Weekly Vulnerabilities Reports > August 6 to 12, 2012
Overview
114 new vulnerabilities reported during this period, including 6 critical vulnerabilities and 22 high severity vulnerabilities. This weekly summary report vulnerabilities in 112 products from 53 vendors including Cisco, Bitcoin, Ushahidi, Microsoft, and Puppet. Vulnerabilities are notably categorized as "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "SQL Injection", and "Information Exposure".
- 105 reported vulnerabilities are remotely exploitables.
- 10 reported vulnerabilities have public exploit available.
- 41 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 101 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 19 reported vulnerabilities.
- Amazon has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
6 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-08-12 | CVE-2012-4249 | Amazon | Code Injection vulnerability in Amazon Kindle Touch 5.1.0/5.1.1 The Amazon Lab126 com.lab126.system sendEvent implementation on the Kindle Touch before 5.1.2 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a string, as demonstrated by using lipc-set-prop to set an LIPC property, a different vulnerability than CVE-2012-4248. | 10.0 |
2012-08-07 | CVE-2012-4177 | UBI | OS Command Injection vulnerability in UBI Uplay PC The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote attackers to execute arbitrary programs via the -orbit_exe_path command line argument. | 10.0 |
2012-08-06 | CVE-2012-4145 | Opera Linux Microsoft Apple | Unspecified vulnerability in Opera Browser Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, has unknown impact and attack vectors, related to a "low severity issue." | 10.0 |
2012-08-12 | CVE-2012-4248 | Amazon | Permissions, Privileges, and Access Controls vulnerability in Amazon Kindle Touch 5.1.0 The Amazon Kindle Touch before 5.1.2 does not properly restrict access to the libkindleplugin.so NPAPI plugin interface, which might allow remote attackers to have an unspecified impact via vectors involving the (1) dev.log, (2) lipc.set, (3) lipc.get, or (4) todo.scheduleItems method, a different vulnerability than CVE-2012-4249. | 9.3 |
2012-08-06 | CVE-2012-1015 | MIT | Improper Input Validation vulnerability in MIT Kerberos 5 The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free, heap memory corruption, and daemon crash) via a crafted AS-REQ request. | 9.3 |
2012-08-06 | CVE-2012-1014 | MIT | Unspecified vulnerability in MIT Kerberos 5 1.10/1.10.1/1.10.2 The process_as_req function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x before 1.10.3 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a malformed AS-REQ request. | 9.0 |
22 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-08-06 | CVE-2012-1350 | Cisco | Unspecified vulnerability in Cisco products Cisco IOS 12.3 and 12.4 on Aironet access points allows remote attackers to cause a denial of service (radio-interface input-queue hang) via IAPP 0x3281 packets, aka Bug ID CSCtc12426. | 7.8 |
2012-08-06 | CVE-2012-2469 | Cisco | Remote Denial of Service vulnerability in Cisco NX-OS Cisco NX-OS 4.2, 5.0, 5.1, and 5.2 on Nexus 7000 series switches, when the High Availability (HA) policy is configured for Reset, allows remote attackers to cause a denial of service (device reset) via a malformed Cisco Discovery Protocol (CDP) packet, aka Bug IDs CSCtk34535 and CSCtk19132. | 7.8 |
2012-08-12 | CVE-2012-3475 | Ushahidi | Unspecified vulnerability in Ushahidi Platform The installer in the Ushahidi Platform before 2.5 omits certain calls to the exit function, which allows remote attackers to obtain administrative privileges via unspecified vectors. | 7.5 |
2012-08-12 | CVE-2012-3471 | Ushahidi | SQL Injection vulnerability in Ushahidi Platform Multiple SQL injection vulnerabilities in the edit functions in (1) application/controllers/admin/reports.php and (2) application/controllers/members/reports.php in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via an incident id. | 7.5 |
2012-08-12 | CVE-2012-3470 | Ushahidi | SQL Injection vulnerability in Ushahidi Platform Multiple SQL injection vulnerabilities in application/libraries/api/MY_Countries_Api_Object.php in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to _get_countries functions. | 7.5 |
2012-08-12 | CVE-2012-3469 | Ushahidi | SQL Injection vulnerability in Ushahidi Platform Multiple SQL injection vulnerabilities in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the messages admin functionality in application/controllers/admin/messages.php, (2) application/libraries/api/MY_Checkin_Api_Object.php, (3) application/controllers/admin/messages/reporters.php, or (4) the location API in application/libraries/api/MY_Locations_Api_Object.php and application/models/location.php. | 7.5 |
