Weekly Vulnerabilities Reports > October 29 to November 4, 2012
Overview
93 new vulnerabilities reported during this period, including 6 critical vulnerabilities and 6 high severity vulnerabilities. This weekly summary report vulnerabilities in 106 products from 76 vendors including Drupal, Paypal, Oscommerce, Canonical, and Mozilla. Vulnerabilities are notably categorized as "Improper Input Validation", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", "Improper Certificate Validation", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".
- 89 reported vulnerabilities are remotely exploitables.
- 1 reported vulnerabilities have public exploit available.
- 24 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 82 reported vulnerabilities are exploitable by an anonymous user.
- Drupal has the most reported vulnerabilities, with 21 reported vulnerabilities.
- GE has the most reported critical vulnerabilities, with 3 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
6 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2012-11-02 | CVE-2012-5417 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Data Center Network Manager Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands via JBoss Application Server Remote Method Invocation (RMI) services, aka Bug ID CSCtz44924. | 10.0 |
| 2012-11-01 | CVE-2012-5409 | Siemens | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Siemens Sipass Integrated AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and earlier does not properly handle IOCP RPC messages received over an Ethernet network, which allows remote attackers to write data to any memory location and consequently execute arbitrary code via crafted messages, as demonstrated by an arbitrary pointer dereference attack or a buffer overflow attack. | 10.0 |
| 2012-11-01 | CVE-2012-3026 | GE | Improper Input Validation vulnerability in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6/3.0/3.5 rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code via long input data, a different vulnerability than CVE-2012-3010 and CVE-2012-3021. | 10.0 |
| 2012-11-01 | CVE-2012-3021 | GE | Improper Input Validation vulnerability in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6/3.0/3.5 rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code via long input data, a different vulnerability than CVE-2012-3010 and CVE-2012-3026. | 10.0 |
| 2012-11-01 | CVE-2012-3010 | GE | Improper Input Validation vulnerability in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6/3.0/3.5 rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code via long input data, a different vulnerability than CVE-2012-3021 and CVE-2012-3026. | 10.0 |
| 2012-10-31 | CVE-2012-5692 | Invisionpower | Unspecified vulnerability in Invisionpower Invision Power Board Unspecified vulnerability in admin/sources/base/core.php in Invision Power Board (aka IPB or IP.Board) 3.1.x through 3.3.x has unknown impact and remote attack vectors. | 10.0 |
6 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2012-11-02 | CVE-2012-5416 | Cisco | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Unified Meetingplace Buffer overflow in Cisco Unified MeetingPlace Web Conferencing before 7.1MR1 Patch 1, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 allows remote attackers to cause a denial of service (daemon hang) via unspecified parameters in a POST request, aka Bug ID CSCua66341. | 7.8 |
| 2012-11-01 | CVE-2012-5687 | TP Link | Path Traversal vulnerability in Tp-Link Tl-Wr841N and Tl-Wr841N Firmware Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. | 7.8 |
| 2012-11-02 | CVE-2012-4498 | Morbus IFF Drupal | Permissions, Privileges, and Access Controls vulnerability in Morbus IFF Activism 6.X2.0/6.X2.X The Activism module 6.x-2.x before 6.x-2.1 for Drupal does not properly restrict access to the "Campaign" content type, which might allow remote attackers to bypass access restrictions and possibly have other unspecified impact. | 7.5 |
| 2012-11-04 | CVE-2012-5822 | Mozilla | Improper Certificate Validation vulnerability in Mozilla Zamboni The contribution feature in Zamboni does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the Python urllib2 library. | 7.4 |
| 2012-11-04 | CVE-2012-5819 | Filesanywhere | Improper Certificate Validation vulnerability in Filesanywhere FilesAnywhere does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 7.4 |
| 2012-11-04 | CVE-2012-5817 | Amazon Codehaus | Improper Certificate Validation vulnerability in multiple products Codehaus XFire 1.2.6 and earlier, as used in the Amazon EC2 API Tools Java library and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 7.4 |
69 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2012-11-04 | CVE-2012-4987 | Realnetworks | Buffer Errors vulnerability in Realnetworks Realplayer 15.0.5.109 Stack-based buffer overflow in RealNetworks RealPlayer 15.0.5.109 allows user-assisted remote attackers to execute arbitrary code via a crafted ZIP file that triggers incorrect processing of long pathnames by the Watch Folders feature. | 6.8 |
