Weekly Vulnerabilities Reports > March 19 to 25, 2012

Overview

115 new vulnerabilities reported during this period, including 6 critical vulnerabilities and 14 high severity vulnerabilities. This weekly summary report vulnerabilities in 115 products from 80 vendors including Aladdin, CAT, Rising Global, Pandasecurity, and Emsisoft. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Path Traversal", "Information Exposure", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 111 reported vulnerabilities are remotely exploitables.
  • 11 reported vulnerabilities have public exploit available.
  • 29 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 109 reported vulnerabilities are exploitable by an anonymous user.
  • Aladdin has the most reported vulnerabilities, with 22 reported vulnerabilities.
  • Google has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

6 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-03-22 CVE-2012-1846 Google Exposure of Resource TO Wrong Sphere vulnerability in Google Chrome

Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a sandboxed process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.

10.0
2012-03-20 CVE-2012-1797 IBM Permissions, Privileges, and Access Controls vulnerability in IBM DB2 9.5

IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has unspecified impact and attack vectors.

10.0
2012-03-22 CVE-2012-1845 Google USE After Free vulnerability in Google Chrome

Use-after-free vulnerability in Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the DEP and ASLR protection mechanisms, and execute arbitrary code, via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.

9.3
2012-03-20 CVE-2012-0402 RSA Credentials Management vulnerability in RSA Envision 4.0/4.1

EMC RSA enVision 4.x before 4.1 Patch 4 uses unspecified hardcoded credentials, which makes it easier for remote attackers to obtain access via unknown vectors.

9.3
2012-03-19 CVE-2012-1776 Videolan Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Videolan VLC Media Player

Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream.

9.3
2012-03-19 CVE-2012-1775 Videolan Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Videolan VLC Media Player

Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.

9.3

14 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-03-20 CVE-2012-0400 RSA Improper Authentication vulnerability in RSA Envision 4.0/4.1

EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the number of failed authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.

7.9
2012-03-19 CVE-2012-1783 Saurabh Gupta Improper Input Validation vulnerability in Saurabh Gupta Tiny Server 1.0.5/1.1.5/1.1.9

Tiny Server 1.1.9 and earlier allows remote attackers to cause a denial of service (crash) via a long string in a GET request without an HTTP version number.

7.8
2012-03-22 CVE-2012-1844 Quantum
Dell
IBM
Credentials Management vulnerability in multiple products

The Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100) and the IBM TS3310 tape library with firmware before R6C (606G.GS001), uses default passwords for unspecified user accounts, which makes it easier for remote attackers to obtain access via unknown vectors.

7.5
2012-03-22 CVE-2012-1840 Ajaxplorer Improper Authentication vulnerability in Ajaxplorer

AjaXplorer 3.2.x before 3.2.5 and 4.0.x before 4.0.4 does not properly perform cookie authentication, which allows remote attackers to obtain login access by leveraging knowledge of a password hash.

7.5
2012-03-22 CVE-2012-1839 Ajaxplorer Path Traversal vulnerability in Ajaxplorer

Multiple directory traversal vulnerabilities in the Get Template feature in plugins/gui.ajax/class.AJXP_ClientDriver.php in AjaXplorer 3.2.x before 3.2.5 and 4.0.x before 4.0.4 allow remote attackers to include and execute arbitrary local files via a ..

7.5
2012-03-22 CVE-2012-1836 Inspircd Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Inspircd 2.0.5

Heap-based buffer overflow in dns.cpp in InspIRCd 2.0.5 might allow remote attackers to execute arbitrary code via a crafted DNS query that uses compression.

7.5
2012-03-20 CVE-2012-0711 IBM
Linux
SUN
Numeric Errors vulnerability in IBM DB2 9.1/9.5/9.7

Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 through FP11, 9.5 before FP9, and 9.7 through FP5 on UNIX platforms allows remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow.

7.5
2012-03-20 CVE-2012-1795 Webglimpse OS Command Injection vulnerability in Webglimpse

webglimpse.cgi in Webglimpse before 2.20.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter, as exploited in the wild in March 2012.

