Weekly Vulnerabilities Reports > April 9 to 15, 2012

Overview

61 new vulnerabilities reported during this period, including 17 critical vulnerabilities and 12 high severity vulnerabilities. This weekly summary report vulnerabilities in 69 products from 26 vendors including Microsoft, Wireshark, Novell, Koyo, and Redhat. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Code Injection", "Improper Input Validation", "Resource Management Errors", and "Cross-site Scripting".

  • 54 reported vulnerabilities are remotely exploitables.
  • 7 reported vulnerabilities have public exploit available.
  • 13 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 58 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 11 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 8 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

17 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-04-13 CVE-2012-1808 Koyo Improper Authentication vulnerability in Koyo products

The web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 does not require authentication, which allows remote attackers to perform unspecified functions via unknown vectors.

10.0
2012-04-13 CVE-2012-1805 Koyo Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Koyo products

Buffer overflow in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to execute arbitrary code via long strings in unspecified parameters.

10.0
2012-04-10 CVE-2012-0776 Adobe Permissions, Privileges, and Access Controls vulnerability in Adobe Acrobat and Acrobat Reader

The installer in Adobe Reader 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors.

10.0
2012-04-10 CVE-2012-0775 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

The JavaScript implementation in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10.0
2012-04-10 CVE-2012-0774 Adobe Numeric Errors vulnerability in Adobe Acrobat and Acrobat Reader

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code via a crafted TrueType font.

10.0
2012-04-10 CVE-2012-1182 Samba Numeric Errors vulnerability in Samba

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.

10.0
2012-04-09 CVE-2011-3176 Novell Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Zenworks Configuration Management 11.1/11.1A

Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x4c request.

10.0
2012-04-09 CVE-2011-3175 Novell Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Zenworks Configuration Management 11.1/11.1A

Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request.

10.0
2012-04-11 CVE-2012-1499 Uclouvain Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Uclouvain Openjpeg

The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."

9.3
2012-04-10 CVE-2012-0177 Microsoft Buffer Errors vulnerability in Microsoft Office, Works and Works 6-9 File Converter

Heap-based buffer overflow in the Office Works File Converter in Microsoft Office 2007 SP2, Works 9, and Works 6-9 File Converter allows remote attackers to execute arbitrary code via a crafted Works (aka .wps) file, aka "Office WPS Converter Heap Overflow Vulnerability."

9.3
2012-04-10 CVE-2012-0172 Microsoft Code Injection vulnerability in Microsoft IE 6/7/8

Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code Execution Vulnerability."

9.3
2012-04-10 CVE-2012-0171 Microsoft Code Injection vulnerability in Microsoft IE

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability."

9.3
2012-04-10 CVE-2012-0170 Microsoft Code Injection vulnerability in Microsoft IE 6/7

Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnReadyStateChange Remote Code Execution Vulnerability."

9.3
2012-04-10 CVE-2012-0169 Microsoft Code Injection vulnerability in Microsoft IE 9

Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "JScript9 Remote Code Execution Vulnerability."

9.3
2012-04-10 CVE-2012-0163 Microsoft Improper Input Validation vulnerability in Microsoft .Net Framework

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate function parameters, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka ".NET Framework Parameter Validation Vulnerability."

9.3
2012-04-10 CVE-2012-0158 Microsoft Code Injection vulnerability in Microsoft products

The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, and 2009 Gold and R2; Visual FoxPro 8.0 SP1 and 9.0 SP2; and Visual Basic 6.0 Runtime allow remote attackers to execute arbitrary code via a crafted (a) web site, (b) Office document, or (c) .rtf file that triggers "system state" corruption, as exploited in the wild in April 2012, aka "MSCOMCTL.OCX RCE Vulnerability."

9.3
2012-04-10 CVE-2012-0151 Microsoft Improper Input Validation vulnerability in Microsoft products

The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute arbitrary code via a modified file with additional content, aka "WinVerifyTrust Signature Validation Vulnerability."

9.3

12 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-04-13 CVE-2011-4874 Microsys Resource Management Errors vulnerability in Microsys Promotic

Use-after-free vulnerability in MICROSYS PROMOTIC before 8.1.7 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (data corruption and application crash) via a crafted project (aka .pra) file.

7.9
2012-04-11 CVE-2012-2210 Sony Resource Management Errors vulnerability in Sony Bravia TV Kdl32Cx525

The Sony Bravia TV KDL-32CX525 allows remote attackers to cause a denial of service (configuration outage or device crash) via a flood of TCP SYN packets, as demonstrated by hping, a related issue to CVE-1999-0116.

