Weekly Vulnerabilities Reports > June 11 to 17, 2012
Overview
74 new vulnerabilities reported during this period, including 18 critical vulnerabilities and 11 high severity vulnerabilities. This weekly summary report vulnerabilities in 100 products from 48 vendors including Opera, Oracle, SUN, Wordpress, and Redhat. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", and "Out-of-bounds Write".
- 67 reported vulnerabilities are remotely exploitables.
- 5 reported vulnerabilities have public exploit available.
- 12 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 67 reported vulnerabilities are exploitable by an anonymous user.
- Opera has the most reported vulnerabilities, with 14 reported vulnerabilities.
- Oracle has the most reported critical vulnerabilities, with 6 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
18 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-06-16 | CVE-2012-1725 | Oracle SUN | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | 10.0 |
2012-06-16 | CVE-2012-1722 | Oracle | Unspecified vulnerability in Oracle JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1721. | 10.0 |
2012-06-16 | CVE-2012-1721 | Oracle | Unspecified vulnerability in Oracle JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1722. | 10.0 |
2012-06-16 | CVE-2012-1716 | Oracle SUN | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. | 10.0 |
2012-06-16 | CVE-2012-1713 | Oracle SUN | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | 10.0 |
2012-06-16 | CVE-2012-3576 | Jquindlen Wordpress | Permissions, Privileges, and Access Controls vulnerability in Jquindlen Wpstorecart Unrestricted file upload vulnerability in php/upload.php in the wpStoreCart plugin before 2.5.30 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/wpstorecart. | 10.0 |
2012-06-16 | CVE-2012-3575 | RBX Gallery Wordpress | Permissions, Privileges, and Access Controls vulnerability in RBX Gallery RBX Gallery 2.1 Unrestricted file upload vulnerability in uploader.php in the RBX Gallery plugin 2.1 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/rbxslider. | 10.0 |
2012-06-14 | CVE-2012-3561 | Opera | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opera Browser Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string. | 10.0 |
2012-06-14 | CVE-2012-3559 | Opera Apple | Unspecified vulnerability in Opera Browser Unspecified vulnerability in Opera before 12.00 on Mac OS X has unknown impact and attack vectors, related to a "moderate severity issue." | 10.0 |
2012-06-16 | CVE-2012-1723 | Oracle Redhat | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | 9.8 |
2012-06-17 | CVE-2012-2091 | Flightgear Simgear | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long string in a rotor tag of an aircraft xml model to the Rotor::getValueforFGSet function in src/FDM/YASim/Rotor.cpp or (2) a crafted UDP packet to the SGSocketUDP::read function in simgear/simgear/simgear/io/sg_socket_udp.cxx. | 9.3 |
2012-06-17 | CVE-2012-2090 | Flightgear Simgear | USE of Externally-Controlled Format String vulnerability in multiple products Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk values in an aircraft xml model to (1) fgfs/flightgear/src/Cockpit/panel.cxx or (2) fgfs/flightgear/src/Network/generic.cxx, or (3) a scene graph model to simgear/simgear/scene/model/SGText.cxx. | 9.3 |
2012-06-16 | CVE-2011-3194 | QT | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in QT 4.7.4 Buffer overflow in the TIFF reader in gui/image/qtiffhandler.cpp in Qt 4.7.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the TIFFTAG_SAMPLESPERPIXEL tag in a greyscale TIFF image with multiple samples per pixel. | 9.3 |
2012-06-16 | CVE-2011-3193 | Gnome QT Canonical Redhat Opensuse | Out-Of-Bounds Write vulnerability in multiple products Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. | 9.3 |
2012-06-14 | CVE-2012-3288 | Vmware | Improper Input Validation vulnerability in VMWare products VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file. | 9.3 |
2012-06-14 | CVE-2012-3556 | Opera | Improper Input Validation vulnerability in Opera Browser Opera before 11.65 does not properly restrict the opening of a pop-up window in response to the first click of a double-click action, which makes it easier for user-assisted remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary code via a crafted web site. | 9.3 |