7.5
2012-03-19 CVE-2012-1785 Kylegilman
Wordpress
Improper Input Validation vulnerability in Kylegilman Video Embed & Thumbnail Generator

kg_callffmpeg.php in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to execute arbitrary commands via unspecified vectors.

7.5
2012-03-19 CVE-2012-1784 Myjoblist SQL Injection vulnerability in Myjoblist 0.1.3

SQL injection vulnerability in MyJobList 0.1.3 allows remote attackers to execute arbitrary SQL commands via the eid parameter in a profile action to index.php.

7.5
2012-03-19 CVE-2012-1780 Socialcms SQL Injection vulnerability in Socialcms 1.0.5

SQL injection vulnerability in search.php in SocialCMS 1.0.5 allows remote attackers to execute arbitrary SQL commands via the category parameter.

7.5
2012-03-19 CVE-2012-1778 Createvision SQL Injection vulnerability in Createvision CMS

SQL injection vulnerability in artykul_print.php in CreateVision CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2012-03-19 CVE-2011-5083 Dotclear Permissions, Privileges, and Access Controls vulnerability in Dotclear 2.3.1/2.4.2

Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dotclear 2.3.1 and 2.4.2 allows remote attackers to execute arbitrary code by uploading a file with an executable PHP extension, then accessing it via a direct request to the file in an unspecified directory.

7.5
2012-03-20 CVE-2012-1796 IBM
HP
Linux
SUN
Local Security vulnerability in IBM DB2 9.5

Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 on UNIX, allows local users to gain privileges via unknown vectors.

7.2

92 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-03-22 CVE-2011-3056 Google
Opensuse
Apple
Origin Validation Error vulnerability in Google Chrome

Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."

6.8
2012-03-22 CVE-2011-3053 Google
Apple
Opensuse
USE After Free vulnerability in Google Chrome

Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.

6.8
2012-03-22 CVE-2011-3052 Google
Opensuse
Buffer Errors vulnerability in Google Chrome

The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

6.8
2012-03-22 CVE-2011-3051 Google
Opensuse
USE After Free vulnerability in Google Chrome

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function.

6.8
2012-03-22 CVE-2011-3050 Google
Opensuse
Apple
USE After Free vulnerability in Google Chrome

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.

6.8
2012-03-22 CVE-2011-3045 Google
Redhat
Debian
Fedoraproject
Opensuse
Libpng
Integer Overflow OR Wraparound vulnerability in Google Chrome

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

6.8
2012-03-19 CVE-2012-1236 Janetter Cross-Site Request Forgery (CSRF) vulnerability in Janetter

Multiple cross-site request forgery (CSRF) vulnerabilities in Janetter before 3.3.0.0 (aka 3.3.0) allow remote attackers to hijack the authentication of arbitrary users for requests that (1) tweet, (2) upload an image file, or (3) execute arbitrary commands.

6.8
2012-03-19 CVE-2012-1498 Nikola Posa Cross-Site Request Forgery (CSRF) vulnerability in Nikola Posa products

Multiple cross-site request forgery (CSRF) vulnerabilities in Webfolio CMS 1.1.4 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an administrator via an add action to admin/users/add or (2) modify a web page via a save action to admin/pages/edit/web_page_name.

6.8
2012-03-19 CVE-2012-1297 Contao Cross-Site Request Forgery (CSRF) vulnerability in Contao CMS

Multiple cross-site request forgery (CSRF) vulnerabilities in main.php in Contao (formerly TYPOlight) 2.11.0 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) delete users via a delete action in the user module, (2) delete news via a delete action in the news module, or (3) delete newsletters via a delete action in the newsletters module.

6.8
2012-03-20 CVE-2012-0401 RSA SQL Injection vulnerability in RSA Envision 4.0/4.1

Multiple SQL injection vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

6.5
2012-03-20 CVE-2012-0403 RSA Path Traversal vulnerability in RSA Envision 4.0/4.1

Directory traversal vulnerability in EMC RSA enVision 4.x before 4.1 Patch 4 allows remote authenticated users to have an unspecified impact via unknown vectors.

