Weekly Vulnerabilities Reports > September 3 to 9, 2012

Overview

217 new vulnerabilities reported during this period, including 11 critical vulnerabilities and 13 high severity vulnerabilities. This weekly summary report vulnerabilities in 190 products from 140 vendors including Owncloud, Joomla, Typo3, Drupal, and Mediawiki. Vulnerabilities are notably categorized as "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Cross-Site Request Forgery (CSRF)", "Information Exposure", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 113 reported vulnerabilities are remotely exploitables.
  • 29 reported vulnerabilities have public exploit available.
  • 44 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 201 reported vulnerabilities are exploitable by an anonymous user.
  • Owncloud has the most reported vulnerabilities, with 11 reported vulnerabilities.
  • Wago has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

11 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-09-07 CVE-2012-4879 Wago Credentials Management vulnerability in Wago I/O System 758 Industrial PC Device

The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices has a default password of wago for the (1) root and (2) admin accounts, (3) a default password of user for the user account, and (4) a default password of guest for the guest account, which makes it easier for remote attackers to obtain login access via a TELNET session, a different vulnerability than CVE-2012-3013.

10.0
2012-09-07 CVE-2012-3013 Wago Credentials Management vulnerability in Wago I/O System 758 Industrial PC Device

WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices have default passwords for unspecified Web Based Management accounts, which makes it easier for remote attackers to obtain administrative access via a TCP session.

10.0
2012-09-06 CVE-2012-4876 Trendnet Buffer Errors vulnerability in Trendnet products

Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the OpenFileDlg method.

10.0
2012-09-06 CVE-2012-4874 Awpcp
Wordpress
Image Upload vulnerability in Wordpress Another WordPress Classifieds Plugin

Unspecified vulnerability in the Another WordPress Classifieds Plugin before 2.0 for WordPress has unknown impact and attack vectors related to "image uploads."

10.0
2012-09-04 CVE-2012-0275 Adobe Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Photoshop Cs5.5 and Photoshop CS6

Heap-based buffer overflow in Photoshop.exe in Adobe Photoshop CS5 12.x before 12.0.5, CS5.1 12.1.x before 12.1.1, and CS6 13.x before 13.0.1 allows remote attackers to execute arbitrary code via a crafted TIFF image with SGI24LogLum compression.

10.0
2012-09-08 CVE-2012-4011 Cybozu OS Command Injection vulnerability in Cybozu Kunai 2.0.5

The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site.

9.3
2012-09-07 CVE-2011-5158 Datev Untrusted Search Path vulnerability in Datev Grundpaket Basis Cd23.20

Multiple untrusted search path vulnerabilities in the DMTGUI2.EXE and DvInesLogFileViewer.Exe components in DATEV Grundpaket Basis CD23.20 allow local users to gain privileges via a Trojan horse (1) DVBSKNLANG101.dll or (2) DvZediTermSrvInfo004.dll file in the current working directory, as demonstrated by a directory that contains a .dmt, .adl, .c02, .dof, or .jrf file.

9.3
2012-09-06 CVE-2012-4875 Artifex Buffer Errors vulnerability in Artifex GPL Ghostscript 9.04

** DISPUTED ** Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document.

9.3
2012-09-06 CVE-2012-4865 Oreans Buffer Errors vulnerability in Oreans Themida 2.1.8.0

Buffer overflow in Oreans Themida 2.1.8.0 allows remote attackers to execute arbitrary code via a crafted .TMD file.

9.3
2012-09-06 CVE-2012-4864 Oreans Code Injection vulnerability in Oreans Winlicense 2.1.8.0

Oreans WinLicense 2.1.8.0 allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted xml file.

9.3
2012-09-04 CVE-2012-2288 EMC USE of Externally-Controlled Format String vulnerability in EMC Networker 7.6.3/7.6.4/8.0

Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message.

9.3

13 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-09-05 CVE-2010-4818 X ORG Improper Input Validation vulnerability in X.Org 1.7.7

The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a client swap in glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the screen field in a request to glx/glxcmds.c.

8.5
2012-09-05 CVE-2012-3012 Arbiter Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Arbiter Power Sentinel and Power Sentinel 1133A Firmware

The Arbiter Power Sentinel 1133A device with firmware before 11Jun2012 Rev 421 allows remote attackers to cause a denial of service (Ethernet outage) via unspecified Ethernet traffic that fills a buffer, as demonstrated by a port scan.

7.8
2012-09-04 CVE-2012-3014 Garrettcom Credentials Management vulnerability in Garrettcom products

The Management Software application in GarrettCom Magnum MNS-6K before 4.4.0, and 14.x before 14.4.0, has a hardcoded password for an administrative account, which allows local users to gain privileges via unspecified vectors.

7.7
2012-09-09 CVE-2012-2115 Open EMR SQL Injection vulnerability in Open-Emr Openemr

SQL injection vulnerability in interface/login/validateUser.php in OpenEMR 4.1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the u parameter.

7.5
2012-09-09 CVE-2012-1911 Chatelao SQL Injection vulnerability in Chatelao PHP Address Book

Multiple SQL injection vulnerabilities in PHP Address Book 6.2.12 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) to_group parameter to group.php or (2) id parameter to vcard.php.

7.5
2012-09-08 CVE-2012-0254 Honeywellprocess Buffer Errors vulnerability in Honeywellprocess Enterprise Building Manager, Experion and Symmetre

Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL ActiveX control in Honeywell Process Solutions (HPS) Experion R2xx, R30x, R31x, and R400.x; Honeywell Building Solutions (HBS) Enterprise Building Manager R400 and R410.1; and Honeywell Environmental Combustion and Controls (ECC) SymmetrE R410.1 allows remote attackers to execute arbitrary code via unspecified vectors.

7.5
2012-09-06 CVE-2006-7247 Joomla
Mambo Foundation
SQL Injection vulnerability in Joomla COM Weblinks

SQL injection vulnerability in the Weblinks (com_weblinks) component for Joomla! and Mambo 1.0.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.

7.5
2012-09-06 CVE-2012-4869 Sangoma Code Injection vulnerability in Sangoma Freepbx

The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action.

7.5
2012-09-06 CVE-2012-4868 Kunena
Joomla
SQL Injection vulnerability in Kunena 1.7.2

SQL injection vulnerability in news.php in the Kunena component 1.7.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5
2012-09-06 CVE-2012-2740 Phplist SQL Injection vulnerability in PHPlist

SQL injection vulnerability in public_html/lists/admin in phpList before 2.10.18 allows remote attackers to execute arbitrary SQL commands via the sortby parameter in a find action.

7.5
2012-09-05 CVE-2012-4392 Owncloud Improper Authentication vulnerability in Owncloud 4.0.7

index.php in ownCloud 4.0.7 does not properly validate the oc_token cookie, which allows remote attackers to bypass authentication via a crafted oc_token cookie value.

7.5
2012-09-05 CVE-2011-4448 Wikkawiki SQL Injection vulnerability in Wikkawiki 1.3.1/1.3.2

SQL injection vulnerability in actions/usersettings/usersettings.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to execute arbitrary SQL commands via the default_comment_display parameter in an update action.

7.5
2012-09-04 CVE-2012-2109 Buddypress
Wordpress
SQL Injection vulnerability in Buddypress

SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1.5.x before 1.5.5 of WordPress allows remote attackers to execute arbitrary SQL commands via the page parameter in an activity_widget_filter action.

7.5

184 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-09-08 CVE-2012-3004 Realflex Unspecified vulnerability in Realflex Flexview, Realwin and Realwindemo

Multiple untrusted search path vulnerabilities in RealFlex RealWin before 2.1.13, FlexView before 3.1.86, and RealWinDemo before 2.1.13 allow local users to gain privileges via a Trojan horse (1) realwin.dll or (2) keyhook.dll file in the current working directory.

6.9
2012-09-08 CVE-2012-1666 Vmware Unspecified vulnerability in VMWare products

Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory.

6.9
2012-09-07 CVE-2012-4883 3DS Unspecified vulnerability in 3DS 3Dvia Composer 6.8.1.1652

Multiple untrusted search path vulnerabilities in 3DVIA Composer V6R2012 HF1 Build 6.8.1.1652 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) ibfs32.dll file in the current working directory, as demonstrated by a directory that contains a .smg file.

6.9
2012-09-07 CVE-2012-4882 3DS Unspecified vulnerability in 3DS 3D XML Player 6.212.13.12076

Multiple untrusted search path vulnerabilities in 3D XML Player 6.212.13.12076 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) JT0DevPhase.dll file in the current working directory, as demonstrated by a directory that contains a .3dx file.