2012-08-12 | CVE-2012-3468 | Ushahidi | SQL Injection vulnerability in Ushahidi Platform Multiple SQL injection vulnerabilities in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the verify function in application/controllers/alerts.php, (2) the save_all function in application/models/settings.php, or (3) the media type to the timeline function in application/controllers/json.php. | 7.5 |
2012-08-12 | CVE-2012-4070 | Dir2Web | SQL Injection vulnerability in Dir2Web 3.0 SQL injection vulnerability in system/src/dispatcher.php in Dir2web 3.0 allows remote attackers to execute arbitrary SQL commands via the oid parameter in a homepage action to index.php. | 7.5 |
2012-08-12 | CVE-2012-2967 | Caucho | Unspecified vulnerability in Caucho Resin Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == (equals sign equals sign) operator for comparisons, which has unspecified impact and context-dependent attack vectors. | 7.5 |
2012-08-12 | CVE-2012-2966 | Caucho | Unspecified vulnerability in Caucho Resin Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors. | 7.5 |
2012-08-12 | CVE-2012-2965 | Caucho | Improper Input Validation vulnerability in Caucho Resin Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an "HTTP Parameter Contamination" issue. | 7.5 |
2012-08-12 | CVE-2012-3953 | Phplist | SQL Injection vulnerability in PHPlist SQL injection vulnerability in admin/index.php in phpList before 2.10.19 allows remote administrators to execute arbitrary SQL commands via the delete parameter to the editattributes page. | 7.5 |
2012-08-10 | CVE-2012-3554 | Rsgallery2 Joomla | SQL Injection vulnerability in Rsgallery2 COM Rsgallery2 SQL injection vulnerability in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2012-08-08 | CVE-2012-2203 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, uses the PKCS #12 file format for certificate objects without enforcing file integrity, which makes it easier for remote attackers to spoof SSL servers via vectors involving insertion of an arbitrary root Certification Authority (CA) certificate. | 7.5 |
2012-08-07 | CVE-2012-4178 | Symantec | SQL Injection vulnerability in Symantec web Gateway 5.0.3.18 SQL injection vulnerability in spywall/includes/deptUploads_data.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter. | 7.5 |
2012-08-07 | CVE-2012-3423 | Redhat | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Redhat Icedtea-Web The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet. | 7.5 |
2012-08-06 | CVE-2012-3448 | Ganglia | PHP Code Execution vulnerability in Ganglia Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary PHP code via unknown attack vectors. | 7.5 |
2012-08-06 | CVE-2012-3020 | Siemens | Credentials Management vulnerability in Siemens products The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, and OZW775 with firmware before 4 have an unspecified default password, which makes it easier for remote attackers to obtain administrative access via a network session. | 7.5 |
2012-08-06 | CVE-2012-1910 | Bitcoin Microsoft | Unspecified vulnerability in Bitcoin Bitcoin-Qt and Bitcoin Core Bitcoin-Qt 0.5.0.x before 0.5.0.5; 0.5.1.x, 0.5.2.x, and 0.5.3.x before 0.5.3.1; and 0.6.x before 0.6.0rc4 on Windows does not use MinGW multithread-safe exception handling, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted Bitcoin protocol messages. | 7.5 |
2012-08-06 | CVE-2010-5141 | Bitcoin | Permissions, Privileges, and Access Controls vulnerability in Bitcoin Core and Wxbitcoin wxBitcoin and bitcoind before 0.3.5 do not properly handle script opcodes in Bitcoin transactions, which allows remote attackers to spend bitcoins owned by other users via unspecified vectors. | 7.5 |
2012-08-06 | CVE-2010-5139 | Bitcoin | Numeric Errors vulnerability in Bitcoin Core and Wxbitcoin Integer overflow in wxBitcoin and bitcoind before 0.3.11 allows remote attackers to bypass intended economic restrictions and create many bitcoins via a crafted Bitcoin transaction. | 7.5 |
2012-08-06 | CVE-2012-2188 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 before 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to gain privileges via vectors involving a (1) $ (dollar sign) or (2) & (ampersand) character. | 7.2 |
70 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-08-12 | CVE-2012-2602 | Solarwinds | Cross-Site Request Forgery (CSRF) vulnerability in Solarwinds Orion Network Performance Monitor Multiple cross-site request forgery (CSRF) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) before 10.3.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create user accounts via CreateUserStepContainer actions to Admin/Accounts/Add/OrionAccount.aspx or (2) modify account privileges via a ynAdminRights action to Admin/Accounts/EditAccount.aspx. | 6.8 |
