Weekly Vulnerabilities Reports > September 24 to 30, 2012

Overview

100 new vulnerabilities reported during this period, including 15 critical vulnerabilities and 31 high severity vulnerabilities. This weekly summary report vulnerabilities in 70 products from 38 vendors including Google, Opensuse, IBM, Cisco, and Redhat. Vulnerabilities are notably categorized as "Resource Management Errors", "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", and "Permissions, Privileges, and Access Controls".

  • 98 reported vulnerabilities are remotely exploitables.
  • 25 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 92 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 26 reported vulnerabilities.
  • HP has the most reported critical vulnerabilities, with 5 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

15 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-09-28 CVE-2012-5197 Condor Project Unspecified vulnerability in Condor Project Condor

Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to "error checking of system calls."

10.0
2012-09-28 CVE-2012-5196 Condor Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Condor Project Condor

Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors.

10.0
2012-09-28 CVE-2012-0417 Novell Numeric Errors vulnerability in Novell Groupwise

Integer overflow in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors.

10.0
2012-09-26 CVE-2012-2897 Google
Microsoft
Buffer Errors vulnerability in Google Chrome

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT, as used by Google Chrome before 22.0.1229.79 and other programs, do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted TrueType font file, aka "Windows Font Parsing Vulnerability" or "TrueType Font Parsing Vulnerability."

10.0
2012-09-25 CVE-2012-3298 IBM Denial-Of-Service vulnerability in IBM Websphere Commerce 7.0

Unspecified vulnerability in the REST services framework in IBM WebSphere Commerce 7.0 Feature Pack 4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors.

10.0
2012-09-25 CVE-2012-3263 HP Unspecified vulnerability in HP Sitescope 11.10/11.11/11.12

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1465.

10.0
2012-09-25 CVE-2012-3262 HP Unspecified vulnerability in HP Sitescope 11.10/11.11/11.12

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1464.

10.0
2012-09-25 CVE-2012-3261 HP Unspecified vulnerability in HP Sitescope 11.10/11.11/11.12

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463.

10.0
2012-09-25 CVE-2012-3260 HP Unspecified vulnerability in HP Sitescope 11.10/11.11/11.12

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1462.

10.0
2012-09-25 CVE-2012-3259 HP Unspecified vulnerability in HP Sitescope 11.10/11.11/11.12

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461.

10.0
2012-09-28 CVE-2012-0418 Novell
Microsoft
Remote Code Execution vulnerability in Novell Groupwise Client

Unspecified vulnerability in the client in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted file.

9.3
2012-09-24 CVE-2012-5054 Adobe Numeric Errors vulnerability in Adobe Flash Player

Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments.

9.3
2012-09-24 CVE-2012-4655 Cisco Improper Input Validation vulnerability in Cisco Secure Desktop

The WebLaunch feature in Cisco Secure Desktop before 3.6.6020 does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug IDs CSCtz76128 and CSCtz78204.

9.3
2012-09-25 CVE-2012-3334 IBM Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Informix Dynamic Server

Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 before 11.50.xC9W2 and 11.70 before 11.70.xC5 allows remote authenticated users to execute arbitrary code via crafted arguments in a SET COLLATION statement.

9.0
2012-09-25 CVE-2012-3324 IBM
Microsoft
Path Traversal vulnerability in IBM DB2 and DB2 Connect

Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field.

9.0

31 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-09-25 CVE-2012-2287 EMC
Microsoft
Improper Authentication vulnerability in EMC products

The authentication functionality in EMC RSA Authentication Agent 7.1 and RSA Authentication Client 3.5 on Windows XP and Windows Server 2003, when an unspecified configuration exists, allows remote authenticated users to bypass an intended token-authentication step, and establish a login session to a remote host, by leveraging Windows credentials for that host.

8.5
2012-09-28 CVE-2012-5049 Optimalog Improper Input Validation vulnerability in Optimalog Optima PLC

APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

7.8
2012-09-28 CVE-2012-5048 Optimalog Resource Management Errors vulnerability in Optimalog Optima PLC

APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted packet.

7.8
2012-09-27 CVE-2012-4623 Cisco Improper Input Validation vulnerability in Cisco IOS and IOS XE

The DHCPv6 server in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x, 3.1.xS before 3.1.4S, 3.1.xSG and 3.2.xSG before 3.2.5SG, 3.2.xS, 3.2.xXO, 3.3.xS, and 3.3.xSG before 3.3.1SG allows remote attackers to cause a denial of service (device reload) via a malformed DHCPv6 packet, aka Bug ID CSCto57723.