| 2012-11-02 | CVE-2012-0025 | Irfanview | Resource Management Errors vulnerability in Irfanview Flashpix Plugin 4.2.2.0 Double free vulnerability in the Free_All_Memory function in jpeg/dectile.c in libfpx before 1.3.1-1, as used in the FlashPix PlugIn 4.2.2.0 for IrfanView, allows remote attackers to cause a denial of service (crash) via a crafted FPX image. | 6.8 |
| 2012-11-02 | CVE-2012-4486 | Boombatower Drupal | Cross-Site Request Forgery (CSRF) vulnerability in Boombatower Subuser Cross-site request forgery (CSRF) vulnerability in the Subuser module before 6.x-1.8 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that switch the user to a subuser via unspecified vectors. | 6.8 |
| 2012-10-31 | CVE-2012-5671 | Exim | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Exim Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server. | 6.8 |
| 2012-10-31 | CVE-2012-4940 | Gecad | Path Traversal vulnerability in Gecad Axigen Free Mail Server Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. | 6.4 |
| 2012-10-29 | CVE-2012-4196 | Mozilla Opensuse Suse Canonical Redhat | Injection vulnerability in multiple products Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object. | 6.4 |
| 2012-11-04 | CVE-2012-5821 | Lynx Canonical | Improper Certificate Validation vulnerability in multiple products Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function. | 5.9 |
| 2012-11-04 | CVE-2012-5810 | Jpmorganchase | Improper Certificate Validation vulnerability in Jpmorganchase Chase Mobile The Chase mobile banking application for Android does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to overriding the default X509TrustManager. | 5.9 |
| 2012-11-04 | CVE-2012-3446 | Apache | Improper Certificate Validation vulnerability in Apache Libcloud Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate. | 5.9 |
| 2012-11-04 | CVE-2012-5825 | Tweepy | Improper Input Validation vulnerability in Tweepy Tweepy does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the Python httplib library. | 5.8 |
| 2012-11-04 | CVE-2012-5824 | Cerulean Studios | Improper Certificate Validation vulnerability in Cerulean Studios Trillian 5.1.0.19 Trillian 5.1.0.19 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, a different vulnerability than CVE-2009-4831. | 5.8 |
| 2012-11-04 | CVE-2012-5823 | Opensourceclassifieds | Improper Input Validation vulnerability in Opensourceclassifieds Open Source Classifieds does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the PHP fsockopen function. | 5.8 |
| 2012-11-04 | CVE-2012-5820 | Improper Input Validation vulnerability in Google Admob The developer-account sample code in Google AdMob does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 | |
| 2012-11-04 | CVE-2012-5818 | Elephantdrive | Improper Input Validation vulnerability in Elephantdrive ElephantDrive does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5816 | AOL | Improper Input Validation vulnerability in AOL AIM 1.0.1.2 AOL Instant Messenger (AIM) 1.0.1.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5815 | Rackspace | Improper Input Validation vulnerability in Rackspace 2.1.5 The Rackspace app 2.1.5 for iOS does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5814 | Github Roderick Baier | Improper Input Validation vulnerability in multiple products Weberknecht, as used in GitHub Gaug.es and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5813 | Emorym | Improper Input Validation vulnerability in Emorym Android Pusher The Android_Pusher library for Android does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5812 | Acra | Improper Input Validation vulnerability in Acra Library The ACRA library for Android does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5811 | Breezy | Cryptographic Issues vulnerability in Breezy The Breezy application for Android does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5809 | Groupon | Cryptographic Issues vulnerability in Groupon Merchants The Groupon Redemptions application for Android does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5808 | Firstdata ZEN Cart | Improper Input Validation vulnerability in multiple products The LinkPoint module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5807 | Lincolnloop ZEN Cart | Improper Input Validation vulnerability in multiple products The Authorize.Net eCheck module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5806 | Paypal ZEN Cart | Improper Input Validation vulnerability in multiple products The PayPal Payments Pro module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the PHP fsockopen function, a different vulnerability than CVE-2012-5805. | 5.8 |
| 2012-11-04 | CVE-2012-5805 | Paypal ZEN Cart | Improper Input Validation vulnerability in multiple products The PayPal IPN functionality in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, a different vulnerability than CVE-2012-5806. | 5.8 |