6.3
2012-03-22 CVE-2012-1843 Quantum
Dell
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to hijack the authentication of users for requests that execute Linux commands via the fileName parameter, related to a "command-injection vulnerability."

6.0
2012-03-23 CVE-2012-1089 Apache Path Traversal vulnerability in Apache Wicket

Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package.

5.0
2012-03-23 CVE-2011-3049 Google
Opensuse
Multiple Security vulnerability in Google Chrome

Google Chrome before 17.0.963.83 does not properly restrict the extension web request API, which allows remote attackers to cause a denial of service (disrupted system requests) via a crafted extension.

5.0
2012-03-22 CVE-2012-1841 Quantum
Dell
Path Traversal vulnerability in multiple products

Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to read arbitrary files via a full pathname in the file parameter.

5.0
2012-03-22 CVE-2012-1838 LG Nortel Improper Authentication vulnerability in Lg-Nortel ELO Gs24M Switch

The web management interface on the LG-Nortel ELO GS24M switch allows remote attackers to bypass authentication, and consequently obtain cleartext credential and configuration information, via a direct request to a configuration web page.

5.0
2012-03-22 CVE-2012-1837 IBM Information Exposure vulnerability in IBM Tivoli Endpoint Manager 8.0/8.1

The (1) webreports, (2) post/create-role, and (3) post/update-role programs in IBM Tivoli Endpoint Manager (TEM) before 8.2 do not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

5.0
2012-03-22 CVE-2012-1662 Broadcom Improper Input Validation vulnerability in Broadcom Arcserve Backup R16.0

CA ARCserve Backup r12.0 through SP2, r12.5 before SP2, r15 through SP1, and r16 before SP1 on Windows allows remote attackers to cause a denial of service (service shutdown) via a crafted network request.

5.0
2012-03-20 CVE-2012-0710 IBM Improper Input Validation vulnerability in IBM DB2

IBM DB2 9.1 before FP11, 9.5 before FP9, 9.7 before FP5, and 9.8 before FP4 allows remote attackers to cause a denial of service (daemon crash) via a crafted Distributed Relational Database Architecture (DRDA) request.

5.0
2012-03-19 CVE-2012-1181 Apache Buffer Errors vulnerability in Apache MOD Fcgid 2.3.6

fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit.

5.0
2012-03-19 CVE-2012-0328 Janetter Information Exposure vulnerability in Janetter

Janetter before 3.3.0.0 (aka 3.3.0) allows remote attackers to obtain session information for twitter.com web sites via unspecified vectors.

5.0
2012-03-19 CVE-2012-1466 Netmechanica Information Exposure vulnerability in Netmechanica Netdecision

The Traffic Grapher Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the source code of NtDecision script files with a .nd extension via an invalid version number in an HTTP request, as demonstrated using default.nd.

5.0
2012-03-19 CVE-2012-1464 Netmechanica Information Exposure vulnerability in Netmechanica Netdecision

Dashboard Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the installation path via a request with a trailing "?" character, which causes Dashboard to attempt to access a non-existent resource.

5.0
2012-03-19 CVE-2012-1790 Webgrind Project Path Traversal vulnerability in Webgrind Project Webgrind 1.0

Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows remote attackers to read arbitrary files via a full pathname in the file parameter to index.php.

5.0
2012-03-19 CVE-2012-1786 Kylegilman
Wordpress
Information Exposure vulnerability in Kylegilman Video Embed & Thumbnail Generator

The Media Upload form in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to obtain the installation path via unknown vectors.

5.0
2012-03-19 CVE-2010-5086 Bitweaver Path Traversal vulnerability in Bitweaver 2.7/2.8.1

Directory traversal vulnerability in wiki/rankings.php in Bitweaver 2.7 and 2.8.1 allows remote attackers to read arbitrary files via a ..

