Weekly Vulnerabilities Reports > August 27 to September 2, 2012
Overview
101 new vulnerabilities reported during this period, including 11 critical vulnerabilities and 12 high severity vulnerabilities. This weekly summary report vulnerabilities in 91 products from 74 vendors including Drupal, Mozilla, Symantec, OBM, and IBM. Vulnerabilities are notably categorized as "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "SQL Injection", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Code Injection".
- 89 reported vulnerabilities are remotely exploitables.
- 16 reported vulnerabilities have public exploit available.
- 37 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 91 reported vulnerabilities are exploitable by an anonymous user.
- Drupal has the most reported vulnerabilities, with 12 reported vulnerabilities.
- Mozilla has the most reported critical vulnerabilities, with 3 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
11 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-08-30 | CVE-2012-3136 | Oracle | Remote Code Execution vulnerability in Oracle JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-1682. | 10.0 |
2012-08-30 | CVE-2012-1682 | Oracle | Remote Code Execution vulnerability in Oracle JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. | 10.0 |
2012-08-30 | CVE-2011-5133 | Mybb | Multiple Security vulnerability in MyBB Unspecified vulnerability in MyBB before 1.6.5 has unknown impact and attack vectors, related to an "unparsed user avatar in the buddy list." | 10.0 |
2012-08-30 | CVE-2012-3254 | HP | Unspecified vulnerability in HP Inode Management Center PC 5.0/5.1 Multiple unspecified vulnerabilities in HP iNode Management Center before iNode PC 5.1 E0304 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by a stack-based buffer overflow in iNodeMngChecker.exe for a crafted 0x0A0BF007 packet. | 10.0 |
2012-08-30 | CVE-2012-3253 | HP | Unspecified vulnerability in HP Intelligent Management Center 5.0 Multiple unspecified vulnerabilities in HP Intelligent Management Center (IMC) before 5.0 E0101P05 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by an integer overflow and heap-based buffer overflow in img.exe for a crafted message packet. | 10.0 |
2012-08-29 | CVE-2012-3971 | Mozilla | Buffer Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) Pass::readPass functions. | 10.0 |
2012-08-31 | CVE-2010-5194 | Viscomsoft | Buffer Errors vulnerability in Viscomsoft Image Viewer CP Gold SDK and Image Viewer CP PRO SDK Stack-based buffer overflow in the Image2PDF function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0, Gold 5.5, Gold 6.0, and earlier allows remote attackers to execute arbitrary code via a long strPDFFile parameter. | 9.3 |
2012-08-31 | CVE-2010-5193 | Viscomsoft | Buffer Errors vulnerability in Viscomsoft Image Viewer CP Gold SDK and Image Viewer CP PRO SDK Stack-based buffer overflow in the TIFMergeMultiFiles function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0 and Gold 6.0 allows remote attackers to execute arbitrary code via a long strDelimit parameter. | 9.3 |
2012-08-31 | CVE-2012-4170 | Adobe | Buffer Errors vulnerability in Adobe Photoshop CS6 13.0 Buffer overflow in Adobe Photoshop CS6 13.x before 13.0.1 allows remote attackers to execute arbitrary code via a crafted file. | 9.3 |
2012-08-29 | CVE-2012-3965 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window. | 9.3 |
2012-08-29 | CVE-2012-1971 | Mozilla | Memory Corruption vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to garbage collection after certain MethodJIT execution, and unknown other vectors. | 9.3 |
12 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-08-29 | CVE-2012-3579 | Symantec | Permissions, Privileges, and Access Controls vulnerability in Symantec Messaging Gateway Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session. | 7.9 |
2012-08-29 | CVE-2012-3580 | Symantec | Security Bypass vulnerability in Symantec Messaging Gateway Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface. | 7.7 |
2012-08-29 | CVE-2012-3973 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox The debugger in the developer-tools subsystem in Mozilla Firefox before 15.0, when remote debugging is disabled, does not properly restrict access to the remote-debugging service, which allows remote attackers to execute arbitrary code by leveraging the presence of the HTTPMonitor extension and connecting to that service through the HTTPMonitor port. | 7.6 |