2012-06-12 | CVE-2012-1849 | Microsoft | Unspecified vulnerability in Microsoft Lync 2010 Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .ocsmeet file, aka "Lync Insecure Library Loading Vulnerability." Per: http://technet.microsoft.com/en-us/security/bulletin/ms12-039 AV:N per "How could an attacker exploit the vulnerability? An attacker could convince a user to open a legitimate Microsoft Lync related file (such as an .ocsmeet file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. | 9.3 |
2012-06-12 | CVE-2012-0677 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Itunes Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist. | 9.3 |
11 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-06-13 | CVE-2012-1889 | Microsoft | Out-of-bounds Write vulnerability in Microsoft XML Core Services Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | 8.8 |
2012-06-14 | CVE-2012-3289 | Vmware | Code Injection vulnerability in VMWare products VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash) via crafted traffic from a remote virtual device. | 7.8 |
2012-06-14 | CVE-2012-3555 | Opera | Unspecified vulnerability in Opera Browser Opera before 11.65 does not ensure that keyboard sequences are associated with a visible window, which makes it easier for user-assisted remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary code via a crafted web site, related to a "hidden keyboard navigation" issue. | 7.6 |
2012-06-17 | CVE-2012-3577 | Nmedia Wordpress | Permissions, Privileges, and Access Controls vulnerability in Nmedia Member Conversation 1.0/1.2/1.3 Unrestricted file upload vulnerability in doupload.php in the Nmedia Member Conversation plugin before 1.4 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/uploads/user_uploads. | 7.5 |
2012-06-17 | CVE-2012-2691 | Mantisbt | Permissions, Privileges, and Access Controls vulnerability in Mantisbt The mc_issue_note_update function in the SOAP API in MantisBT before 1.2.11 does not properly check privileges, which allows remote attackers with bug reporting privileges to edit arbitrary bugnotes via a SOAP request. | 7.5 |
2012-06-17 | CVE-2012-2671 | Rtomayko | Unspecified vulnerability in Rtomayko Rack-Cach The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and other sensitive headers, which allows attackers to obtain sensitive cookie information, hijack web sessions, or have other unspecified impact by accessing the cache. | 7.5 |
2012-06-16 | CVE-2012-1711 | Oracle SUN | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to CORBA. | 7.5 |
2012-06-16 | CVE-2012-3574 | Tbelmans Wordpress | Unspecified vulnerability in Tbelmans MM Forms Community 2.2.5/2.2.6 Unrestricted file upload vulnerability in includes/doajaxfileupload.php in the MM Forms Community plugin 2.2.5 and 2.2.6 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/temp. | 7.5 |
2012-06-16 | CVE-2012-1502 | Pypam | Resource Management Errors vulnerability in Pypam Double free vulnerability in the PyPAM_conv in PAMmodule.c in PyPam 0.5.0 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a NULL byte in a password string. | 7.5 |
2012-06-16 | CVE-2011-4409 | Canonical | Improper Input Validation vulnerability in Canonical Ubuntu Linux The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive information via a man-in-the-middle (MITM) attack. | 7.5 |
2012-06-12 | CVE-2012-0217 | Freebsd Illumos Joyent XEN Microsoft Citrix Netbsd SUN | Buffer Errors vulnerability in Freebsd The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. | 7.2 |
35 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-06-12 | CVE-2012-1868 | Microsoft | Race Condition vulnerability in Microsoft Windows XP Race condition in the thread-creation implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application, aka "Win32k.sys Race Condition Vulnerability." | 6.9 |
2012-06-17 | CVE-2012-3578 | Wordpress | Permissions, Privileges, and Access Controls vulnerability in Wordpress Fcchat Widget Unrestricted file upload vulnerability in html/Upload.php in the FCChat Widget plugin 2.2.13.1 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in html/images. | 6.8 |