5.0
2012-03-19 CVE-2009-5114 Iwork Path Traversal vulnerability in Iwork Webglimpse

Directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a ..

5.0
2012-03-19 CVE-2009-5112 Iwork Information Exposure vulnerability in Iwork Webglimpse

wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to obtain the installation path via a crafted request.

5.0
2012-03-23 CVE-2012-0047 Apache Cross-Site Scripting vulnerability in Apache Wicket

Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the wicket:pageMapName parameter.

4.3
2012-03-22 CVE-2011-3057 Google Out-Of-Bounds Read vulnerability in Google Chrome

Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation.

4.3
2012-03-22 CVE-2011-3055 Google
Opensuse
Missing Authentication for Critical Function vulnerability in Google Chrome

The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension.

4.3
2012-03-22 CVE-2011-3054 Google
Opensuse
Improper Privilege Management vulnerability in Google Chrome

The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

4.3
2012-03-22 CVE-2012-0719 IBM Cross-Site Scripting vulnerability in IBM Tivoli Endpoint Manager 8.0/8.1/8.2

Cross-site scripting (XSS) vulnerability in IBM Tivoli Endpoint Manager (TEM) 8 before 8.2 patch 3 allows remote attackers to inject arbitrary web script or HTML via the ScheduleParam parameter to the webreports program.

4.3
2012-03-21 CVE-2012-1463 Ahnlab
Aladdin
Authentium
Bitdefender
CAT
Comodo
F Prot
F Secure
Mcafee
Norman
Nprotect
Pandasecurity
Permissions, Privileges, and Access Controls vulnerability in multiple products

The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field.

4.3
2012-03-21 CVE-2012-1462 Ahnlab
Aladdin
AVG
CAT
Emsisoft
Fortinet
Ikarus
Jiangmin
Kaspersky
Symantec
Permissions, Privileges, and Access Controls vulnerability in multiple products

The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, Norman Antivirus 6.06.12, Sophos Anti-Virus 4.61.0, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a ZIP file containing an invalid block of data at the beginning.

4.3
2012-03-21 CVE-2012-1461 Anti Virus
Authentium
AVG
Bitdefender
Emsisoft
Eset
F Secure
Fortinet
Ikarus
Jiangmin
K7Computing
Kaspersky
Mcafee
Norman
Rising Global
Sophos
Symantec
Trendmicro
Permissions, Privileges, and Access Controls vulnerability in multiple products

The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams.

4.3
2012-03-21 CVE-2012-1460 Aladdin
Anti Virus
Antiy
Authentium
CAT
F Prot
Jiangmin
K7Computing
Permissions, Privileges, and Access Controls vulnerability in multiple products

The Gzip file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with stray bytes at the end.

4.3
2012-03-21 CVE-2012-1459 Ahnlab
Alwil
Anti Virus
Antiy
Authentium
AVG
Avira
Bitdefender
CAT
Clamav
Comodo
Emsisoft
Eset
F Prot
F Secure
Fortinet
Gdata Software
Ikarus
Jiangmin
K7Computing
Kaspersky
Mcafee
Microsoft
Norman
Nprotect
Pandasecurity
PC Tools
Rising Global
Sophos
Symantec
Trendmicro
Virusbuster
Permissions, Privileges, and Access Controls vulnerability in multiple products

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry.

4.3
2012-03-21 CVE-2012-1458 Clamav
Sophos
Permissions, Privileges, and Access Controls vulnerability in multiple products

The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file.

4.3
2012-03-21 CVE-2012-1457 Aladdin
Alwil
Anti Virus
Antiy
Authentium
AVG
Avira
Bitdefender
CAT
Clamav
Emsisoft
Eset
F Prot
Gdata Software
Ikarus
Jiangmin
K7Computing
Kaspersky
Mcafee
Microsoft
Norman
PC Tools
Rising Global
Symantec
Trendmicro
Virusbuster
Permissions, Privileges, and Access Controls vulnerability in multiple products

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size.

