Weekly Vulnerabilities Reports > October 1 to 7, 2012
Overview
106 new vulnerabilities reported during this period, including 3 critical vulnerabilities and 24 high severity vulnerabilities. This weekly summary report vulnerabilities in 91 products from 74 vendors including Drupal, IBM, Joomla, Mavili Guestbook Project, and Vmware. Vulnerabilities are notably categorized as "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "SQL Injection", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Code Injection".
- 95 reported vulnerabilities are remotely exploitables.
- 15 reported vulnerabilities have public exploit available.
- 44 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 92 reported vulnerabilities are exploitable by an anonymous user.
- Drupal has the most reported vulnerabilities, with 13 reported vulnerabilities.
- Sumatrapdfreader has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
3 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-10-05 | CVE-2012-4896 | Sumatrapdfreader | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sumatrapdfreader Sumatrapdf Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4895. | 9.3 |
2012-10-05 | CVE-2012-4895 | Sumatrapdfreader | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sumatrapdfreader Sumatrapdf Heap-based buffer overflow in SumatraPDF before 2.1 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2012-4896. | 9.3 |
2012-10-05 | CVE-2012-4894 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Sketchup Google SketchUp before 8.0.14346 (aka 8 Maintenance 3) allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SKP file. | 9.3 |
24 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-10-06 | CVE-2012-5304 | Yuriy V Semenikhin | Code Injection vulnerability in Yuriy V Semenikhin YVS Image Gallery Static code injection vulnerability in administration/install.php in YVS Image Gallery allows remote attackers to inject arbitrary PHP code into functions/db_connect.php via unspecified vectors. | 7.5 |
2012-10-06 | CVE-2012-1565 | EZ | Security vulnerability in eZ Publish Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and 4.6 has unknown impact and attack vectors related to an insecure direct object reference. | 7.5 |
2012-10-06 | CVE-2011-4932 | Impresspages | Code Injection vulnerability in Impresspages CMS 1.0.12 Eval injection vulnerability in ip_cms/modules/standard/content_management/actions.php in ImpressPages CMS 1.0.12 and possibly other versons before 1.0.13 allows remote attackers to execute arbitrary code via the cm_group parameter. | 7.5 |
2012-10-04 | CVE-2012-5300 | Mystorexpress | SQL Injection vulnerability in Mystorexpress Tienda Virtual 2.0 SQL injection vulnerability in art_catalogo.php in MyStore Xpress Tienda Virtual 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2012-10-04 | CVE-2012-5299 | Mavili Guestbook Project | Permissions, Privileges, and Access Controls vulnerability in Mavili Guestbook Project Mavili Guestbook Mavili Guestbook, as released in November 2007, allows remote attackers to edit, delete, and approve arbitrary messages via a direct request to (1) edit.asp, (2) delete.asp, or (3) approve.asp. | 7.5 |
2012-10-04 | CVE-2012-5297 | Mavili Guestbook Project | SQL Injection vulnerability in Mavili Guestbook Project Mavili Guestbook SQL injection vulnerability in edit.asp in Mavili Guestbook, as released in November 2007, allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2012-10-04 | CVE-2012-5294 | Mystorexpress | SQL Injection vulnerability in Mystorexpress Tienda Virtual SQL injection vulnerability in art_detalle.php in MyStore Xpress Tienda Virtual allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2012-10-04 | CVE-2011-5203 | Akiva | SQL Injection vulnerability in Akiva Webboard 2.90/8.0 SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before 8 SR 1 allows remote attackers to execute arbitrary SQL commands via the name parameter. | 7.5 |