6.9
2012-09-07 CVE-2012-4881 Sony Unspecified vulnerability in Sony Moviez HD 1.0

Untrusted search path vulnerability in moviEZ HD 1.0 Build 2554-29894-A allows local users to gain privileges via a Trojan horse avrt.dll file in the current working directory, as demonstrated by a directory that contains a .mvz file.

6.9
2012-09-07 CVE-2012-4880 Sony Unspecified vulnerability in Sony DVD Architect PRO and DVD Architect Studio

Multiple untrusted search path vulnerabilities in DVD Architect Pro 5.2 Build 133 and DVD Architect Studio 5.0 Build 156 allow local users to gain privileges via a Trojan horse (1) enc_mp2v.200 or (2) CFHDDecoder.dll file in the current working directory, as demonstrated by a directory that contains a .dar file.

6.9
2012-09-07 CVE-2010-5274 Pkware Unspecified vulnerability in Pkware Pkzip 12.50.0014

Untrusted search path vulnerability in PKZIP before 12.50.0014 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .zip file.

6.9
2012-09-07 CVE-2010-5273 Altova Unspecified vulnerability in Altova Diffdog 2011

Untrusted search path vulnerability in Altova DiffDog 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .dbdif file.

6.9
2012-09-07 CVE-2010-5272 Altova Unspecified vulnerability in Altova Databasespy 2011

Untrusted search path vulnerability in Altova DatabaseSpy 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .qprj file.

6.9
2012-09-07 CVE-2010-5271 Altova Unspecified vulnerability in Altova Mapforce 2011

Untrusted search path vulnerability in Altova MapForce 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mfd file.

6.9
2012-09-07 CVE-2010-5270 Adobe Unspecified vulnerability in Adobe Device Central CS4 2.0.0

Multiple untrusted search path vulnerabilities in Adobe Device Central CS4 2.0.0 0476 allow local users to gain privileges via a Trojan horse (1) ibfs32.dll or (2) amt_cdb.dll file in the current working directory, as demonstrated by a directory that contains a .adcp file.

6.9
2012-09-07 CVE-2010-5269 Intel Unspecified vulnerability in Intel Threading Building Blocks 2.2.013

Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file.

6.9
2012-09-07 CVE-2010-5268 Amazon Unspecified vulnerability in Amazon Kindle for PC 1.3.0.30884

Untrusted search path vulnerability in Amazon Kindle for PC 1.3.0 30884 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .azw file.

6.9
2012-09-07 CVE-2010-5267 Munsoft Unspecified vulnerability in Munsoft Easy Office Recovery 1.1

Untrusted search path vulnerability in MunSoft Easy Office Recovery 1.1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .doc, .xls, or .ppt file.

6.9
2012-09-07 CVE-2010-5266 Videocharge Unspecified vulnerability in Videocharge Studio 2.9.0.632

Untrusted search path vulnerability in VideoCharge Studio 2.9.0.632 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .vsc file.

6.9
2012-09-07 CVE-2010-5265 Nirsoft Unspecified vulnerability in Nirsoft Smartsniff 1.71

Untrusted search path vulnerability in SmartSniff 1.71 allows local users to gain privileges via a Trojan horse wpcap.dll file in the current working directory, as demonstrated by a directory that contains a .cfg or .ssp file.

6.9
2012-09-07 CVE-2010-5264 Prof UIS Unspecified vulnerability in Prof-Uis

Untrusted search path vulnerability in the CExtDWM::CExtDWM method in ProfUIS290m.dll and ProfUIS290m-RDE.dll in Prof-UIS before 2.9.1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory.

6.9
2012-09-07 CVE-2010-5263 Sothink Unspecified vulnerability in Sothink SWF Decompiler 6.0

Untrusted search path vulnerability in Sothink SWF Decompiler 6.0 Build 610 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .flv file.

6.9
2012-09-07 CVE-2010-5262 Gromada Unspecified vulnerability in Gromada Multimedia Conversion Library 5.4.0

Multiple untrusted search path vulnerabilities in libmcl-5.4.0.dll in Gromada Multimedia Conversion Library 5.4.0 allow local users to gain privileges via a Trojan horse (1) libgif-1.1.0.dll or (2) libhav-1.0.1.dll file in the current working directory.

6.9
2012-09-07 CVE-2010-5261 Snowfoxsoft Unspecified vulnerability in Snowfoxsoft Snowfox Total Video Converter 2.5.1

Untrusted search path vulnerability in SnowFox Total Video Converter 2.5.1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .avi file.

6.9
2012-09-07 CVE-2010-5260 Agrinsoft Unspecified vulnerability in Agrinsoft Argin ALL DVD Ripper 4.0

Untrusted search path vulnerability in Agrin All DVD Ripper 4.0 allows local users to gain privileges via a Trojan horse wnaspi32.dll file in the current working directory, as demonstrated by a directory that contains a .ifo file.

6.9
2012-09-07 CVE-2010-5259 Isobuster Unspecified vulnerability in Isobuster 2.8

Multiple untrusted search path vulnerabilities in IsoBuster 2.8 allow local users to gain privileges via a Trojan horse (1) wnaspi32.dll or (2) ntaspi32.dll file in the current working directory, as demonstrated by a directory that contains a .img file.

6.9
2012-09-07 CVE-2010-5258 Adobe Unspecified vulnerability in Adobe Audition 3.0

Untrusted search path vulnerability in Adobe Audition 3.0 build 7283.0 allows local users to gain privileges via a Trojan horse Assist.Dll file in the current working directory, as demonstrated by a directory that contains a .ses file.

6.9
2012-09-07 CVE-2010-5257 Graphisoft Unspecified vulnerability in Graphisoft Archicad 13.0/14.0

Multiple untrusted search path vulnerabilities in ArchiCAD 13 and 14 allow local users to gain privileges via a Trojan horse (1) srcsrv.dll or (2) GSAutoTester.DLL file in the current working directory, as demonstrated by a directory that contains a .2df file.

6.9
2012-09-07 CVE-2010-5256 Cdisplay Unspecified vulnerability in Cdisplay 1.8.1

Untrusted search path vulnerability in CDisplay 1.8.1 allows local users to gain privileges via a Trojan horse TRACE32.DLL file in the current working directory, as demonstrated by a directory that contains a .cba file.

6.9
2012-09-07 CVE-2010-5255 Ezbsystems Unspecified vulnerability in Ezbsystems Ultraiso 9.3.6.2750

Untrusted search path vulnerability in UltraISO 9.3.6.2750 allows local users to gain privileges via a Trojan horse daemon.dll file in the current working directory, as demonstrated by a directory that contains a .iso file.

6.9
2012-09-07 CVE-2010-5254 GFI Unspecified vulnerability in GFI Backup 2009 3.1

Untrusted search path vulnerability in GFI Backup 3.1 Build 20100730 2009 Home Edition allows local users to gain privileges via a Trojan horse ArmAccess.dll file in the current working directory, as demonstrated by a directory that contains a .gbc or .gbt file.

6.9
2012-09-07 CVE-2010-5253 Winimage Unspecified vulnerability in Winimage 8.50

Untrusted search path vulnerability in WinImage 8.50 allows local users to gain privileges via a Trojan horse wnaspi32.dll file in the current working directory, as demonstrated by a directory that contains a .imz file.

6.9
2012-09-07 CVE-2010-5252 Httrack Unspecified vulnerability in Httrack 3.439

Untrusted search path vulnerability in HTTrack 3.43-9 allows local users to gain privileges via a Trojan horse httrack-plugin.dll file in the current working directory, as demonstrated by a directory that contains a .whtt file.

6.9
2012-09-07 CVE-2010-5251 IBM Unspecified vulnerability in IBM Lotus Notes 8.5

Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 allow local users to gain privileges via a Trojan horse (1) nnoteswc.dll or (2) nlsxbe.dll file in the current working directory, as demonstrated by a directory that contains a .vcf, .vcs, or .ics file.

6.9
2012-09-07 CVE-2010-5250 Ross Johnson Unspecified vulnerability in Ross Johnson Pthreads-Win32 2.8.0

Untrusted search path vulnerability in the pthread_win32_process_attach_np function in pthreadGC2.dll in Pthreads-win32 2.8.0 allows local users to gain privileges via a Trojan horse quserex.dll file in the current working directory.

6.9
2012-09-07 CVE-2010-5249 Sophos Unspecified vulnerability in Sophos Free Encryption and Safeguard Privatecrypto

Untrusted search path vulnerability in Sophos Free Encryption 2.40.1.1 and Sophos SafeGuard PrivateCrypto 2.40.1.2 allows local users to gain privileges via a Trojan horse pcrypt0406.dll file in the current working directory, as demonstrated by a directory that contains a .uti file.