4.3
2012-03-21 CVE-2012-1456 Aladdin
AVG
CAT
Comodo
Emsisoft
Eset
F Prot
Fortinet
Ikarus
Jiangmin
Kaspersky
Mcafee
Norman
Pandasecurity
Rising Global
Sophos
Symantec
Trendmicro
Permissions, Privileges, and Access Controls vulnerability in multiple products

The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a TAR file with an appended ZIP file.

4.3
2012-03-21 CVE-2012-1455 Eset
Rising Global
Permissions, Privileges, and Access Controls vulnerability in multiple products

The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMinor version field.

4.3
2012-03-21 CVE-2012-1454 Aladdin
Drweb
Fortinet
Mcafee
Pandasecurity
Rising Global
Permissions, Privileges, and Access Controls vulnerability in multiple products

The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified ei_version field.

4.3
2012-03-21 CVE-2012-1453 Antiy
CA
Drweb
Emsisoft
Fortinet
Ikarus
Kaspersky
Mcafee
Microsoft
Pandasecurity
Rising Global
Sophos
Trendmicro
Permissions, Privileges, and Access Controls vulnerability in multiple products

The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via a CAB file with a modified coffFiles field.

4.3
2012-03-21 CVE-2012-1452 CAT
Emsisoft
Ikarus
Permissions, Privileges, and Access Controls vulnerability in multiple products

The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a CAB file with a modified reserved1 field.

4.3
2012-03-21 CVE-2012-1451 Emsisoft
Ikarus
Permissions, Privileges, and Access Controls vulnerability in multiple products

The CAB file parser in Emsisoft Anti-Malware 5.1.0.1 and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0 allows remote attackers to bypass malware detection via a CAB file with a modified reserved2 field.

4.3
2012-03-21 CVE-2012-1450 Emsisoft
Ikarus
Sophos
Permissions, Privileges, and Access Controls vulnerability in multiple products

The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Sophos Anti-Virus 4.61.0, and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0 allows remote attackers to bypass malware detection via a CAB file with a modified reserved3 field.

4.3
2012-03-21 CVE-2012-1449 Eset
Rising Global
Permissions, Privileges, and Access Controls vulnerability in multiple products

The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMajor field.

4.3
2012-03-21 CVE-2012-1448 CAT
Emsisoft
Ikarus
Trendmicro
Permissions, Privileges, and Access Controls vulnerability in multiple products

The CAB file parser in Quick Heal (aka Cat QuickHeal) 11.00, Trend Micro AntiVirus 9.120.0.1004, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Trend Micro HouseCall 9.120.0.1004, and Emsisoft Anti-Malware 5.1.0.1 allows remote attackers to bypass malware detection via a CAB file with a modified cbCabinet field.

4.3
2012-03-21 CVE-2012-1447 Aladdin
Drweb
Fortinet
Pandasecurity
Permissions, Privileges, and Access Controls vulnerability in multiple products

The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified e_version field.

4.3
2012-03-21 CVE-2012-1446 Aladdin
Antiy
CA
CAT
Fortinet
Kaspersky
Mcafee
Norman
Pandasecurity
PC Tools
Rising Global
Sophos
Symantec
Permissions, Privileges, and Access Controls vulnerability in multiple products

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field.

4.3
2012-03-21 CVE-2012-1445 Aladdin
Fortinet
Pandasecurity
Rising Global
Permissions, Privileges, and Access Controls vulnerability in multiple products

The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified abi field.

4.3
2012-03-21 CVE-2012-1444 Aladdin
Fortinet
Pandasecurity
Prevx
Permissions, Privileges, and Access Controls vulnerability in multiple products

The ELF file parser in eSafe 7.0.17.0, Prevx 3.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified abiversion field.

4.3
2012-03-21 CVE-2012-1443 Ahnlab
Aladdin
Alwil
Anti Virus
Antiy
Authentium
AVG
Avira
Bitdefender
CAT
Clamav
Comodo
Emsisoft
Eset
F Prot
F Secure
Fortinet
Gdata Software
Ikarus
Jiangmin
K7Computing
Kaspersky
Mcafee
Microsoft
Norman
Nprotect
Pandasecurity
PC Tools
Rising Global
Sophos
Symantec
Trendmicro
Virusbuster
Permissions, Privileges, and Access Controls vulnerability in multiple products

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence.