2012-08-08 | CVE-2012-2649 | Fenrir INC | Code Injection vulnerability in Fenrir-Inc Sleipnir Mobile The Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile Black Edition application 2.2.0 and earlier for Android allow remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. | 6.8 |
2012-08-07 | CVE-2012-3422 | Redhat | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Redhat Icedtea-Web The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web page, which causes an uninitialized memory location to be read. | 6.8 |
2012-08-06 | CVE-2012-4143 | Opera Linux Microsoft Apple | Code Injection vulnerability in Opera Browser Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, allows user-assisted remote attackers to trick users into downloading and executing arbitrary files via a small window for the download dialog, a different vulnerability than CVE-2012-1924. | 6.8 |
2012-08-10 | CVE-2012-3132 | Oracle | SQL Injection vulnerability in Oracle Database Server SQL injection vulnerability in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to execute arbitrary SQL commands via vectors involving CREATE INDEX with a CTXSYS.CONTEXT INDEXTYPE and DBMS_STATS.GATHER_TABLE_STATS. | 6.5 |
2012-08-08 | CVE-2011-5098 | Opscode | Permissions, Privileges, and Access Controls vulnerability in Opscode Chef chef-server-api/app/controllers/clients.rb in Chef Server in Chef before 0.9.20, and 0.10.x before 0.10.6, does not require administrative privileges for creating admin clients, which allows remote authenticated users to bypass intended access restrictions by leveraging read permission for the validation key and executing a knife client create command with the --admin option. | 6.5 |
2012-08-08 | CVE-2010-5142 | Opscode | Permissions, Privileges, and Access Controls vulnerability in Opscode Chef chef-server-api/app/controllers/users.rb in the API in Chef before 0.9.0 does not require administrative privileges for the create, destroy, and update methods, which allows remote authenticated users to manage user accounts via requests to the /users URI. | 6.5 |
2012-08-12 | CVE-2012-3473 | Ushahidi | Improper Authentication vulnerability in Ushahidi Platform The (1) reports API and (2) administration feature in the comments API in the Ushahidi Platform before 2.5 do not require authentication, which allows remote attackers to generate reports and organize comments via API functions. | 6.4 |
2012-08-12 | CVE-2012-3472 | Ushahidi | Improper Authentication vulnerability in Ushahidi Platform The email API in application/libraries/api/MY_Email_Api_Object.php in the Ushahidi Platform before 2.5 does not require authentication, which allows remote attackers to list, delete, or organize messages via a GET request. | 6.4 |
2012-08-12 | CVE-2012-2969 | Caucho | Permissions, Privileges, and Access Controls vulnerability in Caucho Resin Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request. | 6.4 |
2012-08-06 | CVE-2012-1338 | Cisco | Race Condition vulnerability in Cisco products Cisco IOS 15.0 and 15.1 on Catalyst 3560 and 3750 series switches allows remote authenticated users to cause a denial of service (device reload) by completing local web authentication quickly, aka Bug ID CSCts88664. | 6.3 |
2012-08-06 | CVE-2012-2499 | Cisco | Cryptographic Issues vulnerability in Cisco Anyconnect Secure Mobility Client 3.0/3.0.0629/3.0.07059 The IPsec implementation in Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not verify the certificate name in an X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz26985. | 5.8 |
2012-08-08 | CVE-2011-5097 | Opscode | Permissions, Privileges, and Access Controls vulnerability in Opscode Chef chef-server-api/app/controllers/cookbooks.rb in Chef Server in Chef before 0.9.18, and 0.10.x before 0.10.2, does not require administrative privileges for the update and destroy methods, which allows remote authenticated users to (1) upload cookbooks via a knife cookbook upload command or (2) delete cookbooks via a knife cookbook delete command. | 5.5 |
2012-08-12 | CVE-2012-3474 | Ushahidi | Information Exposure vulnerability in Ushahidi Platform The comments API in application/libraries/api/MY_Comments_Api_Object.php in the Ushahidi Platform before 2.5 allows remote attackers to obtain sensitive information about the e-mail address, IP address, and other attributes of the author of a comment via an API function call. | 5.0 |
