microsoft EXE file parser in eSafe 7.0.17.0 and Prevx 3.0 allows remote attackers to bypass malware detection via an EXE file with a modified value in any of several e_ fields. | 4.3 |
2012-03-21 | CVE-2012-1440 | Aladdin CA Fortinet Norman Pandasecurity | Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified identsize field. | 4.3 |
2012-03-21 | CVE-2012-1439 | Aladdin Fortinet Pandasecurity Rising Global | Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified padding field. | 4.3 |
2012-03-21 | CVE-2012-1438 | Comodo Sophos | Permissions, Privileges, and Access Controls vulnerability in multiple products The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via an Office file with a ustar character sequence at a certain location. | 4.3 |
2012-03-21 | CVE-2012-1437 | Comodo | Permissions, Privileges, and Access Controls vulnerability in Comodo Antivirus 7425 The Microsoft Office file parser in Comodo Antivirus 7425 allows remote attackers to bypass malware detection via an Office file with a \50\4B\53\70\58 character sequence at a certain location. | 4.3 |
2012-03-21 | CVE-2012-1436 | Ahnlab Aladdin Emsisoft Ikarus Pandasecurity | Permissions, Privileges, and Access Controls vulnerability in multiple products The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an EXE file with a \2D\6C\68 character sequence at a certain location. | 4.3 |
2012-03-21 | CVE-2012-1435 | Ahnlab Aladdin Emsisoft Ikarus Pandasecurity | Permissions, Privileges, and Access Controls vulnerability in multiple products The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an EXE file with a \50\4B\4C\49\54\45 character sequence at a certain location. | 4.3 |
2012-03-21 | CVE-2012-1434 | Ahnlab Emsisoft Ikarus Pandasecurity | Permissions, Privileges, and Access Controls vulnerability in multiple products The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an EXE file with a \19\04\00\10 character sequence at a certain location. | 4.3 |
2012-03-21 | CVE-2012-1433 | Ahnlab Aladdin Emsisoft Ikarus Pandasecurity | Permissions, Privileges, and Access Controls vulnerability in multiple products The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an EXE file with a \4a\46\49\46 character sequence at a certain location. | 4.3 |
2012-03-21 | CVE-2012-1432 | Aladdin Emsisoft Ikarus Pandasecurity | Permissions, Privileges, and Access Controls vulnerability in multiple products The Microsoft EXE file parser in Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an EXE file with a \57\69\6E\5A\69\70 character sequence at a certain location. | 4.3 |
2012-03-21 | CVE-2012-1431 | Aladdin Authentium Bitdefender Comodo F Prot F Secure Mcafee Nprotect Rising Global Sophos | Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \4a\46\49\46 character sequence at a certain location. | 4.3 |
2012-03-21 | CVE-2012-1430 | Aladdin Bitdefender Comodo F Secure Mcafee Nprotect Rising Global Sophos | Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \19\04\00\10 character sequence at a certain location. | 4.3 |
2012-03-21 | CVE-2012-1429 | Aladdin Comodo Emsisoft F Secure Ikarus Mcafee Nprotect Softwin | Permissions, Privileges, and Access Controls vulnerability in multiple products The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. | 4.3 |
2012-03-21 | CVE-2012-1428 | CAT Norman Sophos | Permissions, Privileges, and Access Controls vulnerability in multiple products The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \4a\46\49\46 character sequence at a certain location. | 4.3 |
2012-03-21 | CVE-2012-1427 | CAT Norman Sophos | Permissions, Privileges, and Access Controls vulnerability in multiple products The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \57\69\6E\5A\69\70 character sequence at a certain location. | 4.3 |
2012-03-21 | CVE-2012-1426 | Authentium CAT F Prot K7Computing Norman Rising Global | Permissions, Privileges, and Access Controls vulnerability in multiple products The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, K7 AntiVirus 9.77.3565, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \42\5A\68 character sequence. | 4.3 |
2012-03-21 | CVE-2012-1425 | Antiy Avira CAT Emsisoft Eset Fortinet Ikarus Jiangmin Kaspersky Mcafee Norman PC Tools Symantec Trendmicro | Permissions, Privileges, and Access Controls vulnerability in multiple products The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \50\4B\03\04 character sequence. | 4.3 |
2012-03-21 | CVE-2012-1424 | Antiy CAT Jiangmin Norman PC Tools Sophos | Permissions, Privileges, and Access Controls vulnerability in multiple products The TAR file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Jiangmin Antivirus 13.0.900, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \19\04\00\10 character sequence at a certain location. | 4.3 |
2012-03-21 | CVE-2012-1423 | Authentium Emsisoft Eset F Prot Fortinet Ikarus K7Computing Norman PC Tools Rising Global Virusbuster | Permissions, Privileges, and Access Controls vulnerability in multiple products The TAR file parser in Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, K7 AntiVirus 9.77.3565, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MZ character sequence. | 4.3 |
2012-03-21 | CVE-2012-1422 | CAT Eset Norman Rising Global | Permissions, Privileges, and Access Controls vulnerability in multiple products The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial ITSF character sequence. | 4.3 |
2012-03-21 | CVE-2012-1421 | CAT Norman Rising Global Symantec | Permissions, Privileges, and Access Controls vulnerability in multiple products The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MSCF character sequence. | 4.3 |