7.8
2012-09-27 CVE-2012-4621 Cisco Resource Management Errors vulnerability in Cisco IOS

The Device Sensor feature in Cisco IOS 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via a DHCP packet, aka Bug ID CSCty96049.

7.8
2012-09-27 CVE-2012-4620 Cisco Resource Management Errors vulnerability in Cisco 10008 Router and IOS

Cisco IOS 12.2 and 15.0 through 15.2 on Cisco 10000 series routers, when a tunnel interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via tunneled (1) GRE/IP, (2) IPIP, or (3) IPv6 in IPv4 packets, aka Bug ID CSCts66808.

7.8
2012-09-27 CVE-2012-4619 Cisco Resource Management Errors vulnerability in Cisco IOS

The NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtr46123.

7.8
2012-09-27 CVE-2012-4618 Cisco Resource Management Errors vulnerability in Cisco IOS

The SIP ALG feature in the NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtn76183.

7.8
2012-09-27 CVE-2012-3949 Cisco Improper Input Validation vulnerability in Cisco Ios, IOS XE and Unified Communications Manager

The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2; and Cisco IOS XE 3.3.xSG before 3.3.1SG, 3.4.xS, and 3.5.xS allows remote attackers to cause a denial of service (service crash or device reload) via a crafted SIP message containing an SDP session description, aka Bug IDs CSCtw66721, CSCtj33003, and CSCtw84664.

7.8
2012-09-25 CVE-2012-4014 Mcafee Denial of Service vulnerability in McAfee Email Anti-virus

Unspecified vulnerability in McAfee Email Anti-virus (formerly WebShield SMTP) allows remote attackers to cause a denial of service via unknown vectors.

7.8
2012-09-25 CVE-2012-3011 Fultek Path Traversal vulnerability in Fultek Wintr Scada 2.0.0/2.5

Directory traversal vulnerability in the web server in Fultek WinTr Scada 4.0.5 and earlier allows remote attackers to read arbitrary files via a crafted request.

7.8
2012-09-28 CVE-2012-2684 Redhat
Trevor Mckay
SQL Injection vulnerability in multiple products

Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.

7.5
2012-09-28 CVE-2012-2998 Trend Micro SQL Injection vulnerability in Trend Micro Control Manager

SQL injection vulnerability in the ad hoc query module in Trend Micro Control Manager (TMCM) before 5.5.0.1823 and 6.0 before 6.0.0.1449 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2012-09-26 CVE-2012-2896 Google
Apple
Numeric Errors vulnerability in Google Chrome

Integer overflow in the WebGL implementation in Google Chrome before 22.0.1229.79 on Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

7.5
2012-09-26 CVE-2012-2888 Opensuse
Google
Resource Management Errors vulnerability in multiple products

Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG text references.

7.5
2012-09-26 CVE-2012-2887 Google
Opensuse
Resource Management Errors vulnerability in Google Chrome

Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving onclick events.

7.5
2012-09-26 CVE-2012-2885 Opensuse
Google
Resource Management Errors vulnerability in multiple products

Double free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to application exit.

7.5
2012-09-26 CVE-2012-2883 Google
Opensuse
Buffer Errors vulnerability in Google Chrome

Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2874.

7.5
2012-09-26 CVE-2012-2881 Google
Opensuse
Buffer Errors vulnerability in Google Chrome

Google Chrome before 22.0.1229.79 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via unknown vectors.

7.5
2012-09-26 CVE-2012-2880 Opensuse
Google
Race Condition vulnerability in multiple products

Race condition in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the plug-in paint buffer.

7.5
2012-09-26 CVE-2012-2878 Opensuse
Google
Resource Management Errors vulnerability in multiple products

Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.

7.5
2012-09-26 CVE-2012-2876 Opensuse
Google
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

7.5
2012-09-26 CVE-2012-2874 Google
Opensuse
Buffer Errors vulnerability in Google Chrome

Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883.

7.5
2012-09-26 CVE-2012-1116 Joomla SQL Injection vulnerability in Joomla Joomla!

SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5
2012-09-25 CVE-2012-0973 Osclass SQL Injection vulnerability in Osclass

Multiple SQL injection vulnerabilities in OSClass before 2.3.5 allow remote attackers to execute arbitrary SQL commands via the sCategory parameter to index.php, which is not properly handled by the (1) osc_search_category_id function in oc-includes/osclass/helpers/hSearch.php and (2) findBySlug function oc-includes/osclass/model/Category.php.

7.5
2012-09-25 CVE-2012-5159 Phpmyadmin Code Injection vulnerability in PHPmyadmin 3.5.2.2

phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack.