2012-08-12 | CVE-2012-4069 | Dir2Web | Permissions, Privileges, and Access Controls vulnerability in Dir2Web 3.0 Dir2web 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database via a direct request for system/db/website.db. | 5.0 |
2012-08-12 | CVE-2012-2968 | Caucho | Path Traversal vulnerability in Caucho Resin Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a .. | 5.0 |
2012-08-12 | CVE-2012-2964 | Breakingpointsystems | Improper Input Validation vulnerability in Breakingpointsystems products The BreakingPoint Storm appliance before 3.0 requires cleartext credentials for establishing a session from a GUI administrative client, which allows remote attackers to obtain sensitive information by sniffing the network for XML documents. | 5.0 |
2012-08-12 | CVE-2012-2963 | Breakingpointsystems | Improper Authentication vulnerability in Breakingpointsystems products The administrative interface in the embedded web server on the BreakingPoint Storm appliance before 3.0 does not require authentication for the gwt/BugReport script, which allows remote attackers to obtain sensitive information by downloading a .tgz file. | 5.0 |
2012-08-10 | CVE-2012-4235 | Rsgallery2 Joomla | Information Exposure vulnerability in Rsgallery2 COM Rsgallery2 The RSGallery2 (com_rsgallery2) component before 3.2.0 for Joomla! 2.5.x does not place index.html files in image directories, which allows remote attackers to list image filenames via a request for a directory URI. | 5.0 |
2012-08-08 | CVE-2012-3424 | Rubyonrails | Improper Authentication vulnerability in Rubyonrails Rails and Ruby ON Rails The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method. | 5.0 |
2012-08-08 | CVE-2012-2191 | IBM | Improper Input Validation vulnerability in IBM products IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, does not properly validate data during execution of a protection mechanism against the Vaudenay SSL CBC timing attack, which allows remote attackers to cause a denial of service (application crash) via crafted values in the TLS Record Layer, a different vulnerability than CVE-2012-2333. | 5.0 |
2012-08-07 | CVE-2012-3429 | Martin Nagy | Improper Input Validation vulnerability in Martin Nagy Bind-Dyndb-Ldap The dns_to_ldap_dn_escape function in src/ldap_convert.c in bind-dyndb-ldap 1.1.0rc1 and earlier does not properly escape distinguished names (DN) for LDAP queries, which allows remote DNS servers to cause a denial of service (named service hang) via a "$" character in a DN in a DNS query. | 5.0 |
2012-08-07 | CVE-2012-0213 | Apache | Resource Management Errors vulnerability in Apache POI The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel Definition Format (CDF) or Compound File Binary Format (CFBF) document. | 5.0 |
2012-08-07 | CVE-2012-4005 | Naver | Information Exposure vulnerability in Naver NHN Japan Naver Line 2.5 The NHN Japan NAVER LINE application before 2.5.5 for Android does not properly handle implicit intents, which allows remote attackers to obtain sensitive message information via a crafted application. | 5.0 |
2012-08-06 | CVE-2012-1357 | Cisco | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Nexus 5000 and Nx-Os The igmp_snoop_orib_fill_source_update function in the IGMP process in NX-OS 5.0 and 5.1 on Cisco Nexus 5000 series switches allows remote attackers to cause a denial of service (device reload) via IGMP packets, aka Bug ID CSCts46521. | 5.0 |
2012-08-06 | CVE-2012-1348 | Cisco | Information Exposure vulnerability in Cisco Wide Area Application Services 4.4/5.0/5.1 Cisco Wide Area Application Services (WAAS) appliances with software 4.4, 5.0, and 5.1 include a one-way hash of a password within output text, which might allow remote attackers to obtain sensitive information via a brute-force attack on the hash string, aka Bug ID CSCty17279. | 5.0 |
2012-08-06 | CVE-2012-1346 | Cisco | Resource Management Errors vulnerability in Cisco Emergency Responder 8.6/9.2 Cisco Emergency Responder 8.6 and 9.2 allows remote attackers to cause a denial of service (CPU consumption) by sending malformed UDP packets to the CERPT port, aka Bug ID CSCtx38369. | 5.0 |
2012-08-06 | CVE-2012-2490 | Cisco | Improper Input Validation vulnerability in Cisco IP Communicator 8.6 Cisco IP Communicator 8.6 allows man-in-the-middle attackers to modify the Certificate Trust List via unspecified vectors, aka Bug ID CSCtz01471. | 5.0 |
2012-08-06 | CVE-2012-1342 | Cisco | Incorrect Authorization vulnerability in Cisco Carrier Routing System 3.9.0/4.0.0/4.1.0 Cisco Carrier Routing System (CRS) 3.9, 4.0, and 4.1 allows remote attackers to bypass ACL entries via fragmented packets, aka Bug ID CSCtj10975. | 5.0 |
