U.S. Flag Official website of the Department of Homeland Security

Bulletin (SB10-109)

Vulnerability Summary for the Week of April 12, 2010

Original release date: April 19, 2010 | Last revised: November 05, 2012

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
adobe -- acrobat
Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability." 2010-04-14 9.3 CVE-2010-0191
CERT
VUPEN
CONFIRM
BID
adobe -- acrobat
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0193 and CVE-2010-0196. 2010-04-14 9.3 CVE-2010-0192
CERT
VUPEN
CONFIRM
BID
adobe -- acrobat
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0196. 2010-04-14 9.3 CVE-2010-0193
CERT
VUPEN
CONFIRM
XF
BID
adobe -- acrobat
Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0197, CVE-2010-0201, and CVE-2010-0204. 2010-04-14 9.3 CVE-2010-0194
CERT
VUPEN
CONFIRM
BID
adobe -- acrobat
Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, do not properly handle fonts, which allows attackers to execute arbitrary code via unspecified vectors. 2010-04-14 9.3 CVE-2010-0195
CERT
VUPEN
CONFIRM
BID
adobe -- acrobat
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0193. 2010-04-14 9.3 CVE-2010-0196
CERT
VUPEN
CONFIRM
BID
adobe -- acrobat
Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0201, and CVE-2010-0204. 2010-04-14 9.3 CVE-2010-0197
CERT
VUPEN
CONFIRM
BID
adobe -- acrobat
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0199, CVE-2010-0202, and CVE-2010-0203. 2010-04-14 9.3 CVE-2010-0198
CERT
VUPEN
CONFIRM
BID
adobe -- acrobat
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0202, and CVE-2010-0203. 2010-04-14 9.3 CVE-2010-0199
CERT
VUPEN
CONFIRM
BID
adobe -- acrobat
Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0204. 2010-04-14 9.3 CVE-2010-0201
CERT
VUPEN
CONFIRM
BID
adobe -- acrobat
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0203. 2010-04-14 9.3 CVE-2010-0202
CERT
VUPEN
CONFIRM
BID
adobe -- acrobat
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0202. 2010-04-14 9.3 CVE-2010-0203
CERT
CONFIRM
VUPEN
BID
adobe -- acrobat
Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0201. 2010-04-14 9.3 CVE-2010-0204
CERT
VUPEN
CONFIRM
XF
BID
boesch-it -- faqengine
Multiple PHP remote file inclusion vulnerabilities in FAQEngine 4.24.00 allow remote attackers to execute arbitrary PHP code via a URL in the path_faqe parameter to (1) attachs.php, (2) backup.php, (3) badwords.php, (4) categories.php, (5) changepw.php, (6) colorchooser.php, (7) colorwheel.php, (8) dbfiles.php, (9) diraccess.php, (10) faq.php, (11) index.php, (12) kb.php, and (13) stats.php. 2010-04-13 7.5 CVE-2010-1360
XF
BID
MISC
MISC
cisco -- secure_desktop
The Web Install ActiveX control in Cisco Secure Desktop (CSD) before 3.5.841 does not properly verify the signatures of downloaded programs, which allows remote attackers to force the download and execution of arbitrary files via a crafted web page, aka Bug ID CSCta25876. 2010-04-15 9.3 CVE-2010-0589
CISCO
MISC
BID
SECTRACK
extremejoomla -- com_j-projects
SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php. 2010-04-13 7.5 CVE-2010-1363
XF
VUPEN
BID
MISC
MISC
gamescript -- gamescript
SQL injection vulnerability in index.php in GameScript (GS) 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a category action. 2010-04-13 7.5 CVE-2010-1368
XF
BID
MISC
MISC
hdflvplayer -- com_hdflvplayer
SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. 2010-04-13 7.5 CVE-2010-1372
XF
BID
SECUNIA
MISC
OSVDB
ibm -- director_agent
Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts. 2010-04-12 7.2 CVE-2010-1347
VUPEN
BID
AIXAPAR
SECUNIA
ibm -- websphere_portal
Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors. 2010-04-12 7.5 CVE-2010-1348
VUPEN
AIXAPAR
BID
SECUNIA
imperva -- securesphere_database_firewall
Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation. 2010-04-15 7.8 CVE-2010-1329
CONFIRM
BID
BUGTRAQ
MISC
joomlaprojects -- com_jp_jobs
SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. 2010-04-12 7.5 CVE-2010-1350
BID
CONFIRM
XF
MISC
MISC
SECUNIA
MISC
justsystems -- ichitaro
Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file. 2010-04-15 9.3 CVE-2010-1424