7.5
2012-09-25 CVE-2012-0209 Horde Code Injection vulnerability in Horde Groupware and Horde

Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November 2011 and February 2012, contains an externally introduced modification (Trojan Horse) in templates/javascript/open_calendar.js, which allows remote attackers to execute arbitrary PHP code.

7.5
2012-09-25 CVE-2012-3264 HP Unspecified vulnerability in HP Sitescope 11.10/11.11/11.12

Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1472.

7.5
2012-09-27 CVE-2012-4622 Cisco Resource Management Errors vulnerability in Cisco IOS XE 3.2.00.Xo.15.0(2)Xo

Cisco IOS XE 03.02.00.XO.15.0(2)XO on Catalyst 4500E series switches, when a Supervisor Engine 7L-E card is installed, allows remote attackers to cause a denial of service (card reload) via malformed packets that trigger uncorrected ECC error messages, aka Bug ID CSCty88456.

7.1
2012-09-27 CVE-2012-4617 Cisco Improper Input Validation vulnerability in Cisco Ios, IOS XE and IOS XR

The BGP implementation in Cisco IOS 15.2, IOS XE 3.5.xS before 3.5.2S, and IOS XR 4.1.0 through 4.2.2 allows remote attackers to cause a denial of service (multiple connection resets) by leveraging a peer relationship and sending a malformed attribute, aka Bug IDs CSCtt35379, CSCty58300, CSCtz63248, and CSCtz62914.

7.1
2012-09-27 CVE-2012-3950 Cisco Resource Management Errors vulnerability in Cisco IOS

The Intrusion Prevention System (IPS) feature in Cisco IOS 12.3 through 12.4 and 15.0 through 15.2, in certain configurations of enabled categories and missing signatures, allows remote attackers to cause a denial of service (device reload) via DNS packets, aka Bug ID CSCtw55976.

7.1

51 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-09-28 CVE-2012-4448 Wordpress Cross-Site Request Forgery (CSRF) vulnerability in Wordpress 3.4.2

Cross-site request forgery (CSRF) vulnerability in wp-admin/index.php in WordPress 3.4.2 allows remote attackers to hijack the authentication of administrators for requests that modify an RSS URL via a dashboard_incoming_links edit action.

6.8
2012-09-28 CVE-2012-2734 Redhat
Trevor Mckay
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

Multiple cross-site request forgery (CSRF) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to hijack the authentication of arbitrary users for requests that execute commands via unspecified vectors.

6.8
2012-09-28 CVE-2012-0956 Ubiquity Slideshow Team Permissions, Privileges, and Access Controls vulnerability in Ubiquity Slideshow Team Ubiquity-Slideshow-Ubuntu

ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the <a> tag of a Twitter feed.

6.8
2012-09-28 CVE-2012-4051 Jamf Cross-Site Request Forgery (CSRF) vulnerability in Jamf Casper Suite

Multiple cross-site request forgery (CSRF) vulnerabilities in editAccount.html in the JAMF Software Server (JSS) interface in JAMF Casper Suite before 8.61 allow remote attackers to hijack the authentication of administrators for requests that (1) create user accounts or (2) change passwords via a Save action.

6.8
2012-09-26 CVE-2012-2895 Google Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome

The PDF functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations.

6.8
2012-09-26 CVE-2012-2894 Google Resource Management Errors vulnerability in Google Chrome

Google Chrome before 22.0.1229.79 does not properly handle graphics-context data structures, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.

6.8
2012-09-26 CVE-2012-2893 Google Resource Management Errors vulnerability in Google Chrome

Double free vulnerability in libxslt, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms.

6.8
2012-09-26 CVE-2012-2890 Google Resource Management Errors vulnerability in Google Chrome

Use-after-free vulnerability in the PDF functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

6.8
2012-09-26 CVE-2012-2882 Google
Opensuse
Improper Input Validation vulnerability in Google Chrome

FFmpeg, as used in Google Chrome before 22.0.1229.79, does not properly handle OGG containers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "wild pointer" issue.

6.8
2012-09-26 CVE-2012-2875 Google Unspecified vulnerability in Google Chrome

Multiple unspecified vulnerabilities in the PDF functionality in Google Chrome before 22.0.1229.79 allow remote attackers to have an unknown impact via a crafted document.

6.8
2012-09-25 CVE-2012-3306 IBM Credentials Management vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1, when multi-domain support is configured, does not purge password data from the authentication cache, which has unspecified impact and remote attack vectors.

6.8
2012-09-25 CVE-2012-3304 IBM Unspecified vulnerability in IBM Websphere Application Server

The Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hijack sessions via unspecified vectors.