2012-10-04 | CVE-2012-5293 | Redgraphic | Code Injection vulnerability in Redgraphic Sapid CMS 1.2.3 Multiple PHP remote file inclusion vulnerabilities in SAPID CMS 1.2.3 Stable allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[root_path] parameter to usr/extensions/get_tree.inc.php or (2) root_path parameter to usr/extensions/get_infochannel.inc.php. | 7.5 |
2012-10-04 | CVE-2012-5292 | Atar2B | SQL Injection vulnerability in Atar2B CMS 4.0.1 Multiple SQL injection vulnerabilities in Atar2b CMS 4.0.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) gallery_e.php, (2) pageE.php, or (3) pageH.php. | 7.5 |
2012-10-04 | CVE-2012-5291 | Possesports | SQL Injection vulnerability in Possesports Posse Softball Director CMS SQL injection vulnerability in team.php in Posse Softball Director CMS allows remote attackers to execute arbitrary SQL commands via the idteam parameter. | 7.5 |
2012-10-04 | CVE-2012-5290 | Wcs4Web | SQL Injection vulnerability in Wcs4Web Easywebrealestate Multiple SQL injection vulnerabilities in EasyWebRealEstate allow remote attackers to execute arbitrary SQL commands via the (1) lstid parameter to listings.php or (2) infoid parameter to index.php. | 7.5 |
2012-10-04 | CVE-2012-5289 | Plogger | SQL Injection vulnerability in Plogger 1.0 Multiple SQL injection vulnerabilities in Plogger 1.0 RC1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) index.php or (2) gallery.php. | 7.5 |
2012-10-04 | CVE-2012-5288 | Accomplishtechnology | SQL Injection vulnerability in Accomplishtechnology PHPmydirectory 1.3.3 SQL injection vulnerability in page.php in phpMyDirectory 1.3.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2012-10-01 | CVE-2012-1603 | Nextbbs | SQL Injection vulnerability in Nextbbs 0.6 Multiple SQL injection vulnerabilities in ajaxserver.php in NextBBS 0.6 allow remote attackers to execute arbitrary SQL commands via the (1) curstr parameter in the findUsers function, (2) id parameter in the isIdAvailable function, or (3) username parameter in the getGreetings function. | 7.5 |
2012-10-01 | CVE-2012-1602 | Nextbbs | Improper Authentication vulnerability in Nextbbs 0.6 user.php in NextBBS 0.6 allows remote attackers to bypass authentication and gain administrator access by setting the userkey cookie to 1. | 7.5 |
2012-10-01 | CVE-2012-5231 | Jessgramp | Code Injection vulnerability in Jessgramp Minicms 1.0/2.0 miniCMS 1.0 and 2.0 allows remote attackers to execute arbitrary PHP code via a crafted (1) pagename or (2) area variable containing an executable extension, which is not properly handled by (a) update.php when writing files to content/, or (b) updatenews.php when writing files to content/news/. | 7.5 |
2012-10-01 | CVE-2012-5230 | Harmistechnology Joomla | Security vulnerability in Harmistechnology COM Jesubmit 1.4 Unspecified vulnerability in the JE Story Submit (com_jesubmit) component before 1.9 for Joomla! has unknown impact and attack vectors. | 7.5 |
2012-10-01 | CVE-2012-5227 | Peel | SQL Injection vulnerability in Peel Shopping 2.8/2.9 SQL injection vulnerability in administrer/tva.php in Peel SHOPPING 2.8 and 2.9 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2012-10-01 | CVE-2012-5224 | Vbadvanced | Code Injection vulnerability in Vbadvanced Cmps 3.2.1 PHP remote file inclusion vulnerability in vb/includes/vba_cmps_include_bottom.php in vBadvanced CMPS 3.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pages[template] parameter. | 7.5 |
2012-10-01 | CVE-2012-5223 | Crawlability | Code Injection vulnerability in Crawlability Vbseo The proc_deutf function in includes/functions_vbseocp_abstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" in the char_repl parameter, which is inserted into a regular expression that is processed by the preg_replace function with the eval switch. | 7.5 |
2012-10-01 | CVE-2012-4432 | Optipng | Resource Management Errors vulnerability in Optipng Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to "palette reduction." | 7.5 |