2012-06-16 | CVE-2011-4408 | Canonical | Unspecified vulnerability in Canonical Ubuntu Linux 11.04/11.10 The Single Sign On Client (ubuntu-sso-client) for Ubuntu 11.04 and 11.10 does not properly validate SSL certificates when using HTTPS, which allows remote attackers to spoof a server and modify or read sensitive data via a man-in-the-middle (MITM) attack. | 6.8 |
2012-06-13 | CVE-2012-2605 | Bradfordnetworks | Cross-Site Request Forgery (CSRF) vulnerability in Bradfordnetworks products Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote attackers to hijack the authentication of administrators for requests that (1) insert XSS sequences or (2) send messages to clients. | 6.8 |
2012-06-17 | CVE-2012-2670 | O DYN | Improper Input Validation vulnerability in O-Dyn Collabtive manageuser.php in Collabtive before 0.7.6 allows remote authenticated users, and possibly unauthenticated attackers, to bypass intended access restrictions and upload and execute arbitrary files by uploading an avatar file with an accepted Content-Type such as image/jpeg, then accessing it via a direct request to the file in files/standard/avatar. | 6.5 |
2012-06-17 | CVE-2012-0037 | Librdf Libreoffice Apache Fedoraproject Redhat Debian | XXE vulnerability in multiple products Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. | 6.5 |
2012-06-13 | CVE-2012-1828 | Efstechnology | Permissions, Privileges, and Access Controls vulnerability in Efstechnology Autoform PDM Archive 6.9/6.920/7.0 The administrative functions in AutoFORM PDM Archive before 7.1 do not have authorization requirements, which allows remote authenticated users to perform administrative actions by leveraging knowledge of a hidden function, as demonstrated by the password-change function. | 6.5 |
2012-06-13 | CVE-2012-1827 | Efstechnology | Permissions, Privileges, and Access Controls vulnerability in Efstechnology Autoform PDM Archive 6.9/6.920/7.0 The web service in AutoFORM PDM Archive before 7.1 does not have authorization requirements, which allows remote authenticated users to perform database operations via a SOAP request, as demonstrated by the initializeQueryDatabase2 request. | 6.5 |
2012-06-16 | CVE-2012-1726 | Oracle | Remote Java Runtime Environment vulnerability in Oracle JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. | 6.4 |
2012-06-13 | CVE-2012-3347 | Efstechnology | Permissions, Privileges, and Access Controls vulnerability in Efstechnology Autoform PDM Archive 6.9/6.920 AutoFORM PDM Archive before 7.0 implements user accounts in a way that allows for JMX Console authentication, which allows remote authenticated users to bypass intended access restrictions via the /jmx-console URI, and then upload and execute arbitrary JSP code via a JBoss remote-deployment mechanism, a different vulnerability than CVE-2012-1828. | 6.0 |
2012-06-15 | CVE-2012-3345 | Ioquake3 | Link Following vulnerability in Ioquake3 Engine ioquake3 before r2253 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ioq3.pid temporary file. | 5.6 |
2012-06-11 | CVE-2012-2959 | BMC | Cross-Site Request Forgery (CSRF) vulnerability in BMC Identity Management Suite 7.5.00.103 Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote attackers to hijack the authentication of administrators for requests that change passwords. | 5.1 |
2012-06-16 | CVE-2012-1724 | Oracle SUN | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect availability, related to JAXP. | 5.0 |
2012-06-16 | CVE-2012-1719 | Oracle SUN | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect integrity, related to CORBA. | 5.0 |
2012-06-16 | CVE-2012-1718 | Oracle SUN | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect availability via unknown vectors related to Security. | 5.0 |
2012-06-16 | CVE-2012-1145 | Redhat | Improper Authentication vulnerability in Redhat Satellite 5.4 spacewalk-backend in Red Hat Network Satellite 5.4 on Red Hat Enterprise Linux 6 does not properly authorize or authenticate uploads to the NULL organization when mod_wsgi is used, which allows remote attackers to cause a denial of service (/var partition disk consumption and failed updates) via a large number of package uploads. | 5.0 |