6.8
2012-09-26 CVE-2012-5162 Osclass SQL Injection vulnerability in Osclass

Multiple SQL injection vulnerabilities in oc-admin/ajax/ajax.php in OSClass before 2.3.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) edit_category_post or (2) enable_category action to index.php.

6.5
2012-09-28 CVE-2012-3492 Condor Project Improper Authentication vulnerability in Condor Project Condor

The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.

6.4
2012-09-26 CVE-2012-1617 Juan Ramon Path Traversal vulnerability in Juan Ramon Osclass

Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to read and write arbitrary files via a ..

6.4
2012-09-25 CVE-2012-3305 IBM Path Traversal vulnerability in IBM Websphere Application Server

Directory traversal vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to overwrite arbitrary files via a crafted application file.

6.4
2012-09-28 CVE-2012-3493 Condor Project Information Exposure vulnerability in Condor Project Condor

The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId.

5.8
2012-09-28 CVE-2012-2681 Redhat
Trevor Mckay
Cryptographic Issues vulnerability in multiple products

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key.

5.8
2012-09-28 CVE-2012-1833 Springsource Permissions, Privileges, and Access Controls vulnerability in Springsource Grails

VMware SpringSource Grails before 1.3.8, and 2.x before 2.0.2, does not properly restrict data binding, which might allow remote attackers to bypass intended access restrictions and modify arbitrary object properties via a crafted request parameter to an application.

5.0
2012-09-28 CVE-2012-2680 Redhat
Trevor Mckay
Permissions, Privileges, and Access Controls vulnerability in multiple products

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, does not properly restrict access to resources, which allows remote attackers to obtain sensitive information via unspecified vectors related to (1) "web pages," (2) "export functionality," and (3) "image viewing."

5.0
2012-09-28 CVE-2012-2145 Apache Resource Management Errors vulnerability in Apache Qpid

Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.

5.0
2012-09-28 CVE-2012-0419 Novell Path Traversal vulnerability in Novell Groupwise

Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to read arbitrary files via directory traversal sequences in a request.

5.0
2012-09-26 CVE-2012-2892 Google Unspecified vulnerability in Google Chrome

Unspecified vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to bypass the pop-up blocker via unknown vectors.

5.0
2012-09-26 CVE-2012-2891 Google Information Exposure vulnerability in Google Chrome

The IPC implementation in Google Chrome before 22.0.1229.79 allows attackers to obtain potentially sensitive information about memory addresses via unspecified vectors.

5.0
2012-09-26 CVE-2012-2884 Google
Opensuse
Buffer Errors vulnerability in Google Chrome

Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

5.0
2012-09-26 CVE-2012-2877 Google
Opensuse
Improper Input Validation vulnerability in Google Chrome

The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

5.0
2012-09-25 CVE-2012-2199 IBM
Oracle
Resource Management Errors vulnerability in IBM Websphere MQ

The server message channel agent in the queue manager in the server in IBM WebSphere MQ 7.0.1 before 7.0.1.9, 7.1, and 7.5 on Solaris allows remote attackers to cause a denial of service (invalid address alignment exception and daemon crash) via vectors involving a multiplexed channel.

5.0
2012-09-25 CVE-2012-2187 IBM Cryptographic Issues vulnerability in IBM Remote Supervisor Adapter II Firmware

IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors.

5.0
2012-09-25 CVE-2012-3037 Siemens Information Exposure vulnerability in Siemens Simatic S7-1200 PLC 2.0/2.1/2.2

The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate.

5.0
2012-09-28 CVE-2012-3459 Redhat
Trevor Mckay
Permissions, Privileges, and Access Controls vulnerability in multiple products

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor.

4.9
2012-09-28 CVE-2012-2735 Redhat
Trevor Mckay
Remote vulnerability in Cumin

Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote attackers to hijack web sessions via a crafted session cookie.

4.9
2012-09-28 CVE-2012-2683 Redhat
Trevor Mckay
Cross-Site Scripting vulnerability in multiple products

Multiple cross-site scripting (XSS) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) "error message displays" or (2) "in source HTML on certain pages."

4.3
2012-09-28 CVE-2012-4912 Novell Cross-Site Scripting vulnerability in Novell Groupwise

Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to inject arbitrary web script or HTML via a crafted signature in an HTML e-mail message.

4.3
2012-09-28 CVE-2012-4017 Google
JB
Code Injection vulnerability in Jb+ Jigbrowser+ 1.0.5/1.5.0/1.5.5

The jigbrowser+ application before 1.5.0 for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application.