2012-08-06 | CVE-2012-1340 | Cisco | Buffer Errors vulnerability in Cisco MDS 9000 Nx-Os 4.2/5.2 The Fibre Channel over IP (FCIP) implementation in Cisco MDS NX-OS 4.2 and 5.2 on MDS 9000 series switches allows remote attackers to cause a denial of service (module reload) via a crafted FCIP header, aka Bug ID CSCtn93151. | 5.0 |
2012-08-06 | CVE-2012-1339 | Cisco | Buffer Errors vulnerability in Cisco Unified Computing System Infrastructure and Unified Computing System Software 2.0(1Q) The Fabric Interconnect component in Cisco Unified Computing System (UCS) 2.0 allows remote attackers to cause a denial of service (process crash) via an attempted SSH session, aka Bug ID CSCtt94543. | 5.0 |
2012-08-06 | CVE-2012-3789 | Bitcoin | Unspecified vulnerability in Bitcoin Core Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3, 0.5.x before 0.5.6rc3, 0.6.0.x before 0.6.0.9rc1, and 0.6.x before 0.6.3rc1 allows remote attackers to cause a denial of service (process hang) via unknown behavior on a Bitcoin network. | 5.0 |
2012-08-06 | CVE-2012-2459 | Bitcoin | Unspecified vulnerability in Bitcoin Core Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.6, 0.5.x before 0.5.5, 0.6.0.x before 0.6.0.7, and 0.6.x before 0.6.2 allows remote attackers to cause a denial of service (block-processing outage and incorrect block count) via unknown behavior on a Bitcoin network. | 5.0 |
2012-08-06 | CVE-2012-1909 | Bitcoin | Configuration vulnerability in Bitcoin Core and Wxbitcoin The Bitcoin protocol, as used in bitcoind before 0.4.4, wxBitcoin, Bitcoin-Qt, and other programs, does not properly handle multiple transactions with the same identifier, which allows remote attackers to cause a denial of service (unspendable transaction) by leveraging the ability to create a duplicate coinbase transaction. | 5.0 |
2012-08-06 | CVE-2010-5140 | Bitcoin | Buffer Errors vulnerability in Bitcoin Core and Wxbitcoin wxBitcoin and bitcoind before 0.3.13 do not properly handle bitcoins associated with Bitcoin transactions that have zero confirmations, which allows remote attackers to cause a denial of service (invalid-transaction flood) by sending low-valued transactions without transaction fees. | 5.0 |
2012-08-06 | CVE-2010-5138 | Bitcoin | Unspecified vulnerability in Bitcoin Core and Wxbitcoin wxBitcoin and bitcoind 0.3.x allow remote attackers to cause a denial of service (electricity consumption) via a Bitcoin transaction containing multiple OP_CHECKSIG script opcodes. | 5.0 |
2012-08-06 | CVE-2010-5137 | Bitcoin | Unspecified vulnerability in Bitcoin Core and Wxbitcoin wxBitcoin and bitcoind before 0.3.5 allow remote attackers to cause a denial of service (daemon crash) via a Bitcoin transaction containing an OP_LSHIFT script opcode. | 5.0 |
2012-08-06 | CVE-2012-1367 | Cisco | Improper Input Validation vulnerability in Cisco IOS The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (Route Processor crash) via a BGP UPDATE message with a modified local-preference (aka LOCAL_PREF) attribute length, aka Bug ID CSCtq06538. | 5.0 |
2012-08-12 | CVE-2012-2590 | E Supportportal | Cross-Site Scripting vulnerability in E-Supportportal Escon Supportportal 3.0 Multiple cross-site scripting (XSS) vulnerabilities in ESCON SupportPortal Professional Edition 3.0 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted SRC attribute of an IFRAME element, (3) a crafted CONTENT attribute of an HTTP-EQUIV="Set-Cookie" META element, or (4) an innerHTML attribute within an XML document. | 4.3 |
2012-08-12 | CVE-2012-2587 | Afterlogic | Cross-Site Scripting vulnerability in Afterlogic Mailsuite PRO 6.3 Multiple cross-site scripting (XSS) vulnerabilities in AfterLogic MailSuite Pro 6.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with a crafted SRC attribute of (1) an IFRAME element or (2) a SCRIPT element. | 4.3 |
2012-08-12 | CVE-2012-2585 | Manageengine | Cross-Site Scripting vulnerability in Manageengine Servicedesk Plus 8.1 Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ServiceDesk Plus 8.1 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a CSS expression property in the STYLE attribute of an arbitrary element, or (4) a crafted SRC attribute of an IFRAME element, or an e-mail message subject with (5) a SCRIPT element, (6) a CSS expression property in the STYLE attribute of an arbitrary element, (7) a crafted SRC attribute of an IFRAME element, (8) a crafted CONTENT attribute of an HTTP-EQUIV="refresh" META element, or (9) a data: URL in the CONTENT attribute of an HTTP-EQUIV="refresh" META element. | 4.3 |