VUPEN
CONFIRM
SECTRACK
SECUNIA
OSVDB
JVNDB
JVN
microsoft -- visio
Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Attribute Validation Memory Corruption Vulnerability." 2010-04-14 7.6 CVE-2010-0254
CERT
MS
microsoft -- visio
Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly calculate unspecified indexes associated with Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Index Calculation Memory Corruption Vulnerability." 2010-04-14 7.6 CVE-2010-0256
CERT
MS
microsoft -- windows_media_player
Unspecified vulnerability in the Windows Media Player ActiveX control in Windows Media Player (WMP) 9 on Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted media content, aka "Media Player Remote Code Execution Vulnerability." 2010-04-14 9.3 CVE-2010-0268
CERT
MS
microsoft -- windows_2000
The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for SMB responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Memory Allocation Vulnerability." 2010-04-14 10.0 CVE-2010-0269
CERT
MS
microsoft -- windows_7
The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate fields in SMB transaction responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reboot) via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Transaction Vulnerability." 2010-04-14 10.0 CVE-2010-0270
CERT
MS
microsoft -- windows_2003_server
The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reboot) via a crafted SMB transaction response that uses (1) SMBv1 or (2) SMBv2, aka "SMB Client Response Parsing Vulnerability." 2010-04-14 10.0 CVE-2010-0476
CERT
MS
microsoft -- windows_7
The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly handle (1) SMBv1 and (2) SMBv2 response packets, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted packet that causes the client to read the entirety of the response, and then improperly interact with the Winsock Kernel (WSK), aka "SMB Client Message Size Vulnerability." 2010-04-14 10.0 CVE-2010-0477
CERT
MS
microsoft -- windows_2000
Stack-based buffer overflow in nsum.exe in the Windows Media Unicast Service in Media Services for Microsoft Windows 2000 Server SP4 allows remote attackers to execute arbitrary code via crafted packets associated with transport information, aka "Media Services Stack-based Buffer Overflow Vulnerability." 2010-04-14 9.3 CVE-2010-0478
CERT
MS
microsoft -- publisher
Buffer overflow in Microsoft Office Publisher 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability." 2010-04-14 9.3 CVE-2010-0479
CERT
MS
microsoft -- windows_2000
Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability." 2010-04-14 9.3 CVE-2010-0480
CERT
MS
microsoft -- windows_2000
The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows user-assisted remote attackers to execute arbitrary code via a modified (1) Portable Executable (PE) or (2) cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "WinVerifyTrust Signature Validation Vulnerability." 2010-04-14 9.3 CVE-2010-0486
CERT
MS
microsoft -- windows_2000
The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows remote attackers to execute arbitrary code via a modified cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "Cabview Corruption Validation Vulnerability." 2010-04-14 9.3 CVE-2010-0487
CERT
MS
modxcms -- modxcms
SQL injection vulnerability in MODx Evolution before 1.0.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors related to WebLogin. 2010-04-15 7.5 CVE-2010-1426
CONFIRM
JVNDB
JVN
XF
SECUNIA
opera -- opera_browser
Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow. 2010-04-12 10.0 CVE-2010-1349
VUPEN
BID
XF
SECTRACK
CONFIRM
MISC
SECUNIA
OSVDB
CONFIRM
oracle -- database_server
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8, 9.2.0.8, and DV; and Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 2010-04-13 7.5 CVE-2010-0853
CERT
CONFIRM
SECUNIA
SECUNIA
oracle -- database_server
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to the Create User privilege. 2010-04-13 7.1 CVE-2010-0860
CERT
CONFIRM
SECUNIA
oracle -- sun_product_suite
Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_134 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Trusted Extensions. 2010-04-13 7.2 CVE-2010-0882