6.9
2012-09-07 CVE-2010-5248 Ultravnc Unspecified vulnerability in Ultravnc 1.0.8.2

Untrusted search path vulnerability in UltraVNC 1.0.8.2 allows local users to gain privileges via a Trojan horse vnclang.dll file in the current working directory, as demonstrated by a directory that contains a .vnc file.

6.9
2012-09-07 CVE-2010-5247 Qtweb Unspecified vulnerability in Qtweb 3.3

Untrusted search path vulnerability in QtWeb Browser 3.3 build 043 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .html, .htm, or .mhtml file.

6.9
2012-09-07 CVE-2010-5246 Maxthon Unspecified vulnerability in Maxthon Browser 1.6.7.35/2.5.15

Multiple untrusted search path vulnerabilities in Maxthon Browser 1.6.7.35 and 2.5.15 allow local users to gain privileges via a Trojan horse (1) RSRC32.dll or (2) dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .html file.

6.9
2012-09-07 CVE-2010-5245 Tracker Software Unspecified vulnerability in Tracker-Software Pdf-Xchange Viewer 2.0.54.0

Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file.

6.9
2012-09-07 CVE-2010-5244 Sisoftware Unspecified vulnerability in Sisoftware Sandra 2012 2010.7.16.52

Untrusted search path vulnerability in SiSoftware Sandra 2010 Lite 2010.7.16.52 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .sis file.

6.9
2012-09-07 CVE-2010-5243 Cyberlink Unspecified vulnerability in Cyberlink Power2Go 7.0.0.0816

Multiple untrusted search path vulnerabilities in Cyberlink Power2Go 7.0.0.0816 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) MFC71LOC.DLL file in the current working directory, as demonstrated by a directory that contains a .p2g, .iso, .pdl, .pds, or .p2i file.

6.9
2012-09-07 CVE-2010-5242 Sony Unspecified vulnerability in Sony Sound Forge 10.0

Untrusted search path vulnerability in Sound Forge Pro 10.0b Build 474 allows local users to gain privileges via a Trojan horse MtxParhVegasPreview.dll file in the current working directory, as demonstrated by a directory that contains a .sfw file.

6.9
2012-09-07 CVE-2010-5241 Autodesk Unspecified vulnerability in Autodesk Autocad 2010

Multiple untrusted search path vulnerabilities in Autodesk AutoCAD 2010 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) IBFS32.DLL file in the current working directory, as demonstrated by a directory that contains a .dwg file.

6.9
2012-09-07 CVE-2010-5240 Corel Unspecified vulnerability in Corel Coreldraw X5 and Photo-Paint X3

Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file.

6.9
2012-09-07 CVE-2010-5239 Daemon Tools Unspecified vulnerability in Daemon-Tools Daemon Tools 4.35.6.0091/4.36.0309.0160

Untrusted search path vulnerability in DAEMON Tools Lite 4.35.6.0091 and Pro Standard 4.36.0309.0160 allows local users to gain privileges via a Trojan horse mfc80loc.dll file in the current working directory, as demonstrated by a directory that contains a .mds file.

6.9
2012-09-07 CVE-2010-5238 Cyberlink Unspecified vulnerability in Cyberlink Powerdirector 8.00.3022

Untrusted search path vulnerability in CyberLink PowerDirector 8.00.3022 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdl, .iso, .pds, .p2g, or .p2i file.

6.9
2012-09-07 CVE-2010-5237 Cyberlink Unspecified vulnerability in Cyberlink Powerdirector 7.0

Untrusted search path vulnerability in CyberLink PowerDirector 7 allows local users to gain privileges via a Trojan horse mfc71loc.dll file in the current working directory, as demonstrated by a directory that contains a .pdl, .iso, .pds, .p2g, or .p2i file.

6.9
2012-09-07 CVE-2010-5236 Roxio Unspecified vulnerability in Roxio Easy Media Creator 9.0.136

Untrusted search path vulnerability in Roxio Easy Media Creator Home 9.0.136 allows local users to gain privileges via a Trojan horse homeutils9.dll file in the current working directory, as demonstrated by a directory that contains a .roxio, .c2d, or .gi file.

6.9
2012-09-07 CVE-2010-5235 Izarc Unspecified vulnerability in Izarc 4.1.2

Untrusted search path vulnerability in IZArc Archiver 4.1.2 allows local users to gain privileges via a Trojan horse ztv7z.dll file in the current working directory, as demonstrated by a directory that contains a .arj file.

6.9
2012-09-07 CVE-2010-5234 Techsmith Unspecified vulnerability in Techsmith Camtasia Studio 7.0.1

Multiple untrusted search path vulnerabilities in Camtasia Studio 7.0.1 build 57 allow local users to gain privileges via a Trojan horse (1) MFC90ENU.DLL or (2) MFC90LOC.DLL file in the current working directory, as demonstrated by a directory that contains a .cmmp or .camrec file.

6.9
2012-09-07 CVE-2010-5233 Virtualdj Unspecified vulnerability in Virtualdj Virtual DJ 6.1.2

Untrusted search path vulnerability in Virtual DJ 6.1.2 Trial b301 allows local users to gain privileges via a Trojan horse HDJAPI.dll file in the current working directory, as demonstrated by a directory that contains a .mp3 file.

6.9
2012-09-07 CVE-2010-5232 Divx Unspecified vulnerability in Divx Plus Player 8.1.0

Untrusted search path vulnerability in DivX Plus Player 8.1.0 allows local users to gain privileges via a Trojan horse ssleay32.dll file in a certain directory.

6.9
2012-09-07 CVE-2010-5231 Divx Unspecified vulnerability in Divx Player 7.2.0.19

Untrusted search path vulnerability in DivX Player 7.2.019 allows local users to gain privileges via a Trojan horse VersionCheckDLL.dll file in the current working directory, as demonstrated by a directory that contains a .avi file.

6.9
2012-09-07 CVE-2010-5230 Bentley Unspecified vulnerability in Bentley Microstation 7.1

Multiple untrusted search path vulnerabilities in MicroStation 7.1 allow local users to gain privileges via a Trojan horse (1) mptools.dll, (2) baseman.dll, (3) wintab32.dll, or (4) wintab.dll file in the current working directory, as demonstrated by a directory that contains a .hln or .rdl file.

6.9
2012-09-07 CVE-2010-5229 Sweetscape Unspecified vulnerability in Sweetscape 010 Editor

Untrusted search path vulnerability in 010 Editor before 3.1.3 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .hex file.

6.9
2012-09-07 CVE-2010-5228 Realnetworks Unspecified vulnerability in Realnetworks Realplayer SP 1.1.5

Untrusted search path vulnerability in RealPlayer SP 1.1.5 12.0.0.879 allows local users to gain privileges via a Trojan horse rio500.dll file in the current working directory, as demonstrated by a directory that contains a .avi file.

6.9
2012-09-07 CVE-2010-5227 Opera Unspecified vulnerability in Opera

Untrusted search path vulnerability in Opera before 10.62 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .htm, .mht, .mhtml, .xht, .xhtm, or .xhtl file.

6.9
2012-09-07 CVE-2010-5226 Autodesk Unspecified vulnerability in Autodesk Design Review 2011 11.0.0.86

Multiple untrusted search path vulnerabilities in Autodesk Design Review 2011 11.0.0.86 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll, (2) whiptk_wt.7.12.601.dll, or (3) xaml_wt.7.6.0.dll file in the current working directory, as demonstrated by a directory that contains a .dwf file.

6.9
2012-09-06 CVE-2012-4866 Xtremerat DLL Loading Arbitrary Code Execution vulnerability in Xtremerat 3.5

Untrusted search path vulnerability in Xtreme RAT 3.5 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as the current working directory.

6.9
2012-09-06 CVE-2012-4759 Foxitsoftware Unspecified vulnerability in Foxitsoftware Foxit Reader 5.3.1.0606

Untrusted search path vulnerability in facebook_plugin.fpi in the Facebook plug-in in Foxit Reader 5.3.1.0606 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file.

6.9
2012-09-06 CVE-2012-4758 Cyberlink Unspecified vulnerability in Cyberlink Powerproducer 5.5.3.2325

Multiple untrusted search path vulnerabilities in CyberLink PowerProducer 5.5.3.2325 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .ppp or .rdf file.