2012-08-12 | CVE-2012-2573 | Tdah | Cross-Site Scripting vulnerability in Tdah T-Day Webmail 3.2.02.3 Multiple cross-site scripting (XSS) vulnerabilities in T-dah WebMail 3.2.0-2.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a CSS expression property in the STYLE attribute of an arbitrary element, (4) an ONLOAD attribute of a BODY element, (5) a crafted SRC attribute of an IFRAME element, (6) a crafted CONTENT attribute of an HTTP-EQUIV="refresh" META element, or (7) a data: URL in the CONTENT attribute of an HTTP-EQUIV="refresh" META element. | 4.3 |
2012-08-12 | CVE-2012-2571 | Winwebmail | Cross-Site Scripting vulnerability in Winwebmail Server 3.8.1.6 Multiple cross-site scripting (XSS) vulnerabilities in WinWebMail Server 3.8.1.6 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a CSS expression property in the STYLE attribute of an arbitrary element, (4) a crafted SRC attribute of an IFRAME element, or (5) UTF-7 text in an HTTP-EQUIV="CONTENT-TYPE" META element. | 4.3 |
2012-08-12 | CVE-2012-2584 | Altn | Cross-Site Scripting vulnerability in Altn Mdaemon 12.5.4 Multiple cross-site scripting (XSS) vulnerabilities in Alt-N MDaemon Free 12.5.4 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) the Cascading Style Sheets (CSS) expression property in conjunction with a CSS comment within the STYLE attribute of an IMG element, (2) the CSS expression property in conjunction with multiple CSS comments within the STYLE attribute of an arbitrary element, or (3) an innerHTML attribute within an XML document. | 4.3 |
2012-08-12 | CVE-2012-2577 | Solarwinds | Cross-Site Scripting vulnerability in Solarwinds Orion Network Performance Monitor Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) before 10.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) syslocation, (2) syscontact, or (3) sysName field of an snmpd.conf file. | 4.3 |
2012-08-12 | CVE-2012-4247 | Phplist | Cross-Site Scripting vulnerability in PHPlist Multiple cross-site scripting (XSS) vulnerabilities in lists/admin/index.php in phpList before 2.10.19 allow remote attackers to inject arbitrary web script or HTML via the (1) remote_user, (2) remote_database, (3) remote_userprefix, (4) remote_password, or (5) remote_prefix parameter to the import4 page; or the (6) id parameter to the bouncerule page. | 4.3 |
2012-08-12 | CVE-2012-4246 | Phplist | Cross-Site Scripting vulnerability in PHPlist Multiple cross-site scripting (XSS) vulnerabilities in lists/admin/index.php in phpList before 2.10.19 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter; or the (2) footer, (3) status, or (4) testtarget parameter in the send page. | 4.3 |
2012-08-10 | CVE-2012-4071 | Rsgallery2 Joomla | Cross-Site Scripting vulnerability in Rsgallery2 COM Rsgallery2 Cross-site scripting (XSS) vulnerability in the comments module in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to inject arbitrary web script or HTML via crafted BBCode markup in a comment. | 4.3 |
2012-08-10 | CVE-2012-3465 | Rubyonrails | Cross-Site Scripting vulnerability in Rubyonrails Rails and Ruby ON Rails Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in the strip_tags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup. | 4.3 |
2012-08-10 | CVE-2012-3464 | Rubyonrails | Cross-Site Scripting vulnerability in Rubyonrails Rails and Ruby ON Rails Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a ' (quote) character. | 4.3 |
2012-08-10 | CVE-2012-3463 | Rubyonrails | Cross-Site Scripting vulnerability in Rubyonrails Rails and Ruby ON Rails Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the prompt field to the select_tag helper. | 4.3 |
2012-08-08 | CVE-2012-4004 | Fenrir INC | Cross-Site Scripting vulnerability in Fenrir-Inc Sleipnir Mobile Cross-site scripting (XSS) vulnerability in the Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile Black Edition application 2.2.0 and earlier for Android allows remote attackers to inject arbitrary web script or HTML via a crafted application that interacts with an unspecified Sleipnir Mobile function. | 4.3 |
2012-08-08 | CVE-2012-2960 | HP | Cross-Site Scripting vulnerability in HP products Cross-site scripting (XSS) vulnerability in the import functionality in HP ArcSight Connector appliance 6.2.0.6244.0 and ArcSight Logger appliance 5.2.0.6288.0 allows remote attackers to inject arbitrary web script or HTML via a crafted file. | 4.3 |
2012-08-07 | CVE-2012-3438 | Graphicsmagick | Buffer Errors vulnerability in Graphicsmagick 1.3.16 The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation. | 4.3 |
2012-08-07 | CVE-2012-3437 | Imagemagick | Denial of Service vulnerability in Imagemagick 6.7.86 The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation. | 4.3 |
