U.S. Flag Official website of the Department of Homeland Security

Bulletin (SB10-060)

Vulnerability Summary for the Week of February 22, 2010

Original release date: March 01, 2010 | Last revised: November 02, 2012

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
adobe -- acrobat_reader
Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. 2010-02-22 10.0 CVE-2010-0188
XF
VUPEN
BID
REDHAT
CONFIRM
SECTRACK
SECUNIA
adobe -- download_manager
Unspecified vulnerability in Adobe Download Manager allows remote attackers to force the download and installation of arbitrary programs via unknown vectors. 2010-02-23 10.0 CVE-2010-0189
XF
BID
MISC
MISC
MISC
aspcodecms -- aspcode_cms
SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. 2010-02-25 7.5 CVE-2010-0710
SECUNIA
OSVDB
avast -- avast_antivirus_home
Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption. 2010-02-25 7.2 CVE-2010-0705
VUPEN
MISC
SECTRACK
BID
BUGTRAQ
SECUNIA
SECUNIA
OSVDB
CONFIRM
cisco -- asa_5500
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.46), 8.0 before 8.0(4.38), 8.1 before 8.1(2.29), and 8.2 before 8.2(1.5); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (prevention of new connections) via crafted TCP segments during termination of the TCP connection that cause the connection to remain in CLOSEWAIT status, aka "TCP Connection Exhaustion Denial of Service Vulnerability." 2010-02-19 7.8 CVE-2010-0149
XF
VUPEN
SECTRACK
BID
CISCO
SECUNIA
SECUNIA
OSVDB
cisco -- asa_5500
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCsy91157. 2010-02-19 7.8 CVE-2010-0150
XF
VUPEN
SECTRACK
BID
CISCO
SECUNIA
SECUNIA
OSVDB
cisco -- firewall_services_module
The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message. 2010-02-19 7.8 CVE-2010-0151
CISCO
CISCO
XF
VUPEN
SECTRACK
BID
SECUNIA
OSVDB
cisco -- asa_5500
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10), allows remote attackers to cause a denial of service (page fault and device reload) via a malformed DTLS message, aka Bug ID CSCtb64913 and "WebVPN DTLS Denial of Service Vulnerability." 2010-02-19 7.8 CVE-2010-0565
XF
VUPEN
SECTRACK
BID
CISCO
SECUNIA
OSVDB
cisco -- asa_5500
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219. 2010-02-19 7.1 CVE-2010-0566
XF
VUPEN
SECTRACK
BID
CISCO
SECUNIA
OSVDB
cisco -- asa_5500
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.7), 8.1 before 8.1(2.40), and 8.2 before 8.2(2.1); and Cisco PIX 500 Series Security Appliance; allows remote attackers to bypass NTLMv1 authentication via a crafted username, aka Bug ID CSCte21953. 2010-02-19 7.1 CVE-2010-0568
XF
VUPEN
SECTRACK
BID
CISCO
SECUNIA
SECUNIA
OSVDB
cisco -- asa_5500
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCtc96018. 2010-02-19 7.8 CVE-2010-0569
XF
VUPEN
SECTRACK
BID
CISCO
SECUNIA
SECUNIA
OSVDB
cisco -- security_agents
Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allows remote attackers to cause a denial of service (kernel panic) via "a series of TCP packets." 2010-02-23 7.8 CVE-2010-0148
SECUNIA
XF
VUPEN
SECTRACK
BID
CISCO
OSVDB
commodityrentals -- video_games_rentals
SQL injection vulnerability in index.php in CommodityRentals Video Games Rentals allows remote attackers to execute arbitrary SQL commands via the pfid parameter in a catalog action. 2010-02-23 7.5 CVE-2010-0690
XF
MISC
SECUNIA
MISC
OSVDB
commodityrentals -- trade_manager_script
SQL injection vulnerability in products.php in CommodityRentals Trade Manager Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. 2010-02-23 7.5 CVE-2010-0693
XF
MISC
SECUNIA
MISC
OSVDB
copperleaf -- photolog
SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote attackers to execute arbitrary SQL commands via the postid parameter. 2010-02-22 7.5 CVE-2010-0673
BID
MISC
SECUNIA
MISC
OSVDB
dynamicsoft -- wsc_cms
SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC CMS 2.2 allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: some of these details are obtained from third party information. 2010-02-23 7.5 CVE-2010-0698
XF
BID
MISC
SECUNIA
MISC
emc -- homebase_server
Directory traversal vulnerability in the SSL Service in EMC HomeBase Server allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an unspecified parameter. 2010-02-24 7.5 CVE-2010-0620