2012-06-14 | CVE-2012-3568 | Opera | Unspecified vulnerability in Opera Browser Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted WebGL content, as demonstrated by a codeflow.org WebGL demo. | 5.0 |
2012-06-14 | CVE-2012-3567 | Opera | Unspecified vulnerability in Opera Browser Opera before 12.00 Beta allows remote attackers to cause a denial of service (memory consumption or application hang) via an IFRAME element that uses the src="#" syntax to embed a parent document. | 5.0 |
2012-06-14 | CVE-2012-3565 | Opera | Unspecified vulnerability in Opera Browser Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted characters in domain names, as demonstrated by "IDNA2008 tests." | 5.0 |
2012-06-14 | CVE-2012-3564 | Opera | Unspecified vulnerability in Opera Browser Opera before 12.00 Beta allows remote attackers to cause a denial of service (application hang) via an absolutely positioned wrap=off TEXTAREA element located next to an "overflow: auto" block element. | 5.0 |
2012-06-14 | CVE-2012-3563 | Opera | Unspecified vulnerability in Opera Browser Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via a web page that contains invalid character encodings. | 5.0 |
2012-06-14 | CVE-2012-3557 | Opera | Permissions, Privileges, and Access Controls vulnerability in Opera Browser Opera before 11.65 does not properly restrict the reading of JSON strings, which allows remote attackers to perform cross-domain loading of JSON resources and consequently obtain sensitive information via a crafted web site. | 5.0 |
2012-06-13 | CVE-2012-2606 | Bradfordnetworks | Improper Authentication vulnerability in Bradfordnetworks products The agent in Bradford Network Sentry before 5.3.3 does not require authentication for messages, which allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted packet to UDP port 4567, as demonstrated by a replay attack. | 5.0 |
2012-06-17 | CVE-2012-2417 | Dlitz | Cryptographic Issues vulnerability in Dlitz Pycrypto PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the private key. | 4.3 |
2012-06-15 | CVE-2012-2635 | Dolphin Browser | Information Exposure vulnerability in Dolphin-Browser Dolphin Browser HD and Dolphin for PAD The Dolphin Browser HD application before 7.6 and Dolphin for Pad application before 1.0.1 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | 4.3 |
2012-06-15 | CVE-2012-2633 | Wordpress | Cross-Site Scripting vulnerability in Wordpress Wassup Plugin Cross-site scripting (XSS) vulnerability in wassup.php in the WassUp plugin before 1.8.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header. | 4.3 |
2012-06-15 | CVE-2012-2631 | Atmarkweb | Cross-Site Scripting vulnerability in Atmarkweb @Web Shoppingcart and @Web Shoppingcart T Cross-site scripting (XSS) vulnerability in WEBLOGIC @WEB ShoppingCart before 1.5.2.0, and @WEB ShoppingCart T 1.5.0.1 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2012-06-14 | CVE-2012-3566 | Opera | Unspecified vulnerability in Opera Browser Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (application hang) via JavaScript code that changes a form before submission. | 4.3 |
2012-06-14 | CVE-2012-3562 | Opera | Unspecified vulnerability in Opera Browser Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page that is not properly handled during a reload, as demonstrated by a "multiple origin camera test" page. | 4.3 |
2012-06-14 | CVE-2012-3560 | Opera | Permissions, Privileges, and Access Controls vulnerability in Opera Browser Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during blocked navigation, which makes it easier for remote attackers to conduct spoofing attacks by detecting and preventing attempts to load a different web page. | 4.3 |
2012-06-13 | CVE-2012-2011 | HP | Cross-Site Scripting vulnerability in HP web Jetadmin 8.0/8.1 Multiple cross-site scripting (XSS) vulnerabilities in HP Web Jetadmin 8.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2012-06-13 | CVE-2011-2545 | Cisco | Cross-Site Scripting vulnerability in Cisco products Cross-site scripting (XSS) vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to inject arbitrary web script or HTML via the FROM field of an INVITE message, aka Bug IDs CSCtr27277, CSCtr27256, CSCtr27274, and CSCtr14715. | 4.3 |