2012-03-21 | CVE-2012-1420 | Authentium CAT Eset F Prot Fortinet K7Computing Kaspersky Microsoft Norman Pandasecurity Rising Global | Permissions, Privileges, and Access Controls vulnerability in multiple products The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \7fELF character sequence. | 4.3 |
2012-03-21 | CVE-2012-1419 | CAT Clamav | Permissions, Privileges, and Access Controls vulnerability in multiple products The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial [aliases] character sequence. | 4.3 |
2012-03-20 | CVE-2012-0399 | RSA | Cross-Site Scripting vulnerability in RSA Envision 4.0/4.1 Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2012-03-19 | CVE-2012-1465 | Netmechanica | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Netmechanica Netdecision Stack-based buffer overflow in the HTTP Server in NetMechanica NetDecision before 4.6.1 allows remote attackers to cause a denial of service (application crash) via a long URL in an HTTP request. | 4.3 |
2012-03-19 | CVE-2012-1039 | Dotclear | Cross-Site Scripting vulnerability in Dotclear Multiple cross-site scripting (XSS) vulnerabilities in Dotclear before 2.4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) login_data parameter to admin/auth.php; (2) nb parameter to admin/blogs.php; (3) type, (4) sortby, (5) order, or (6) status parameters to admin/comments.php; or (7) page parameter to admin/plugin.php. | 4.3 |
2012-03-19 | CVE-2012-0872 | Oxwall | Cross-Site Scripting vulnerability in Oxwall 1.1.1 Multiple cross-site scripting (XSS) vulnerabilities in OxWall 1.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) captchaField, (2) email, (3) form_name, (4) password, (5) realname, (6) repeatPassword, or (7) username parameters to Oxwall/join; (8) captcha, (9) email, (10) form_name, (11) from, or (12) subject parameters to Oxwall/contact; (13) tag parameter to Oxwall/blogs/browse-by-tag; or (14) PATH_INFO to Oxwall/photo/viewlist/tagged, (15) Oxwall/photo/viewlist, or (16) Oxwall/video/viewlist. | 4.3 |
2012-03-19 | CVE-2012-1789 | Tskynet | Cross-Site Scripting vulnerability in Tskynet Kongreg8 1.7.3 Multiple cross-site scripting (XSS) vulnerabilities in Kongreg8 1.7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) surname or (2) firstname parameters to modules/members/addmember.php; or (3) groupdescription or (4) groupname parameters to modules/groups/addgroupform.php. | 4.3 |
2012-03-19 | CVE-2012-1788 | Wonderdesk | Cross-Site Scripting vulnerability in Wonderdesk SQL 4.14 Multiple cross-site scripting (XSS) vulnerabilities in wonderdesk.cgi in WonderDesk SQL 4.14 allow remote attackers to inject arbitrary web script or HTML via the (1) cus_email parameter in a cust_lostpw action; or (2) help_name, (3) help_email, (4) help_website, or (5) help_example_url parameters in an hd_modify_record action. | 4.3 |
2012-03-19 | CVE-2012-1787 | Webglimpse | Cross-Site Scripting vulnerability in Webglimpse Multiple cross-site scripting (XSS) vulnerabilities in wgarcmin.cgi in Webglimpse 2.20.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) FILE, or (3) DOMAIN parameters. | 4.3 |
2012-03-19 | CVE-2012-1782 | Osqa | Cross-Site Scripting vulnerability in Osqa 3B Multiple cross-site scripting (XSS) vulnerabilities in questions/ask in OSQA 3b allow remote attackers to inject arbitrary web script or HTML via the (1) url bar or (2) picture bar. | 4.3 |
2012-03-19 | CVE-2012-1781 | Socialcms | Cross-Site Scripting vulnerability in Socialcms 1.0.5 Multiple cross-site scripting (XSS) vulnerabilities in ajax/commentajax.php in SocialCMS 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) TREF_email_address or (2) TR_name parameters. | 4.3 |
2012-03-19 | CVE-2012-1779 | Idevspot | Cross-Site Scripting vulnerability in Idevspot Idev-Businessdirectory 3.0 Cross-site scripting (XSS) vulnerability in IDevSpot idev-BusinessDirectory 3.0 allows remote attackers to inject arbitrary web script or HTML via the SEARCH parameter to index.php. | 4.3 |
2012-03-19 | CVE-2011-5082 | S2Member Wordpress | Cross-Site Scripting vulnerability in S2Member Cross-site scripting (XSS) vulnerability in the s2Member Pro plugin before 111220 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s2member_pro_authnet_checkout[coupon] parameter (aka Coupon Code field). | 4.3 |
2012-03-19 | CVE-2009-5113 | Iwork | Cross-Site Scripting vulnerability in Iwork Webglimpse Cross-site scripting (XSS) vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the DOC parameter. | 4.3 |
2012-03-20 | CVE-2012-0712 | IBM | Resource Management Errors vulnerability in IBM DB2 9.5/9.7/9.8 The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service (infinite loop) by calling the XMLPARSE function with a crafted string expression. | 4.0 |
2012-03-20 | CVE-2012-0709 | IBM | Improper Input Validation vulnerability in IBM DB2 9.5/9.7/9.8 IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 does not properly check variables, which allows remote authenticated users to bypass intended restrictions on viewing table data by leveraging the CREATEIN privilege to execute crafted SQL CREATE VARIABLE statements. | 4.0 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-03-19 | CVE-2012-0808 | Bdale Garbee | Link Following vulnerability in Bdale Garbee As31 2.3.14 as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack. | 3.6 |
2012-03-22 | CVE-2012-1842 | Quantum Dell | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in checkQKMProg.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2012-03-19 | CVE-2012-0054 | Golismero | Link Following vulnerability in Golismero 0.6.3 libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used in backtrack and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on GoLismero-controlled files, as demonstrated using Admin/changes.dat. | 3.3 |