6.9
2012-09-06 CVE-2012-4757 Cyberlink Unspecified vulnerability in Cyberlink Streamauthor 4.0

Multiple untrusted search path vulnerabilities in CyberLink StreamAuthor 4.0 build 3308 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .sta or .stp file.

6.9
2012-09-06 CVE-2012-4756 Cyberlink Unspecified vulnerability in Cyberlink Labelprint 2.5.3602

Multiple untrusted search path vulnerabilities in CyberLink LabelPrint 2.5.3602 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .lpp file.

6.9
2012-09-06 CVE-2012-4755 Scitools Unspecified vulnerability in Scitools Understand 2.6

Untrusted search path vulnerability in SciTools Understand before 2.6 build 600 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .udb file.

6.9
2012-09-06 CVE-2011-5157 Attachmate DLL Loading Arbitrary Code Execution vulnerability in Attachmate Reflection

Untrusted search path vulnerability in Attachmate Reflection before 14.1 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, a related issue to CVE-2011-0107.

6.9
2012-09-06 CVE-2011-5156 Sowsoft Unspecified vulnerability in Sowsoft Effective File Search 6.7

Untrusted search path vulnerability in Effective File Search 6.7 allows local users to gain privileges via a Trojan horse ztvunrar36.dll file in the current working directory, as demonstrated by a directory that contains a .efs file.

6.9
2012-09-06 CVE-2011-5154 SAP Unspecified vulnerability in SAP Graphical User Interface 6.4/7.2

Multiple untrusted search path vulnerabilities in (1) SAPGui.exe and (2) BExAnalyzer.exe in SAP GUI 6.4 through 7.2 allow local users to gain privileges via a Trojan horse MFC80LOC.DLL file in the current working directory, as demonstrated by a directory that contains a .sap file.

6.9
2012-09-06 CVE-2011-5152 Acdsee Unspecified vulnerability in Acdsee Photo Editor 2008 5.0

Multiple untrusted search path vulnerabilities in ACDSee Photo Editor 2008 5.x build 291 allow local users to gain privileges via a Trojan horse (1) Wintab32.dll or (2) CV11-DialogEditor.dll file in the current working directory, as demonstrated by a directory that contains a .apd file.

6.9
2012-09-06 CVE-2011-5151 Acdsee Unspecified vulnerability in Acdsee Picture Frame Manager 1.0

Untrusted search path vulnerability in ACDSee Picture Frame Manager 1.0 Build 81 allows local users to gain privileges via a Trojan horse ShellIntMgrPFMU.dll file in the current working directory, as demonstrated by a directory that contains a .jpg file.

6.9
2012-09-06 CVE-2010-5225 Babylon Unspecified vulnerability in Babylon 8.1.0

Untrusted search path vulnerability in Babylon 8.1.0 r16 allows local users to gain privileges via a Trojan horse BESExtension.dll file in the current working directory, as demonstrated by a directory that contains a .bgl file.

6.9
2012-09-06 CVE-2010-5224 Coolrecordedit Unspecified vulnerability in Coolrecordedit Cool Iphone Ringtone Maker 2.2.3

Untrusted search path vulnerability in Cool iPhone Ringtone Maker 2.2.3 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mp3 file.

6.9
2012-09-06 CVE-2010-5223 Phoenixcpm Unspecified vulnerability in Phoenixcpm Phoenix Project Manager 2.1.0.8

Multiple untrusted search path vulnerabilities in Phoenix Project Manager 2.1.0.8 allow local users to gain privileges via a Trojan horse (1) wbtrv32.dll or (2) w3btrv7.dll file in the current working directory, as demonstrated by a directory that contains a .ppx file.

6.9
2012-09-06 CVE-2010-5222 Audiotool Unspecified vulnerability in Audiotool Ease Jukebox 1.40

Untrusted search path vulnerability in Ease Jukebox 1.40 allows local users to gain privileges via a Trojan horse wmaudsdk.dll file in the current working directory, as demonstrated by a directory that contains a .mp3 or .wav file.

6.9
2012-09-06 CVE-2010-5221 Stdutility Unspecified vulnerability in Stdutility Stdu Explorer 1.0.201

Untrusted search path vulnerability in STDU Explorer 1.0.201 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory.

6.9
2012-09-06 CVE-2010-5220 Nchsoftware Unspecified vulnerability in Nchsoftware MEO Encryption Software 2.02

Untrusted search path vulnerability in MEO Encryption Software 2.02 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .meo or .cry file.

6.9
2012-09-06 CVE-2010-5219 Smartftp Unspecified vulnerability in Smartftp .0.1140.0

Untrusted search path vulnerability in SmartFTP 4.0.1140.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .txt, .html, or .mpg file.

6.9
2012-09-06 CVE-2010-5218 Dupehunter Unspecified vulnerability in Dupehunter 9.0.0.3911

Untrusted search path vulnerability in Dupehunter 9.0.0.3911 allows local users to gain privileges via a Trojan horse Fwpuclnt.dll file in the current working directory, as demonstrated by a directory that contains a .dhjb file.

6.9
2012-09-06 CVE-2010-5217 Tuneup Unspecified vulnerability in Tuneup Utilities 2009 and Tuneup Utilities 2010

Multiple untrusted search path vulnerabilities in TuneUp Utilities 2009 8.0.3310 and 2010 9.0.4600 allow local users to gain privileges via a Trojan horse (1) wscapi.dll or (2) vclib32.dll file in the current working directory, as demonstrated by a directory that contains a .tvs file.

6.9
2012-09-06 CVE-2010-5216 Lindo Unspecified vulnerability in Lindo Lingo 11.0.1.6/12.0.2.20

Untrusted search path vulnerability in LINGO 11.0.1.6 and 12.0.2.20 allows local users to gain privileges via a Trojan horse myuser.dll file in the current working directory, as demonstrated by a directory that contains a .ltf file.

6.9
2012-09-06 CVE-2010-5215 Swishzone Unspecified vulnerability in Swishzone Swish Max3 3.0.2009.11.30

Multiple untrusted search path vulnerabilities in SWiSH Max3 3.0 2009.11.30 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) SWiSHmax3res.dll file in the current working directory, as demonstrated by a directory that contains a .swi file.

6.9
2012-09-06 CVE-2010-5214 Albelli Unspecified vulnerability in Albelli Fotobook Editor 5.0 2.8.0.1

Untrusted search path vulnerability in Fotobook Editor 5.0 2.8.0.1 allows local users to gain privileges via a Trojan horse Fwpuclnt.dll file in the current working directory, as demonstrated by a directory that contains a .dtp file.

6.9
2012-09-06 CVE-2010-5213 Adobe Unspecified vulnerability in Adobe Livecycle Designer 8.2.1.3144.1.471865

Untrusted search path vulnerability in Adobe LiveCycle Designer 8.2.1.3144.1.471865 allows local users to gain privileges via a Trojan horse .dll file in the current working directory, as demonstrated by a directory that contains a .tds file.

6.9
2012-09-06 CVE-2010-5212 Adobe Unspecified vulnerability in Adobe Livecycle Designer ES2 9.0.0.20091029.1.612548

Untrusted search path vulnerability in Adobe LiveCycle Designer ES2 9.0.0.20091029.1.612548 allows local users to gain privileges via a Trojan horse objectassisten_US.dll file in the current working directory, as demonstrated by a directory that contains a .tds file.

6.9
2012-09-06 CVE-2010-5211 Estsoft Unspecified vulnerability in Estsoft Alsee 6.20.0.1

Untrusted search path vulnerability in ALSee 6.20.0.1 allows local users to gain privileges via a Trojan horse patchani.dll file in the current working directory, as demonstrated by a directory that contains a .ani, .bmp, .cal, .hdp, .jpe, .mac, .pbm, .pcx, .pgm, .png, .psd, .ras, .tga, or .tiff file.

6.9
2012-09-06 CVE-2010-5210 Soraxsoft Unspecified vulnerability in Soraxsoft Sorax Reader 2.0.3129.70

Untrusted search path vulnerability in Sorax Reader 2.0.3129.70 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file.

6.9
2012-09-06 CVE-2010-5209 Nuance Unspecified vulnerability in Nuance PDF Reader 6.0

Multiple untrusted search path vulnerabilities in Nuance PDF Reader 6.0 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) exceptiondumpdll.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file.

6.9
2012-09-06 CVE-2010-5208 Ksoffice Unspecified vulnerability in Ksoffice Office 2010 6.6.0.2477

Multiple untrusted search path vulnerabilities in the (1) Presentation, (2) Writer, and (3) Spreadsheets components in Kingsoft Office 2010 6.6.0.2477 allow local users to gain privileges via a Trojan horse plgpf.dll file in the current working directory, as demonstrated by a directory that contains a .xls, .ppt, .rtf, or .doc file.

