US-CERT: United States Computer Emergency Readiness Team
National Cyber Alert System
Cyber Security Bulletin SB09-264
Last updated September 21, 2009
Cyber Security Bulletin SB09-264
Vulnerability Summary for the Week of September 14, 2009
|
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cyber Security Division (NCSD) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information. The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis. |
| High Vulnerabilities | ||||
|---|---|---|---|---|
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|
adobe -- shockwave_player |
Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe ShockWave Player 11.5.1.601 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PlayerVersion property value. | 2009-09-18 | 9.3 | CVE-2009-3244 MILW0RM |
|
ajsquare -- aj_auction_pro-oopd |
SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | 2009-09-16 | 7.5 | CVE-2009-3203 XF SECUNIA MISC OSVDB |
|
almondsoft -- affiliate_network_classifieds almondsoft -- almond_classifieds |
SQL injection vulnerability in index.php in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action. NOTE: some of these details are obtained from third party information. | 2009-09-16 | 7.5 | CVE-2009-3226 BID SECUNIA MISC |
|
apple -- mac_os_x apple -- mac_os_x_server |
Heap-based buffer overflow in the USB backend in CUPS in Apple Mac OS X 10.5.8 allows local users to gain privileges via unspecified vectors. | 2009-09-14 | 7.2 | CVE-2009-2807 BID CONFIRM APPLE |
|
basicunivers.free.fr -- audio_lib_player |
Stack-based buffer overflow in Audio Lib Player (ALP) allows remote attackers to execute arbitrary code via a long URL in a .m3u playlist file. | 2009-09-16 | 9.3 | CVE-2009-3221 XF VUPEN OSVDB SECUNIA MISC |
|
broid -- broid |
Stack-based buffer overflow in broid 1.0 Beta 3a allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .mp3 file. | 2009-09-16 | 9.3 | CVE-2009-3213 XF MISC |
|
cameron_morland -- changetrack |
changetrack 4.3 allows local users to execute arbitrary commands via CRLF sequences and shell metacharacters in a filename in a directory that is checked by changetrack. | 2009-09-17 | 7.2 | CVE-2009-3233 CONFIRM |
|
cbauthority -- cbauthority |
SQL injection vulnerability in main.php in CBAuthority allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_product action. | 2009-09-16 | 7.5 | CVE-2009-3205 XF SECUNIA MISC OSVDB |
|
chris_buccella -- small_footprint_cim_broker |
Unspecified vulnerability in Small Footprint CIM Broker (SFCB) before 1.2.5 has unknown impact and attack vectors. | 2009-09-14 | 10.0 | CVE-2008-7230 OSVDB CONFIRM |
|
classified-software -- super_mod_system |
SQL injection vulnerability in index.php in Super Mod System, when using the 68 Classifieds 3.1 Core System, allows remote attackers to execute arbitrary SQL commands via the s parameter. | 2009-09-16 | 7.5 | CVE-2009-3224 VUPEN MILW0RM SECUNIA |
|
comsenz -- crazy_star_plugin |
SQL injection vulnerability in plugin.php in the Crazy Star plugin 2.0 for Discuz! allows remote authenticated users to execute arbitrary SQL commands via the fmid parameter in a view action. | 2009-09-15 | 7.5 | CVE-2009-3185 VUPEN MILW0RM |
|
dave_robinson -- rockbandcms |
Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0.10 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) id parameters. | 2009-09-18 | 7.5 | CVE-2009-3252 XF VUPEN MILW0RM SECUNIA |
|
david_frohlich -- phpsane |
PHP remote file inclusion vulnerability in save.php in phpSANE 0.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the file_save parameter. | 2009-09-15 | 7.5 | CVE-2009-3188 VUPEN MILW0RM SECUNIA |
|
debian -- debian_linux ubuntu -- ubuntu_linux |
pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an "empty selection" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication. | 2009-09-17 | 9.3 | CVE-2009-3232 BID |
|
dovecot -- dovecot |
Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632. | 2009-09-17 | 7.5 | CVE-2009-3235 FEDORA MLIST |
|
foxitsoftware -- wac_server |
Heap-based buffer overflow in Foxit Remote Access Server (aka WAC Server) 2.0 Build 3503 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SSH packets, a different vulnerability than CVE-2008-0151. | 2009-09-14 | 10.0 | CVE-2008-7225 BID BUGTRAQ MISC |
|
grapari -- e-gold_game_series:pirates_of_the_caribbean |
Multiple SQL injection vulnerabilities in index.php in Pirates of The Caribbean in the E-Gold Game Series allow remote attackers to execute arbitrary SQL commands via the (1) x and (2) y parameters. | 2009-09-15 | 7.5 | CVE-2009-3184 VUPEN SECUNIA MISC |
|
horde -- groupware horde -- groupware_webmail_edition horde -- horde horde -- kronolith_h3 horde -- mnemo_h3 horde -- nag_h3 horde -- turba_h3 |
Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors. | 2009-09-13 | 10.0 | CVE-2008-7218 MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST |
|
horde -- groupware horde -- groupware_webmail_edition horde -- kronolith_h3 horde -- mnemo_h3 horde -- nag_h3 |
Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before 2.2-RC2; Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 does not validate ownership when performing share changes, which has unknown impact and attack vectors. | 2009-09-13 | 10.0 | CVE-2008-7219 BID MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST MLIST |
|
ibm -- websphere_business_events |
Unspecified vulnerability in the wberuntimeear application in the test servlet in IBM WebSphere Business Events 6.1 and 6.2 allows remote attackers to execute arbitrary code via unknown vectors. | 2009-09-18 | 10.0 | CVE-2009-2741 XF |
|
insane_visions -- onecms |
Unrestricted file upload vulnerability in the add2 action in a_upload.php in OneCMS 2.4, and possibly earlier, allows remote attackers to execute arbitrary code by uploading a file with an executable extension and using a safe content type such as image/gif, then accessing it via a direct request to the file in an unspecified directory. | 2009-09-11 | 7.5 | CVE-2008-7209 BUGTRAQ |
|
linux -- kernel linux -- kernel |
Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. | 2009-09-15 | 7.1 | CVE-2009-2903 CONFIRM BID MLIST MLIST SECUNIA CONFIRM |
|
linux -- kernel |
The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time." | 2009-09-18 | 7.8 | CVE-2009-3238 CONFIRM |
|
linuxwebshop -- php_user_base |
Directory traversal vulnerability in include/unverified.inc.php in Linux Web Shop (LWS) php User Base 1.3beta allows remote attackers to include and execute arbitrary local files via the template parameter. | 2009-09-17 | 7.5 | CVE-2008-7240 XF BID MILW0RM |
|
livestreet -- livestreet |
update/update_0.1.2_to_0.2.php in LiveStreet 0.2 does not require administrative authentication, which allows remote attackers to perform DROP TABLE operations via unspecified vectors. | 2009-09-18 | 7.5 | CVE-2009-3261 MISC |
|
mozilla -- bugzilla |
SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | 2009-09-15 | 7.5 | CVE-2009-3125 BID CONFIRM |
|
mozilla -- bugzilla |
SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | 2009-09-15 | 7.5 | CVE-2009-3165 BID CONFIRM |
|
mybuxscript -- pts-bux |
SQL injection vulnerability in spnews.php in MyBuxScript PTC-BUX allows remote attackers to execute arbitrary SQL commands via the id parameter in an spnews action to the default URI. NOTE: some of these details are obtained from third party information. | 2009-09-18 | 7.5 | CVE-2009-3246 XF VUPEN MISC MILW0RM |
|
netplex-tech -- xtacacsd |
Buffer overflow in the report function in xtacacsd 4.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted CONNECT TACACS command. | 2009-09-14 | 10.0 | CVE-2008-7232 XF MISC MISC |
|
nginx -- nginx |
Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests. | 2009-09-15 | 7.5 | CVE-2009-2629 CERT-VN |
|
openoffice -- openoffice.org novell -- linux_desktop novell -- opensuse novell -- suse_linux_enterprise_server |
Buffer overflow in the EMF parser implementation in OpenOffice.org (OOo) in SUSE openSUSE 10.3 through 11.1, Novell Linux Desktop (NLD) 9, and SUSE Linux Enterprise (SLE) 10 and 11 has unknown impact and remote attack vectors, related to enhwmf.cxx and emfplus.cxx. | 2009-09-18 | 9.3 | CVE-2009-3239 SUSE |
|
oracle -- application_server oracle -- e-business_suite_11i |
Unspecified vulnerability in the E-Business Application client, as used in Oracle Application Server 1.1.8.26 and E-Business Suite 11.5.10.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Oracle Jinitiator component, aka AS02. | 2009-09-14 | 9.3 | CVE-2008-7233 CERT CONFIRM |
|
pad-site-scripts -- pad_site_scripts |
Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to list.php and (2) cat parameter to rss.php. | 2009-09-15 | 7.5 | CVE-2009-3190 VUPEN MILW0RM |
|
photodex -- proshow_gold |
Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields. | 2009-09-16 | 9.3 | CVE-2009-3214 XF BUGTRAQ SECUNIA OSVDB MISC |
|
php-nuke -- recipe_module |
SQL injection vulnerability in index.php in the Recipes module 1.3, 1.4, and possibly other versions for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the recipeid parameter. | 2009-09-14 | 7.5 | CVE-2008-7226 XF BID BUGTRAQ OSVDB |
|
php-shop-system -- ixxo_cart |
SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter. | 2009-09-16 | 7.5 | CVE-2009-3215 BID |
|
prakashatma_mishra -- phpfreebb |
Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to permalink.php and (2) year parameter to index.php. | 2009-09-16 | 7.5 | CVE-2009-3208 XF MISC |
|
raizlabs -- php_email_manager |