| 2012-11-04 | CVE-2012-5804 | Cybersource Module Project Ubercart | Improper Input Validation vulnerability in multiple products The CyberSource module in Ubercart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5803 | Irata Ubercart | Improper Input Validation vulnerability in multiple products The Authorize.Net module in Ubercart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5802 | Paypal Ubercart | Improper Input Validation vulnerability in multiple products The PayPal module in Ubercart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5801 | Prestashop | Improper Input Validation vulnerability in Prestashop Ebay and Prestashop The PayPal module in PrestaShop does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the PHP fsockopen function. | 5.8 |
| 2012-11-04 | CVE-2012-5800 | Prestashop | Improper Input Validation vulnerability in Prestashop Ebay Module and Prestashop The eBay module in PrestaShop does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5799 | Prestashop Presto Changeo | Improper Input Validation vulnerability in multiple products The Canada Post (aka CanadaPost) module in PrestaShop does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the PHP fsockopen function. | 5.8 |
| 2012-11-04 | CVE-2012-5798 | Oscommerce Paypal | Improper Input Validation vulnerability in multiple products The PayPal Pro PayFlow EC module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5797 | Brian Burton Oscommerce | Improper Input Validation vulnerability in multiple products The PayPal Pro PayFlow module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5796 | Oscommerce Paypal | Improper Input Validation vulnerability in multiple products The PayPal Pro module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5795 | Akunamachata Oscommerce | Improper Input Validation vulnerability in multiple products The PayPal Express module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5794 | Moneybookers Oscommerce | Improper Input Validation vulnerability in multiple products The MoneyBookers module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5793 | Harald Ponce DE Leon Oscommerce | Improper Input Validation vulnerability in multiple products The Authorize.Net module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5792 | Oscommerce Sagepay | Improper Input Validation vulnerability in multiple products The Sage Pay Direct module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5791 | Paypal | Improper Input Validation vulnerability in Paypal Invoicing PayPal Invoicing does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5790 | Paypal | Improper Input Validation vulnerability in Paypal Payments Standard 20120427 PayPal Payments Standard PHP Library 20120427 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to misinterpretation of a certain TRUE value. | 5.8 |
| 2012-11-04 | CVE-2012-5789 | Paypal | Improper Input Validation vulnerability in Paypal Payments Standard PayPal Payments Standard PHP Library before 20120427 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to intentional disabling of certificate-validation checks through a "FALSE" value. | 5.8 |
| 2012-11-04 | CVE-2012-5788 | Paypal | Improper Input Validation vulnerability in Paypal IPN The PayPal IPN utility does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the PHP fsockopen function. | 5.8 |
| 2012-11-04 | CVE-2012-5787 | Paypal | Improper Input Validation vulnerability in Paypal Merchant SDK The PayPal merchant SDK does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5785 | Apache | Improper Input Validation vulnerability in Apache Axis2 Apache Axis2/Java 1.6.2 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5783 | Apache Canonical | Improper Certificate Validation vulnerability in multiple products Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5782 | Amazon | Improper Input Validation vulnerability in Amazon Flexible Payments Service Amazon Flexible Payments Service (FPS) PHP Library does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to misinterpretation of a certain "true" value. | 5.8 |
| 2012-11-04 | CVE-2012-5781 | Amazon | Improper Input Validation vulnerability in Amazon Elastic Load Balancing Amazon Elastic Load Balancing API Tools does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to overriding the default JDK X509TrustManager. | 5.8 |
| 2012-11-04 | CVE-2012-5780 | Amazon | Improper Input Validation vulnerability in Amazon Merchant SDK The Amazon merchant SDK does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |
| 2012-11-04 | CVE-2012-5170 | Simon Brown | Improper Input Validation vulnerability in Simon Brown Pebble Open redirect vulnerability in Pebble before 2.6.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 5.8 |
| 2012-10-31 | CVE-2012-4491 | Earl Dunovant Drupal | Permissions, Privileges, and Access Controls vulnerability in Earl Dunovant Monthly Archive BY Node Type 6.X1.0/6.X2.0/6.X3.0 The Monthly Archive by Node Type module 6.x for Drupal does not properly check permissions defined by node_access modules, which allows remote attackers to access restricted nodes via unspecified vectors. | 5.8 |