2012-10-01 | CVE-2012-4415 | Fedoraproject Guac DEV | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the guac_client_plugin_open function in libguac in Guacamole before 0.6.3 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long protocol name. | 7.5 |
2012-10-01 | CVE-2012-2240 | Devscripts Devel Team | Improper Input Validation vulnerability in Devscripts Devel Team Devscripts scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands." | 7.5 |
68 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-10-05 | CVE-2012-5303 | Monkey Project | Link Following vulnerability in Monkey-Project Monkey 0.9.3 Monkey HTTP Daemon 0.9.3 might allow local users to overwrite arbitrary files via a symlink attack on a PID file, as demonstrated by a pathname different from the default /var/run/monkey.pid pathname. | 6.9 |
2012-10-05 | CVE-2012-4897 | Vmware | Unspecified vulnerability in VMWare Movie Decoder Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory. | 6.9 |
2012-10-05 | CVE-2012-4443 | Monkey Project | Permissions, Privileges, and Access Controls vulnerability in Monkey-Project Monkey 0.9.3 Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of root during execution of CGI scripts, which might allow local users to gain privileges by leveraging cgi-bin write access. | 6.9 |
2012-10-07 | CVE-2012-1414 | Plume CMS | Cross-Site Request Forgery (CSRF) vulnerability in Plume-Cms Plume CMS Cross-site request forgery (CSRF) vulnerability in manager/news.php in Plume CMS 1.2.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that create News pages via a publish action. | 6.8 |
2012-10-06 | CVE-2012-1153 | Apprain | Remote Arbitrary File Upload vulnerability in appRain CMF 'uploadify.php' Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads directory. | 6.8 |
2012-10-04 | CVE-2012-2999 | Cerberusftp | Cross-Site Request Forgery (CSRF) vulnerability in Cerberusftp FTP Server Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in Cerberus FTP Server before 5.0.5.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user account or (2) reconfigure the state of the FTP service, as demonstrated by a request to usermanager/users/modify. | 6.8 |
2012-10-01 | CVE-2012-1897 | Wolfcms | Cross-Site Request Forgery (CSRF) vulnerability in Wolfcms Wolf CMS Multiple cross-site request forgery (CSRF) vulnerabilities in Wolf CMS 0.75 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) delete users via the user id number to admin/user/delete; (2) delete pages via the page id number to admin/page/delete; delete the (3) images or (4) themes directory via the directory name to admin/plugin/file_manager/delete, and possibly other directories; or (5) logout the user via a request to admin/login/logout. | 6.8 |
2012-10-01 | CVE-2012-0748 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Rational Team Concert 4.0 Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified services in IBM Rational Team Concert (RTC) 4.x before 4.0.0.1 allow remote attackers to hijack the authentication of arbitrary users for requests that modify work items. | 6.8 |
2012-10-01 | CVE-2012-4427 | Gnome | Code Injection vulnerability in Gnome Gnome-Shell 3.4.1 The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page. | 6.8 |
2012-10-01 | CVE-2012-2242 | Devscripts Devel Team | Improper Input Validation vulnerability in Devscripts Devel Team Devscripts scripts/dget.pl in devscripts before 2.10.73 allows remote attackers to execute arbitrary commands via a crafted (1) .dsc or (2) .changes file, related to "arguments to external commands" that are not properly escaped, a different vulnerability than CVE-2012-2240. | 6.8 |
2012-10-03 | CVE-2012-3489 | Postgresql Opensuse Apple Canonical Debian Redhat | XXE vulnerability in multiple products The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that triggers a parsing error, via an XML value that refers to (1) a DTD or (2) an entity, related to an XML External Entity (aka XXE) issue. | 6.5 |