2012-08-31 | CVE-2012-4743 | EOS PE Zeroboard | SQL Injection vulnerability in Eos.Pe Siche Search Module 0.5 Multiple SQL injection vulnerabilities in ssearch.php in Siche search module 0.5 for Zeroboard allow remote attackers to execute arbitrary SQL commands via the (1) ss, (2) sm, (3) align, or (4) category parameters. | 7.5 |
2012-08-31 | CVE-2012-4742 | Packetfence | Remote Security vulnerability in Packetfence The web_node_register function in web.pm in PacketFence before 3.0.2 might allow remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
2012-08-31 | CVE-2012-2114 | Etalabs | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Etalabs Musl Stack-based buffer overflow in fprintf in musl before 0.8.8 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string to an unbuffered stream such as stderr. | 7.5 |
2012-08-31 | CVE-2011-4949 | Egroupware | SQL Injection vulnerability in Egroupware and Egroupware Enterprise Line SQL injection vulnerability in phpgwapi/js/dhtmlxtree/samples/with_db/loaddetails.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2012-08-31 | CVE-2011-5140 | DIY CMS | SQL Injection vulnerability in Diy-Cms Blog 1.0 Multiple SQL injection vulnerabilities in the blog module 1.0 for DiY-CMS allow remote attackers to execute arbitrary SQL commands via the (1) start parameter to (a) tags.php, (b) list.php, (c) index.php, (d) main_index.php, (e) viewpost.php, (f) archive.php, (g) control/approve_comments.php, (h) control/approve_posts.php, and (i) control/viewcat.php; and the (2) month and (3) year parameters to archive.php. | 7.5 |
2012-08-31 | CVE-2011-5139 | Preprojects | SQL Injection vulnerability in Preprojects Business Cards Designer SQL injection vulnerability in page.php in Pre Studio Business Cards Designer allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2012-08-31 | CVE-2011-5137 | Tforum | SQL Injection vulnerability in Tforum B0.915 Multiple SQL injection vulnerabilities in tForum b0.915 allow remote attackers to execute arbitrary SQL commands via the (1) TopicID parameter to viewtopic.php, the (2) BoardID parameter to viewboard.php, or (3) CatID parameter to viewcat.php. | 7.5 |
2012-08-28 | CVE-2012-4686 | Vbulletin | SQL Injection vulnerability in Vbulletin 4.1.10 SQL injection vulnerability in announcement.php in vBulletin 4.1.10 allows remote attackers to execute arbitrary SQL commands via the announcementid parameter. | 7.5 |
2012-08-27 | CVE-2012-1934 | Sourcefabric | SQL Injection vulnerability in Sourcefabric Newscoop SQL injection vulnerability in admin/country/edit.php in Newscoop before 3.5.5 and 4.x before 4 RC4 allows remote attackers to execute arbitrary SQL commands via the f_country_code parameter. | 7.5 |
69 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-08-31 | CVE-2012-4746 | ZTE | Cross-Site Request Forgery (CSRF) vulnerability in ZTE Zxdsl 831Iiv7.5.0Az29Ov Cross-site request forgery (CSRF) vulnerability in accessaccount.cgi in ZTE ZXDSL 831IIV7.5.0a_Z29_OV allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the sysPassword parameter. | 6.8 |
2012-08-31 | CVE-2012-2116 | Commerceguys Drupal | Cross-Site Request Forgery (CSRF) vulnerability in Commerceguys Commerce Reorder 7.X1.0/7.X1.X Cross-site request forgery (CSRF) vulnerability in the Commerce Reorder module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that add items to the shopping cart. | 6.8 |
2012-08-31 | CVE-2011-4947 | E107 | Cross-Site Request Forgery (CSRF) vulnerability in E107 Cross-site request forgery (CSRF) vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences via the user_include parameter. | 6.8 |
2012-08-31 | CVE-2011-4946 | E107 | SQL Injection vulnerability in E107 SQL injection vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to execute arbitrary SQL commands via the user_field parameter. | 6.8 |
2012-08-31 | CVE-2011-5148 | Wasen Joomla | Remote Code Execution vulnerability in Wasen MOD Simplefileupload 1.0/1.1/1.3 Multiple incomplete blacklist vulnerabilities in the Simple File Upload (mod_simplefileuploadv1.3) module before 1.3.5 for Joomla! allow remote attackers to execute arbitrary code by uploading a file with a (1) php5, (2) php6, or (3) double (e.g. | 6.8 |
2012-08-31 | CVE-2012-4245 | Gimp | Missing Authorization vulnerability in Gimp The scriptfu network server in GIMP 2.6 does not require authentication, which allows remote attackers to execute arbitrary commands via the python-fu-eval command. | 6.8 |
