Vulnerability Summary for the Week of February 28, 2011
Released
Mar 07, 2011
Document ID
SB11-066
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| ca -- host-based_intrusion_prevention_system | The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods. | 2011-02-25 | 9.3 | CVE-2011-1036 CONFIRM XF MISC BUGTRAQ |
| cisco -- telepresence_system_software | The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31640. | 2011-02-25 | 10.0 | CVE-2011-0372 CISCO |
| cisco -- telepresence_system_software | The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31685. | 2011-02-25 | 9.0 | CVE-2011-0373 CISCO |
| cisco -- telepresence_system_software | The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31659. | 2011-02-25 | 9.0 | CVE-2011-0374 CISCO |
| cisco -- telepresence_system_software | The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCth24671. | 2011-02-25 | 9.0 | CVE-2011-0375 CISCO |
| cisco -- telepresence_system_software | The TFTP implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x, 1.6.0, and 1.6.1 allows remote attackers to obtain sensitive information via a GET request, aka Bug ID CSCte43876. | 2011-02-25 | 10.0 | CVE-2011-0376 CISCO |
| cisco -- telepresence_system_software | Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to cause a denial of service (service crash) via a malformed SOAP request in conjunction with a spoofed TelePresence Manager that supplies an invalid IP address, aka Bug ID CSCth03605. | 2011-02-25 | 7.8 | CVE-2011-0377 CISCO |
| cisco -- telepresence_system_software | The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a TCP request, related to a "command injection vulnerability," aka Bug ID CSCtb52587. | 2011-02-25 | 8.3 | CVE-2011-0378 CISCO |
| cisco -- adaptive_security_appliance_software | Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x; and Cisco TelePresence Manager 1.2.x, 1.3.x, 1.4.x, 1.5.x, and 1.6.2 allows remote attackers to execute arbitrary code via a crafted Cisco Discovery Protocol packet, aka Bug IDs CSCtd75769, CSCtd75766, CSCtd75754, and CSCtd75761. | 2011-02-25 | 7.9 | CVE-2011-0379 CISCO CISCO CISCO CISCO |
| cisco -- telepresence_manager | Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to bypass authentication and invoke arbitrary methods via a malformed SOAP request, aka Bug ID CSCtc59562. | 2011-02-25 | 7.5 | CVE-2011-0380 CISCO |
| cisco -- telepresence_manager | Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to perform unspecified actions and consequently execute arbitrary code via a crafted request to the Java RMI interface, related to a "command injection vulnerability," aka Bug ID CSCtf97085. | 2011-02-25 | 10.0 | CVE-2011-0381 CISCO |
| cisco -- telepresence_recording_server_software | The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 allows remote attackers to execute arbitrary commands via a request to TCP port 443, related to a "command injection vulnerability," aka Bug ID CSCtf97221. | 2011-02-25 | 10.0 | CVE-2011-0382 CISCO |
| cisco -- telepresence_multipoint_switch_software | The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008. | 2011-02-25 | 10.0 | CVE-2011-0383 CISCO CISCO |
| cisco -- telepresence_multipoint_switch_software | The Java Servlet framework on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug ID CSCtf01253. | 2011-02-25 | 10.0 | CVE-2011-0384 CISCO |
| cisco -- telepresence_multipoint_switch_software | The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote attackers to create or overwrite arbitrary files, and possibly execute arbitrary code, via a crafted request, aka Bug IDs CSCth85786 and CSCth61065. | 2011-02-25 | 10.0 | CVE-2011-0385 CISCO CISCO |
| cisco -- telepresence_recording_server_software | The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739. | 2011-02-25 | 9.3 | CVE-2011-0386 CISCO |
| cisco -- telepresence_multipoint_switch_software | The administrative web interface on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote authenticated users to cause a denial of service or have unspecified other impact via vectors involving access to a servlet, aka Bug ID CSCtf97164. | 2011-02-25 | 8.0 | CVE-2011-0387 CISCO |
| cisco -- telepresence_multipoint_switch_software | Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825. | 2011-02-25 | 7.8 | CVE-2011-0388 CISCO CISCO |
| cisco -- telepresence_multipoint_switch_software | Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allow remote attackers to cause a denial of service (process crash) via a crafted Real-Time Transport Control Protocol (RTCP) UDP packet, aka Bug ID CSCth60993. | 2011-02-25 | 7.8 | CVE-2011-0389 CISCO |
| cisco -- telepresence_multipoint_switch_software | The XML-RPC implementation on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, 1.6.x, and 1.7.0 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka Bug ID CSCtj44534. | 2011-02-25 | 7.8 | CVE-2011-0390 CISCO |