7.8
2012-04-10 CVE-2012-0168 Microsoft Code Injection vulnerability in Microsoft IE

Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document that is not properly handled during a "Print table of links" print operation, aka "Print Feature Remote Code Execution Vulnerability."

7.6
2012-04-13 CVE-2012-0036 Curl SQL Injection vulnerability in Curl and Libcurl

curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the (1) IMAP, (2) POP3, or (3) SMTP protocol.

7.5
2012-04-13 CVE-2011-1779 Freebsd Resource Management Errors vulnerability in Freebsd Libarchive 2.8.4/2.8.5

Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted (1) TAR archive or (2) ISO9660 image.

7.5
2012-04-13 CVE-2010-4666 Freebsd Buffer Errors vulnerability in Freebsd Libarchive 3.0

Buffer overflow in libarchive 3.0 pre-release code allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CAB file, which is not properly handled during the reading of Huffman code data within LZX compressed data.

7.5
2012-04-13 CVE-2012-1806 Koyo Improper Authentication vulnerability in Koyo products

The ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 supports a maximum password length of 8 bytes, which makes it easier for remote attackers to obtain access via a brute-force attack.

7.5
2012-04-11 CVE-2012-2225 360Zip Permissions, Privileges, and Access Controls vulnerability in 360Zip 1.93

360zip 1.93beta allows remote attackers to execute arbitrary code via vectors related to file browsing and file extraction.

7.5
2012-04-11 CVE-2012-2224 Xunlei Code Injection vulnerability in Xunlei Thunder 7.2.6

Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a "DLL injection vulnerability."

7.5
2012-04-11 CVE-2012-1673 OLA Lasisi SQL Injection vulnerability in OLA Lasisi E-Ticketing

SQL injection vulnerability in loginscript.php in e-ticketing allows remote attackers to execute arbitrary SQL commands via the password parameter.

7.5
2012-04-11 CVE-2012-1672 Useasdf 4444 SQL Injection vulnerability in Useasdf 4444 Hotel Booking Portal 0.1

SQL injection vulnerability in getcity.php in Hotel Booking Portal 0.1 allows remote attackers to execute arbitrary SQL commands via the country parameter.

7.5
2012-04-10 CVE-2012-0777 Adobe
Apple
Linux
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader

The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

7.5

27 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-04-13 CVE-2011-1778 Freebsd Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freebsd Libarchive

Buffer overflow in libarchive through 2.8.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TAR archive.

6.8
2012-04-13 CVE-2011-1777 Freebsd Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freebsd Libarchive

Multiple buffer overflows in the (1) heap_add_entry and (2) relocate_dir functions in archive_read_support_format_iso9660.c in libarchive through 2.8.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ISO9660 image.

6.8
2012-04-12 CVE-2011-3846 HP Cross-Site Request Forgery (CSRF) vulnerability in HP System Management Homepage 6.2.2.7

Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.

6.8
2012-04-12 CVE-2012-2230 Cloudera Cryptographic Issues vulnerability in Cloudera products

Cloudera Manager 3.7.x before 3.7.5 and Service and Configuration Manager 3.5, when Kerberos is not enabled, does not properly install taskcontroller.cfg, which allows remote authenticated users to impersonate arbitrary user accounts via unspecified vectors, a different vulnerability than CVE-2012-1574.

6.5
2012-04-12 CVE-2012-1574 Apache
Cloudera
Cryptographic Issues vulnerability in multiple products

The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.

6.5
2012-04-11 CVE-2012-0043 Wireshark Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark

Buffer overflow in the reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a series of fragmented RLC packets.

5.8
2012-04-10 CVE-2012-0146 Microsoft Improper Input Validation vulnerability in Microsoft Forefront Unified Access Gateway 2010

Open redirect vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "UAG Blind HTTP Redirect Vulnerability."

5.8
2012-04-13 CVE-2012-1809 Koyo Resource Management Errors vulnerability in Koyo products

The web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors.

5.0
2012-04-13 CVE-2011-4883 Atvise Improper Input Validation vulnerability in Atvise Webmi2Ads 1.0/2.0/2.0.1

The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly validate values in HTTP requests, which allows remote attackers to cause a denial of service (resource consumption) via a crafted request.

5.0
2012-04-13 CVE-2011-4882 Atvise Code Injection vulnerability in Atvise Webmi2Ads 1.0/2.0/2.0.1

The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to cause a denial of service (application exit) via an unspecified command in an HTTP request.

5.0
2012-04-13 CVE-2011-4881 Atvise Unspecified vulnerability in Atvise Webmi2Ads 1.0/2.0/2.0.1

The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly check return values from functions, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted HTTP request.

5.0
2012-04-13 CVE-2011-4880 Atvise Path Traversal vulnerability in Atvise Webmi2Ads 1.0/2.0/2.0.1

Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request.