2012-08-31 | CVE-2012-4009 | Cybozu | Code Injection vulnerability in Cybozu Live 1.0.4 The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. | 6.8 |
2012-08-31 | CVE-2012-4008 | Cybozu | Code Injection vulnerability in Cybozu Live 1.0.4 The Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. | 6.8 |
2012-08-30 | CVE-2011-5131 | Mybb | Cross-Site Request Forgery (CSRF) vulnerability in Mybb Cross-site request forgery (CSRF) vulnerability in global.php in MyBB before 1.6.5 allows remote attackers to hijack the authentication of a user for requests that change the user's language via the language parameter. | 6.8 |
2012-08-30 | CVE-2011-5130 | Haudenschilt | Code Injection vulnerability in Haudenschilt Family Connections CMS dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the argv[1] parameter. | 6.8 |
2012-08-29 | CVE-2012-3309 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Guardium Cross-site request forgery (CSRF) vulnerability in the account-creation panel in IBM InfoSphere Guardium 8.2 and earlier, when the CSRF filtering (aka csrf_status) feature is disabled, allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts. | 6.8 |
2012-08-29 | CVE-2012-2285 | EMC | Improper Authentication vulnerability in EMC products EMC Cloud Tiering Appliance (aka CTA, formerly FMA) 9.0 and earlier, and Cloud Tiering Appliance Virtual Edition (CTA/VE) 9.0 and earlier, allows remote attackers to obtain GUI administrative access by sending a crafted file during the authentication phase. | 6.8 |
2012-08-29 | CVE-2012-0308 | Symantec | Cross-Site Request Forgery (CSRF) vulnerability in Symantec Messaging Gateway Cross-site request forgery (CSRF) vulnerability in Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to hijack the authentication of administrators. | 6.8 |
2012-08-28 | CVE-2012-2085 | Gajim | Code Injection vulnerability in Gajim The exec_command function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute. | 6.8 |
2012-08-27 | CVE-2012-1933 | Sourcefabric | Code Injection vulnerability in Sourcefabric Newscoop Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4 before RC4, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[g_campsiteDir] parameter to (1) include/phorum_load.php, (2) conf/install_conf.php, or (3) conf/liveuser_configuration.php. | 6.8 |
2012-08-30 | CVE-2011-5136 | Epractizelabs | Improper Input Validation vulnerability in Epractizelabs Subscription Manager 1.0 showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwrite arbitrary files via the db parameter. | 6.4 |
2012-08-28 | CVE-2012-1635 | RIK DE Boer Drupal | Permissions, Privileges, and Access Controls vulnerability in RIK DE Boer Revisioning The hook_node_access function in the revisioning module 7.x-1.x before 7.x-1.3 for Drupal checks the permissions of the current user even when it is called to check permissions of other users, which allows remote attackers to bypass intended access restrictions, as demonstrated when using the XML sitemap module to obtain sensitive information about unpublished content. | 6.4 |
2012-08-31 | CVE-2011-5141 | OBM | Path Traversal vulnerability in OBM Open Business Management 2.4.0 Directory traversal vulnerability in exportcsv/exportcsv_index.php in Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. | 6.0 |
2012-08-31 | CVE-2012-4737 | Digium | Permissions, Privileges, and Access Controls vulnerability in Digium Asterisk and Certified Asterisk channels/chan_iax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert7, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 does not enforce ACL rules during certain uses of peer credentials, which allows remote authenticated users to bypass intended outbound-call restrictions by leveraging the availability of these credentials. | 6.0 |
2012-08-30 | CVE-2012-3325 | IBM | Improper Input Validation vulnerability in IBM Websphere Application Server IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.5, and 8.5.x Full Profile before 8.5.0.1, when the PM44303 fix is installed, does not properly validate credentials, which allows remote authenticated users to obtain administrative access via unspecified vectors. | 6.0 |
2012-08-30 | CVE-2011-5135 | Docebo | SQL Injection vulnerability in Docebo Docebolms Multiple SQL injection vulnerabilities in the save_connection function in lib/lib.iotask.php in the iotask module in DoceboLMS 4.0.4 and earlier allow remote authenticated users with admin or teacher privileges to execute arbitrary SQL commands via the (1) coursereportuiconfig[name] or (2) coursereportuiconfig[description] parameters to index.php. | 6.0 |