CERT
CONFIRM
oracle -- sun_product_suite
Unspecified vulnerability in the Sun Ray Server Software component in Oracle Sun Product Suite 4.0, 4.1, and 4.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Device Services. 2010-04-13 10.0 CVE-2010-0888
CERT
CONFIRM
SUNALERT
oracle -- sun_product_suite
Unspecified vulnerability in the Sun Convergence component in Oracle Sun Product Suite 1.0 allows remote attackers to affect confidentiality via unknown vectors related to Address Book and Mail Filter. 2010-04-13 7.1 CVE-2010-0896
CERT
CONFIRM
oracle -- sun_product_suite
Unspecified vulnerability in the Sun Java System Directory Server component in Oracle Sun Product Suite 5.2, 6.0, 6.1, 6.2, 6.3, and 6.3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Directory Service Markup Language. 2010-04-13 7.5 CVE-2010-0897
CERT
CONFIRM
BID
oracle -- weblogic_server
Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Server 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, and 10.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. 2010-04-14 10.0 CVE-2010-0073
CERT
VUPEN
CONFIRM
SECUNIA
oracle -- jdk
Argument injection vulnerability in the URI handler in (a) Java NPAPI plugin and (b) Java Deployment Toolkit in Java 6 Update 10, 19, and other versions, when running on Windows and possibly on Linux, allows remote attackers to execute arbitrary code via the (1) -J or (2) -XXaltjvm argument to javaws.exe, which is processed by the launch method. NOTE: some of these details are obtained from third party information. 2010-04-15 9.3 CVE-2010-1423
CERT-VN
VUPEN
XF
SECTRACK
MISC
SECUNIA
OSVDB
FULLDISC
preprojects -- pre_classified_listings_asp
SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the email parameter. 2010-04-13 7.5 CVE-2010-1369
BID
MISC
SECUNIA
MISC
preprojects -- pre_classified_listings_asp
SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter. 2010-04-13 7.5 CVE-2010-1370
SECUNIA
MISC
uiga -- personal_portal
SQL injection vulnerability in index.php in Uiga Personal Portal, as downloaded on 20100301, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. NOTE: some of these details are obtained from third party information. 2010-04-13 7.5 CVE-2010-1364
VUPEN
MISC
SECUNIA
MISC
uiga -- fan_club
SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. 2010-04-13 7.5 CVE-2010-1365
VUPEN
MISC
SECUNIA
MISC
MISC
uiga -- fan_club
Multiple SQL injection vulnerabilities in admin/admin_login.php in Uiga Fan Club 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin_name and (2) admin_password parameters. 2010-04-13 7.5 CVE-2010-1366
MISC
MISC
vmware -- movie_decoder
Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding. 2010-04-12 9.3 CVE-2009-1564
CONFIRM
MISC
SECUNIA
SECUNIA
SECUNIA
MLIST
FULLDISC
BUGTRAQ
vmware -- movie_decoder
vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted HexTile-encoded video chunks that trigger heap-based buffer overflows, related to "integer truncation errors." 2010-04-12 9.3 CVE-2009-1565
CONFIRM
MLIST
MISC
SECUNIA
SECUNIA
SECUNIA
FULLDISC
BUGTRAQ
vmware -- vmrc
Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors. 2010-04-12 10.0 CVE-2009-3732
CONFIRM
MLIST
SECUNIA
FULLDISC
BUGTRAQ
vmware -- fusion
Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata. 2010-04-12 7.2 CVE-2010-1139
CONFIRM
MLIST
SECUNIA
SECUNIA
SECUNIA
FULLDISC
BUGTRAQ
vmware -- ace
VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share. 2010-04-12 8.5 CVE-2010-1141
CONFIRM
MLIST
SECUNIA
SECUNIA
FULLDISC
BUGTRAQ
vmware -- ace
VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk. 2010-04-12 8.5 CVE-2010-1142
CONFIRM
MLIST
SECUNIA
SECUNIA
FULLDISC
BUGTRAQ
vsecurity -- tandberg_video_communication_server
The administrative web console on the TANDBERG Video Communication Server (VCS) before X4.3 uses predictable session cookies in (1) tandberg/web/lib/secure.php and (2) tandberg/web/user/lib/secure.php, which makes it easier for remote attackers to bypass authentication, and execute arbitrary code by loading a custom software update, via a crafted "Cookie: tandberg_login=" HTTP header. 2010-04-13 10.0 CVE-2009-4509