SQL injection vulnerability in remove.php in PHP eMail Manager 3.3.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 2009-09-16 | 7.5 | CVE-2009-3209 XF SECUNIA MISC OSVDB |
|
sun -- opensolaris sun -- solaris |
Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors. | 2009-09-14 | 7.2 | CVE-2009-3183 SUNALERT CONFIRM |
|
symantec -- altiris_deployment_solution |
Multiple unspecified vulnerabilities in Symantec Altiris Deployment Solution 6.9 might allow remote attackers to execute arbitrary code via unknown client-side attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.17, as identified by (1) "Symantec Altiris Deployment Solution 6.9 exploit, (2) "Symantec Altiris Deployment Solution 6.9 exploit (II)," and (3) "Symantec Altiris Deployment Solution 6.9 exploit (III)." NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | 2009-09-11 | 10.0 | CVE-2009-3179 BID SECUNIA MISC |
|
tecnick -- aiocp |
PHP remote file inclusion vulnerability in cp_html2txt.php in All In One Control Panel (AIOCP) 1.4.001 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | 2009-09-16 | 7.5 | CVE-2009-3220 BID BUGTRAQ |
|
thomas_cuchta -- rash |
Multiple SQL injection vulnerabilities in RASH Quote Management System (RQMS) 1.2.2 allow remote attackers to execute arbitrary SQL commands via (1) the search parameter in a search action, (2) the quote parameter in a quote addition, or (3) a User_Name cookie in unspecified administrative actions. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | 2009-09-18 | 7.5 | CVE-2009-3259 XF SECUNIA OSVDB OSVDB OSVDB |
|
tricerasoft -- swift_ultralite |
Stack-based buffer overflow in TriceraSoft Swift Ultralite 1.032 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in a .M3U playlist file. | 2009-09-18 | 9.3 | CVE-2009-3253 MILW0RM SECUNIA |
|
ultimatevideosite -- ultimate_player |
Multiple stack-based buffer overflows in Ultimate Player 1.56 beta allow remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .upl playlist file. | 2009-09-18 | 9.3 | CVE-2009-3254 VUPEN MILW0RM |
|
uwix -- com_digifolio |
SQL injection vulnerability in the DigiFolio (com_digifolio) component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php. | 2009-09-15 | 7.5 | CVE-2009-3193 MILW0RM |
|
vtiger -- vtiger_crm |
Multiple directory traversal vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the module parameter to graph.php; or the (2) module or (3) file parameter to include/Ajax/CommonAjax.php, reachable through modules/Campaigns/CampaignsAjax.php, modules/SalesOrder/SalesOrderAjax.php, modules/System/SystemAjax.php, modules/Products/ProductsAjax.php, modules/uploads/uploadsAjax.php, modules/Dashboard/DashboardAjax.php, modules/Potentials/PotentialsAjax.php, modules/Notes/NotesAjax.php, modules/Faq/FaqAjax.php, modules/Quotes/QuotesAjax.php, modules/Utilities/UtilitiesAjax.php, modules/Calendar/ActivityAjax.php, modules/Calendar/CalendarAjax.php, modules/PurchaseOrder/PurchaseOrderAjax.php, modules/HelpDesk/HelpDeskAjax.php, modules/Invoice/InvoiceAjax.php, modules/Accounts/AccountsAjax.php, modules/Reports/ReportsAjax.php, modules/Contacts/ContactsAjax.php, and modules/Portal/PortalAjax.php; and a! llow remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the step parameter in an Import action to the (4) Accounts, (5) Contacts, (6) HelpDesk, (7) Leads, (8) Potentials, (9) Products, or (10) Vendors module, reachable through index.php and related to modules/Import/index.php and multiple Import.php files. | 2009-09-18 | 7.5 | CVE-2009-3249 VUPEN MISC MISC BID OSVDB MILW0RM SECUNIA BUGTRAQ |
|
vtiger -- vtiger_crm |
The saveForwardAttachments procedure in the Compose Mail functionality in vtiger CRM 5.0.4 allows remote authenticated users to execute arbitrary code by composing an e-mail message with an attachment filename ending in (1) .php in installations based on certain Apache HTTP Server configurations, (2) .php. on Windows, or (3) .php/ on Linux, and then making a direct request to a certain pathname under storage/. | 2009-09-18 | 9.3 | CVE-2009-3250 VUPEN MISC MISC BID OSVDB MILW0RM SECUNIA BUGTRAQ |
|
vtiger -- vtiger_crm |
vtiger CRM before 5.1.0 allows remote authenticated users, with certain View privileges, to delete (1) attachments, (2) reports, (3) filters, (4) views, and (5) tickets; insert (6) attachments, (7) reports, (8) filters, (9) views, and (10) tickets; and edit (11) reports, (12) filters, (13) views, and (14) tickets via unspecified vectors. | 2009-09-18 | 9.0 | CVE-2009-3258 CONFIRM SECUNIA CONFIRM CONFIRM |
|
white_dune -- white_dune |
Multiple format string vulnerabilities in White_Dune before 0.29beta851 have unspecified impact and attack vectors, a different vulnerability than CVE-2008-0101. | 2009-09-14 | 10.0 | CVE-2008-7228 OSVDB MLIST |
|
wiccle -- iwiccle |
SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote attackers to execute arbitrary SQL commands via the member_id parameter in an edit_user action to index.php. | 2009-09-16 | 7.5 | CVE-2009-3217 MILW0RM |
|
wireshark -- wireshark |
Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets. | 2009-09-18 | 7.8 | CVE-2009-3241 CONFIRM |
| Back to top | ||||
| Medium Vulnerabilities | ||||
|---|---|---|---|---|
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|
almondsoft -- almond_classifieds |
Multiple cross-site scripting (XSS) vulnerabilities in AlmondSoft Almond Classifieds Wap and Pro, and possibly Almond Affiliate Network Classifieds, allow remote attackers to inject arbitrary web script or HTML via (1) the page parameter in a browse action to index.php or (2) the addr parameter to gmap.php. NOTE: some of these details are obtained from third party information. | 2009-09-16 | 4.3 | CVE-2009-3225 BID SECUNIA MISC |
|
almondsoft -- affiliate_network_classifieds almondsoft -- almond_classifieds |
Cross-site scripting (XSS) vulnerability in index.php in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds allows remote attackers to inject arbitrary web script or HTML via the city parameter in a search action. NOTE: some of these details are obtained from third party information. | 2009-09-16 | 4.3 | CVE-2009-3227 BID SECUNIA MISC |
|
anantasoft -- gazelle_cms |
Directory traversal vulnerability in Anantasoft Gazelle CMS 1.0 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the customizetemplate parameter in a direct request to admin/settemplate.php. | 2009-09-11 | 5.0 | CVE-2009-3181 MILW0RM SECUNIA |
|
apple -- mac_os_x apple -- mac_os_x_server |
Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted alias file. | 2009-09-11 | 6.8 | CVE-2009-2800 CONFIRM APPLE |
|
apple -- mac_os_x apple -- mac_os_x_server |
CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork. | 2009-09-14 | 6.8 | CVE-2009-2803 CONFIRM APPLE |
|
apple -- mac_os_x apple -- mac_os_x_server |
Integer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ColorSync profile embedded in an image, leading to a heap-based buffer overflow. | 2009-09-14 | 6.8 | CVE-2009-2804 CONFIRM SECUNIA APPLE |
|
apple -- mac_os_x apple -- mac_os_x_server |
Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow. | 2009-09-14 | 6.8 | CVE-2009-2805 CONFIRM APPLE |
|
apple -- mac_os_x apple -- mac_os_x_server |
ImageIO in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PixarFilm encoded TIFF image, related to "multiple memory corruption issues." | 2009-09-14 | 6.8 | CVE-2009-2809 CONFIRM APPLE |
|
apple -- mac_os_x apple -- mac_os_x_server |
Incomplete blacklist vulnerability in Launch Services in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code via a .fileloc file, which does not trigger a "potentially unsafe" warning message in the Quarantine feature. | 2009-09-14 | 6.8 | CVE-2009-2811 CONFIRM APPLE |
|
apple -- mac_os_x apple -- mac_os_x_server |
Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site. | 2009-09-14 | 6.8 | CVE-2009-2812 APPLE |
|
apple -- mac_os_x apple -- mac_os_x_server |
The SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows File Sharing is enabled, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories. | 2009-09-14 | 6.0 | CVE-2009-2813 CONFIRM SECUNIA APPLE |
|
apple -- mac_os_x_server |
Cross-site scripting (XSS) vulnerability in the Wiki Server in Apple Mac OS X 10.5.8 allows remote attackers to inject arbitrary web script or HTML via a search request containing data that does not use UTF-8 encoding. | 2009-09-14 | 4.3 | CVE-2009-2814 CONFIRM APPLE |
|
brilaps -- mostlyce mambo-foundation -- mambo |
MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to obtain sensitive information via certain requests to mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php, which reveals the installation path in an error message. | 2009-09-11 | 5.0 | CVE-2008-7212 XF VUPEN BUGTRAQ MISC SECUNIA OSVDB CONFIRM BUGTRAQ |
|
brilaps -- mostlyce mambo-foundation -- mambo |
Cross-site scripting (XSS) vulnerability in mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to inject arbitrary web script or HTML via the Command parameter. | 2009-09-11 | 4.3 | CVE-2008-7213 XF VUPEN BID BUGTRAQ MISC SECUNIA OSVDB CONFIRM BUGTRAQ |
|
brilaps -- mostlyce mambo-foundation -- mambo |
Cross-site request forgery (CSRF) vulnerability in administrator/index2.php in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add new administrator accounts via the save task in a com_users action, as demonstrated using a separate XSS vulnerability in mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php. | 2009-09-11 | 6.8 | CVE-2008-7214 XF VUPEN BUGTRAQ MISC SECUNIA OSVDB CONFIRM BUGTRAQ |
|
brilaps -- mostlyce mambo-foundation -- mambo |