2012-10-01 | CVE-2012-4064 | Eucalyptus | Permissions, Privileges, and Access Controls vulnerability in Eucalyptus Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to gain privileges by sending a message to (1) Cloud Controller or (2) Walrus with the internal message format and a modified user id. | 6.5 |
2012-10-06 | CVE-2012-0987 | Impresscms | Path Traversal vulnerability in Impresscms Directory traversal vulnerability in edituser.php in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x before 1.3.1 Final allows remote authenticated users to include and execute arbitrary local files via a .. | 6.0 |
2012-10-01 | CVE-2012-1576 | Atheme | Permissions, Privileges, and Access Controls vulnerability in Atheme The myuser_delete function in libathemecore/account.c in Atheme 5.x before 5.2.7, 6.x before 6.0.10, and 7.x before 7.0.0-beta2 does not properly clean up CertFP entries when a user is deleted, which allows remote attackers to access a different user account or cause a denial of service (daemon crash) via a login as a deleted user. | 6.0 |
2012-10-01 | CVE-2012-4450 | Fedoraproject | Permissions, Privileges, and Access Controls vulnerability in Fedoraproject 389 Directory Server 1.2.10 389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry. | 6.0 |
2012-10-03 | CVE-2012-3552 | Linux Redhat | Race Condition vulnerability in multiple products Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic. | 5.9 |
2012-10-04 | CVE-2012-5240 | Wireshark | Buffer Errors vulnerability in Wireshark 1.8.0/1.8.1/1.8.2 Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet. | 5.8 |
2012-10-02 | CVE-2012-3314 | IBM | Improper Input Validation vulnerability in IBM products IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.1.1, 6.2.0, 6.2.1, and 6.2.2 allow remote attackers to establish sessions via a crafted message that leverages (1) a signature-validation bypass for SAML messages containing unsigned elements, (2) incorrect validation of XML messages, or (3) a certificate-chain validation bypass for an XML signature element that contains the signing certificate. | 5.8 |
2012-10-01 | CVE-2012-5234 | Ocportal | Improper Input Validation vulnerability in Ocportal Open redirect vulnerability in index.php in ocPortal before 7.1.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter. | 5.8 |
2012-10-07 | CVE-2011-4911 | Joomla | Improper Input Validation vulnerability in Joomla Joomla! Joomla! before 1.5.12 does not perform a JEXEC check in unspecified files, which allows remote attackers to obtain the installation path via unspecified vectors. | 5.0 |
2012-10-06 | CVE-2012-1623 | Aidanlister Drupal | Permissions, Privileges, and Access Controls vulnerability in Aidanlister Regcode The Registration Codes module before 6.x-2.4 for Drupal does not restrict access to the registration code list, which might allow remote attackers to bypass intended registration restrictions. | 5.0 |
2012-10-05 | CVE-2012-1150 | Python | Cryptographic Issues vulnerability in Python Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. | 5.0 |
2012-10-05 | CVE-2012-0845 | Python | Resource Management Errors vulnerability in Python SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header. | 5.0 |
2012-10-05 | CVE-2012-5051 | Vmware | Path Traversal vulnerability in VMWare Capacityiq 1.5.0/1.5.1/1.5.2 Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows remote attackers to read arbitrary files via unspecified vectors. | 5.0 |
2012-10-04 | CVE-2012-5301 | Cerberusftp | Cryptographic Issues vulnerability in Cerberusftp FTP Server The default configuration of Cerberus FTP Server before 5.0.4.0 supports the DES cipher for SSH sessions, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and performing a brute-force attack on the encrypted data. | 5.0 |
2012-10-04 | CVE-2012-5298 | Mavili Guestbook Project | Permissions, Privileges, and Access Controls vulnerability in Mavili Guestbook Project Mavili Guestbook Mavili Guestbook, as released in November 2007, stores guestbook.mdb under the web root with insufficient access control, which allows remote attackers to read the database via a direct request. | 5.0 |