| cisco -- telepresence_recording_server_software | Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an "ad hoc recording" issue, aka Bug ID CSCtf97205. | 2011-02-25 | 7.8 | CVE-2011-0391 CISCO |
| cisco -- telepresence_recording_server_software | Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833. | 2011-02-25 | 7.5 | CVE-2011-0392 CISCO |
| cisco -- adaptive_security_appliance_software | Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.12), 7.1 and 7.2 before 7.2(5.2), 8.0 before 8.0(5.21), 8.1 before 8.1(2.49), 8.2 before 8.2(3.6), and 8.3 before 8.3(2.7) and Cisco PIX Security Appliances 500 series devices, when transparent firewall mode is configured but IPv6 is not configured, allow remote attackers to cause a denial of service (packet buffer exhaustion and device outage) via IPv6 traffic, aka Bug ID CSCtj04707. | 2011-02-25 | 7.8 | CVE-2011-0393 CISCO |
| cisco -- adaptive_security_appliance_software | Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952. | 2011-02-25 | 7.8 | CVE-2011-0394 CISCO CISCO |
| cisco -- adaptive_security_appliance_software | Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1 before 8.1(2.48), 8.2 before 8.2(3), and 8.3 before 8.3(2.1), when the RIP protocol and the Cisco Phone Proxy functionality are configured, allow remote attackers to cause a denial of service (device reload) via a RIP update, aka Bug ID CSCtg66583. | 2011-02-25 | 7.8 | CVE-2011-0395 CISCO |
| cisco -- adaptive_security_appliance_software | Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13), when a Certificate Authority (CA) is configured, allow remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCtk12352. | 2011-02-25 | 7.8 | CVE-2011-0396 CISCO |
| cisco -- secure_desktop | A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589. | 2011-02-25 | 9.3 | CVE-2011-0926 MISC BUGTRAQ |
| cisco -- secure_desktop | The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows remote attackers to download an unintended Cisco program onto a client machine, and execute this program, by identifying a Cisco program with a Cisco digital signature and then renaming this program to inst.exe, a different vulnerability than CVE-2010-0589 and CVE-2011-0926. | 2011-02-28 | 9.3 | CVE-2011-0925 MISC BUGTRAQ |
| foxitsoftware -- phantom | Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-based buffer overflow. | 2011-02-25 | 9.3 | CVE-2011-0332 CONFIRM VUPEN MISC SECUNIA SECUNIA |
| google -- chrome | Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets (CSS) stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 2011-03-01 | 10.0 | CVE-2011-1109 CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 9.0.597.107 does not properly implement key frame rules, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 2011-03-01 | 10.0 | CVE-2011-1110 CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 9.0.597.107 does not properly implement forms controls, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. | 2011-03-01 | 10.0 | CVE-2011-1111 CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 9.0.597.107 does not properly perform SVG rendering, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. | 2011-03-01 | 7.5 | CVE-2011-1112 CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." | 2011-03-01 | 7.5 | CVE-2011-1114 CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 2011-03-01 | 7.5 | CVE-2011-1115 CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 9.0.597.107 does not properly handle SVG animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 2011-03-01 | 7.5 | CVE-2011-1116 CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes." | 2011-03-01 | 7.5 | CVE-2011-1117 CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 9.0.597.107 does not properly handle TEXTAREA elements, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document. | 2011-03-01 | 7.5 | CVE-2011-1118 CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 9.0.597.107 does not properly determine device orientation, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 2011-03-01 | 7.5 | CVE-2011-1119 CONFIRM CONFIRM |
| google -- chrome | Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element. | 2011-03-01 | 7.5 | CVE-2011-1121 CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 9.0.597.107 does not properly restrict access to internal extension functions, which has unspecified impact and remote attack vectors. | 2011-03-01 | 7.5 | CVE-2011-1123 CONFIRM CONFIRM |
| google -- chrome | Use-after-free vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to blocked plug-ins. | 2011-03-01 | 7.5 | CVE-2011-1124 CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 9.0.597.107 does not properly perform layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 2011-03-01 | 7.5 | CVE-2011-1125 CONFIRM CONFIRM |