MISC
VUPEN
BID
fonality -- trixbox
SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter. 2010-02-23 7.5 CVE-2010-0702
XF
BID
MISC
MISC
hyleos -- chemview
Multiple stack-based buffer overflows in the HyleosChemView.HLChemView ActiveX control (HyleosChemView.ocx) in Hyleos ChemView 1.9.5.1 allow remote attackers to execute arbitrary code via a large number of white space characters in the filename argument to the (1) SaveasMolFile and (2) ReadMolFile methods. 2010-02-22 9.3 CVE-2010-0679
BID
MISC
MISC
SECUNIA
MISC
MISC
OSVDB
iptechinside -- com_jquarks
SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information. 2010-02-23 7.5 CVE-2010-0692
CONFIRM
BID
OSVDB
SECUNIA
jtl-software -- jtl-shop
SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows remote attackers to execute arbitrary SQL commands via the s parameter. 2010-02-23 7.5 CVE-2010-0691
MISC
SECUNIA
OSVDB
katalog.hurricane -- katalog_stron_hurricane
SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the get parameter. 2010-02-22 7.5 CVE-2010-0677
MISC
SECUNIA
MISC
OSVDB
michalin -- kr_media_pogodny_cms
SQL injection vulnerability in index.php in KR MEDIA Pogodny CMS allows remote attackers to execute arbitrary SQL commands via the id parameter in a niusy action. 2010-02-22 7.5 CVE-2010-0671
BID
BUGTRAQ
OSVDB
MISC
SECUNIA
MISC
MISC
mit -- kerberos
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid (1) AS-REQ or (2) TGS-REQ request. 2010-02-22 7.8 CVE-2010-0283
BID
BUGTRAQ
CONFIRM
SECTRACK
SECUNIA
FEDORA
mozilla -- firefox
Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations. 2010-02-22 10.0 CVE-2009-1571
CONFIRM
XF
VUPEN
UBUNTU
UBUNTU
BUGTRAQ
REDHAT
REDHAT
CONFIRM
MANDRIVA
DEBIAN
MISC
SECUNIA
FEDORA
FEDORA
FEDORA
mozilla -- firefox
The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors. 2010-02-22 10.0 CVE-2010-0159
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
XF
VUPEN
UBUNTU
UBUNTU
REDHAT
REDHAT
CONFIRM
MANDRIVA
DEBIAN
SECUNIA
FEDORA
FEDORA
FEDORA
mozilla -- firefox
The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. 2010-02-22 10.0 CVE-2010-0160
VUPEN
CONFIRM
CONFIRM
CONFIRM
XF
UBUNTU
UBUNTU
REDHAT
CONFIRM
MANDRIVA
DEBIAN
SECUNIA
FEDORA
FEDORA
FEDORA
newgensoft -- omnidocs
SQL injection vulnerability in ForceChangePassword.jsp in Newgen Software OmniDocs allows remote attackers to execute arbitrary SQL commands via unspecified vectors. 2010-02-23 7.5 CVE-2010-0701
XF
BID
MISC
SECUNIA
MISC
OSVDB
onnogroen -- com_webeecomment
SQL injection vulnerability in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a default action to index2.php. NOTE: some of these details are obtained from third party information. 2010-02-22 7.5 CVE-2009-4650
BID
OSVDB
SECUNIA
MISC
percha -- com_perchagallery
SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an editunidad action to index.php. 2010-02-23 7.5 CVE-2010-0694
XF
BID
MISC
MISC
MISC
sun -- java_system_directory_server
Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allow remote attackers to cause a denial of service (daemon crash) via a crafted LDAP search request. 2010-02-25 7.8 CVE-2010-0708
CONFIRM
SUNALERT
symantec -- antivirus
Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function. 2010-02-19 10.0 CVE-2010-0108
XF
VUPEN
CONFIRM
BID
SECUNIA
symantec -- client_security
Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. NOTE: this is only a vulnerability if the attacker can "masquerade as an authorized site." 2010-02-23 9.3 CVE-2010-0107
XF
VUPEN
CONFIRM
SECTRACK
SECTRACK
SECTRACK
SECTRACK
BID
SECUNIA
OSVDB
systemtap -- systemtap
stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273. 2010-02-24 7.5 CVE-2010-0412
BID
MLIST
FEDORA
FEDORA
uzbl -- uzbl
The eval_js function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl object, which allows remote attackers to execute arbitrary commands via JavaScript code. 2010-02-25 7.5 CVE-2010-0011
CONFIRM
MLIST
MLIST
MLIST
CONFIRM
CONFIRM
webmastersite -- wsn_guest
SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter. 2010-02-22 7.5 CVE-2010-0672
XF
BID
MISC
MISC
zeuscms -- zeuscms