2012-10-04 | CVE-2012-3819 | Dart | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Dart Powertcp Activex Stack consumption vulnerability in dartwebserver.dll 1.9 and earlier, as used in Dart PowerTCP WebServer for ActiveX and other products, allows remote attackers to cause a denial of service (daemon crash) via a long request. | 5.0 |
2012-10-04 | CVE-2012-3267 | HP | Information Disclosure vulnerability in HP Network Node Manager I 9.20 Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.20 allows remote attackers to obtain sensitive information via unknown vectors. | 5.0 |
2012-10-02 | CVE-2012-3266 | HP | Unspecified vulnerability in HP products Unspecified vulnerability in IBRIX 6.1.196 through 6.1.251 on HP IBRIX X9000 Storage allows remote attackers to obtain sensitive information via unknown vectors. | 5.0 |
2012-10-01 | CVE-2012-4063 | Eucalyptus | Permissions, Privileges, and Access Controls vulnerability in Eucalyptus The Apache Santuario configuration in Eucalyptus before 3.1.1 does not properly restrict applying XML Signature transforms to documents, which allows remote attackers to cause a denial of service via unspecified vectors. | 5.0 |
2012-10-01 | CVE-2012-1471 | Ocportal | Path Traversal vulnerability in Ocportal Directory traversal vulnerability in catalogue_file.php in ocPortal before 7.1.6 allows remote attackers to read arbitrary files via a .. | 5.0 |
2012-10-01 | CVE-2012-4830 | IBM | Unspecified vulnerability in IBM Websphere Commerce Unspecified vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 through 7.0.0.6 allows remote attackers to obtain users' personal data via unknown vectors. | 5.0 |
2012-10-01 | CVE-2012-3319 | IBM | Information Exposure vulnerability in IBM Rational Business Developer 8.0.1/8.0.1.1/8.0.1.2 IBM Rational Business Developer 8.x before 8.0.1.4 allows remote attackers to obtain potentially sensitive information via a connection to a web service created with the Rational Business Developer product. | 5.0 |
2012-10-01 | CVE-2012-3035 | Emerson | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Emerson Deltav Buffer overflow in Emerson DeltaV 9.3.1 and 10.3 through 11.3.1 allows remote attackers to cause a denial of service (daemon crash) via a long string to an unspecified port. | 5.0 |
2012-10-01 | CVE-2012-4429 | David King | Information Exposure vulnerability in David King Vino Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900. | 5.0 |
2012-10-01 | CVE-2012-1591 | Drupal | Permissions, Privileges, and Access Controls vulnerability in Drupal The image module in Drupal 7.x before 7.14 does not properly check permissions when caching derivative image styles of private images, which allows remote attackers to read private image styles. | 5.0 |
2012-10-07 | CVE-2010-5277 | Karim Ratib Drupal | Unspecified vulnerability in Karim Ratib Views Bulk Operations Unspecified vulnerability in the Views Bulk Operations module 6 before 6.x-1.10 for Drupal allows remote authenticated users with user management permissions to bypass intended access restrictions and delete anonymous users (user 0) via unspecified vectors. | 4.9 |
2012-10-03 | CVE-2012-3488 | Postgresql | Permissions, Privileges, and Access Controls vulnerability in Postgresql The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or trigger outbound traffic to arbitrary external hosts by leveraging (1) stylesheet commands that are permitted by the libxslt security options or (2) an xslt_process feature, related to an XML External Entity (aka XXE) issue. | 4.9 |
2012-10-05 | CVE-2012-4442 | Monkey Project | Permissions, Privileges, and Access Controls vulnerability in Monkey-Project Monkey 0.9.3 Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read restrictions by leveraging a race condition in a file-permission check. | 4.7 |