MISC
BUGTRAQ
SECUNIA
CONFIRM
vsecurity -- tandberg_video_communication_server
The SSH service on the TANDBERG Video Communication Server (VCS) before X5.1 uses a fixed DSA key, which makes it easier for remote attackers to conduct man-in-the-middle attacks and spoof arbitrary servers via crafted SSH packets. 2010-04-13 8.5 CVE-2009-4510
MISC
SECUNIA
CONFIRM
vsecurity -- tandberg_video_communication_server
Unspecified vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to execute arbitrary code via unknown vectors, aka Reference ID 69773. 2010-04-13 10.0 CVE-2010-1356
CONFIRM
Back to top

Medium Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
adobe -- acrobat
Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2010-04-14 4.3 CVE-2010-0190
CERT
VUPEN
CONFIRM
BID
apache -- open_for_business_project
Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open For Business Project (aka OFBiz) 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via (1) the productStoreId parameter to control/exportProductListing, (2) the partyId parameter to partymgr/control/viewprofile (aka partymgr/control/login), (3) the start parameter to myportal/control/showPortalPage, (4) an invalid URI beginning with /facility/control/ReceiveReturn (aka /crmsfa/control/ReceiveReturn or /cms/control/ReceiveReturn), (5) the contentId parameter (aka the entityName variable) to ecommerce/control/ViewBlogArticle, (6) the entityName parameter to webtools/control/FindGeneric, or the (7) subject or (8) content parameter to an unspecified component under ecommerce/control/contactus. 2010-04-15 4.3 CVE-2010-0432
BID
MISC
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
bluegate -- direct_url
SQL injection vulnerability in bluegate_seo.inc.php in the Direct URL module for xt:Commerce, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the coID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. 2010-04-13 6.8 CVE-2010-1359
BID
SECUNIA
cnr.somee -- hikaye_portal
CNR Hikaye Portal 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/hikaye.mdb. 2010-04-13 5.0 CVE-2009-4765
VUPEN
OSVDB
SECUNIA
MISC
f-secure -- anti-virus
F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection. 2010-04-15 5.0 CVE-2010-1425
VUPEN
CONFIRM
SECTRACK
SECTRACK
SECTRACK
SECUNIA
glarotech -- phpeppershop
Cross-site scripting (XSS) vulnerability in shop/USER_ARTIKEL_HANDLING_AUFRUF.php in PHPepperShop 2.5 allows remote attackers to inject arbitrary web script or HTML via the darstellen parameter. 2010-04-13 4.3 CVE-2010-1361
BID
XF
MISC
jooforge -- com_jukebox
Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. 2010-04-12 5.0 CVE-2010-1352
BID
MISC
SECUNIA
MISC
kde -- kde_sc
Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm. 2010-04-15 6.9 CVE-2010-0436
VUPEN
CONFIRM
CONFIRM
BID
CONFIRM
SECUNIA
REDHAT
linux -- kernel
The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a NULL nameidata (aka nd) field in a POSIX file-creation request to a server that supports UNIX extensions. 2010-04-12 4.7 CVE-2010-1148
CONFIRM
MISC
XF
BID
SECUNIA
MLIST
MLIST
MLIST
MLIST
MLIST
MLIST
MLIST
linux -- kernel
The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service (guest OS crash, and an associated qemu-kvm process exit) by sending a large amount of network traffic to a TCP port on the guest OS, related to a virtio-net whitelist that includes an improper implementation of TCP Segment Offloading (TSO). 2010-04-12 5.0 CVE-2010-0741
CONFIRM
CONFIRM
CONFIRM
VUPEN
REDHAT
SECTRACK
MLIST
MLIST
MLIST
CONFIRM
linux -- kernel
The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/. 2010-04-12 6.9 CVE-2010-1146
MLIST
CONFIRM
BID
SECUNIA
memcachedb -- memcached
memcached.c in memcached before 1.4.3 allows remote attackers to cause a denial of service (daemon hang or crash) via a long line that triggers excessive memory allocation. NOTE: some of these details are obtained from third party information. 2010-04-12 5.0 CVE-2010-1152
MLIST
MLIST
MLIST
CONFIRM
CONFIRM
SECTRACK
SECUNIA
CONFIRM
microsoft -- exchange_server