6.9
2012-09-06 CVE-2010-5207 Celframe Unspecified vulnerability in Celframe Office 2008

Multiple untrusted search path vulnerabilities in CelFrame Office 2008 Standard Edition allow local users to gain privileges via a Trojan horse (1) java_msci.dll or (2) msci_java.dll file in the current working directory, as demonstrated by a directory that contains a .doc, .xls, or .odg file.

6.9
2012-09-06 CVE-2010-5206 E Press Unspecified vulnerability in E-Press ONE Office E-Notetaker and ONE Office E-Zip

Multiple untrusted search path vulnerabilities in e-press ONE Office E-NoteTaker and E-Zip allow local users to gain privileges via a Trojan horse (1) mfc71enu.dll or (2) mfc71loc.dll file in the current working directory, as demonstrated by a directory that contains a .txt, .rar, or .tar file.

6.9
2012-09-06 CVE-2010-5205 E Press Unspecified vulnerability in E-Press ONE Office Author

Multiple untrusted search path vulnerabilities in e-press ONE Office Author allow local users to gain privileges via a Trojan horse (1) java_msci.dll or (2) msci_java.dll file in the current working directory, as demonstrated by a directory that contains a .psw file.

6.9
2012-09-06 CVE-2010-5204 IBM Unspecified vulnerability in IBM Lotus Symphony 1.3.0.20090908.0900

Multiple untrusted search path vulnerabilities in IBM Lotus Symphony 1.3.0 20090908.0900 allow local users to gain privileges via a Trojan horse (1) eclipse_1114.dll or (2) emser645mi.dll file in the current working directory, as demonstrated by a directory that contains a .odm, .odt, .otp, .stc, .stw, .sxg, or .sxw file.

6.9
2012-09-06 CVE-2010-5203 NCP E Unspecified vulnerability in Ncp-E products

Multiple untrusted search path vulnerabilities in NCP Secure Enterprise Client before 9.21 Build 68, Secure Entry Client before 9.23 Build 18, and Secure Client - Juniper Edition before 9.23 Build 18 allow local users to gain privileges via a Trojan horse (1) dvccsabase002.dll, (2) conman.dll, (3) kmpapi32.dll, or (4) ncpmon2.dll file in the current working directory, as demonstrated by a directory that contains a .pcf or .spd file.

6.9
2012-09-06 CVE-2010-5202 Jetaudio Unspecified vulnerability in Jetaudio 8.0.7.1000

Untrusted search path vulnerability in JetAudio 8.0.7.1000 Basic allows local users to gain privileges via a Trojan horse WNASPI32.DLL file in the current working directory, as demonstrated by a directory that contains a .mp3 file.

6.9
2012-09-06 CVE-2010-5201 Magix Unspecified vulnerability in Magix Samplitude Producer 11.0

Untrusted search path vulnerability in MAGIX Samplitude Producer 11 allows local users to gain privileges via a Trojan horse PlayRIplA6.dll file in the current working directory, as demonstrated by a directory that contains a .vip file.

6.9
2012-09-06 CVE-2010-5200 Keepass Unspecified vulnerability in Keepass

Untrusted search path vulnerability in KeePass Password Safe before 1.18 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .kdb file.

6.9
2012-09-06 CVE-2010-5199 Novadevelopement Unspecified vulnerability in Novadevelopement Photoimpact X3 13.00.0000.0

Untrusted search path vulnerability in PhotoImpact X3 13.00.0000.0 allows local users to gain privileges via a Trojan horse bwsconst.dll file in the current working directory, as demonstrated by a directory that contains a .ufp or .ufo file.

6.9
2012-09-06 CVE-2010-5198 Intuit Unspecified vulnerability in Intuit Quickbooks 2010

Multiple untrusted search path vulnerabilities in Intuit QuickBooks 2010 allow local users to gain privileges via a Trojan horse (1) dbicudtx11.dll, (2) mfc90enu.dll, or (3) mfc90loc.dll file in the current working directory, as demonstrated by a directory that contains a .des, .qbo, or .qpg file.

6.9
2012-09-06 CVE-2010-5197 Pixia Unspecified vulnerability in Pixia 4.70J

Untrusted search path vulnerability in Pixia 4.70j allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pxa file.

6.9
2012-09-06 CVE-2010-5196 Keepass Unspecified vulnerability in Keepass Password Safe 1.6/2.10

Untrusted search path vulnerability in KeePass Password Safe before 2.13 allows local users to gain privileges via a Trojan horse DwmApi.dll file in the current working directory, as demonstrated by a directory that contains a .kdbx file.

6.9
2012-09-06 CVE-2010-5195 Roxio Unspecified vulnerability in Roxio Mydvd 9

Untrusted search path vulnerability in Roxio MyDVD 9 allows local users to gain privileges via a Trojan horse HomeUtils9.dll file in the current working directory, as demonstrated by a directory that contains a .dmsd or .dmsm file.

6.9
2012-09-09 CVE-2012-2316 Openkm Cross-Site Request Forgery (CSRF) vulnerability in Openkm 5.1.7/5.1.8

Cross-site request forgery (CSRF) vulnerability in servlet/admin/AuthServlet.java in OpenKM 5.1.7 and other versions before 5.1.8-2 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary code via the script parameter to admin/scripting.jsp.

6.8
2012-09-09 CVE-2012-1580 Mediawiki Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki

Cross-site request forgery (CSRF) vulnerability in Special:Upload in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to hijack the authentication of unspecified victims for requests that upload files.

6.8
2012-09-09 CVE-2012-1578 Mediawiki Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki

Multiple cross-site request forgery (CSRF) vulnerabilities in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allow remote attackers to hijack the authentication of users with the block permission for requests that (1) block a user via a request to the Block module or (2) unblock a user via a request to the Unblock module.

6.8
2012-09-09 CVE-2011-5161 Open EMR File-Upload vulnerability in Open-Emr Openemr 4.0.0/4.1.0/4.1.1

Unrestricted file upload vulnerability in the patient photograph functionality in OpenEMR 4 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the patient directory under documents/.

6.8
2012-09-08 CVE-2012-3256 HP Cross-Site Request Forgery (CSRF) vulnerability in HP Business Availability Center 8.07

Cross-site request forgery (CSRF) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8
2012-09-06 CVE-2012-4877 Flatnux Cross-Site Request Forgery (CSRF) vulnerability in Flatnux

Cross-site request forgery (CSRF) vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user accounts.

6.8
2012-09-06 CVE-2012-1112 Open Realty Path Traversal vulnerability in Open-Realty 2.3.1/2.3.4/2.5.8

Directory traversal vulnerability in Open-Realty CMS 2.5.8 and earlier allows remote attackers to include and execute arbitrary local files via a ..

6.8
2012-09-06 CVE-2012-2069 Mclewin
Drupal
Cross-Site Request Forgery (CSRF) vulnerability in Mclewin Wishlist

Cross-site request forgery (CSRF) vulnerability in the Wishlist module 6.x-2.x before 6.x-2.6 and 7.x-2.x before 7.x-2.6 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) sequences via the (1) wl_reveal or (2) q parameters.

6.8
2012-09-05 CVE-2012-4753 Owncloud Cross-Site Request Forgery (CSRF) vulnerability in Owncloud

Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud before 4.0.5 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8
2012-09-05 CVE-2012-4393 Owncloud Cross-Site Request Forgery (CSRF) vulnerability in Owncloud

Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud before 4.0.6 allow remote attackers to hijack the authentication of arbitrary users for requests that use (1) addBookmark.php, (2) delBookmark.php, or (3) editBookmark.php in bookmarks/ajax/; (4) calendar/delete.php, (5) calendar/edit.php, (6) calendar/new.php, (7) calendar/update.php, (8) event/delete.php, (9) event/edit.php, (10) event/move.php, (11) event/new.php, (12) import/import.php, (13) settings/setfirstday.php, (14) settings/settimeformat.php, (15) share/changepermission.php, (16) share/share.php, (17) or share/unshare.php in calendar/ajax/; (18) external/ajax/setsites.php, (19) files/ajax/delete.php, (20) files/ajax/move.php, (21) files/ajax/newfile.php, (22) files/ajax/newfolder.php, (23) files/ajax/rename.php, (24) files_sharing/ajax/email.php, (25) files_sharing/ajax/setpermissions.php, (26) files_sharing/ajax/share.php, (27) files_sharing/ajax/toggleresharing.php, (28) files_sharing/ajax/togglesharewitheveryone.php, (29) files_sharing/ajax/unshare.php, (30) files_texteditor/ajax/savefile.php, (31) files_versions/ajax/rollbackVersion.php, (32) gallery/ajax/createAlbum.php, (33) gallery/ajax/sharing.php, (34) tasks/ajax/addtask.php, (35) tasks/ajax/addtaskform.php, (36) tasks/ajax/delete.php, or (37) tasks/ajax/edittask.php in apps/; or administrators for requests that use (38) changepassword.php, (39) creategroup.php, (40) createuser.php, (41) disableapp.php, (42) enableapp.php, (43) lostpassword.php, (44) removegroup.php, (45) removeuser.php, (46) setlanguage.php, (47) setloglevel.php, (48) setquota.php, or (49) togglegroups.php in settings/ajax/.