2012-06-13 | CVE-2012-2041 | Adobe | Code Injection vulnerability in Adobe Coldfusion 8.0/8.0.1/9.0 CRLF injection vulnerability in the Component Browser in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | 4.3 |
2012-06-12 | CVE-2012-1857 | Microsoft | Cross-Site Scripting vulnerability in Microsoft Dynamics AX 2012 Cross-site scripting (XSS) vulnerability in the Enterprise Portal component in Microsoft Dynamics AX 2012 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Dynamics AX Enterprise Portal XSS Vulnerability." | 4.3 |
2012-06-11 | CVE-2012-1825 | Forescout | Cross-Site Scripting vulnerability in Forescout Counteract 6.3.3.2/6.3.4.10 Multiple cross-site scripting (XSS) vulnerabilities in the status program on the ForeScout CounterACT appliance with software 6.3.3.2 through 6.3.4.10 allow remote attackers to inject arbitrary web script or HTML via (1) the loginname parameter in a forgotpass action or (2) the username parameter. | 4.3 |
10 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-06-17 | CVE-2012-2693 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat Libvirt libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices. | 3.7 |
2012-06-16 | CVE-2012-1720 | Oracle SUN | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier, when running on Solaris, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking. | 3.7 |
2012-06-17 | CVE-2012-2692 | Mantisbt | Permissions, Privileges, and Access Controls vulnerability in Mantisbt MantisBT before 1.2.11 does not check the delete_attachments_threshold permission when form_security_validation is set to OFF, which allows remote authenticated users with certain privileges to bypass intended access restrictions and delete arbitrary attachments. | 3.6 |
2012-06-13 | CVE-2012-1829 | Efstechnology | Cross-Site Scripting vulnerability in Efstechnology Autoform PDM Archive 6.9 Multiple cross-site scripting (XSS) vulnerabilities in AutoFORM PDM Archive before 6.920 allow remote authenticated users to inject arbitrary web script or HTML via unspecified fields. | 3.5 |
2012-06-13 | CVE-2012-2604 | Bradfordnetworks | Cross-Site Scripting vulnerability in Bradfordnetworks products Multiple cross-site scripting (XSS) vulnerabilities in GuestAccess.jsp in the Guest/Contractor access component in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified fields. | 3.5 |
2012-06-13 | CVE-2012-1820 | Quagga | Remote Denial Of Service vulnerability in Quagga bgpd 'bgp_capability_orf()' BGP OPEN Message The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capability TLV in an OPEN message. | 2.9 |
2012-06-15 | CVE-2012-2634 | Newsgator | Cross-Site Scripting vulnerability in Newsgator Feeddemon Cross-site scripting (XSS) vulnerability in FeedDemon before 4.0, when the feed preview option is enabled, allows remote attackers to inject arbitrary web script or HTML via a feed. | 2.6 |
2012-06-15 | CVE-2012-2632 | Seil | Unspecified vulnerability in Seil products SEIL routers with firmware SEIL/x86 1.00 through 2.35, SEIL/X1 2.30 through 3.75, SEIL/X2 2.30 through 3.75, and SEIL/B1 2.30 through 3.75, when the http-proxy and application-gateway features are enabled, do not properly handle the CONNECT command, which allows remote attackers to bypass intended URL restrictions via a TCP session. | 2.6 |
2012-06-14 | CVE-2012-3558 | Opera | Permissions, Privileges, and Access Controls vulnerability in Opera Browser Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during unusually timed changes to this field, which makes it easier for user-assisted remote attackers to conduct spoofing attacks via vectors involving navigation, reloads, and redirects. | 2.6 |
2012-06-17 | CVE-2012-2672 | Oracle | Unspecified vulnerability in Oracle Mojarra 2.1.7 Oracle Mojarra 2.1.7 does not properly "clean up" the FacesContext reference during startup, which allows local users to obtain context information an access resources from another WAR file by calling the FacesContext.getCurrentInstance function. | 2.1 |