2012-10-07 | CVE-2011-4910 | Joomla | Cross-Site Scripting vulnerability in Joomla Joomla! Cross-site scripting (XSS) vulnerability in Joomla! before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | 4.3 |
2012-10-07 | CVE-2011-4909 | Joomla | Cross-Site Scripting vulnerability in Joomla Joomla! Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.5.12 allow remote attackers to inject arbitrary web script or HTML via the HTTP_REFERER header to (1) components/com_content/views/article/tmpl/form.php, (2) components/com_user/controller.php, (3) plugins/system/legacy/html.php, or (4) templates/beez/html/com_content/article/form.php. | 4.3 |
2012-10-07 | CVE-2010-5276 | Memcache Project Drupal | Permissions, Privileges, and Access Controls vulnerability in Memcache Project Memcache The Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal does not properly handle the $user object in memcache_admin, which might "lead to a role change not being recognized until the user logs in again." | 4.3 |
2012-10-07 | CVE-2010-5275 | Memcache Project Drupal | Cross-Site Scripting vulnerability in Memcache Project Memcache Cross-site scripting (XSS) vulnerability in memcache_admin in the Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2012-10-06 | CVE-2012-5305 | Directadmin | Cross-Site Scripting vulnerability in Directadmin 1.403 Cross-site scripting (XSS) vulnerability in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allows remote attackers to inject arbitrary web script or HTML via the domain parameter. | 4.3 |
2012-10-06 | CVE-2012-1634 | Hans Nilsson Drupal | Cross-Site Scripting vulnerability in Hans Nilsson Video Filter Cross-site scripting (XSS) vulnerability in video_filter.codecs.inc in the Video Filter module 6.x-2.x and 7.x-2.x for Drupal allows remote attackers to inject arbitrary web script or HTML via the EMBEDLOOKUP parameter for Blip.tv links. | 4.3 |
2012-10-06 | CVE-2012-1564 | Yuriy V Semenikhin | Cross-Site Scripting vulnerability in Yuriy V Semenikhin YVS Image Gallery Cross-site scripting (XSS) vulnerability in administration/create_album.php in YVS Image Gallery allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2012-10-06 | CVE-2012-0986 | Impresscms | Cross-Site Scripting vulnerability in Impresscms Multiple cross-site scripting (XSS) vulnerabilities in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x before 1.3.1 Final allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) notifications.php, (2) modules/system/admin/images/browser.php, and (3) modules/content/admin/content.php. | 4.3 |
2012-10-05 | CVE-2012-5050 | Vmware | Cross-Site Scripting vulnerability in VMWare Vcenter Operations 1.0.0/1.0.1/1.0.2 Cross-site scripting (XSS) vulnerability in the server in VMware vCenter Operations (aka vCOps) before 5.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2012-10-05 | CVE-2012-4018 | Finalbeta | Cross-Site Scripting vulnerability in Finalbeta Mywebsearch Cross-site scripting (XSS) vulnerability in Final Beta Laboratory MyWebSearch before 1.23 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. | 4.3 |
2012-10-04 | CVE-2012-5296 | Mavili Guestbook Project | Cross-Site Scripting vulnerability in Mavili Guestbook Project Mavili Guestbook Multiple cross-site scripting (XSS) vulnerabilities in Mavili Guestbook, as released in November 2007, allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) approve.asp, (2) delete.asp, (3) edit.asp, or (4) edit2.asp. | 4.3 |
2012-10-04 | CVE-2012-5295 | Fusetalk | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in login.cfm in FuseTalk Forums 3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the windowed parameter. | 4.3 |
2012-10-04 | CVE-2011-5207 | Thecartpress Wordpress | Cross-Site Scripting vulnerability in Thecartpress Cross-site scripting (XSS) vulnerability in admin/OptionsPostsList.php in the TheCartPress plugin for WordPress before 1.1.6 before 2011-12-31 allows remote attackers to inject arbitrary web script or HTML via the tcp_name_post_XXXXX parameter. | 4.3 |