| iij -- seil/b1_firmware | Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 with firmware 1.00 through 1.61, SEIL/B1 with firmware 1.00 through 3.11, SEIL/X1 with firmware 1.00 through 3.11, SEIL/X2 with firmware 1.00 through 3.11, SEIL/Turbo with firmware 1.80 through 2.10, and SEIL/neu 2FE Plus with firmware 1.80 through 2.10 might allow remote attackers to execute arbitrary code via a PPPoE packet. | 2011-03-01 | 8.3 | CVE-2011-0454 CONFIRM SECUNIA JVNDB JVN |
| linux -- kernel | Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table. | 2011-03-01 | 7.2 | CVE-2011-1017 MISC SECTRACK MLIST MLIST MLIST |
| logwatch -- logwatch | logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server. | 2011-02-25 | 10.0 | CVE-2011-1018 CONFIRM MLIST MLIST CONFIRM CONFIRM BID MLIST SECUNIA |
| microsoft -- forefront_client_security | Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted value of an unspecified user registry key. | 2011-02-25 | 7.2 | CVE-2011-0037 XF VUPEN BID CONFIRM SECTRACK SECUNIA |
| novell -- netware | The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow. | 2011-02-25 | 10.0 | CVE-2010-4227 CONFIRM XF MISC VUPEN SECTRACK BID BUGTRAQ MISC EXPLOIT-DB SECUNIA |
Medium Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| ahmattox -- processing_embed_plugin | Cross-site scripting (XSS) vulnerability in wordpress-processing-embed/data/popup.php in the Processing Embed plugin 0.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pluginurl parameter. | 2011-03-01 | 4.3 | CVE-2010-4747 XF BID OSVDB MISC SECUNIA |
| bestpractical -- rt | Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a TicketObj in a Scrip after a CurrentUser change, which allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by custom-field value information, related to SQL logging. | 2011-02-28 | 4.0 | CVE-2011-1008 CONFIRM MLIST MLIST MLIST MLIST CONFIRM VUPEN SECUNIA MLIST MLIST MLIST MLIST |
| blogcms -- blog:cms | Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1.e, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) body parameter to action.php and the (2) amount and (3) action parameters to admin/index.php. | 2011-03-01 | 4.3 | CVE-2010-4749 CONFIRM MISC MISC MISC EXPLOIT-DB MISC |
| blogcms -- blog:cms | Cross-site request forgery (CSRF) vulnerability in admin/libs/ADMIN.php in BLOG:CMS 4.2.1.e, and possibly earlier, allows remote attackers to hijack the authentication of administrators. | 2011-03-01 | 6.8 | CVE-2010-4750 MISC MISC EXPLOIT-DB MISC |
| citrix -- licensing_administration_console | Multiple unspecified vulnerabilities in a third-party component of the Citrix Licensing Administration Console 11.6, formerly License Management Console, allow remote attackers to (1) access unauthorized "license administration functionality" or (2) cause a denial of service via unknown vectors. | 2011-02-25 | 6.8 | CVE-2011-1101 VUPEN SECTRACK BID CONFIRM SECUNIA |
| f-secure -- policy_manager | Cross-site scripting (XSS) vulnerability in the WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2011-02-25 | 4.3 | CVE-2011-1102 CONFIRM VUPEN SECTRACK BID SECUNIA |
| f-secure -- policy_manager | The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows remote attackers to obtain sensitive information via a request to an invalid report, which reveals the installation path in an error message, as demonstrated with requests to (1) report/infection-table.html or (2) report/productsummary-table.html. | 2011-02-25 | 5.0 | CVE-2011-1103 CONFIRM VUPEN SECTRACK SECUNIA |
| google -- chrome | Unspecified vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to spoof the URL bar via unknown vectors. | 2011-03-01 | 4.3 | CVE-2011-1107 CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 9.0.597.107 does not properly implement JavaScript dialogs, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document. | 2011-03-01 | 6.8 | CVE-2011-1108 CONFIRM CONFIRM |
| google -- chrome | Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not properly perform pickle deserialization, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 2011-03-01 | 5.0 | CVE-2011-1113 CONFIRM CONFIRM |
| google -- chrome | The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71717. | 2011-03-01 | 5.0 | CVE-2011-1120 CONFIRM CONFIRM |
| google -- chrome | The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960. | 2011-03-01 | 5.0 | CVE-2011-1122 CONFIRM CONFIRM |
| hp -- web_jetadmin | Unspecified vulnerability in HP Web Jetadmin 10.2 Service Release 3 and 4 allows local users to bypass intended access restrictions via unknown vectors. | 2011-03-01 | 4.3 | CVE-2011-0278 VUPEN SECTRACK SECUNIA HP HP |