Directory traversal vulnerability in index.php in ZeusCMS 0.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter. 2010-02-22 7.5 CVE-2010-0680
BID
MISC
Back to top

Medium Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
2enetworx -- statcountex
StatCounteX 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for path/stats.mdb. 2010-02-22 5.0 CVE-2010-0674
XF
MISC
MISC
aspcodecms -- aspcode_cms
Cross-site request forgery (CSRF) vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to hijack the authentication of an administrator for requests that (1) delete users via the delete action in the ma2 parameter or (2) create administrators via the update action in the ma2 parameter. 2010-02-25 6.8 CVE-2010-0711
SECUNIA
MISC
OSVDB
basic-cms -- basic-cms
Cross-site scripting (XSS) vulnerability in pages/index.php in BASIC-CMS allows remote attackers to inject arbitrary web script or HTML via the nav_id parameter. 2010-02-23 4.3 CVE-2010-0695
BID
MISC
bgsvetionik -- bgs_cms
Cross-site scripting (XSS) vulnerability in index.php in BGSvetionik BGS CMS 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action. NOTE: some of these details are obtained from third party information. 2010-02-22 4.3 CVE-2010-0675
BID
SECUNIA
MISC
OSVDB
ca -- ehealth_performance_manager
Cross-site scripting (XSS) vulnerability in CA eHealth Performance Manager 6.0.x through 6.2.x, when malicious HTML detection is disabled, allows remote attackers to inject arbitrary web script or HTML via a crafted request. 2010-02-24 4.3 CVE-2010-0640
BID
BUGTRAQ
FULLDISC
cisco -- asa_5500
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.1), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.15); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (active IPsec tunnel loss and prevention of new tunnels) via a malformed IKE message through an existing tunnel to UDP port 4500, aka Bug ID CSCtc47782. 2010-02-19 5.0 CVE-2010-0567
XF
VUPEN
SECTRACK
BID
CISCO
SECUNIA
SECUNIA
OSVDB
cisco -- security_agents
Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors. 2010-02-23 6.8 CVE-2010-0146
XF
VUPEN
SECTRACK
BID
CISCO
SECUNIA
OSVDB
cisco -- security_agents
SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. 2010-02-23 6.5 CVE-2010-0147
CISCO
SECUNIA
XF
VUPEN
SECTRACK
BID
OSVDB
digium -- asterisk
The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the ${EXTEN} channel variable and wildcard pattern matches, allows context-dependent attackers to inject strings into the dialplan using metacharacters that are injected when the variable is expanded, as demonstrated using the Dial application to process a crafted SIP INVITE message that adds an unintended outgoing channel leg. NOTE: it could be argued that this is not a vulnerability in Asterisk, but a class of vulnerabilities that can occur in any program that uses this feature without the associated filtering functionality that is already available. 2010-02-23 5.0 CVE-2010-0685
XF
VUPEN
SECTRACK
BUGTRAQ
MISC
SECUNIA
CONFIRM
geccbblite -- geccbblite
Multiple cross-site scripting (XSS) vulnerabilities in geccBBlite 0.1 allow remote attackers to inject arbitrary web script or HTML via the postatoda parameter to (1) rispondi.php and (2) scrivi.php, which is not properly handled in forum.php. 2010-02-22 4.3 CVE-2009-4649
XF
BID
MISC
MISC
MISC
ibm -- websphere_portal
Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM WebSphere Portal 6.0.1.5 wp6015_008_01 allows remote attackers to inject arbitrary web script or HTML via the search field. 2010-02-24 4.3 CVE-2010-0704
AIXAPAR
SECUNIA
iptechinside -- com_jquarks
Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) Component before 0.2.4 for Joomla! allows attackers to obtain the installation path for Joomla! via unknown vectors. 2010-02-22 5.0 CVE-2010-0670
CONFIRM
joomlaworks -- jw_allvideos
Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter. 2010-02-23 5.0 CVE-2010-0696
BID
CONFIRM
MISC
SECUNIA
OSVDB
katalog.hurricane -- katalog_stron_hurricane
PHP remote file inclusion vulnerability in includes/moderation.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the includes_directory parameter. 2010-02-22 6.8 CVE-2010-0678
MISC
SECUNIA
MISC
OSVDB
limny -- limny