The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2003 SP2, does not properly parse MX records, which allows remote DNS servers to cause a denial of service (service outage) via a crafted response to a DNS MX record query, aka "SMTP Server MX Record Vulnerability." 2010-04-14 5.0 CVE-2010-0024
CERT
MS
microsoft -- exchange_server
The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2000 SP3, does not properly allocate memory for SMTP command replies, which allows remote attackers to read fragments of e-mail messages by sending a series of invalid commands and then sending a STARTTLS command, aka "SMTP Memory Allocation Vulnerability." 2010-04-14 5.0 CVE-2010-0025
CERT
MS
SECUNIA
microsoft -- windows_2000
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate a registry-key argument to an unspecified system call, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Null Pointer Vulnerability." 2010-04-14 4.7 CVE-2010-0234
CERT
MS
microsoft -- windows_2000
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not perform the expected validation before creating a symbolic link, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Symbolic Link Value Vulnerability." 2010-04-14 4.7 CVE-2010-0235
CERT
MS
microsoft -- windows_2000
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not properly allocate memory for the destination key associated with a symbolic-link registry key, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Allocation Vulnerability." 2010-04-14 6.8 CVE-2010-0236
CERT
MS
microsoft -- windows_2000
The kernel in Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows local users to gain privileges by creating a symbolic link from an untrusted registry hive to a trusted registry hive, aka "Windows Kernel Symbolic Link Creation Vulnerability." 2010-04-14 6.9 CVE-2010-0237
CERT
MS
microsoft -- windows_2000
Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Registry Key Vulnerability." 2010-04-14 4.9 CVE-2010-0238
CERT
MS
microsoft -- windows_7
The kernel in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly translate a registry key's virtual path to its real path, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Virtual Path Parsing Vulnerability." 2010-04-14 4.7 CVE-2010-0481
CERT
MS
microsoft -- windows_7
The kernel in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate relocation sections of image files, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kernel Malformed Image Vulnerability." 2010-04-14 4.7 CVE-2010-0482
CERT
MS
microsoft -- windows_server_2008
The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, does not properly handle unspecified exceptions, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability." 2010-04-14 4.7 CVE-2010-0810
CERT
MS
microsoft -- windows_2003_server
Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to bypass intended IPv4 source-address restrictions via a mismatched IPv6 source address in a tunneled ISATAP packet, aka "ISATAP IPv6 Source Address Spoofing Vulnerability." 2010-04-14 6.4 CVE-2010-0812
CERT
MS
SECUNIA
modxcms -- evolution
Cross-site scripting (XSS) vulnerability in the SearchHighlight plugin in MODx Evolution before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to AjaxSearch. 2010-04-15 4.3 CVE-2010-1427
CONFIRM
JVNDB
JVN
XF
SECUNIA
nodesforum -- nodesforum
Multiple PHP remote file inclusion vulnerabilities in Nodesforum 1.033 and 1.045, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _nodesforum_path_from_here_to_nodesforum_folder parameter to erase_user_data.php and the (2) _nodesforum_code_path parameter to pre_output.php. NOTE: some of these details are obtained from third party information. 2010-04-12 6.8 CVE-2010-1351
XF
MISC
SECUNIA
oracle -- fusion_middleware
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors. 2010-04-13 4.3 CVE-2010-0086
CERT
CONFIRM
SECUNIA
oracle -- database_server
Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality via unknown vectors. 2010-04-13 4.0 CVE-2010-0851
CERT
CONFIRM
SECUNIA
oracle -- database_server
Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. 2010-04-13 5.5 CVE-2010-0852
CERT
CONFIRM
SECUNIA
oracle -- fusion_middleware
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors. 2010-04-13 4.3 CVE-2010-0855