2012-08-30 | CVE-2011-5134 | Widgetfactorylimited Joomla | File-Upload vulnerability in Com Jce Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif. | 6.0 |
2012-08-28 | CVE-2012-1650 | Giantrobot Drupal | Permissions, Privileges, and Access Controls vulnerability in Giantrobot Zipcart 6.X1.2/6.X1.3/6.X1.X The ZipCart module 6.x before 6.x-1.4 for Drupal checks the "access content" permission instead of the "access ZipCart downloads" permission when building archives, which allows remote authenticated users with access content permission to bypass intended access restrictions. | 6.0 |
2012-08-28 | CVE-2012-1641 | Danielb Drupal | Permissions, Privileges, and Access Controls vulnerability in Danielb Finder The finder_import function in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote authenticated users with the administer finder permission to execute arbitrary PHP code via admin/build/finder/import. | 6.0 |
2012-08-31 | CVE-2011-4951 | Egroupware | Input Validation vulnerability in eGroupware Open redirect vulnerability in phpgwapi/ntlm/index.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter. | 5.8 |
2012-08-31 | CVE-2011-5145 | OBM | SQL Injection vulnerability in OBM Open Business Management 2.4.0 Multiple SQL injection vulnerabilities in Open Business Management (OBM) 2.4.0-rc13 and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sel_domain_id or (2) action parameter to obm.php; (3) tf_user parameter in a search action to group/group_index.php; (4) tf_delegation, (5) tf_ip, (6) tf_name to host/host_index.php; or (7) lang, (8) theme, (9) cal_alert, (10) cal_first_hour, (11) cal_interval, (12) cal_last_hour, (13) commentorder, (14) csv_sep, (15) date, (16) date_upd, (17) debug_exe, (18) debug_id, (19) debug_param, (20) debug_sess, (21) debug_solr, (22) debug_sql, (23) dsrc, (24) menu, (25) rows, (26) sel_display_days, (27) timeformat, (28) timezone, or (29) todo parameter to settings/settings_index.php. | 5.5 |
2012-08-31 | CVE-2012-4741 | Packetfence | Improper Authentication vulnerability in Packetfence The RADIUS extension in PacketFence before 3.3.0 uses a different user name than is used for authentication for users with custom VLAN assignment extensions, which allows remote attackers to spoof user identities via the User-Name RADIUS attribute. | 5.0 |
2012-08-31 | CVE-2011-4948 | Egroupware | Path Traversal vulnerability in Egroupware and Egroupware Enterprise Line Directory traversal vulnerability in admin/remote.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in the type parameter. | 5.0 |
2012-08-31 | CVE-2011-5147 | Freewebshop | Code Injection vulnerability in Freewebshop Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a call to ajax_file_cut.php and then to ajax_save_name.php. | 5.0 |
2012-08-31 | CVE-2011-5144 | OBM | Permissions, Privileges, and Access Controls vulnerability in OBM Open Business Management 2.4.0 Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote attackers to obtain configuration information via a direct request to test.php, which calls the phpinfo function. | 5.0 |
2012-08-31 | CVE-2012-3534 | Opensuse Gnugk | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows remote attackers to cause a denial of service (connection and thread consumption) via a large number of connections. | 5.0 |
2012-08-31 | CVE-2012-3533 | Ovirt Ovirt Engine SDK | Cryptographic Issues vulnerability in multiple products The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys, which allows remote attackers to spoof a server via a man-in-the-middle (MITM) attack. | 5.0 |
2012-08-31 | CVE-2012-2704 | John Franklin Drupal | Permissions, Privileges, and Access Controls vulnerability in John Franklin Advertisement The Advertisement module 6.x-2.x before 6.x-2.3 for Drupal does not properly restrict access to debug information, which allows remote attackers to obtain sensitive site configuration information that is specified by the $conf variable in settings.php. | 5.0 |
2012-08-31 | CVE-2012-4171 | Adobe Linux Apple Microsoft | Remote Denial of Service vulnerability in Adobe Flash Player and AIR Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to cause a denial of service (application crash) by leveraging a logic error during handling of Firefox dialogs. | 5.0 |