The Image Manager in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to rename arbitrary files and cause a denial of service via modified file[NewFile][name], file[NewFile][tmp_name], and file[NewFile][size] parameters in a FileUpload command, which are used to modify equivalent variables in $_FILES that are accessed when the is_uploaded_file check fails. | 2009-09-11 | 5.8 | CVE-2008-7215 XF VUPEN BID BUGTRAQ MISC SECUNIA OSVDB CONFIRM BUGTRAQ |
|
digioz -- digioz_guestbook |
Cross-site scripting (XSS) vulnerability in search.php in DigiOz Guestbook 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the search_term parameter. | 2009-09-15 | 4.3 | CVE-2009-3189 VUPEN SECUNIA MISC |
|
dimofinf -- infinity_script |
Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the options[style_dir] parameter to the default URI. | 2009-09-16 | 6.8 | CVE-2009-3211 XF MISC |
|
dimofinf -- infinity_script |
SQL injection vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username field. | 2009-09-16 | 6.8 | CVE-2009-3212 XF MISC |
|
drewish -- imagecache |
The ImageCache module 5.x before 5.x-2.5 and 6.x before 6.x-2.0-beta10, a module for Drupal, when the private file system is used, does not properly perform access control for derivative images, which allows remote attackers to view arbitrary images via a request that specifies an image's filename. | 2009-09-16 | 6.8 | CVE-2009-3207 CONFIRM CONFIRM CONFIRM CONFIRM |
|
freewebscriptz -- honest_traffic |
Cross-site scripting (XSS) vulnerability in index.php in FreeWebScriptz Honest Traffic (FWSHT) 1.x allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 2009-09-16 | 4.3 | CVE-2009-3222 MISC XF OSVDB SECUNIA MISC |
|
geoserver -- geoserver |
PartialBufferOutputStream2 in GeoServer before 1.6.1 and 1.7.0-beta1 attempts to flush buffer contents even when it is handling an "in memory buffer," which prevents the reporting of a service exception, with unknown impact and attack vectors. | 2009-09-14 | 5.0 | CVE-2008-7227 OSVDB CONFIRM |
|
google -- chrome |
Google Chrome 0.2.149.29 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. | 2009-09-18 | 5.0 | CVE-2008-7246 BUGTRAQ MISC |
|
horde -- application_framework horde -- groupware horde -- groupware_webmail_edition |
Unspecified vulnerability in the form library in Horde Application Framework 3.2 before 3.2.5 and 3.3 before 3.3.5; Groupware 1.1 before 1.1.6 and 1.2 before 1.2.4; and Groupware Webmail Edition 1.1 before 1.1.6 and 1.2 before 1.2.4; allows remote attackers, with privileges to write to the address book, to overwrite arbitrary files via crafted "image form fields." | 2009-09-17 | 4.3 | CVE-2009-3236 MLIST MLIST MLIST MLIST MLIST MLIST |
|
horde -- groupware_webmail_edition horde -- horde_application_framework horde -- horde_groupware |
Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.2 before 3.2.5 and 3.3 before 3.3.5; Groupware 1.1 before 1.1.6 and 1.2 before 1.2.4; and Groupware Webmail Edition 1.1 before 1.1.6 and 1.2 before 1.2.4; allow remote attackers to inject arbitrary web script or HTML via the (1) crafted number preferences that are not properly handled in the preference system (services/prefs.php), as demonstrated by the sidebar_width parameter; or (2) crafted unknown MIME "text parts" that are not properly handled in the MIME viewer library (config/mime_drivers.php). | 2009-09-17 | 4.3 | CVE-2009-3237 MLIST MLIST MLIST MLIST MLIST MLIST |
|
inoutscripts -- inout_adserver |
SQL injection vulnerability in ppc-add-keywords.php in Inout Adserver allows remote authenticated users to execute arbitrary SQL commands via the id parameter. | 2009-09-16 | 6.5 | CVE-2009-3223 VUPEN MILW0RM SECUNIA |
|
insane_visions -- onecms |
Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) username parameter ($usernameb variable) to a_login.php or (2) user parameter to staff.php. | 2009-09-11 | 6.8 | CVE-2008-7208 CONFIRM |
|
intertwingly -- planet intertwingly -- planet_venus |
Cross-site scripting (XSS) vulnerability in Planet 2.0 and Planet Venus allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IMG element in a feed. | 2009-09-18 | 4.3 | CVE-2009-2937 MLIST CONFIRM |
|
jce-tech -- searchfeed_script |
Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech SearchFeed Script allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 2009-09-15 | 4.3 | CVE-2009-3194 VUPEN SECUNIA MISC |
|
jce-tech -- auction_rss_content_script |
Multiple cross-site scripting (XSS) vulnerabilities in JCE-Tech Auction RSS Content Script 3.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) rss.php and (2) search.php. | 2009-09-15 | 4.3 | CVE-2009-3195 VUPEN SECUNIA MISC |
|
jce-tech -- php_video_script |
Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech PHP Video Script allows remote attackers to inject arbitrary web script or HTML via the key parameter. | 2009-09-15 | 4.3 | CVE-2009-3196 VUPEN SECUNIA MISC |
|