2012-10-04 | CVE-2011-5206 | Rapidleech | Cross-Site Scripting vulnerability in Rapidleech 2.3/Rev36 Cross-site scripting (XSS) vulnerability in notes.php in Rapidleech before 2.3 rev42 SVN r399 allows remote attackers to inject arbitrary web script or HTML via the notes parameter. | 4.3 |
2012-10-04 | CVE-2011-5205 | Rapidleech | Cross-Site Scripting vulnerability in Rapidleech 2.3/Rev36 Cross-site scripting (XSS) vulnerability in audl.php in Rapidleech 2.3 rev42 SVN r358, rev43 SVN r397, and earlier allows remote attackers to inject arbitrary web script or HTML via the links parameter. | 4.3 |
2012-10-01 | CVE-2012-1604 | Nextbbs | Cross-Site Scripting vulnerability in Nextbbs 0.6 Cross-site scripting (XSS) vulnerability in NextBBS 0.6 allows remote attackers to inject arbitrary web script or HTML via the do parameter to index.php. | 4.3 |
2012-10-01 | CVE-2012-1470 | Ocportal | Cross-Site Scripting vulnerability in Ocportal Multiple cross-site scripting (XSS) vulnerabilities in code_editor.php in ocPortal before 7.1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) path or (2) line parameters. | 4.3 |
2012-10-01 | CVE-2012-1636 | Luke Herrington Drupal | Cross-Site Request Forgery (CSRF) vulnerability in Luke Herrington Stickynote 7.X1.0/7.X1.X Cross-site request forgery (CSRF) vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of users for requests that delete stickynotes via unspecified vectors. | 4.3 |
2012-10-01 | CVE-2012-0989 | Oneorzero | Cross-Site Scripting vulnerability in Oneorzero Action and Information Management System 2.8.0 Cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial Edition build231211 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. | 4.3 |
2012-10-01 | CVE-2012-5232 | Mediafire Joomla | Cross-Site Scripting vulnerability in Mediafire MOD Quick Form Cross-site scripting (XSS) vulnerability in the Quickl Form component for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2012-10-01 | CVE-2012-5229 | Wordpress | Cross-Site Scripting vulnerability in Wordpress Slideshow Gallery2 Cross-site scripting (XSS) vulnerability in css/gallery-css.php in the Slideshow Gallery2 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the border parameter. | 4.3 |
2012-10-01 | CVE-2012-5228 | Tincan | Cross-Site Scripting vulnerability in Tincan PHPlist Cross-site scripting (XSS) vulnerability in admin/index.php in phplist 2.10.9, 2.10.17, and possibly other versions before 2.10.19 allows remote attackers to inject arbitrary web script or HTML via the testtarget parameter. | 4.3 |
2012-10-01 | CVE-2012-5226 | Peel | Cross-Site Scripting vulnerability in Peel Shopping 2.8/2.9 Multiple cross-site scripting (XSS) vulnerabilities in Peel SHOPPING 2.8 and 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) motclef parameter to achat/recherche.php or (2) PATH_INFO to index.php. | 4.3 |
2012-10-01 | CVE-2012-5225 | Eliteweaver | Cross-Site Scripting vulnerability in Eliteweaver Xclick Cart 1.0.1/1.0.2 Cross-site scripting (XSS) vulnerability in webscr.php in xClick Cart 1.0.1 and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the shopping_url parameter. | 4.3 |
2012-10-01 | CVE-2012-1898 | Ivano Binetti | Cross-Site Scripting vulnerability in Ivano Binetti Wolf CMS Multiple cross-site scripting (XSS) vulnerabilities in wolfcms/admin/user/add in Wolf CMS 0.75 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user[name], (2) user[email], or (3) user[username] parameters. | 4.3 |
2012-10-01 | CVE-2012-4437 | Smarty | Cross-Site Scripting vulnerability in Smarty Cross-site scripting (XSS) vulnerability in the SmartyException class in Smarty (aka smarty-php) before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger a Smarty exception. | 4.3 |
2012-10-01 | CVE-2011-4551 | Tiki | Cross-Site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware Cross-site scripting (XSS) vulnerability in tiki-cookie-jar.php in TikiWiki CMS/Groupware before 8.2 and LTS before 6.5 allows remote attackers to inject arbitrary web script or HTML via arbitrary parameters. | 4.3 |