2012-08-30 | CVE-2011-5129 | Xchat | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xchat Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string. | 5.0 |
2012-08-30 | CVE-2012-4010 | Opera | Address Bar URI Spoofing vulnerability in Opera Web Browser Opera before 11.60 allows remote attackers to spoof the address bar via unspecified homograph characters, a different vulnerability than CVE-2010-2660. | 5.0 |
2012-08-29 | CVE-2012-3312 | IBM | Cryptographic Issues vulnerability in IBM Infosphere Guardium The datasource definition editor in IBM InfoSphere Guardium 8.2 and earlier, when the save-password setting is enabled, transmits cleartext database credentials, which allows remote attackers to obtain sensitive information by sniffing the network. | 5.0 |
2012-08-28 | CVE-2012-1643 | Jason Savino Drupal | Permissions, Privileges, and Access Controls vulnerability in Jason Savino FP 7.X1.0/7.X1.1 The Faster Permissions module 7.x-2.x before 7.x-1.2 for Drupal does not check the "administer permissions" permission, which allows remote attackers to modify access permissions via unspecified vectors. | 5.0 |
2012-08-28 | CVE-2012-1642 | Yaml Fuer Drupal Drupal | Permissions, Privileges, and Access Controls vulnerability in Yaml-Fuer-Drupal Linkchecker includes/linkchecker.pages.inc in the Link checker module 6.x-2.x before 6.x-2.5 for Drupal does not properly enforce access permissions on broken links, which allows remote attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2012-08-27 | CVE-2012-3467 | Apache | Improper Authentication vulnerability in Apache Qpid Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication. | 5.0 |
2012-08-29 | CVE-2011-4578 | Tedfelix | Permissions, Privileges, and Access Controls vulnerability in Tedfelix Acpid2 event.c in acpid (aka acpid2) before 2.0.11 does not have an appropriate umask setting during execution of event-handler scripts, which might allow local users to (1) perform write operations within directories created by a script, or (2) read files created by a script, via standard filesystem system calls. | 4.6 |
2012-08-27 | CVE-2012-3410 | GNU | Buffer Errors vulnerability in GNU Bash 4.2 Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix. | 4.6 |
2012-08-29 | CVE-2011-2777 | Tedfelix | Permissions, Privileges, and Access Controls vulnerability in Tedfelix Acpid2 samples/powerbtn/powerbtn.sh in acpid (aka acpid2) 2.0.16 and earlier uses the pidof program incorrectly, which allows local users to gain privileges by running a program with the name kded4 and a DBUS_SESSION_BUS_ADDRESS environment variable containing commands. | 4.4 |
2012-08-31 | CVE-2012-4744 | EOS PE Zeroboard | Cross-Site Scripting vulnerability in Eos.Pe Siche Search Module 0.5 Cross-site scripting (XSS) vulnerability in ssearch.php in the Siche search module 0.5 for Zeroboard allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 4.3 |
2012-08-31 | CVE-2012-4740 | Packetfence | Cross-Site Scripting vulnerability in Packetfence Cross-site scripting (XSS) vulnerability in the captive portal in PacketFence before 3.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2012-08-31 | CVE-2012-2117 | Yaniv Aran Shamir Drupal | Cross-Site Scripting vulnerability in Yaniv Aran-Shamir Gigya Cross-site scripting (XSS) vulnerability in the Gigya - Social optimization module 6.x before 6.x-3.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2012-08-31 | CVE-2012-2083 | Fusiondrupalthemes Drupal | Cross-Site Scripting vulnerability in Fusiondrupalthemes Fusion 6.X1.0/6.X1.1/6.X1.12 Cross-site scripting (XSS) vulnerability in the fusion_core_preprocess_page function in fusion_core/template.php in the Fusion module before 6.x-1.13 for Drupal allows remote attackers to inject arbitrary web script or HTML via the q parameter. | 4.3 |
2012-08-31 | CVE-2011-4950 | Egroupware | Cross-Site Scripting vulnerability in Egroupware and Egroupware Enterprise Line Cross-site scripting (XSS) vulnerability in phpgwapi/js/jscalendar/test.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | 4.3 |
2012-08-31 | CVE-2011-5150 | Spamtitan | Cross-Site Scripting vulnerability in Spamtitan Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07 and possibly earlier allow remote attackers or authenticated users to inject arbitrary web script or HTML via the (1) ipaddress or (2) domain parameter to setup-network.php, different vectors than CVE-2011-5149. | 4.3 |