| 2012-10-31 | CVE-2012-4489 | Mark Burdett Drupal | Improper Input Validation vulnerability in Mark Burdett Securelogin Open redirect vulnerability in the securelogin_secure_redirect function in the Secure Login module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter. | 5.8 |
| 2012-11-03 | CVE-2012-3748 | Apple | Race Condition vulnerability in Apple Iphone OS and Safari Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays. | 5.1 |
| 2012-11-03 | CVE-2012-3749 | Apple | Information Exposure vulnerability in Apple Iphone OS The extensions APIs in the kernel in Apple iOS before 6.0.1 provide kernel addresses in responses that contain an OSBundleMachOHeaders key, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted app. | 5.0 |
| 2012-10-31 | CVE-2012-4499 | Matthias Hutterer Drupal | Permissions, Privileges, and Access Controls vulnerability in Matthias Hutterer Email The contact formatter page in the Email Field module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to email the stored address in the entity via unspecified vectors. | 5.0 |
| 2012-10-31 | CVE-2012-4488 | Location Module Project Drupal | Permissions, Privileges, and Access Controls vulnerability in Location Module Project Location The Location module 6.x before 6.x-3.2 and 7.x before 7.x-3.0-alpha1 for Drupal does not properly check user or node access permissions, which allows remote attackers to read node or user results via the location search page. | 5.0 |
| 2012-10-31 | CVE-2012-4483 | Acquia Drupal | Permissions, Privileges, and Access Controls vulnerability in Acquia Commons The commons_discussion_views_default_views function in modules/features/commons_discussion/commons_discussion.views_default.inc in the Drupal Commons module 6.x-2.x before 6.x-2.8 for Drupal does not properly enforce intended node access restrictions, which might allow remote attackers to obtain sensitive information via the recent comments listing. | 5.0 |
| 2012-10-31 | CVE-2012-4482 | Longwaveconsulting Drupal | Improper Input Validation vulnerability in Longwaveconsulting Ubercart Securetrading Payment Method Module 6.X1.0 The Ubercart SecureTrading Payment Method module 6.x for Drupal does not properly verify payment notification information, which allows remote attackers to purchase an item without paying via unspecified vectors. | 5.0 |
| 2012-10-31 | CVE-2012-4939 | Solarwinds | Cross-Site Scripting vulnerability in Solarwinds products Cross-site scripting (XSS) vulnerability in IPAMSummaryView.aspx in the IPAM web interface before 3.0-HotFix1 in SolarWinds Orion Network Performance Monitor might allow remote attackers to inject arbitrary web script or HTML via the "Search for an IP address" field. | 4.3 |
| 2012-10-31 | CVE-2012-4532 | Joomla | Cross-Site Scripting vulnerability in Joomla Joomla! Cross-site scripting (XSS) vulnerability in modules/mod_languages/tmpl/default.php in the Language Switcher module for Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. | 4.3 |
| 2012-10-31 | CVE-2012-4531 | Joomla | Cross-Site Scripting vulnerability in Joomla Joomla! Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2012-10-31 | CVE-2012-4494 | Niif Drupal | Permissions, Privileges, and Access Controls vulnerability in Niif Shibb Auth 7.X4.0 The Shibboleth authentication module 7.x-4.0 for Drupal does not properly check the active status of users, which allows remote blocked users to access bypass intended access restrictions and possibly have other impacts by logging in. | 4.3 |
| 2012-10-31 | CVE-2012-4490 | Ricky Morse Drupal | Cross-Site Scripting vulnerability in Ricky Morse Excluded Users 6.X1.0 Multiple cross-site scripting (XSS) vulnerabilities in the Excluded Users module 6.x-1.x before 6.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via a (1) user name or (2) email address. | 4.3 |
| 2012-10-31 | CVE-2012-4485 | Manuel Garcia Drupal | Cross-Site Scripting vulnerability in Manuel Garcia Galleryformatter Multiple cross-site scripting (XSS) vulnerabilities in the galleryformatter_field_formatter_view functiuon in galleryformatter.tpl.php the Gallery formatter module before 7.x-1.2 for Drupal allow remote authenticated users with permissions to create a node or entity to inject arbitrary web script or HTML via the (1) title or (2) alt parameter. | 4.3 |
| 2012-10-31 | CVE-2012-4484 | Trexart Drupal | Cross-Site Scripting vulnerability in Trexart Campaignmonitor Cross-site scripting (XSS) vulnerability in the administrative interface in the Campaign Monitor module before 6.x-2.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2012-10-31 | CVE-2012-4547 | Laurent Destailleur | Cross-Site Scripting vulnerability in Laurent Destailleur Awstats Unspecified vulnerability in awredir.pl in AWStats before 7.1 has unknown impact and attack vectors. | 4.3 |