6.8
2012-09-05 CVE-2012-4391 Owncloud Cross-Site Request Forgery (CSRF) vulnerability in Owncloud

Cross-site request forgery (CSRF) vulnerability in core/ajax/appconfig.php in ownCloud before 4.0.7 allows remote attackers to hijack the authentication of administrators for requests that edit the app configurations.

6.8
2012-09-05 CVE-2012-4389 Owncloud Unspecified vulnerability in Owncloud

Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.7 allows remote attackers to execute arbitrary code by uploading a crafted .htaccess file in an import.zip file and accessing an uploaded PHP file.

6.8
2012-09-05 CVE-2012-4386 Apache Cross-Site Request Forgery (CSRF) vulnerability in Apache Struts

The token check mechanism in Apache Struts 2.0.0 through 2.3.4 does not properly validate the token name configuration parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks by setting the token name configuration parameter to a session attribute.

6.8
2012-09-05 CVE-2012-3535 Uclouvain Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Uclouvain Openjpeg

Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.

6.8
2012-09-05 CVE-2011-3146 Gnome Unspecified vulnerability in Gnome Librsvg

librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.

6.8
2012-09-05 CVE-2011-4452 Wikkawiki Cross-Site Request Forgery (CSRF) vulnerability in Wikkawiki 1.3.1/1.3.2

Cross-site request forgery (CSRF) vulnerability in the AdminUsers component in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to hijack the authentication of administrators for requests that remove arbitrary user accounts via a delete operation, as demonstrated by an {{image}} action.

6.8
2012-09-05 CVE-2011-4449 Wikkawiki Unspecified vulnerability in Wikkawiki 1.3.1/1.3.2

actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, which makes it easier for remote attackers to execute arbitrary PHP code by placing this code in a file whose name has multiple extensions, as demonstrated by a (1) .mm or (2) .vpp file.

6.8
2012-09-05 CVE-2012-2067 Ckeditor
Drupal
Remote Security vulnerability in Fckeditor

Unspecified vulnerability in the CKeditor module 6.x-2.x before 6.x-2.3 and the CKEditor module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.7 for Drupal, when the core PHP module is enabled, allows remote authenticated users or remote attackers to execute arbitrary PHP code via the text parameter to a text filter.

6.8
2012-09-06 CVE-2012-1467 PKP Path Traversal vulnerability in PKP Open Journal Systems

Multiple directory traversal vulnerabilities in the iBrowser plugin library, as used in Open Journal Systems before 2.3.7, allow remote authenticated users to (1) delete or (2) rename arbitrary files via a ..

6.5
2012-09-05 CVE-2011-4450 Wikkawiki Path Traversal vulnerability in Wikkawiki 1.3.1/1.3.2

Directory traversal vulnerability in handlers/files.xml/files.xml.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to read or delete arbitrary files via a non-initial ..

6.4
2012-09-06 CVE-2012-4754 Mindjet Unspecified vulnerability in Mindjet Mindmanager 2012 10.0.493

Multiple untrusted search path vulnerabilities in MindManager 2012 10.0.493 allow local users to gain privileges via a Trojan horse (1) ssgp.dll or (2) dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mmap file.

6.3
2012-09-06 CVE-2011-5155 Helpandmanual Unspecified vulnerability in Helpandmanual Help & Manual 5.5.1

Untrusted search path vulnerability in Help & Manual 5.5.1 Build 1296 allows local users to gain privileges via a Trojan horse ijl15.dll file in the current working directory, as demonstrated by a directory that contains a .hmxz, .hmxp, .hmskin, .hmx, .hm3, .hpj, .hlp, or .chm file.

6.3
2012-09-06 CVE-2011-5153 Acdsee Unspecified vulnerability in Acdsee Fotoslate 4.0

Untrusted search path vulnerability in FotoSlate 4.0 Build 146 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .plp file.

6.3
2012-09-06 CVE-2012-1468 PKP Unspecified vulnerability in PKP Open Journal Systems

Incomplete blacklist vulnerability in Open Journal Systems before 2.3.7 allows remote authenticated users with the Author Role permission to execute arbitrary code by uploading a file with an executable extension that is not ".php", then accessing it via a direct request to the file in submission/original/ in the associated article directory, as demonstrated using .pHp, .asp, and other extensions.

6.0
2012-09-05 CVE-2012-3540 Openstack Improper Input Validation vulnerability in Openstack Horizon 2012.1

Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/.

5.8
2012-09-09 CVE-2012-4885 Mediawiki Multiple Security vulnerability in MediaWiki

The wikitext parser in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to cause a denial of service (infinite loop) via certain input, as demonstrated by the padleft function.

5.0
2012-09-09 CVE-2012-1581 Mediawiki Permissions, Privileges, and Access Controls vulnerability in Mediawiki

MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak random numbers for password reset tokens, which makes it easier for remote attackers to change the passwords of arbitrary users.

5.0
2012-09-09 CVE-2012-1579 Mediawiki Information Exposure vulnerability in Mediawiki

The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 includes private data such as CSRF tokens in a JavaScript file, which allows remote attackers to obtain sensitive information.

5.0
2012-09-09 CVE-2012-1152 Ingy USE of Externally-Controlled Format String vulnerability in Ingy Yaml::Libyaml 0.38

Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML (aka YAML-LibYAML and perl-YAML-LibYAML) module 0.38 for Perl allow remote attackers to cause a denial of service (process crash) via format string specifiers in a (1) YAML stream to the Load function, (2) YAML node to the load_node function, (3) YAML mapping to the load_mapping function, or (4) YAML sequence to the load_sequence function.

5.0
2012-09-09 CVE-2012-1151 Perl USE of Externally-Controlled Format String vulnerability in Perl

Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function.

5.0
2012-09-06 CVE-2012-4878 Flatnux Path Traversal vulnerability in Flatnux 201108092

Absolute path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action.

5.0
2012-09-06 CVE-2012-1611 Joomla Permissions, Privileges, and Access Controls vulnerability in Joomla Joomla!

Joomla! 2.5.x before 2.5.4 does not properly check permissions, which allows attackers to obtain sensitive "administrative back end" information via unknown attack vectors.

5.0
2012-09-06 CVE-2012-0837 Joomla Information Exposure vulnerability in Joomla Joomla!

Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain the installation path via unspecified vectors related to "administrator."

5.0
2012-09-06 CVE-2012-0836 Joomla Unspecified vulnerability in Joomla Joomla!

Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows attackers to read the error log via unknown vectors.

5.0
2012-09-06 CVE-2012-0835 Joomla Unspecified vulnerability in Joomla Joomla!

Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain sensitive information via unknown vectors related to "administrator."

5.0
2012-09-06 CVE-2012-0821 Joomla Unspecified vulnerability in Joomla Joomla!

Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0819.

5.0
2012-09-06 CVE-2012-0819 Joomla Unspecified vulnerability in Joomla Joomla!

Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0821.

5.0
2012-09-06 CVE-2012-4867 Vtiger Path Traversal vulnerability in Vtiger CRM 5.1.0

Directory traversal vulnerability in modules/com_vtiger_workflow/sortfieldsjson.php in vtiger CRM 5.1.0 allows remote attackers to read arbitrary files via a ..

5.0
2012-09-05 CVE-2012-4752 Owncloud Permissions, Privileges, and Access Controls vulnerability in Owncloud

appconfig.php in ownCloud before 4.0.6 does not properly restrict access, which allows remote authenticated users to edit app configurations via unspecified vectors.

5.0
2012-09-05 CVE-2012-4387 Apache Permissions, Privileges, and Access Controls vulnerability in Apache Struts

Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service (CPU consumption) via a long parameter name, which is processed as an OGNL expression.