Multiple cross-site request forgery (CSRF) vulnerabilities in Limny 2.0 allow remote attackers to (1) hijack the authentication of users or administrators for requests that change the email address or password via the user action to index.php, and (2) hijack the authentication of the administrator for requests that create a new user via the admin/modules/user/new action to limny/index.php. 2010-02-25 6.8 CVE-2010-0709
CONFIRM
XF
MISC
MISC
SECUNIA
OSVDB
linux -- kernel
drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages. 2010-02-22 4.9 CVE-2010-0410
CONFIRM
CONFIRM
BID
MLIST
MLIST
DEBIAN
SECUNIA
SECUNIA
FEDORA
FEDORA
CONFIRM
mozilla -- firefox
Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via crafted dialogArguments values. 2010-02-22 5.0 CVE-2009-3988
CONFIRM
XF
VUPEN
UBUNTU
UBUNTU
REDHAT
CONFIRM
MANDRIVA
DEBIAN
SECUNIA
FEDORA
FEDORA
FEDORA
mozilla -- firefox
Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly support the application/octet-stream content type as a protection mechanism against execution of web script in certain circumstances involving SVG and the EMBED element, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via an embedded SVG document. 2010-02-22 4.3 CVE-2010-0162
CONFIRM
XF
VUPEN
UBUNTU
UBUNTU
REDHAT
CONFIRM
MANDRIVA
DEBIAN
SECUNIA
FEDORA
FEDORA
FEDORA
novell -- opensuse
openSUSE 11.2 installs the devtmpfs root directory with insecure permissions (1777), which allows local users to gain privileges via unspecified vectors. 2010-02-22 4.6 CVE-2010-0299
SUSE
onnogroen -- com_webeecomment
Multiple cross-site scripting (XSS) vulnerabilities in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) color, (2) img, or (3) url BBCode tags in unspecified vectors. 2010-02-22 4.3 CVE-2009-4651
BID
MISC
pidgin -- pidgin
libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nicknames containing <br> sequences, which allows remote attackers to cause a denial of service (application crash) via a crafted nickname. 2010-02-24 5.0 CVE-2010-0420
CONFIRM
REDHAT
CONFIRM
XF
VUPEN
UBUNTU
BID
OSVDB
MANDRIVA
SECUNIA
SECUNIA
SECUNIA
SECUNIA
CONFIRM
FEDORA
FEDORA
FEDORA
pidgin -- pidgin
gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service (CPU consumption and application hang) by sending many smileys in a (1) IM or (2) chat. 2010-02-24 5.0 CVE-2010-0423
VUPEN
CONFIRM
REDHAT
CONFIRM
XF
UBUNTU
BID
OSVDB
MANDRIVA
SECUNIA
SECUNIA
SECUNIA
SECUNIA
FEDORA
FEDORA
FEDORA
CONFIRM
portwise -- ssl_vpn
Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL VPN 4.6 allows remote attackers to inject arbitrary web script or HTML via the reloadFrame parameter. 2010-02-23 4.3 CVE-2010-0703
BID
BUGTRAQ
MISC
SECUNIA
MISC
subexworld -- nikira_fraud_management_system
Cross-site scripting (XSS) vulnerability in the login/prompt component in Subex Nikira Fraud Management System allows remote attackers to inject arbitrary web script or HTML via the message parameter. 2010-02-25 4.3 CVE-2010-0706
XF
BID
MISC
SECUNIA
sun -- one_web_server
Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 4.1 before SP13 and 6.0 before SP6 on Windows allows attackers to cause a denial of service (daemon crash) via unknown vectors. 2010-02-25 5.0 CVE-2003-1589
SUNALERT
sun -- one_web_server
Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 6.0 SP3 through SP5 on Windows allows remote attackers to cause a denial of service (daemon crash) via unknown vectors. 2010-02-25 5.0 CVE-2003-1590
SUNALERT
tibco -- administrator
Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator 5.4.0 through 5.6.0, when JMS transport is used, allows remote authenticated users to execute arbitrary code on all domain nodes via vectors related to leveraging administrative credentials. 2010-02-25 6.0 CVE-2010-0683
CONFIRM
VUPEN
CONFIRM
BID
SECUNIA
timeclock-software -- employee_timeclock_software
Cross-site request forgery (CSRF) vulnerability in add_user.php in Employee Timeclock Software 0.99 allows remote attackers to hijack the authentication of an administrator for requests that create new administrative users. NOTE: some of these details are obtained from third party information. 2010-02-25 6.0 CVE-2010-0707
XF
MISC
SECUNIA
OSVDB
todd_miller -- sudo
sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory. 2010-02-24 4.4 CVE-2010-0426
CONFIRM
BID
CONFIRM
VUPEN
MISC
CONFIRM
CONFIRM
CONFIRM
SECUNIA
MISC
todd_miller -- sudo
sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command. 2010-02-25 4.4 CVE-2010-0427
CONFIRM
CONFIRM
CONFIRM
MLIST
MLIST
CONFIRM
CONFIRM
CONFIRM
typo3 -- typo3
Unspecified vulnerability in the OpenID Identity Authentication extension in TYPO3 4.3.0 allows remote attackers to bypass authentication and gain access to a backend user account via unknown attack vectors in which both the attacker and victim have an OpenID provider that discards identities during authentication. 2010-02-22 5.0 CVE-2010-0286
XF
VUPEN
CONFIRM
SECUNIA
OSVDB
videosearchscript -- videosearchscript_pro
Cross-site scripting (XSS) vulnerability in index.php in VideoSearchScript Pro 3.5 allows remote attackers to inject arbitrary web script or HTML via the q parameter. 2010-02-23 4.3 CVE-2010-0699
SECUNIA
MISC
wampserver -- wampserver
Cross-site scripting (XSS) vulnerability in index.php in WampServer 2.0i allows remote attackers to inject arbitrary web script or HTML via the lang parameter. 2010-02-23 4.3 CVE-2010-0700
MISC
MISC
SECUNIA
weberr -- com_rwcards
Directory traversal vulnerability in index.php in the RWCards (com_rwcards) component 3.0.18 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter. 2010-02-22 5.0 CVE-2010-0676
BID
SECUNIA
MISC
wordpress -- wordpress
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter. 2010-02-23 4.0 CVE-2010-0682
CONFIRM
CONFIRM
OSVDB
MISC
SECUNIA
MISC
zeuscms -- zeuscms
ZeusCMS 0.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request for admin/backup.sql. 2010-02-22 5.0 CVE-2010-0681
MISC
Back to top

Low Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
becauseinter -- bournal
Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files associated with a --hack_the_gibson update check. 2010-02-243.6 CVE-2010-0118
BID
BUGTRAQ
MISC
SECUNIA
becauseinter -- bournal
Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the command line, which allows local users to obtain sensitive information by listing the process and its arguments, related to "echoing." 2010-02-242.1 CVE-2010-0119
BID
BUGTRAQ
MISC
SECUNIA
fedorahosted -- cronie
The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file in the /tmp directory. 2010-02-253.3 CVE-2010-0424
CONFIRM
BID
SECUNIA
SECUNIA
FEDORA
CONFIRM
gnome -- screensaver
gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the X configuration enables the extend screen option, allows physically proximate attackers to bypass screen locking, access an unattended workstation, and view half of the GNOME desktop by attaching an external monitor. 2010-02-242.1 CVE-2010-0285
CONFIRM
CONFIRM
XF
BID
CONFIRM
CONFIRM
gnome -- screensaver
gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate attackers to bypass screen locking and access an unattended workstation by connecting and disconnecting monitors multiple times, a related issue to CVE-2010-0414. 2010-02-242.1 CVE-2010-0422
CONFIRM
CONFIRM
XF
BID
SECUNIA
SECUNIA
MLIST
FEDORA
CONFIRM
CONFIRM
CONFIRM
CONFIRM
ilya_ivanchenko -- itweak_upload
Cross-site scripting (XSS) vulnerability in the iTweak Upload module 6.x-1.x before 6.x-1.2 and 6.x-2.x before 6.x-2.3 for Drupal allows remote authenticated users, with create content and upload file permissions, to inject arbitrary web script or HTML via the file name of an uploaded file. 2010-02-233.5 CVE-2010-0697
BID
CONFIRM
CONFIRM
CONFIRM
XF
SECUNIA
OSVDB
symantec -- antivirus
The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, Client Security 3.0.x and 3.1.x before MR9, and Endpoint Protection 11.x, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via "specific events" that prevent the user from having read access to unspecified resources. 2010-02-191.9 CVE-2010-0106
XF
VUPEN
CONFIRM
SECTRACK
BID
SECUNIA
OSVDB
symantec -- im_manager
Cross-site scripting (XSS) vulnerability in the console in Symantec IM Manager 8.3 and 8.4 before 8.4.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2010-02-233.5 CVE-2009-3036
VUPEN
CONFIRM
BID
SECUNIA
OSVDB
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top