jce-tech -- php_calendars_script |
Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech PHP Calendars Script allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 2009-09-15 | 4.3 | CVE-2009-3197 VUPEN SECUNIA MISC |
|
jce-tech -- affiliate_master_datafeed_parser |
Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech Affiliate Master Datafeed Parser Script 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 2009-09-15 | 4.3 | CVE-2009-3198 VUPEN SECUNIA MISC |
|
linkorcms -- linkorcms |
Multiple cross-site scripting (XSS) vulnerabilities in index.php in LinkorCMS 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the searchstr parameter in a search action; or the (2) nikname, (3) realname, (4) homepage, or (5) city parameter in a registration action. | 2009-09-15 | 4.3 | CVE-2009-3192 SECUNIA MISC |
|
linpha -- linpha |
Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via (1) ftp/index.php, (2) viewer.php, (3) functions/other.php, (4) include/left_menu.class.php, or (5) plugins/stats/stats_view.php. | 2009-09-14 | 4.3 | CVE-2008-7223 BID CONFIRM |
|
linux -- kernel |
Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash) via a "big size data" to the perf_counter_open system call. | 2009-09-17 | 4.9 | CVE-2009-3234 BID MLIST MLIST |
|
linux -- kernel |
The z90crypt_unlocked_ioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage. | 2009-09-18 | 4.4 | CVE-2009-1883 CONFIRM REDHAT SECUNIA |
|
livestreet -- livestreet |
Cross-site scripting (XSS) vulnerability in include/ajax/blogInfo.php in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the URI, as demonstrated by a SCRIPT element in an arbitrary parameter such as the asd parameter. | 2009-09-18 | 4.3 | CVE-2009-3256 MISC |
|
livestreet -- livestreet |
Cross-site scripting (XSS) vulnerability in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the header of the topic in a comment. | 2009-09-18 | 4.3 | CVE-2009-3260 VUPEN MISC |
|
modxcms -- modxcms |
Multiple cross-site scripting (XSS) vulnerabilities in MODx CMS 0.9.6.1 and 0.9.6.1p1 allo remote attackers to inject arbitrary web script or HTML via the (1) search, (2) "a," (3) messagesubject, and (4) messagebody parameters to certain pages as reachable from manager/index.php; (5) highlight, (6) id, (7) email, (8) name, and (9) parent parameters to index.php; and the (10) docgrp and (11) moreResultsPage parameters to index-ajax.php. | 2009-09-17 | 4.3 | CVE-2008-7242 XF BID BUGTRAQ SECUNIA OSVDB |
|
modxcms -- modxcms |
Cross-site request forgery (CSRF) vulnerability in page 34 in MODx CMS 0.9.6.1 and 0.9.6.1p1 allows remote attackers to hijack the authentication of other users for requests that modify passwords via manager/index.php. NOTE: due to the lack of details, it is not clear whether this is related to CVE-2008-5941. | 2009-09-17 | 6.8 | CVE-2008-7243 XF BID BUGTRAQ SECUNIA |
|
mozilla -- bugzilla |
token.cgi in Bugzilla 3.4rc1 through 3.4.1 places a password in a URL at the beginning of a login session that occurs immediately after a password reset, which allows context-dependent attackers to discover passwords by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history. | 2009-09-15 | 5.0 | CVE-2009-3166 BID CONFIRM |
|
mozilla -- firefox |
Mozilla Firefox 3.0.1 and earlier allows remote attackers to cause a denial of service (browser hang) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. | 2009-09-18 | 5.0 | CVE-2008-7244 BUGTRAQ MISC |
|
novell -- suse_linux_enterprise_server |
Unspecified vulnerability in ia32el (aka the IA 32 emulation functionality) before 7042_7022-0.4.2 in SUSE Linux Enterprise (SLE) 10 SP2 on Itanium IA64 machines allows local users to cause a denial of service (system crash) via a 32-bit x86 application. | 2009-09-18 | 4.9 | CVE-2009-2707 CONFIRM MISC BID CONFIRM SUSE |
|
ohwada -- xf-section |
Cross-site scripting (XSS) vulnerability in the Happy Linux XF-Section module 1.12a for XOOPS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2009-09-18 | 4.3 | CVE-2009-3240 CONFIRM JVNDB JVN |
|
opera -- opera opera -- opera9.50 |
Opera 9.52 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. | 2009-09-18 | 5.0 | CVE-2008-7245 BUGTRAQ MISC |
|
oracle -- application_server_10g |
Unspecified vulnerability in the Oracle BPEL Worklist Application component in Oracle Application Server 10.1.2.2 and 10.1.3.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, aka AS03. | 2009-09-14 | 6.8 | CVE-2008-7234 CERT VUPEN VUPEN CONFIRM SECTRACK HP HP |
|
oracle -- application_server_10g oracle -- e-business_suite_12 |
Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10.1.2.2 and E-Business Suite 12.0.3 allows remote attackers to affect integrity via unknown vectors, aka AS04. | 2009-09-14 | 4.3 | CVE-2008-7235 CERT |
|
oracle -- application_server_10g |