2012-10-01 | CVE-2012-2153 | Drupal | Permissions, Privileges, and Access Controls vulnerability in Drupal Drupal 7.x before 7.14 does not properly restrict access to nodes in a list when using a "contributed node access module," which allows remote authenticated users with the "Access the content overview page" permission to read all published nodes by accessing the admin/content page. | 4.0 |
2012-10-01 | CVE-2012-1590 | Drupal | Permissions, Privileges, and Access Controls vulnerability in Drupal The forum list in Drupal 7.x before 7.14 does not properly check user permissions for unpublished forum posts, which allows remote authenticated users to obtain sensitive information such as the post title via the forum overview page. | 4.0 |
11 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2012-10-06 | CVE-2012-1624 | Lingotek Drupal | Cross-Site Scripting vulnerability in Lingotek Multiple cross-site scripting (XSS) vulnerabilities in the Lingotek module 6.x-1.x before 6.x-1.40 for Drupal allow remote authenticated users to inject arbitrary web script or HTML when (1) creating or (2) editing page content. | 3.5 |
2012-10-01 | CVE-2012-4065 | Eucalyptus | Permissions, Privileges, and Access Controls vulnerability in Eucalyptus Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to bypass unspecified authorization checks and obtain direct access to a (1) Cloud Controller or (2) Walrus service via a crafted message, as demonstrated by changes to a volume, snapshot, or cloud configuration setting. | 3.5 |
2012-10-01 | CVE-2012-1639 | Drupal Commerceguys | Cross-Site Scripting vulnerability in Commerceguys Commerce 7.X1.0/7.X1.1/7.X1.X Multiple cross-site scripting (XSS) vulnerabilities in product/commerce_product.module in the Drupal Commerce module for Drupal before 7.x-1.2 allow remote authenticated users to inject arbitrary web script or HTML via the (1) sku or (2) title parameters. | 3.5 |
2012-10-01 | CVE-2012-1588 | Drupal | Resource Management Errors vulnerability in Drupal Algorithmic complexity vulnerability in the _filter_url function in the text filtering system (modules/filter/filter.module) in Drupal 7.x before 7.14 allows remote authenticated users with certain roles to cause a denial of service (CPU consumption) via a long email address. | 3.5 |
2012-10-04 | CVE-2012-5238 | Wireshark | Multiple Security vulnerability in Wireshark 1.8.0/1.8.1/1.8.2 epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malformed packet. | 3.3 |
2012-10-04 | CVE-2012-5237 | Wireshark | Resource Management Errors vulnerability in Wireshark 1.8.0/1.8.1/1.8.2 The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | 3.3 |
2012-10-07 | CVE-2011-4363 | Frii Perl | Link Following vulnerability in Frii Proc::Processtable 0.45 ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS. | 2.6 |
2012-10-01 | CVE-2012-5233 | Luke Herrington Drupal | Cross-Site Scripting vulnerability in Luke Herrington Stickynote 7.X1.0/7.X1.X Cross-site scripting (XSS) vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote authenticated users with edit stickynotes privileges to inject arbitrary web script or HTML via unspecified vecotrs. | 2.1 |
2012-10-01 | CVE-2011-5202 | Sysprogs | Buffer Errors vulnerability in Sysprogs Wincdemu 3.6 BazisVirtualCDBus.sys in WinCDEmu 3.6 allows local users to cause a denial of service (system crash) via the unmount command to batchmnt.exe. | 2.1 |
2012-10-01 | CVE-2012-4833 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM AIX and Vios fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly restrict the -k option, which allows local users to kill arbitrary processes via a crafted command line. | 2.1 |
2012-10-04 | CVE-2011-5204 | Akiva | Credentials Management vulnerability in Akiva Webboard 8.0 Akiva WebBoard 8.x stores passwords in plaintext, which allows local users to obtain sensitive information by reading from the database. | 1.9 |