4.3
2012-09-28 CVE-2012-4016 Google
Justsystems
Permissions, Privileges, and Access Controls vulnerability in Justsystems Atok

The ATOK application before 1.0.4 for Android allows remote attackers to read the learning information file, and obtain sensitive input-string information, via a crafted application.

4.3
2012-09-26 CVE-2012-2889 Google
Apple
Cross-Site Scripting vulnerability in Google Chrome

Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors involving frames, aka "Universal XSS (UXSS)."

4.3
2012-09-26 CVE-2012-2886 Google
Opensuse
Cross-Site Scripting vulnerability in Google Chrome

Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Google V8 bindings, aka "Universal XSS (UXSS)."

4.3
2012-09-26 CVE-2012-2879 Google
Opensuse
Buffer Errors vulnerability in Google Chrome

Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service (DOM topology corruption) via a crafted document.

4.3
2012-09-26 CVE-2012-5164 Fork CMS Cross-Site Scripting vulnerability in Fork-Cms Fork CMS

Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the term parameter to (1) autocomplete.php, (2) search/ajax/autosuggest.php, (3) livesuggest.php, or (4) save.php in frontend/modules/search/ajax.

4.3
2012-09-26 CVE-2012-5163 Osclass Cross-Site Scripting vulnerability in Osclass

Cross-site scripting (XSS) vulnerability in oc-admin/ajax/ajax.php in OSClass before 2.3.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter in an enable_category action to index.php.

4.3
2012-09-26 CVE-2012-1188 Fork CMS Cross-Site Scripting vulnerability in Fork-Cms Fork CMS

Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) type or (2) querystring parameters to private/en/error or (3) name parameter to private/en/locale/index.

4.3
2012-09-26 CVE-2012-1117 Joomla Cross-Site Scripting vulnerability in Joomla Joomla! 2.5.0/2.5.1

Cross-site scripting (XSS) vulnerability in Joomla! 2.5.0 and 2.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2012-09-25 CVE-2012-1646 Drupal Cross-Site Scripting vulnerability in Drupal FAQ

Multiple cross-site scripting (XSS) vulnerabilities in the FAQ module 6.x-1.x before 6.x-1.13 and 7.x-1.x-rc1 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via the (1) title parameter in faq.admin.inc or (2) detailed_question parameter in faq.module.

4.3
2012-09-25 CVE-2012-1293 Ulli Horlacher Cross-Site Scripting vulnerability in Ulli Horlacher FEX

Multiple cross-site scripting (XSS) vulnerabilities in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the (1) to or (2) from parameters.

4.3
2012-09-25 CVE-2012-1103 Notmuchmail
GNU
Improper Input Validation vulnerability in Notmuchmail Notmuch

emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message.

4.3
2012-09-25 CVE-2012-0974 Juan Ramon Cross-Site Scripting vulnerability in Juan Ramon Osclass

Multiple cross-site scripting (XSS) vulnerabilities in the getParam function in oc-includes/osclass/core/Params.php in OSClass before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via the (1) sCity, (2) sPattern, (3) sPriceMax, and (4) sPriceMin parameters in a search action to index.php.

4.3
2012-09-25 CVE-2012-0869 Ulli Horlacher Cross-Site Scripting vulnerability in Ulli Horlacher FEX

Cross-site scripting (XSS) vulnerability in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20120215 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

4.3
2012-09-25 CVE-2012-4015 Mylittletools
Microsoft
Cross-Site Scripting vulnerability in Mylittletools Mylittleadmin

Cross-site scripting (XSS) vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted database entry.

4.3
2012-09-24 CVE-2012-3451 Apache Improper Input Validation vulnerability in Apache CXF

Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.

4.3
2012-09-28 CVE-2012-3491 Condor Project Permissions, Privileges, and Access Controls vulnerability in Condor Project Condor

src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors.

4.0
2012-09-28 CVE-2012-2685 Redhat
Trevor Mckay
Resource Management Errors vulnerability in multiple products

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to cause a denial of service (memory consumption) via a large size in an image request.

4.0

3 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2012-09-25 CVE-2012-3311 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 on z/OS, in certain configurations involving Federated Repositories for IIOP connections and Optimized Local Adapters, does not perform CBIND checks, which allows local users to bypass intended access restrictions, and read or modify application data, via unspecified vectors.

3.3
2012-09-25 CVE-2012-3300 IBM Resource Management Errors vulnerability in IBM Websphere Commerce

IBM WebSphere Commerce 7.0 before 7.0.0.6, when persistent sessions and personalization IDs are enabled, allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors.

2.6
2012-09-25 CVE-2011-4623 Rsyslog Numeric Errors vulnerability in Rsyslog

Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow.

2.1