5.0
2012-09-05 CVE-2012-3526 Thomas Eibner
Apache
Denial of Service vulnerability in Thomas Eibner MOD Rpaf 0.5/0.6

The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.

5.0
2012-09-05 CVE-2012-3509 GNU
Canonical
Debian
Numeric Errors vulnerability in multiple products

Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow.

5.0
2012-09-05 CVE-2012-2063 Brian Altenhofel
Drupal
Permissions, Privileges, and Access Controls vulnerability in Brian Altenhofel Slidebox

The Slidebox module before 7.x-1.4 for Drupal does not properly check permissions, which allows remote attackers to obtain sensitive information via unspecified vectors.

5.0
2012-09-04 CVE-2012-1614 Coppermine Gallery Information Exposure vulnerability in Coppermine-Gallery Coppermine Photo Gallery

Coppermine Photo Gallery before 1.5.20 allows remote attackers to obtain sensitive information via (1) a direct request to plugins/visiblehookpoints/index.php, an invalid (2) page or (3) cat parameter to thumbnails.php, an invalid (4) page parameter to usermgr.php, or an invalid (5) newer_than or (6) older_than parameter to search.inc.php, which reveals the installation path in an error message.

5.0
2012-09-04 CVE-2012-1608 Typo3 Improper Input Validation vulnerability in Typo3

The t3lib_div::RemoveXSS API method in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and inject arbitrary web script or HTML via non printable characters.

5.0
2012-09-04 CVE-2012-1607 Typo3 Information Exposure vulnerability in Typo3

The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to obtain the database name via a direct request.

5.0
2012-09-04 CVE-2012-1605 Typo3 Remote Security vulnerability in TYPO3 Core TYPO3-CORE-SA-2012-001

The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which allows remote attackers to unserialize arbitrary objects and possibly execute arbitrary code via vectors related to "a missing signature (HMAC) for a request argument."

5.0
2012-09-04 CVE-2012-4747 Mozilla Permissions, Privileges, and Access Controls vulnerability in Mozilla Bugzilla

Bugzilla 2.x and 3.x through 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1.x and 4.2.x before 4.2.3, and 4.3.x before 4.3.3 stores potentially sensitive information under the web root with insufficient access control, which allows remote attackers to read (1) template (aka .tmpl) files, (2) other custom extension files under extensions/, or (3) custom documentation files under docs/ via a direct request.

5.0
2012-09-04 CVE-2012-3981 Mozilla Credentials Management vulnerability in Mozilla Bugzilla

Auth/Verify/LDAP.pm in Bugzilla 2.x and 3.x before 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1.x and 4.2.x before 4.2.3, and 4.3.x before 4.3.3 does not restrict the characters in a username, which might allow remote attackers to inject data into an LDAP directory via a crafted login attempt.

5.0
2012-09-09 CVE-2012-1649 Danielb
Drupal
Permissions, Privileges, and Access Controls vulnerability in Danielb Cool AID

Cool Aid module before 6.x-1.9 for Drupal does not enforce access restrictions, which allows remote authenticated users with the administer coolaid permission to modify arbitrary pages via unspecified vectors.

4.9
2012-09-08 CVE-2012-3257 HP Unspecified vulnerability in HP Business Availability Center 8.07

HP Business Availability Center (BAC) 8.07 allows remote authenticated users to hijack web sessions via unspecified vectors.

4.6
2012-09-05 CVE-2012-3537 Dell Permissions, Privileges, and Access Controls vulnerability in Dell Crowbar

The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names.

4.6
2012-09-05 CVE-2012-3527 Typo3 Cryptographic Issues vulnerability in Typo3

view_help.php in the backend help system in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to unserialize arbitrary objects and possibly execute arbitrary PHP code via an unspecified parameter, related to a "missing signature (HMAC)."

4.6
2012-09-09 CVE-2012-1912 Chatelao Cross-Site Scripting vulnerability in Chatelao PHP Address Book

Cross-site scripting (XSS) vulnerability in preferences.php in PHP Address Book 7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the from parameter.

4.3
2012-09-09 CVE-2012-1582 Mediawiki Cross-Site Scripting vulnerability in Mediawiki

Cross-site scripting (XSS) vulnerability in the wikitext parser in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to inject arbitrary web script or HTML via a crafted page with "forged strip item markers," as demonstrated using the CharInsert extension.

4.3
2012-09-09 CVE-2011-5160 Open EMR Cross-Site Scripting vulnerability in Open-Emr Openemr 4.0.0/4.1.0/4.1.1

Cross-site scripting (XSS) vulnerability in setup.php in OpenEMR 4 allows remote attackers to inject arbitrary web script or HTML via the site parameter.

4.3
2012-09-09 CVE-2011-5159 Geeklog Cross-Site Scripting vulnerability in Geeklog

Cross-site scripting (XSS) vulnerability in admin/configuration.php in Geeklog before 1.7.1sr1 allows remote attackers to inject arbitrary web script or HTML via the sub_group parameter, a different vulnerability than CVE-2011-4942.

4.3
2012-09-09 CVE-2011-4942 Geeklog Cross-Site Scripting vulnerability in Geeklog

Multiple cross-site scripting (XSS) vulnerabilities in admin/configuration.php in Geeklog before 1.7.1sr1 allow remote attackers to inject arbitrary web script or HTML via the (1) subgroup or (2) conf_group parameters.

4.3
2012-09-08 CVE-2012-4012 Cybozu Information Exposure vulnerability in Cybozu Kunai 2.0.5

The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.

4.3
2012-09-08 CVE-2012-3255 HP Cross-Site Scripting vulnerability in HP Business Availability Center 8.07

Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-09-07 CVE-2012-4388 PHP Improper Input Validation vulnerability in PHP 5.4.0

The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome.

4.3
2012-09-06 CVE-2012-4873 SIR Cross-Site Scripting vulnerability in SIR Gnuboard 4.31.3/4.31.4/4.33.2

Cross-site scripting (XSS) vulnerability in the file_download function in GNUBoard before 4.34.21 allows remote attackers to inject arbitrary web script or HTML via the filename parameter.

4.3
2012-09-06 CVE-2012-4872 Kayako Cross-Site Scripting vulnerability in Kayako Fusion

Cross-site scripting (XSS) vulnerability in Tickets/Submit in Kayako Fusion before 4.40.985 allows remote attackers to inject arbitrary web script or HTML via certain vectors, possibly a crafted ticket description.

4.3
2012-09-06 CVE-2012-4871 Litespeedtech Cross-Site Scripting vulnerability in Litespeedtech Litespeed web Server 4.1.11

Cross-site scripting (XSS) vulnerability in service/graph_html.php in the administrator panel in LiteSpeed Web Server 4.1.11 allows remote attackers to inject arbitrary web script or HTML via the gtitle parameter.

4.3
2012-09-06 CVE-2012-1612 Joomla Cross-Site Scripting vulnerability in Joomla Joomla!

Cross-site scripting (XSS) vulnerability in the update manager in Joomla! 2.5.x before 2.5.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-09-06 CVE-2012-1469 PKP Cross-Site Scripting vulnerability in PKP Open Journal Systems

Multiple cross-site scripting (XSS) vulnerabilities in Open Journal Systems before 2.3.7 allow remote attackers and remote authenticated users to inject arbitrary web script or HTML via the (1) editor or (2) callback parameters to lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php in the iBrowser plugin, (3) authors[][url] parameter to index.php, or (4) Bio Statement or (5) Abstract of Submission fields to the stripUnsafeHtml function in lib/pkp/classes/core/String.inc.php.

4.3
2012-09-06 CVE-2012-0822 Joomla Cross-Site Scripting vulnerability in Joomla Joomla!

Cross-site scripting (XSS) vulnerability in Joomla! 1.6 and 1.7.x before 1.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0820.

4.3
2012-09-06 CVE-2012-0820 Joomla Cross-Site Scripting vulnerability in Joomla Joomla!

Cross-site scripting (XSS) vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0822.

4.3
2012-09-06 CVE-2012-1584 Scott Wheeler Numeric Errors vulnerability in Scott Wheeler Taglib

Integer overflow in the mid function in toolkit/tbytevector.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted file header field in a media file, which triggers a large memory allocation.

4.3
2012-09-06 CVE-2012-1110 Datemill Cross-Site Scripting vulnerability in Datemill Etano 1.22

Multiple cross-site scripting (XSS) vulnerabilities in Etano 1.22 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user, (2) email, (3) email2, (4) f17_zip, or (5) agree parameter to join.php; (6) PATH_INFO, (7) st, (8) f17_city, (9) f17_country, (10) f17_state, (11) f17_zip, (12) f19, (13) wphoto, (14) search, or (15) v parameter to search.php; (16) PATH_INFO or (17) st parameter to photo_search.php; or (18) return parameter to photo_view.php.