CERT
CONFIRM
SECUNIA
oracle -- fusion_middleware
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.2 allows remote attackers to affect availability via unknown vectors. 2010-04-13 5.0 CVE-2010-0856
CERT
CONFIRM
BID
SECUNIA
oracle -- e-business_suite
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 ATG RUP6 allows remote attackers to affect confidentiality and integrity via unknown vectors. 2010-04-13 6.4 CVE-2010-0859
CERT
CONFIRM
SECUNIA
oracle -- e-business_suite
Unspecified vulnerability in the Oracle HRMS (Self Service) component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect confidentiality via unknown vectors. 2010-04-13 5.0 CVE-2010-0861
CERT
CONFIRM
SECUNIA
oracle -- industry_product_suite
Unspecified vulnerability in the Retail - Oracle Retail Markdown Optimization component in Oracle Industry Product Suite 13.1 allows remote attackers to affect integrity via unknown vectors related to Online Help. 2010-04-13 4.3 CVE-2010-0862
CERT
CONFIRM
BID
oracle -- industry_product_suite
Unspecified vulnerability in the Retail - Oracle Retail Plan In-Season component in Oracle Industry Product Suite 12.2 allows remote attackers to affect integrity via unknown vectors related to Online Help. 2010-04-13 4.3 CVE-2010-0863
CERT
CONFIRM
oracle -- industry_product_suite
Unspecified vulnerability in the Retail - Oracle Retail Place In-Season component in Oracle Industry Product Suite 12.2 allows remote attackers to affect integrity via unknown vectors related to Online Help. 2010-04-13 4.3 CVE-2010-0864
CERT
CONFIRM
oracle -- e-business_suite
Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle E-Business Suite 6.1.1.0 allows remote attackers to affect confidentiality via unknown vectors. 2010-04-13 4.3 CVE-2010-0865
CERT
CONFIRM
SECUNIA
oracle -- database_server
Unspecified vulnerability in the JavaVM component in Oracle Database 11.1.0.7 and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. 2010-04-13 6.5 CVE-2010-0866
CERT
CONFIRM
oracle -- database_server
Unspecified vulnerability in the JavaVM component in Oracle Database 10.2.0.4, 11.1.0.7, and 11.2.0.1.0 allows remote authenticated users to affect integrity via unknown vectors. 2010-04-13 4.0 CVE-2010-0867
CERT
CONFIRM
oracle -- e-business_suite
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. 2010-04-13 5.8 CVE-2010-0868
CERT
CONFIRM
SECUNIA
oracle -- e-business_suite
Unspecified vulnerability in the Oracle Transportation Management component in Oracle E-Business Suite 5.5.05.07, 5.5.06.00, and 6.0.03 allows remote attackers to affect confidentiality via unknown vectors. 2010-04-13 4.3 CVE-2010-0869
CERT
CONFIRM
SECUNIA
oracle -- e-business_suite
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect integrity via unknown vectors. 2010-04-13 4.3 CVE-2010-0871
CERT
CONFIRM
SECUNIA
oracle -- fusion_middleware
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3 allows remote attackers to affect availability via unknown vectors. 2010-04-13 5.0 CVE-2010-0872
CERT
CONFIRM
SECUNIA
oracle -- industry_product_suite
Unspecified vulnerability in the Communications - Oracle Communications Unified Inventory Management component in Oracle Industry Product Suite 7.1 allows remote attackers to affect integrity via unknown vectors. 2010-04-13 4.3 CVE-2010-0874
CERT
CONFIRM
oracle -- industry_product_suite
Unspecified vulnerability in the Life Sciences - Oracle Thesaurus Management System component in Oracle Industry Product Suite 4.5.2, 4.6, and 4.6.1 allows remote attackers to affect integrity, related to TMS Browser. 2010-04-13 4.3 CVE-2010-0875
CERT
CONFIRM
oracle -- industry_product_suite
Unspecified vulnerability in the Life Sciences - Oracle Clinical Remote Data Capture Option component in Oracle Industry Product Suite 4.5.3 and 4.6 allows remote attackers to affect integrity, related to RDC Onsite. 2010-04-13 4.3 CVE-2010-0876
CERT
CONFIRM
oracle -- jd_edwards_enterpriseone
Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.26 and 8.50.07 allows remote attackers to affect integrity via unknown vectors. 2010-04-13 5.0 CVE-2010-0877
CERT
CONFIRM
oracle -- jd_edwards_enterpriseone
Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.26 and 8.50.07 allows remote authenticated users to affect integrity via unknown vectors. 2010-04-13 4.0 CVE-2010-0878
CERT
CONFIRM
oracle -- jd_edwards_enterpriseone
Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.26 and 8.50.07 allows remote authenticated users to affect confidentiality via unknown vectors. 2010-04-13 4.0 CVE-2010-0879
CERT
CONFIRM
oracle -- jd_edwards_enterpriseone
Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.26 and 8.50.07 allows remote attackers to affect confidentiality and integrity via unknown vectors. 2010-04-13 4.0 CVE-2010-0880
CERT
CONFIRM
oracle -- sun_product_suite
Unspecified vulnerability in the Sun Java System Communications Express component in Oracle Sun Product Suite 6 2005Q4 (6.2) and and 6.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Address Book. 2010-04-13 6.8 CVE-2010-0885
CERT
CONFIRM
oracle -- opensolaris
Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite OpenSolaris snv_128 allows local users to affect confidentiality via unknown vectors related to the Kernel. 2010-04-13 4.9 CVE-2010-0889
CERT
CONFIRM
oracle -- sun_product_suite
Unspecified vulnerability in the Sun Management Center component in Oracle Sun Product Suite 3.6.1 and 4.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Solaris Container Manager. 2010-04-13 5.8 CVE-2010-0891
CERT
CONFIRM
SUNALERT
oracle -- sun_product_suite
Unspecified vulnerability in the Sun Convergence component in Oracle Sun Product Suite 1.0 allows remote attackers to affect confidentiality via unknown vectors related to Mail. 2010-04-13 4.3 CVE-2010-0893
CERT
CONFIRM
BID
SUNALERT
oracle -- opensso_enterprise
Unspecified vulnerability in the Sun Java System Access Manager component in Oracle Sun Product Suite 7.1, 7 2005Q4, and OpenSSO Enterprise 8.0 allows remote attackers to affect confidentiality and integrity via unknown vectors. 2010-04-13 5.8 CVE-2010-0894
CERT
CONFIRM
BID
SUNALERT
SECUNIA
oracle -- collaboration_suite
Unspecified vulnerability in the User Interface Components in Oracle Collaboration Suite 10.1.2.4 allows remote attackers to affect integrity via unknown vectors. 2010-04-14 4.3 CVE-2010-0881
CERT
CONFIRM
BID
SECUNIA
preprojects -- pre_classified_listings_asp
Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to inject arbitrary web script or HTML via the address parameter. 2010-04-13 4.3 CVE-2010-1371
SECUNIA
MISC
pulsecms -- pulse_cms
Multiple cross-site request forgery (CSRF) vulnerabilities in Pulse CMS Basic 1.2.2 and 1.2.3, and possibly Pulse Pro before 1.3.2, allow remote attackers to hijack the authentication of users for requests that (1) upload image files, (2) delete image files, or (3) create blocks. 2010-04-09 6.8 CVE-2010-0992
CONFIRM
BUGTRAQ
MISC
SECUNIA
pulsecms -- pulse_cms
Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.2 and 1.2.3, and possibly Pulse Pro before 1.3.2, allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. 2010-04-09 6.0 CVE-2010-0993
CONFIRM
BUGTRAQ
MISC
SECUNIA
sbddirectorysoftware -- sbd_directory_software
Cross-site scripting (XSS) vulnerability in editors/logindialogue.php in SBD Directory Software 4.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. 2010-04-13 4.3 CVE-2010-1357
XF
OSVDB
MISC
SECUNIA
MISC
tembria -- server_monitor
Multiple stack-based buffer overflows in Tembria Server Monitor before 5.6.1 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted (1) GET, (2) PUT, or (3) HEAD request, as demonstrated by a malformed GET request containing a long PATH_INFO to index.asp. 2010-04-14 5.0 CVE-2010-1316
MISC
MISC
SECUNIA
ternaria -- com_vjdeo
Directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. 2010-04-12 5.0 CVE-2010-1354
BID
MISC
SECUNIA
MISC
uiga -- fan_club
Multiple cross-site scripting (XSS) vulnerabilities in admin/admin_login.php in Uiga Fan Club, as downloaded on 20100310, allow remote attackers to inject arbitrary web script or HTML via the (1) admin_name and (2) admin_password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. 2010-04-13 4.3 CVE-2010-1367
SECUNIA
visualizationlibrary -- visualization_library