| ibm -- lotus_sametime | Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action. | 2011-03-01 | 4.3 | CVE-2011-1106 XF BID SECUNIA BUGTRAQ |
| lightneasy -- lightneasy | SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the id parameter in an edituser action, a different vector than CVE-2008-6593, CVE-2010-3484, and CVE-2010-3485. | 2011-03-01 | 6.0 | CVE-2010-4751 XF BID CONFIRM SECUNIA MISC |
| lightneasy -- lightneasy | SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the page parameter, a different vector than CVE-2008-6593, CVE-2010-3484, and CVE-2010-3485. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | 2011-03-01 | 6.8 | CVE-2010-4752 XF BID MISC SECUNIA |
| lightneasy -- lightneasy | Cross-site scripting (XSS) vulnerability in LightNEasy.php in LightNEasy 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, which is not properly handled in a forced SQL error message. | 2011-03-01 | 4.3 | CVE-2010-4753 CONFIRM SECUNIA MISC |
| linux -- kernel | The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the AA resolve registers, which allows local users to write to arbitrary memory locations associated with (1) Video RAM (aka VRAM) or (2) the Graphics Translation Table (GTT) via crafted values. | 2011-02-28 | 6.9 | CVE-2011-1016 CONFIRM MLIST MLIST MLIST CONFIRM BID CONFIRM |
| linux -- kernel | Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via a malformed Mac OS partition table. | 2011-03-01 | 4.9 | CVE-2011-1010 CONFIRM CONFIRM MISC CONFIRM MLIST MLIST MLIST |
| linux -- kernel | The ldm_parse_vmdb function in fs/partitions/ldm.c in the Linux kernel before 2.6.38-rc6-git6 does not validate the VBLK size value in the VMDB structure in an LDM partition table, which allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted partition table. | 2011-03-01 | 4.9 | CVE-2011-1012 MLIST MLIST MLIST CONFIRM MISC CONFIRM |
| mutare -- evm | Multiple cross-site request forgery (CSRF) vulnerabilities in Mutare EVM allow remote attackers to hijack the authentication of arbitrary users for requests that (1) change a PIN, (2) delete messages, (3) add a delivery address, or (4) change a delivery address. | 2011-02-28 | 6.8 | CVE-2011-1104 CERT-VN VUPEN BID SECUNIA |
| mutare -- evm | Multiple cross-site scripting (XSS) vulnerabilities in Mutare EVM allow remote attackers to inject arbitrary web script or HTML via (1) a delivery address and possibly (2) a PIN. | 2011-02-28 | 4.3 | CVE-2011-1105 CERT-VN |
| pixelpost -- pixelpost | Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action. | 2011-02-25 | 6.5 | CVE-2011-1100 XF MISC EXPLOIT-DB |
| pmwiki -- pmwiki | Cross-site scripting (XSS) vulnerability in pmwiki.php in PmWiki 2.2.20 allows remote attackers to inject arbitrary web script or HTML via the from parameter to Main/WikiSandbox. NOTE: some of these details are obtained from third party information. | 2011-03-01 | 4.3 | CVE-2010-4748 CONFIRM CONFIRM SECUNIA MISC FULLDISC |
| redhat -- network_satellite_server | Session fixation vulnerability in Red Hat Network (RHN) Satellite Server 5.4 allows remote attackers to hijack web sessions via unspecified vectors related to Spacewalk. | 2011-02-25 | 5.8 | CVE-2011-0717 CONFIRM VUPEN SECTRACK BID REDHAT SECUNIA |
| redhat -- network_satellite_server | Red Hat Network (RHN) Satellite Server 5.4 does not use a time delay after a failed login attempt, which makes it easier for remote attackers to conduct brute force password guessing attacks. | 2011-02-25 | 5.8 | CVE-2011-0718 CONFIRM VUPEN SECTRACK BID REDHAT SECUNIA |
| samba -- samba | Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not properly validate file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) via vectors involving file descriptor sets, and (1) Winbind or (2) smbd. | 2011-03-01 | 5.0 | CVE-2011-0719 CONFIRM CONFIRM CONFIRM CONFIRM SECUNIA CONFIRM |
Low Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| bestpractical -- rt | Best Practical Solutions RT before 3.8.9 does not perform certain redirect actions upon a login, which allows physically proximate attackers to obtain credentials by resubmitting the login form via the back button of a web browser on an unattended workstation after an RT logout. | 2011-02-28 | 2.1 | CVE-2011-1007 CONFIRM CONFIRM MLIST MLIST MLIST MLIST CONFIRM VUPEN SECUNIA MLIST MLIST MLIST MLIST CONFIRM |
| linux -- kernel | The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lseek, read, and write system calls. | 2011-02-28 | 2.1 | CVE-2011-1020 MLIST MLIST MLIST MLIST MLIST MLIST MLIST MISC SECUNIA FULLDISC MLIST MLIST |
| linux -- kernel | The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRY_V1 ioctl call. | 2011-03-01 | 2.1 | CVE-2011-0711 CONFIRM CONFIRM CONFIRM BID CONFIRM MLIST MLIST |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.