2012-08-31 | CVE-2011-5149 | Spamtitan | Cross-Site Scripting vulnerability in Spamtitan Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.08 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) testaddr or (2) testpass parameter to auth-settings.php; (3) hostname, (4) domainname, or (5) mailserver parameter to setup-relay.php; or (6) subnetmask or (7) defaultroute parameter to setup-network.php. | 4.3 |
2012-08-31 | CVE-2011-5143 | OBM | Cross-Site Scripting vulnerability in OBM Open Business Management Multiple cross-site scripting (XSS) vulnerabilities in Open Business Management (OBM) 2.3.20 and probably earlier allow remote attackers to inject arbitrary web script or HTML via the (1) tf_name, (2) tf_delegation, and (3) tf_ip parameters to index.php. | 4.3 |
2012-08-31 | CVE-2011-5142 | OBM | Cross-Site Scripting vulnerability in OBM Open Business Management 2.4.0 Multiple cross-site scripting (XSS) vulnerabilities in Open Business Management (OBM) 2.4.0-rc13 and probably earlier allow remote attackers to inject arbitrary web script or HTML via the (1) tf_delegation, (2) tf_ip, or (3) tf_name parameter in a search action to host/host_index.php; (4) login parameter to obm.php; or (5) tf_user parameter in a search action to group/group_index.php. | 4.3 |
2012-08-31 | CVE-2011-5138 | Tforum | Cross-Site Scripting vulnerability in Tforum B0.915 Cross-site scripting (XSS) vulnerability in member.php in tForum b0.915 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a viewprofile action. | 4.3 |
2012-08-31 | CVE-2012-4739 | Barracudanetworks | Cross-Site Scripting vulnerability in Barracudanetworks Barracuda SSL VPN 1.2.6.004/1.5.0.29 Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories.do; (4) list or (5) path parameter to fileSystem.do; or (6) return-To parameter to launchAgent.do. | 4.3 |
2012-08-30 | CVE-2012-3548 | Wireshark | Resource Management Errors vulnerability in Wireshark The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file. | 4.3 |
2012-08-30 | CVE-2011-5132 | Mybb | Cross-Site Scripting vulnerability in Mybb Cross-site scripting (XSS) vulnerability in MyBB before 1.6.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "usernames via AJAX." | 4.3 |
2012-08-30 | CVE-2011-1398 | PHP | Improper Input Validation vulnerability in PHP The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome. | 4.3 |
2012-08-29 | CVE-2012-3295 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere MQ 7.1 IBM WebSphere MQ 7.1, when an SVRCONN channel is used, allows remote attackers to bypass the security-configuration setup step and obtain queue-manager access via unspecified vectors. | 4.3 |
2012-08-29 | CVE-2012-3975 | Mozilla | Information Exposure vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The DOMParser component in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 loads subresources during parsing of text/html data within an extension, which allows remote attackers to obtain sensitive information by providing crafted data to privileged extension code. | 4.3 |
2012-08-29 | CVE-2012-1956 | Mozilla | Cross-Site Scripting vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use of the Object.defineProperty method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin. | 4.3 |
2012-08-29 | CVE-2012-0307 | Symantec | Cross-Site Scripting vulnerability in Symantec Messaging Gateway Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messaging Gateway (SMG) before 10.0 allow remote attackers to inject arbitrary web script or HTML via (1) web content or (2) e-mail content. | 4.3 |
2012-08-29 | CVE-2011-4918 | Elxis | Cross-Site Scripting vulnerability in Elxis CMS 2009.2/2009.3 Multiple cross-site scripting (XSS) vulnerabilities in Elxis CMS 2009.2, 2009.3 and 2009.3 Aphrodite before revision 2684 allow remote attackers to inject arbitrary web script or HTML via the (1) task parameter to elxis/index.php, and (2) PATH_INFO to elxis/administrator/index.php. | 4.3 |
2012-08-28 | CVE-2012-4685 | Arbornetworks | Cross-Site Scripting vulnerability in Arbornetworks Peakflow SP 5.1.1/5.5/5.6.0 Cross-site scripting (XSS) vulnerability in Arbor Networks Peakflow SP 5.1.1 before patch 6, 5.5 before patch 4, and 5.6.0 before patch 1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index. | 4.3 |