4.3
2012-09-06 CVE-2012-1108 Scott Wheeler Improper Input Validation vulnerability in Scott Wheeler Taglib

The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted vendorLength field in an ogg file.

4.3
2012-09-06 CVE-2012-1107 Scott Wheeler Buffer Overflow and Divide-By-Zero Denial of Service vulnerability in taglib

The analyzeCurrent function in ape/apeproperties.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted sampleRate in an ape file, which triggers a divide-by-zero error.

4.3
2012-09-06 CVE-2012-4870 Sangoma Cross-Site Scripting vulnerability in Sangoma Freepbx

Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) context parameter to panel/index_amp.php or (2) panel/dhtml/index.php; (3) clid or (4) clidname parameters to panel/flash/mypage.php; (5) PATH_INFO to admin/views/freepbx_reload.php; or (6) login parameter to recordings/index.php.

4.3
2012-09-06 CVE-2012-2741 Phplist Cross-Site Scripting vulnerability in PHPlist

Cross-site scripting (XSS) vulnerability in public_html/lists/admin/ in phpList before 2.10.18 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a reconcileusers action.

4.3
2012-09-05 CVE-2012-4397 Owncloud Cross-Site Scripting vulnerability in Owncloud

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) calendar displayname to part.choosecalendar.rowfields.php or (2) part.choosecalendar.rowfields.shared.php in apps/calendar/templates/; or (3) unspecified vectors to apps/contacts/lib/vcard.php.

4.3
2012-09-05 CVE-2012-4396 Owncloud Cross-Site Scripting vulnerability in Owncloud

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) file names to apps/user_ldap/settings.php; (2) url or (3) title parameter to apps/bookmarks/ajax/editBookmark.php; (4) tag or (5) page parameter to apps/bookmarks/ajax/updateList.php; (6) identity to apps/user_openid/settings.php; (7) stack name in apps/gallery/lib/tiles.php; (8) root parameter to apps/gallery/templates/index.php; (9) calendar displayname in apps/calendar/templates/part.import.php; (10) calendar uri in apps/calendar/templates/part.choosecalendar.rowfields.php; (11) title, (12) location, or (13) description parameter in apps/calendar/lib/object.php; (14) certain vectors in core/js/multiselect.js; or (15) artist, (16) album, or (17) title comments parameter in apps/media/lib_scanner.php.

4.3
2012-09-05 CVE-2012-4395 Owncloud Cross-Site Scripting vulnerability in Owncloud

Cross-site scripting (XSS) vulnerability in index.php in ownCloud before 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the redirect_url parameter.

4.3
2012-09-05 CVE-2012-4394 Owncloud Cross-Site Scripting vulnerability in Owncloud

Cross-site scripting (XSS) vulnerability in apps/files/js/filelist.js in ownCloud before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter.

4.3
2012-09-05 CVE-2012-3551 Dell Cross-Site Scripting vulnerability in Dell Crowbar

Cross-site scripting (XSS) vulnerability in crowbar_framework/app/views/support/index.html.haml in the Crowbar barclamp in Crowbar, possibly 1.4 and earlier, allows remote attackers to inject arbitrary web script or HTML via the file parameter to /utils.

4.3
2012-09-05 CVE-2012-3542 Openstack Permissions, Privileges, and Access Controls vulnerability in Openstack Essex and Horizon

OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex (2012.1), allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the user's default tenant to the administrative API.

4.3
2012-09-05 CVE-2012-3531 Typo3 Cross-Site Scripting vulnerability in Typo3

Cross-site scripting (XSS) vulnerability in the Install Tool in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-09-05 CVE-2012-3530 Typo3 Unspecified vulnerability in Typo3

Incomplete blacklist vulnerability in the t3lib_div::quoteJSvalue API function in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to conduct cross-site scripting (XSS) attacks via certain HTML5 JavaScript events.

4.3
2012-09-05 CVE-2011-4451 Wikkawiki Unspecified vulnerability in Wikkawiki 1.3.1/1.3.2

** DISPUTED ** libs/Wakka.class.php in WikkaWiki 1.3.1 and 1.3.2, when the spam_logging option is enabled, allows remote attackers to write arbitrary PHP code to the spamlog_path file via the User-Agent HTTP header in an addcomment request.

4.3
2012-09-05 CVE-2012-2066 Ckeditor
Drupal
Cross-Site Scripting vulnerability in Ckeditor and Fckeditor

Cross-site scripting (XSS) vulnerability in the FCKeditor module 6.x-2.x before 6.x-2.3 and the CKEditor module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.7 for Drupal allows remote authenticated users or remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-09-05 CVE-2012-2064 Mark Theunissen
Drupal
Cross-Site Scripting vulnerability in Mark Theunissen Views Lang Switch 7.X1.0/7.X1.1/7.X1.X

Cross-site scripting (XSS) vulnerability in theme/views_lang_switch.theme.inc in the Views Language Switcher module before 7.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via the q parameter.

4.3
2012-09-09 CVE-2012-2315 Openkm Permissions, Privileges, and Access Controls vulnerability in Openkm 5.1.7/5.1.8

admin/Auth in OpenKM 5.1.7 and other versions before 5.1.8-2 does not properly enforce privileges for changing user roles, which allows remote authenticated users to assign administrator privileges to arbitrary users via the userEdit action.

4.0
2012-09-05 CVE-2012-4390 Owncloud Information Exposure vulnerability in Owncloud

(1) apps/calendar/appinfo/remote.php and (2) apps/contacts/appinfo/remote.php in ownCloud before 4.0.7 allows remote authenticated users to enumerate the registered users via unspecified vectors.

4.0

9 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-09-05 CVE-2010-4819 X Improper Input Validation vulnerability in X X.Org-Xserver 1.7/1.7.6.902/1.7.7

The ProcRenderAddGlyphs function in the Render extension (render/render.c) in X.Org xserver 1.7.7 and earlier allows local users to read arbitrary memory and possibly cause a denial of service (server crash) via unspecified vectors related to an "input sanitization flaw."

3.6
2012-09-05 CVE-2012-3529 Typo3 Information Exposure vulnerability in Typo3

The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified vectors.

3.5
2012-09-05 CVE-2012-3528 Typo3 Cross-Site Scripting vulnerability in Typo3

Multiple cross-site scripting (XSS) vulnerabilities in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2012-09-05 CVE-2012-2065 Freso
Drupal
Cross-Site Scripting vulnerability in Freso Languageicons

Cross-site scripting (XSS) vulnerability in the Language Icons module 6.x-2.x before 6.x-2.1 and 7.x-1.x before 7.x-1.0 for Drupal allows remote authenticated users with administer languages permissions to inject arbitrary web script or HTML via unspecified vectors.

3.5
2012-09-04 CVE-2012-1613 Coppermine Gallery Cross-Site Scripting vulnerability in Coppermine-Gallery Coppermine Photo Gallery

Cross-site scripting (XSS) vulnerability in edit_one_pic.php in Coppermine Photo Gallery before 1.5.20 allows remote authenticated users with certain privileges to inject arbitrary web script or HTML via the keywords parameter.

3.5
2012-09-04 CVE-2012-1606 Typo3 Cross-Site Scripting vulnerability in Typo3

Multiple cross-site scripting (XSS) vulnerabilities in the Backend component in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2012-09-04 CVE-2012-3582 Symantec Permissions, Privileges, and Access Controls vulnerability in Symantec PGP Universal Server 3.2.0/3.2.1

Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly manage sessions that include key search requests, which might allow remote attackers to read a private key in opportunistic circumstances by making a request near the end of a user's session.

2.9
2012-09-09 CVE-2012-1648 Danielb
Drupal
Cross-Site Scripting vulnerability in Danielb Cool AID

Cross-site scripting (XSS) vulnerability in the Cool Aid module before 6.x-1.9 for Drupal allows remote authenticated users with the administer coolaid permission to inject arbitrary web script or HTML via unspecified vectors.

2.1
2012-09-05 CVE-2012-2068 Tiger Fish
Drupal
Cross-Site Scripting vulnerability in Tiger-Fish Fancy Slide

Multiple cross-site scripting (XSS) vulnerabilities in fancy_slide.module in the Fancy Slide module before 6.x-2.7 for Drupal allow remote authenticated users with the administer fancy_slide permission to inject arbitrary web script or HTML via the (1) node_title or (2) nodequeue_title parameter.

2.1