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 and 10.1.3.1 allows remote attackers to affect integrity via unknown vectors, aka AS05. | 2009-09-14 | 4.3 | CVE-2008-7236 CERT VUPEN VUPEN CONFIRM SECTRACK HP HP |
|
oracle -- application_server_10g |
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows remote authenticated users to affect confidentiality via unknown vectors, aka AS06. | 2009-09-14 | 4.0 | CVE-2008-7237 CERT CONFIRM |
|
oracle -- e-business_suite |
Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 allow (1) local users to affect confidentiality and integrity via unknown vectors related to the Mobile Application Server component (APP01); (2) remote attackers to affect confidentiality via unknown vectors related to the Oracle Applications Framework (APP03); remote authenticated users to affect confidentiality and integrity via unknown vectors related to the (3) CRM Technical Foundation (APP05) and (4) Oracle Application Object Library (APP06); and remote authenticated users to affect integrity and availability via unknown vectors related to (5) Oracle Applications Technology Stack (APP07). | 2009-09-14 | 6.0 | CVE-2008-7238 CERT VUPEN VUPEN BID CONFIRM SECTRACK HP |
|
oracle -- e-business_suite_11i |
Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 allow remote attackers to affect confidentiality via unknown vectors related to the (1) Oracle Application Object Library (APP02) and (2) Oracle Applications Manager (APP04). | 2009-09-14 | 5.0 | CVE-2008-7239 CERT VUPEN VUPEN BID CONFIRM SECTRACK HP HP |
|
pad-site-scripts -- pad_site_scripts |
Multiple cross-site scripting (XSS) vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to inject arbitrary web script or HTML via the cat parameter to (1) rss.php and (2) opml.php. | 2009-09-15 | 4.3 | CVE-2009-3191 VUPEN MILW0RM |
|
postgresql -- postgresql |
The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service (backend shutdown) by "re-LOAD-ing" libraries from a certain plugins directory. | 2009-09-17 | 4.0 | CVE-2009-3229 FEDORA FEDORA CONFIRM BID CONFIRM CONFIRM SECUNIA SECUNIA |
|
postgresql -- postgresql |
The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZATION operations, which allows remote authenticated users to gain privileges. NOTE: this is due to an incomplete fix for CVE-2007-6600. | 2009-09-17 | 6.5 | CVE-2009-3230 FEDORA FEDORA CONFIRM VUPEN BID CONFIRM CONFIRM SECUNIA SECUNIA SECUNIA MLIST |
|
postgresql -- postgresql |
The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password. | 2009-09-17 | 6.8 | CVE-2009-3231 FEDORA FEDORA CONFIRM BID CONFIRM CONFIRM SECUNIA SECUNIA |
|
punbb -- punbb |
Cross-site request forgery (CSRF) vulnerability in PunBB before 1.2.17 allows remote attackers to hijack the authentication of unspecified users for requests related to a logout, probably a forced logout. | 2009-09-17 | 6.8 | CVE-2008-7241 CONFIRM OSVDB |
|
rob_schultz -- media_player_classic |
Integer overflow in Media Player Classic 6.4.9 allows user-assisted remote attackers to cause a denial of service (application crash) via a MIDI file (.mid) with a malformed header, which triggers a buffer overflow, a different vulnerability than CVE-2007-4940. | 2009-09-15 | 4.3 | CVE-2009-3201 BID MILW0RM |
|
standalonearcade -- saa |
Cross-site scripting (XSS) vulnerability in gamelist.php in Stand Alone Arcade 1.1 allows remote attackers to inject arbitrary web script or HTML via the cat parameter. | 2009-09-15 | 4.3 | CVE-2009-3187 VUPEN SECUNIA MISC |
|
stanford -- webauth |
weblogin/login.fcgi (aka the WebLogin login script) in Stanford University WebAuth 3.5.5, 3.6.0, and 3.6.1 places passwords in URLs in certain circumstances involving conversion of a POST request to a GET request, which allows context-dependent attackers to discover passwords by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history. | 2009-09-15 | 4.3 | CVE-2009-2945 CONFIRM SECUNIA |
|
stivaforum -- stiva_forum |
Multiple cross-site scripting (XSS) vulnerabilities in Stiva Forum 1.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) demo.php and (2) forum.php, and the PATH_INFO to (3) include_forum.php. | 2009-09-16 | 4.3 | CVE-2009-3204 XF SECUNIA MISC OSVDB OSVDB |
|
the-ghost -- ar_web_content_manager |
SQL injection vulnerability in control/login.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | 2009-09-16 | 6.8 | CVE-2009-3218 XF MILW0RM SECUNIA OSVDB |
|
the-ghost -- ar_web_content_manager |
Directory traversal vulnerability in a.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the a parameter. | 2009-09-16 | 6.8 | CVE-2009-3219 XF MILW0RM SECUNIA OSVDB |
|
thomas_cuchta -- rash |
SQL injection vulnerability in RASH Quote Management System (RQMS) 1.2.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter in an admin action to the default URI. | 2009-09-18 | 6.5 | CVE-2009-3255 XF VUPEN SECUNIA MISC OSVDB |