2012-08-28 | CVE-2012-1647 | Mediafront Drupal | Cross-Site Scripting vulnerability in Mediafront Multiple cross-site scripting (XSS) vulnerabilities in the "stand alone PHP application for the OSM Player," as used in the MediaFront module 6.x-1.x before 6.x-1.5 and 7.x-1.x before 7.x-1.5 for Drupal, allow remote attackers to inject arbitrary web script or HTML via (1) $_SERVER['HTTP_HOST'] or (2) $_SERVER['SCRIPT_NAME'] to players/osmplayer/player/OSMPlayer.php, (3) playlist parameter to players/osmplayer/player/getplaylist.php, and possibly other vectors related to $_SESSION. | 4.3 |
2012-08-27 | CVE-2012-4680 | Ioserver | Path Traversal vulnerability in Ioserver 1.0.18.0 Directory traversal vulnerability in the XML Server in IOServer before 1.0.19.0, when the Root Directory pathname lacks a trailing \ (backslash) character, allows remote attackers to read arbitrary files or list arbitrary directories via a .. | 4.3 |
2012-08-27 | CVE-2012-4679 | Sourcefabric | Cross-Site Scripting vulnerability in Sourcefabric Newscoop Cross-site scripting (XSS) vulnerability in admin/login.php in Newscoop before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the f_user_name parameter. | 4.3 |
2012-08-27 | CVE-2012-2129 | Andreas Gohr | Cross-Site Scripting vulnerability in Andreas Gohr Dokuwiki 20120125 Cross-site scripting (XSS) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote attackers to inject arbitrary web script or HTML via the target parameter in an edit action. | 4.3 |
2012-08-27 | CVE-2012-2112 | Typo3 | Cross-Site Scripting vulnerability in Typo3 Cross-site scripting (XSS) vulnerability in the Exception Handler in TYPO3 4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7 allows remote attackers to inject arbitrary web script or HTML via exception messages. | 4.3 |
2012-08-27 | CVE-2012-1935 | Sourcefabric | Cross-Site Scripting vulnerability in Sourcefabric Newscoop Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4.x before 4 RC4 allow remote attackers to inject arbitrary web script or HTML via the (1) Back parameter to admin/ad.php, or the (2) token or (3) f_email parameter to admin/password_check_token.php. | 4.3 |
9 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-08-31 | CVE-2012-3378 | Gnome | Cryptographic Issues vulnerability in Gnome At-Spi2-Atk 2.5.2 The register_application function in atk-adaptor/bridge.c in GNOME at-spi2-atk 2.5.2 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack on a temporary socket file in /tmp/at-spi2. | 3.3 |
2012-08-29 | CVE-2012-4736 | Sophos | Permissions, Privileges, and Access Controls vulnerability in Sophos Safeguard Enterprise 6.0 The Device Encryption Client component in Sophos SafeGuard Enterprise 6.0, when a volume-based encryption policy is enabled in conjunction with a user-defined key, does not properly block use of exFAT USB flash drives, which makes it easier for local users to bypass intended access restrictions and copy sensitive information to a drive via multiple removal and reattach operations. | 3.3 |
2012-08-29 | CVE-2012-3581 | Symantec | Information Exposure vulnerability in Symantec Messaging Gateway Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vectors. | 3.3 |
2012-08-31 | CVE-2011-5146 | Ingumadev | Link Following vulnerability in Ingumadev Bokken 1.5 Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot. | 2.6 |
2012-08-28 | CVE-2012-1645 | Wimleers Drupal | Information Exposure vulnerability in Wimleers CDN 6.X2.2/7.X2.2 The CDN module 6.x-2.2 and 7.x-2.2 for Drupal, when running in Origin Pull mode with the "Far Future expiration" option enabled, allows remote attackers to read arbitrary PHP files via unspecified vectors, as demonstrated by reading settings.php. | 2.6 |
2012-08-31 | CVE-2012-3478 | Pizzashack | Permissions, Privileges, and Access Controls vulnerability in Pizzashack Rssh rssh 2.3.3 and earlier allows local users to bypass intended restricted shell access via crafted environment variables in the command line. | 2.1 |
2012-08-28 | CVE-2012-1644 | Gizra Drupal | Permissions, Privileges, and Access Controls vulnerability in Gizra OG Vocab 6.X1.0/6.X1.1/6.X1.X The Organic Groups (OG) Vocabulary module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with certain administrator permissions to modify the vocabularies of other groups via unspecified vectors. | 2.1 |
2012-08-27 | CVE-2012-1586 | Debian | Information Exposure vulnerability in Debian Cifs-Utils 2.6 mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message. | 2.1 |
2012-08-27 | CVE-2011-4944 | Python | Permissions, Privileges, and Access Controls vulnerability in Python Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file. | 1.9 |