4.3
2012-03-21 CVE-2012-1442 Aladdin
Antiy
CAT
F Secure
Fortinet
Kaspersky
Mcafee
Pandasecurity
Rising Global
Sophos
Permissions, Privileges, and Access Controls vulnerability in multiple products

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field.

4.3
2012-03-21 CVE-2012-1441 Aladdin
Prevx
Permissions, Privileges, and Access Controls vulnerability in multiple products

The Microsoft EXE file parser in eSafe 7.0.17.0 and Prevx 3.0 allows remote attackers to bypass malware detection via an EXE file with a modified value in any of several e_ fields.

4.3
2012-03-21 CVE-2012-1440 Aladdin
CA
Fortinet
Norman
Pandasecurity
Permissions, Privileges, and Access Controls vulnerability in multiple products

The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified identsize field.

4.3
2012-03-21 CVE-2012-1439 Aladdin
Fortinet
Pandasecurity
Rising Global
Permissions, Privileges, and Access Controls vulnerability in multiple products

The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified padding field.

4.3
2012-03-21 CVE-2012-1438 Comodo
Sophos
Permissions, Privileges, and Access Controls vulnerability in multiple products

The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via an Office file with a ustar character sequence at a certain location.

4.3
2012-03-21 CVE-2012-1437 Comodo Permissions, Privileges, and Access Controls vulnerability in Comodo Antivirus 7425

The Microsoft Office file parser in Comodo Antivirus 7425 allows remote attackers to bypass malware detection via an Office file with a \50\4B\53\70\58 character sequence at a certain location.

4.3
2012-03-21 CVE-2012-1436 Ahnlab
Aladdin
Emsisoft
Ikarus
Pandasecurity
Permissions, Privileges, and Access Controls vulnerability in multiple products

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an EXE file with a \2D\6C\68 character sequence at a certain location.

4.3
2012-03-21 CVE-2012-1435 Ahnlab
Aladdin
Emsisoft
Ikarus
Pandasecurity
Permissions, Privileges, and Access Controls vulnerability in multiple products

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an EXE file with a \50\4B\4C\49\54\45 character sequence at a certain location.

4.3
2012-03-21 CVE-2012-1434 Ahnlab
Emsisoft
Ikarus
Pandasecurity
Permissions, Privileges, and Access Controls vulnerability in multiple products

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an EXE file with a \19\04\00\10 character sequence at a certain location.

4.3
2012-03-21 CVE-2012-1433 Ahnlab
Aladdin
Emsisoft
Ikarus
Pandasecurity
Permissions, Privileges, and Access Controls vulnerability in multiple products

The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an EXE file with a \4a\46\49\46 character sequence at a certain location.

4.3
2012-03-21 CVE-2012-1432 Aladdin
Emsisoft
Ikarus
Pandasecurity
Permissions, Privileges, and Access Controls vulnerability in multiple products

The Microsoft EXE file parser in Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an EXE file with a \57\69\6E\5A\69\70 character sequence at a certain location.

4.3
2012-03-21 CVE-2012-1431 Aladdin
Authentium
Bitdefender
Comodo
F Prot
F Secure
Mcafee
Nprotect
Rising Global
Sophos
Permissions, Privileges, and Access Controls vulnerability in multiple products

The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \4a\46\49\46 character sequence at a certain location.

4.3
2012-03-21 CVE-2012-1430 Aladdin
Bitdefender
Comodo
F Secure
Mcafee
Nprotect
Rising Global
Sophos
Permissions, Privileges, and Access Controls vulnerability in multiple products

The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \19\04\00\10 character sequence at a certain location.

4.3
2012-03-21 CVE-2012-1429 Aladdin
Comodo
Emsisoft
F Secure
Ikarus
Mcafee
Nprotect
Softwin
Permissions, Privileges, and Access Controls vulnerability in multiple products

The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location.