| 2012-10-29 | CVE-2012-4195 | Mozilla Opensuse Suse Canonical Redhat | Cross-Site Scripting vulnerability in multiple products The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior. | 4.3 |
| 2012-10-29 | CVE-2012-4194 | Mozilla Opensuse Suse Canonical Redhat | Cross-Site Scripting vulnerability in multiple products Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin. | 4.3 |
| 2012-11-02 | CVE-2012-4487 | Boombatower Drupal | Permissions, Privileges, and Access Controls vulnerability in Boombatower Subuser The Subuser module before 6.x-1.8 for Drupal does not properly check "switch subuser" permissions, which allows remote authenticated parent users to change their role by switching to a subuser they created. | 4.0 |
| 2012-10-31 | CVE-2012-4495 | Mime Mail Module Project Drupal | Permissions, Privileges, and Access Controls vulnerability in Mime Mail Module Project Mimemail 6.X1.0/6.X1.X The Mime Mail module 6.x-1.x before 6.x-1.1 for Drupal does not properly restrict access to files outside Drupal's publish files directory, which allows remote authenticated users to send arbitrary files as attachments. | 4.0 |
12 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2012-11-03 | CVE-2012-3750 | Apple | Permissions, Privileges, and Access Controls vulnerability in Apple Iphone OS The Passcode Lock implementation in Apple iOS before 6.0.1 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement and access Passbook passes via unspecified vectors. | 3.6 |
| 2012-11-01 | CVE-2012-5704 | Justin Dodge Drupal | Resource Management Errors vulnerability in Justin Dodge Hotblocks The Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the "administer hotblocks" permission to cause a denial of service (infinite loop and time out) via a block that references itself. | 3.5 |
| 2012-10-31 | CVE-2012-4500 | Nancy Wichmann Drupal | Permissions, Privileges, and Access Controls vulnerability in Nancy Wichmann Announcements The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the "access announcements" permission to bypass node access restrictions and possibly have other unspecified impact. | 3.5 |
| 2012-10-31 | CVE-2012-4934 | Tomatocart | Permissions, Privileges, and Access Controls vulnerability in Tomatocart 1.1.7 TomatoCart 1.1.7, when the PayPal Express Checkout module is enabled in sandbox mode, allows remote authenticated users to bypass intended payment requirements by modifying a certain redirection URL. | 3.5 |
| 2012-10-31 | CVE-2012-4610 | EMC | Credentials Management vulnerability in EMC Avamar 6.1 EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging "network access" to the proxy client. | 3.3 |
| 2012-10-31 | CVE-2012-2625 | XEN | Improper Input Validation vulnerability in XEN and Xen-Unstable The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service (memory consumption) via a large (1) bzip2 or (2) lzma compressed kernel image. | 2.7 |
| 2012-11-02 | CVE-2012-4497 | Devsaran Drupal | Cross-Site Scripting vulnerability in Devsaran Elegant Theme 7.X1.X Cross-site scripting (XSS) vulnerability in the "3 slide gallery" in the Elegant Theme module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via a slide URL. | 2.1 |
| 2012-11-02 | CVE-2012-4493 | ROY Baxter Drupal | Cross-Site Scripting vulnerability in ROY Baxter Better Revisions 7.X1.0/7.X1.X Cross-site scripting (XSS) vulnerability in the administrative interface in the Better Revisions module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer better revisions" permission to inject arbitrary web script or HTML via unspecified vectors. | 2.1 |
| 2012-11-01 | CVE-2012-5705 | Justin Dodge Drupal | Cross-Site Scripting vulnerability in Justin Dodge Hotblocks Cross-site scripting (XSS) vulnerability in the settings page (admin/settings/hotblocks) in the Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the "administer hotblocks" permission to inject arbitrary web script or HTML via the "block names." | 2.1 |
| 2012-10-31 | CVE-2012-4544 | XEN | Improper Input Validation vulnerability in XEN The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk (1) before or (2) after decompression, which allows local guest administrators to cause a denial of service (domain 0 memory consumption) via a crafted (a) kernel or (b) ramdisk. | 2.1 |
| 2012-10-31 | CVE-2012-4496 | Inclind Drupal | Cross-Site Scripting vulnerability in Inclind Custom PUB Cross-site scripting (XSS) vulnerability in the Custom Publishing Options module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "administer nodes" permission to inject arbitrary web script or HTML via the status labels parameter. | 2.1 |
| 2012-10-31 | CVE-2012-4492 | Isaac Sukin Drupal | Cross-Site Scripting vulnerability in Isaac Sukin Shorten Multiple cross-site scripting (XSS) vulnerabilities in the Shorten URLs module 6.x-1.x before 6.x-1.13 and 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors to the (1) report or (2) Custom Services List page. | 2.1 |