Multiple buffer overflows in src/vl/vlDAT.cpp in Visualization Library 2009.08.812 allow user-assisted remote attackers to execute arbitrary code via a crafted DAT file, related to the (1) vl::loadDAT and (2) vl::isDAT functions. 2010-04-15 6.8 CVE-2010-0994
BID
BUGTRAQ
MISC
SECUNIA
vmware -- ace
The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process. 2010-04-12 5.0 CVE-2010-1138
CONFIRM
MLIST
SECUNIA
SECUNIA
SECUNIA
FULLDISC
BUGTRAQ
vmware -- player
The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk. 2010-04-12 6.9 CVE-2010-1140
CONFIRM
MLIST
SECUNIA
FULLDISC
BUGTRAQ
vsecurity -- tandberg_video_communication_server
Multiple directory traversal vulnerabilities in the web administration interface on the TANDBERG Video Communication Server (VCS) before X5.1 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to (1) helppage.php or (2) user/helppage.php. 2010-04-13 4.0 CVE-2009-4511
MISC
BUGTRAQ
SECUNIA
vsecurity -- tandberg_video_communication_server
Cross-site scripting (XSS) vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Reference ID 66316. 2010-04-13 4.3 CVE-2010-1355
CONFIRM
wowjoomla -- com_loginbox
Directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. 2010-04-12 5.0 CVE-2010-1353
XF
VUPEN
BID
MISC
SECUNIA
MISC
yasirpro -- ms-pro_portal_scripti
YP Portal MS-Pro Surumu (aka MS-Pro Portal Scripti) 1.0 and 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for galeri/database/db.mdb. 2010-04-13 5.0 CVE-2009-4766
OSVDB
SECUNIA
MISC
Back to top

Low Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
ben_jeavons -- ownterm
Cross-site scripting (XSS) vulnerability in the Own Term module 6.x-1.0 for Drupal allows remote authenticated users, with "create additional terms" privileges, to inject arbitrary web script or HTML via the term description field in a term listing page. 2010-04-132.1 CVE-2010-1362
CONFIRM
CONFIRM
BID
SECUNIA
freedesktop -- udisks
probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to udev even for a crypt UDISKS_DM_TARGETS_TYPE, which allows local users to discover encryption keys by (1) running a certain udevadm command or (2) reading a certain file under /dev/.udev/db/. 2010-04-122.1 CVE-2010-1149
CONFIRM
CONFIRM
CONFIRM
CONFIRM
BID
SECUNIA
FEDORA
CONFIRM
CONFIRM
oracle -- database_server
Unspecified vulnerability in the Audit component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to "SELECT, INSERT or DELETE on tables subject to auditing." 2010-04-132.1 CVE-2010-0854
CERT
CONFIRM
SECUNIA
oracle -- e-business_suite
Unspecified vulnerability in the Oracle Workflow Cartridge component in Oracle E-Business Suite 11.5.10.2 allows remote authenticated users to affect integrity via unknown vectors. 2010-04-133.5 CVE-2010-0857
CERT
CONFIRM
SECUNIA
oracle -- e-business_suite
Unspecified vulnerability in the E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote authenticated users to affect integrity via unknown vectors. 2010-04-133.5 CVE-2010-0858
CERT
CONFIRM
SECUNIA
oracle -- database_server
Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_CDC_PUBLISH. 2010-04-133.6 CVE-2010-0870
CERT
CONFIRM
SECUNIA
oracle -- sun_product_suite
Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite. 2010-04-132.1 CVE-2010-0883
CERT
CONFIRM
BID
oracle -- sun_product_suite
Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite. 2010-04-132.1 CVE-2010-0884
CERT
CONFIRM
BID
oracle -- sun_product_suite
Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_98 allows local users to affect availability via unknown vectors related to the Kernel. 2010-04-132.1 CVE-2010-0890
CERT
CONFIRM
BID
SUNALERT
SECUNIA
oracle -- opensolaris
Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite OpenSolaris snv_119 allows local users to affect integrity and availability via unknown vectors related to IP Filter. 2010-04-133.6 CVE-2010-0895
CERT
CONFIRM
BID
ron_jerome -- bibliography
Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privileges, to inject arbitrary web script or HTML via unspecified vectors. 2010-04-132.1 CVE-2010-1358
BID
CONFIRM
SECUNIA
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top