4.3
2012-03-21 CVE-2012-1428 CAT
Norman
Sophos
Permissions, Privileges, and Access Controls vulnerability in multiple products

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \4a\46\49\46 character sequence at a certain location.

4.3
2012-03-21 CVE-2012-1427 CAT
Norman
Sophos
Permissions, Privileges, and Access Controls vulnerability in multiple products

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \57\69\6E\5A\69\70 character sequence at a certain location.

4.3
2012-03-21 CVE-2012-1426 Authentium
CAT
F Prot
K7Computing
Norman
Rising Global
Permissions, Privileges, and Access Controls vulnerability in multiple products

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, K7 AntiVirus 9.77.3565, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \42\5A\68 character sequence.

4.3
2012-03-21 CVE-2012-1425 Antiy
Avira
CAT
Emsisoft
Eset
Fortinet
Ikarus
Jiangmin
Kaspersky
Mcafee
Norman
PC Tools
Symantec
Trendmicro
Permissions, Privileges, and Access Controls vulnerability in multiple products

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \50\4B\03\04 character sequence.

4.3
2012-03-21 CVE-2012-1424 Antiy
CAT
Jiangmin
Norman
PC Tools
Sophos
Permissions, Privileges, and Access Controls vulnerability in multiple products

The TAR file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Jiangmin Antivirus 13.0.900, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \19\04\00\10 character sequence at a certain location.

4.3
2012-03-21 CVE-2012-1423 Authentium
Emsisoft
Eset
F Prot
Fortinet
Ikarus
K7Computing
Norman
PC Tools
Rising Global
Virusbuster
Permissions, Privileges, and Access Controls vulnerability in multiple products

The TAR file parser in Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, K7 AntiVirus 9.77.3565, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MZ character sequence.

4.3
2012-03-21 CVE-2012-1422 CAT
Eset
Norman
Rising Global
Permissions, Privileges, and Access Controls vulnerability in multiple products

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial ITSF character sequence.

4.3
2012-03-21 CVE-2012-1421 CAT
Norman
Rising Global
Symantec
Permissions, Privileges, and Access Controls vulnerability in multiple products

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MSCF character sequence.

4.3
2012-03-21 CVE-2012-1420 Authentium
CAT
Eset
F Prot
Fortinet
K7Computing
Kaspersky
Microsoft
Norman
Pandasecurity
Rising Global
Permissions, Privileges, and Access Controls vulnerability in multiple products

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \7fELF character sequence.

4.3
2012-03-21 CVE-2012-1419 CAT
Clamav
Permissions, Privileges, and Access Controls vulnerability in multiple products

The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial [aliases] character sequence.

4.3
2012-03-20 CVE-2012-0399 RSA Cross-Site Scripting vulnerability in RSA Envision 4.0/4.1

Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-03-19 CVE-2012-1465 Netmechanica Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Netmechanica Netdecision

Stack-based buffer overflow in the HTTP Server in NetMechanica NetDecision before 4.6.1 allows remote attackers to cause a denial of service (application crash) via a long URL in an HTTP request.

4.3
2012-03-19 CVE-2012-1039 Dotclear Cross-Site Scripting vulnerability in Dotclear

Multiple cross-site scripting (XSS) vulnerabilities in Dotclear before 2.4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) login_data parameter to admin/auth.php; (2) nb parameter to admin/blogs.php; (3) type, (4) sortby, (5) order, or (6) status parameters to admin/comments.php; or (7) page parameter to admin/plugin.php.

4.3
2012-03-19 CVE-2012-0872 Oxwall Cross-Site Scripting vulnerability in Oxwall 1.1.1

Multiple cross-site scripting (XSS) vulnerabilities in OxWall 1.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) captchaField, (2) email, (3) form_name, (4) password, (5) realname, (6) repeatPassword, or (7) username parameters to Oxwall/join; (8) captcha, (9) email, (10) form_name, (11) from, or (12) subject parameters to Oxwall/contact; (13) tag parameter to Oxwall/blogs/browse-by-tag; or (14) PATH_INFO to Oxwall/photo/viewlist/tagged, (15) Oxwall/photo/viewlist, or (16) Oxwall/video/viewlist.