|
uebimiau -- uebimiau |
Uebimiau Webmail 3.2.0-2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database with usernames and password hashes via a direct request for system_admin/admin.ucf. | 2009-09-15 | 5.0 | CVE-2009-3199 XF MILW0RM |
|
uloki -- uloki_php_forum |
Cross-site scripting (XSS) vulnerability in search.php in ULoKI PHP Forum 2.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter. | 2009-09-16 | 4.3 | CVE-2009-3202 XF SECUNIA MISC OSVDB |
|
videogirls -- videogirls_biz |
Multiple cross-site scripting (XSS) vulnerabilities in VideoGirls BiZ allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to forum.php, (2) profile_name parameter to profile.php, and (3) p parameter to view.php. | 2009-09-15 | 4.3 | CVE-2009-3186 VUPEN BID SECUNIA MISC |
|
vtiger -- vtiger_crm |
Cross-site scripting (XSS) vulnerability in the Activities module in vtiger CRM 5.0.4 allows remote attackers to inject arbitrary web script or HTML via the action parameter to phprint.php. NOTE: the query_string vector is already covered by CVE-2008-3101.3. | 2009-09-18 | 4.3 | CVE-2009-3247 VUPEN MISC MISC BID OSVDB MILW0RM SECUNIA |
|
vtiger -- vtiger_crm |
Cross-site request forgery (CSRF) vulnerability in the RSS module in vtiger CRM 5.0.4 allows remote attackers to hijack the authentication of Admin users for requests that modify the news feed system via the rssurl parameter in a Save action to index.php. | 2009-09-18 | 6.8 | CVE-2009-3248 VUPEN MISC MISC BID OSVDB MILW0RM SECUNIA BUGTRAQ |
|
vtiger -- vtiger_crm |
include/utils/ListViewUtils.php in vtiger CRM before 5.1.0 allows remote authenticated users to bypass intended access restrictions and read the (1) visibility, (2) location, and (3) recurrence fields of a calendar via a custom view. | 2009-09-18 | 4.0 | CVE-2009-3251 CONFIRM |
|
wiccle -- iwiccle |
Multiple directory traversal vulnerabilities in iWiccle 1.01, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the show parameter to the admin module, reachable through index.php; or (2) the module parameter to index.php. | 2009-09-16 | 4.3 | CVE-2009-3216 MILW0RM SECUNIA |
|
wireshark -- wireshark |
Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure. | 2009-09-18 | 5.0 | CVE-2009-3242 MISC CONFIRM BID SECUNIA |
|
wireshark -- wireshark |
Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations. | 2009-09-18 | 5.0 | CVE-2009-3243 MISC CONFIRM BID SECUNIA |
|
xapian -- omega |
Cross-site scripting (XSS) vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages. | 2009-09-14 | 4.3 | CVE-2009-2947 BID DEBIAN CONFIRM SECUNIA SECUNIA MLIST |
| Back to top | ||||
| Low Vulnerabilities | ||||
|---|---|---|---|---|
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|
apple -- xsan |
The screensharing feature in the Admin application in Apple Xsan before 2.2 places a cleartext username and password in a URL within an error dialog, which allows physically proximate attackers to obtain credentials by reading this dialog. | 2009-09-15 | 2.1 | CVE-2009-2201 VUPEN BID CONFIRM APPLE |
|
drewish -- imagecache |
Multiple cross-site scripting (XSS) vulnerabilities in the ImageCache module 5.x before 5.x-2.5 and 6.x before 6.x-2.0-beta10, a module for Drupal, allow remote authenticated users, with "administer imagecache" permissions, to inject arbitrary web script or HTML via unspecified vectors. | 2009-09-16 | 3.5 | CVE-2009-3206 CONFIRM |
|
ibm -- tivoli_identity_manager |
Cross-site scripting (XSS) vulnerability in the Self Service UI (SSUI) in IBM Tivoli Identity Manager (ITIM) 5.0.0.5 allows remote authenticated users to inject arbitrary web script or HTML via the last name field in a profile. | 2009-09-18 | 3.5 | CVE-2009-3262 AIXAPAR |
|
joao_ventura -- print |
Multiple cross-site scripting (XSS) vulnerabilities in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.8 and 6.x before 6.x-1.8, a module for Drupal, allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 2009-09-16 | 3.5 | CVE-2009-3210 CONFIRM CONFIRM CONFIRM |
|
meridio -- document_and_records_management |
Cross-site scripting (XSS) vulnerability in Meridio Document and Records Management before 4.3 SR1 allows remote authenticated users to inject arbitrary web script or HTML via the Title field in a (1) document (subGeneralProps:dmpvDocTitle:PROP_W_title) or (2) container (subGeneralProps:dmpvContainerTitle:PROP_W_title). | 2009-09-14 | 3.5 | CVE-2008-7231 XF BID MISC MISC |
|
vtiger -- vtiger_crm |
vtiger CRM before 5.1.0 allows remote authenticated users to bypass the permissions on the (1) Account Billing Address and (2) Shipping Address fields in a profile by creating a Sales Order (SO) associated with that profile. | 2009-09-18 | 3.6 | CVE-2009-3257 CONFIRM SECUNIA |
| Back to top | ||||
PDF Version