5.0
2012-04-11 CVE-2012-1596 Wireshark Resource Management Errors vulnerability in Wireshark

The mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a packet containing an invalid pointer value that triggers an incorrect memory-allocation attempt.

5.0
2012-04-10 CVE-2012-0147 Microsoft Configuration vulnerability in Microsoft Forefront Unified Access Gateway 2010

Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 does not properly configure the default web site, which allows remote attackers to obtain sensitive information via a crafted HTTPS request, aka "Unfiltered Access to UAG Default Website Vulnerability."

5.0
2012-04-09 CVE-2012-2215 Novell Path Traversal vulnerability in Novell Zenworks Configuration Management 11.1/11.1A

Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read arbitrary files via an opcode 0x21 request.

5.0
2012-04-13 CVE-2012-1807 Koyo Cross-Site Scripting vulnerability in Koyo products

Cross-site scripting (XSS) vulnerability in the web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-04-11 CVE-2012-2223 Novell Information Exposure vulnerability in Novell Zenworks Configuration Management

The xplat agent in Novell ZENworks Configuration Management (ZCM) 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cross-site tracing (XST) attacks via unspecified vectors.

4.3
2012-04-11 CVE-2012-2156 Plume CMS Cross-Site Scripting vulnerability in Plume-Cms Plume CMS

Multiple cross-site scripting (XSS) vulnerabilities in Plume CMS 1.2.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the u_email parameter (aka Authors Email field) to manager/users.php, (2) the u_realname parameter (aka Authors Name field) to manager/users.php, or (3) the c_author parameter (aka Author field) in an ADD A COMMENT section.

4.3
2012-04-11 CVE-2012-1992 Cmsmadesimple Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple

Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter (aka the Email Address field in the Edit User template).

4.3
2012-04-11 CVE-2012-1595 Wireshark Resource Management Errors vulnerability in Wireshark

The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a WTAP_ENCAP_ERF file containing an Extension or Multi-Channel header with an invalid pseudoheader size, related to the pcap and pcap-ng file parsers.

4.3
2012-04-11 CVE-2012-1036 Dotnetnuke Cross-Site Scripting vulnerability in Dotnetnuke

Cross-site scripting (XSS) vulnerability in the telerik HTML editor in DotNetNuke before 5.6.4 and 6.x before 6.1.0 allows remote attackers to inject arbitrary web script or HTML via a message.

4.3
2012-04-11 CVE-2012-1030 Dotnetnuke Cross-Site Scripting vulnerability in Dotnetnuke 6.0.0/6.0.1/6.0.2

Cross-site scripting (XSS) vulnerability in DotNetNuke 6.x through 6.0.2 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted URL containing text that is used within a modal popup.

4.3
2012-04-11 CVE-2012-0068 Wireshark Improper Input Validation vulnerability in Wireshark

The lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a Novell capture file containing a record that is too small.

4.3
2012-04-11 CVE-2012-0067 Wireshark
Redhat
Improper Input Validation vulnerability in multiple products

wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file.

4.3
2012-04-11 CVE-2012-0066 Wireshark
Redhat
Improper Input Validation vulnerability in multiple products

Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a (1) Accellent 5Views (aka .5vw) file, (2) I4B trace file, or (3) NETMON 2 capture file.

4.3
2012-04-11 CVE-2012-0041 Wireshark
Redhat
Improper Input Validation vulnerability in multiple products

The dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a capture file, as demonstrated by an airopeek file.

4.3
2012-04-09 CVE-2011-4188 Novell Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Imanager

Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929.

4.0

5 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-04-12 CVE-2012-0133 HP Unspecified vulnerability in HP products

HP ProCurve 5400 zl switches with certain serial numbers include a compact flash card that contains an unspecified virus, which might allow user-assisted remote attackers to execute arbitrary code on a PC by leveraging manual transfer of this card.

3.7
2012-04-11 CVE-2012-1594 Wireshark Code Injection vulnerability in Wireshark

epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

3.3
2012-04-11 CVE-2012-1593 Wireshark Unspecified vulnerability in Wireshark

epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet.

3.3
2012-04-11 CVE-2012-0042 Wireshark
Redhat
Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet, related to epan/to_str.c.
2.9
2012-04-09 CVE-2012-0742 IBM Information Exposure vulnerability in IBM Tivoli Event Pump 4.2.2

IBM Tivoli Event Pump 4.2.2, when the LOG_REQUESTS and VALIDATE_SOAP_USERS options are enabled, places credentials into the AOPSCLOG (aka AOPLOG) data set, which allows local users to obtain sensitive information by reading the data.

1.9