4.3
2012-03-19 CVE-2012-1789 Tskynet Cross-Site Scripting vulnerability in Tskynet Kongreg8 1.7.3

Multiple cross-site scripting (XSS) vulnerabilities in Kongreg8 1.7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) surname or (2) firstname parameters to modules/members/addmember.php; or (3) groupdescription or (4) groupname parameters to modules/groups/addgroupform.php.

4.3
2012-03-19 CVE-2012-1788 Wonderdesk Cross-Site Scripting vulnerability in Wonderdesk SQL 4.14

Multiple cross-site scripting (XSS) vulnerabilities in wonderdesk.cgi in WonderDesk SQL 4.14 allow remote attackers to inject arbitrary web script or HTML via the (1) cus_email parameter in a cust_lostpw action; or (2) help_name, (3) help_email, (4) help_website, or (5) help_example_url parameters in an hd_modify_record action.

4.3
2012-03-19 CVE-2012-1787 Webglimpse Cross-Site Scripting vulnerability in Webglimpse

Multiple cross-site scripting (XSS) vulnerabilities in wgarcmin.cgi in Webglimpse 2.20.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) FILE, or (3) DOMAIN parameters.

4.3
2012-03-19 CVE-2012-1782 Osqa Cross-Site Scripting vulnerability in Osqa 3B

Multiple cross-site scripting (XSS) vulnerabilities in questions/ask in OSQA 3b allow remote attackers to inject arbitrary web script or HTML via the (1) url bar or (2) picture bar.

4.3
2012-03-19 CVE-2012-1781 Socialcms Cross-Site Scripting vulnerability in Socialcms 1.0.5

Multiple cross-site scripting (XSS) vulnerabilities in ajax/commentajax.php in SocialCMS 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) TREF_email_address or (2) TR_name parameters.

4.3
2012-03-19 CVE-2012-1779 Idevspot Cross-Site Scripting vulnerability in Idevspot Idev-Businessdirectory 3.0

Cross-site scripting (XSS) vulnerability in IDevSpot idev-BusinessDirectory 3.0 allows remote attackers to inject arbitrary web script or HTML via the SEARCH parameter to index.php.

4.3
2012-03-19 CVE-2011-5082 S2Member
Wordpress
Cross-Site Scripting vulnerability in S2Member

Cross-site scripting (XSS) vulnerability in the s2Member Pro plugin before 111220 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s2member_pro_authnet_checkout[coupon] parameter (aka Coupon Code field).

4.3
2012-03-19 CVE-2009-5113 Iwork Cross-Site Scripting vulnerability in Iwork Webglimpse

Cross-site scripting (XSS) vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the DOC parameter.

4.3
2012-03-20 CVE-2012-0712 IBM Resource Management Errors vulnerability in IBM DB2 9.5/9.7/9.8

The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service (infinite loop) by calling the XMLPARSE function with a crafted string expression.

4.0
2012-03-20 CVE-2012-0709 IBM Improper Input Validation vulnerability in IBM DB2 9.5/9.7/9.8

IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 does not properly check variables, which allows remote authenticated users to bypass intended restrictions on viewing table data by leveraging the CREATEIN privilege to execute crafted SQL CREATE VARIABLE statements.

4.0

3 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-03-19 CVE-2012-0808 Bdale Garbee Link Following vulnerability in Bdale Garbee As31 2.3.14

as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack.

3.6
2012-03-22 CVE-2012-1842 Quantum
Dell
Cross-Site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in checkQKMProg.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

3.5
2012-03-19 CVE-2012-0054 Golismero Link Following vulnerability in Golismero 0.6.3

libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used in backtrack and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on GoLismero-controlled files, as demonstrated using Admin/changes.dat.

3.3