2012-08-07 | CVE-2012-3413 | KDE | Configuration vulnerability in KDE PIM 4.6/4.8 The HTMLQuoteColorer::process function in messageviewer/htmlquotecolorer.cpp in KDE PIM 4.6 through 4.8 does not disable JavaScript, Java, and Plugins, which allows remote attackers to inject arbitrary web script or HTML via a crafted email. | 4.3 |
2012-08-07 | CVE-2012-2648 | Goodiware | Cross-site Scripting vulnerability in Goodiware Goodreader Cross-site scripting (XSS) vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser. | 4.3 |
2012-08-07 | CVE-2012-2317 | Debian Canonical | Cryptographic Issues vulnerability in multiple products The Debian php_crypt_revamped.patch patch for PHP 5.3.x, as used in the php5 package before 5.3.3-7+squeeze4 in Debian GNU/Linux squeeze, the php5 package before 5.3.2-1ubuntu4.17 in Ubuntu 10.04 LTS, and the php5 package before 5.3.5-1ubuntu7.10 in Ubuntu 11.04, does not properly handle an empty salt string, which might allow remote attackers to bypass authentication by leveraging an application that relies on the PHP crypt function to choose a salt for password hashing. | 4.3 |
2012-08-07 | CVE-2012-2022 | HP | Cross-Site Scripting vulnerability in HP Network Node Manager I Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2012-08-06 | CVE-2012-1361 | Cisco | Information Exposure vulnerability in Cisco IOS 15.1/15.2 Cisco IOS 15.1 and 15.2, when the Multicast Music-on-Hold (MMoH) feature of Cisco Unified Communications Manager (CUCM) is enabled, allows remote attackers to obtain sensitive crosstalk information by listening during a PSTN call, aka Bug ID CSCtx77750. | 4.3 |
2012-08-06 | CVE-2012-4146 | Opera | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opera Browser Opera before 12.01 allows remote attackers to cause a denial of service (application crash) via a crafted web site, as demonstrated by the Lenovo "Shop now" page. | 4.3 |
2012-08-06 | CVE-2012-4144 | Opera Linux Microsoft Apple | Cross-Site Scripting vulnerability in Opera Browser Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, does not properly escape characters in DOM elements, which makes it easier for remote attackers to bypass cross-site scripting (XSS) protection mechanisms via a crafted HTML document. | 4.3 |
2012-08-06 | CVE-2012-4142 | Opera Linux Microsoft Apple | Cross-Site Scripting vulnerability in Opera Browser Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, ignores some characters in HTML documents in unspecified circumstances, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document. | 4.3 |
2012-08-06 | CVE-2012-3867 | Puppet Puppetlabs Debian Canonical Opensuse Suse | Permissions, Privileges, and Access Controls vulnerability in multiple products lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request (CSR), which makes it easier for user-assisted remote attackers to trick administrators into signing a crafted agent certificate via ANSI control sequences. | 4.3 |
2012-08-06 | CVE-2011-4447 | Bitcoin | Cryptographic Issues vulnerability in Bitcoin Core and Wxbitcoin The "encrypt wallet" feature in wxBitcoin and bitcoind 0.4.x before 0.4.1, and 0.5.0rc, does not properly interact with the deletion functionality of BSDDB, which allows context-dependent attackers to obtain unencrypted private keys from Bitcoin wallet files by bypassing the BSDDB interface and reading entries that are marked for deletion. | 4.3 |
2012-08-06 | CVE-2012-2500 | Cisco | Cryptographic Issues vulnerability in Cisco Anyconnect Secure Mobility Client 3.0/3.0.0629/3.0.07059 Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not verify the certificate name in an X.509 certificate during WebLaunch of IPsec, which allows man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz29470. | 4.0 |
2012-08-06 | CVE-2012-2498 | Cisco | Improper Authentication vulnerability in Cisco Anyconnect Secure Mobility Client Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.08066 does not ensure that authentication makes use of a legitimate certificate, which allows user-assisted man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz29197. | 4.0 |
2012-08-06 | CVE-2012-3864 | Puppet Puppetlabs | Information Exposure vulnerability in multiple products Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request. | 4.0 |
2012-08-06 | CVE-2012-1365 | Cisco | Unspecified vulnerability in Cisco Unified Computing System Infrastructure and Unified Computing System Software 1.4(1J)/2.0(1Q) Cisco Unified Computing System (UCS) 1.4 and 2.0 allows remote authenticated users to cause a denial of service (device reload) via a malformed SNMP request to a Fabric Interconnect (FI) device, aka Bug ID CSCts32463. | 4.0 |
2012-08-06 | CVE-2012-1364 | Cisco | Unspecified vulnerability in Cisco Unified Computing System Infrastructure and Unified Computing System Software 1.4(1J)/2.0(1Q) Cisco Unified Computing System (UCS) 1.4 and 2.0 allows remote authenticated users to cause a denial of service (device reload) via a malformed SNMP request to a Fabric Interconnect (FI) device, aka Bug ID CSCts32452. | 4.0 |
16 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-08-07 | CVE-2012-3454 | Extplorer | Permissions, Privileges, and Access Controls vulnerability in Extplorer 2.1.0 eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/extplorer/ftp_tmp directory, which allows local users to delete or overwrite arbitrary files. | 3.6 |
2012-08-07 | CVE-2012-3453 | Debian | Permissions, Privileges, and Access Controls vulnerability in Debian Logol 1.5.0 logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows local users to delete or overwrite arbitrary files. | 3.6 |
2012-08-07 | CVE-2012-3449 | Openvswitch | Permissions, Privileges, and Access Controls vulnerability in Openvswitch 1.4.2 Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files. | 3.6 |
2012-08-12 | CVE-2012-3476 | Ushahidi | Cross-Site Scripting vulnerability in Ushahidi Platform Multiple cross-site scripting (XSS) vulnerabilities in (1) application/views/admin/layout.php and (2) themes/default/views/header.php in the Ushahidi Platform before 2.5 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to a site name. | 3.5 |
2012-08-07 | CVE-2012-3445 | Redhat | Resource Management Errors vulnerability in Redhat Libvirt 0.9.13 The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams set to zero, which triggers an out-of-bounds read or a free of an invalid pointer. | 3.5 |
2012-08-06 | CVE-2012-1344 | Cisco | Buffer Errors vulnerability in Cisco IOS 15.1/15.2 Cisco IOS 15.1 and 15.2, when a clientless SSL VPN is configured, allows remote authenticated users to cause a denial of service (device reload) by using a web browser to refresh the SSL VPN portal page, as demonstrated by the Android browser, aka Bug ID CSCtr86328. | 3.5 |
2012-08-06 | CVE-2012-3865 | Puppet Puppetlabs | Path Traversal vulnerability in multiple products Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. | 3.5 |
2012-08-06 | CVE-2012-1370 | Cisco | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Anyconnect Secure Mobility Client 3.0/3.0.0629/3.0.07059 Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 allows remote authenticated users to cause a denial of service (vpnagentd process crash) via a crafted packet, aka Bug ID CSCty01670. | 3.5 |
2012-08-07 | CVE-2012-3452 | Gnome | Permissions, Privileges, and Access Controls vulnerability in Gnome Screensaver gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when multiple screens are used, only locks the screen with the active focus, which allows physically proximate attackers to bypass screen locking and access an unattended workstation. | 3.3 |
2012-08-12 | CVE-2012-3952 | Phplist | Cross-Site Scripting vulnerability in PHPlist Cross-site scripting (XSS) vulnerability in admin/index.php in phpList before 2.10.19 allows remote attackers to inject arbitrary web script or HTML via the unconfirmed parameter to the user page. | 2.6 |
2012-08-06 | CVE-2012-3450 | PHP | Unspecified vulnerability in PHP pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted parameter value. | 2.6 |
2012-08-06 | CVE-2012-3408 | Puppetlabs Puppet | Improper Authentication vulnerability in multiple products lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, supports use of IP addresses in certnames without warning of potential risks, which might allow remote attackers to spoof an agent by acquiring a previously used IP address. | 2.6 |
2012-08-12 | CVE-2012-3457 | Pnp4Nagios | Permissions, Privileges, and Access Controls vulnerability in Pnp4Nagios PNP4Nagios 0.6 through 0.6.16 uses world-readable permissions for process_perfdata.cfg, which allows local users to obtain the Gearman shared secret by reading the file. | 2.1 |
2012-08-08 | CVE-2012-0421 | Novell | Information Exposure vulnerability in Novell Suse Audit LOG Keeper 0.2.1 The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager and Spacewalk uses world-readable permissions for /etc/auditlog-keeper.conf, which allows local users to obtain passwords by reading this file. | 2.1 |
2012-08-08 | CVE-2011-4922 | Pidgin | Information Exposure vulnerability in Pidgin cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents. | 2.1 |
2012-08-06 | CVE-2012-3866 | Puppet Puppetlabs | Permissions, Privileges, and Access Controls vulnerability in multiple products lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sensitive configuration information by leveraging access to the puppet master server to read this file. | 2.1 |