U.S. Flag Official website of the Department of Homeland Security

Bulletin (SB10-305)

Vulnerability Summary for the Week of October 25, 2010

Original release date: November 01, 2010 | Last revised: November 07, 2012

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
adobe -- shockwave_player
The Director module (dirapi.dll) in Adobe Shockwave player 11.5.8.612, and probably other versions, allows remote attackers to execute arbitrary code via a Directory movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, which triggers memory corruption. NOTE: some of these details are obtained from third party information. 2010-10-26 9.3 CVE-2010-3653
XF
VUPEN
BID
EXPLOIT-DB
hp -- insight_control_server_migration
Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote authenticated users to gain privileges via unknown vectors. 2010-10-28 9.0 CVE-2010-3992
HP
HP
hp -- palm_webos
Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows remote attackers to execute arbitrary code via a crafted document, as demonstrated by a Word document. 2010-10-28 9.3 CVE-2010-4025
HP
HP
hp -- loadrunner
Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP LoadRunner 9.1 and earlier allows remote attackers to cause a denial of service, and possibly obtain sensitive information or modify data, via unknown vectors. 2010-10-28 7.5 CVE-2010-4028
HP
HP
hp -- storage_essentials
Unspecified vulnerability in HP Storage Essentials before 6.3.0, when LDAP authentication is enabled, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. 2010-10-28 7.5 CVE-2010-4029
HP
HP
ibm -- informix_dynamic_server
Stack-based buffer overflow in an unspecified logging function in oninit.exe in IBM Informix Dynamic Server (IDS) 11.10 before 11.10.xC2W2 and 11.50 before 11.50.xC1 allows remote authenticated users to execute arbitrary code via a crafted EXPLAIN directive, aka idsdb00154125 and idsdb00154243. 2010-10-23 9.0 CVE-2010-4053
XF
MISC
VUPEN
OSVDB
SECUNIA
ibm -- informix_dynamic_server
Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x through 7.31, 9.x through 9.40, 10.00 before 10.00.xC10, 11.10 before 11.10.xC3, and 11.50 before 11.50.xC3 allows remote authenticated users to execute arbitrary code via long DBINFO keyword arguments in a SQL statement, aka idsdb00165017, idsdb00165019, idsdb00165021, idsdb00165022, and idsdb00165023. 2010-10-25 8.5 CVE-2010-4069
MISC
VUPEN
OSVDB
SECUNIA
ibm -- informix_dynamic_server
Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size, aka idsdb00146931, idsdb00146930, idsdb00146929, and idsdb00138308. 2010-10-25 10.0 CVE-2010-4070
MISC
VUPEN
OSVDB
SECUNIA
ibm -- tivoli_provisioning_manager_os_deployment
** DISPUTED ** The TCP-to-ODBC gateway in IBM Tivoli Provisioning Manager for OS Deployment 7.1.1.3 does not require authentication for SQL statements, which allows remote attackers to modify, create, or read database records via a session on TCP port 2020. NOTE: the vendor disputes this issue, stating that the "default Microsoft Access database is not password protected because it is intended to be used for evaluation purposes only." 2010-10-28 7.5 CVE-2010-4121
MISC
SECTRACK
MISC
microsoft -- windows_7
Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class (MFC) Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows context-dependent attackers to execute arbitrary code via a long window title that this library attempts to create at the request of an application, as demonstrated by the Trident PowerZip 7.2 Build 4010 application, aka "Windows MFC Document Title Updating Buffer Overflow Vulnerability." 2010-10-26 9.3 CVE-2010-3227
MS
EXPLOIT-DB
MISC
mozilla -- firefox
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. 2010-10-27 9.3 CVE-2010-3765
CONFIRM
CONFIRM
MISC
MISC
MISC
CONFIRM
realpage -- module_activex_control
Multiple buffer overflows in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage Module ActiveX Controls allow remote attackers to execute arbitrary code via a long (1) DestURL or (2) SourceFile property value. 2010-10-26 10.0 CVE-2010-2585
BID
OSVDB
MISC
SECUNIA
symantec -- im_manager
Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager before 8.4.16 allow remote attackers to execute arbitrary SQL commands via (1) the rdReport parameter to rdpageimlogic.aspx, related to the sGetDefinition function in rdServer.dll, and SQL statements contained within a certain report file; (2) unspecified parameters in a DetailReportGroup (aka DetailReportGroup.lgx) action to rdpageimlogic.aspx; the (3) selclause, (4) whereTrendTimeClause, (5) TrendTypeForReport, (6) whereProtocolClause, or (7) groupClause parameter in a SummaryReportGroup (aka SummaryReportGroup.lgx) action to rdpageimlogic.aspx; the (8) loginTimeStamp, (9) dbo, (10) dateDiffParam, or (11) whereClause parameter in a LoggedInUsers (aka LoggedInUSers.lgx) action to (a) rdpageimlogic.aspx or (b) rdPage.aspx; the (12) selclause, (13) whereTrendTimeClause, (14) TrendTypeForReport, (15) whereProtocolClause, or (16) groupClause parameter to rdpageimlogic.aspx; (17) the groupList parameter to IMAdminReportTrendFormRun.asp; or (18) the email parameter to IMAdminScheduleReport.asp. 2010-10-28 7.5 CVE-2010-0112
XF
MISC
MISC
MISC
MISC
MISC
MISC
MISC
VUPEN
CONFIRM
BID
SECUNIA
tibco -- activematrix_businessworks_service_engine
The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator components in TIBCO ActiveMatrix Service Grid before 2.3.1, ActiveMatrix Service Bus before 2.3.1, ActiveMatrix BusinessWorks Service Engine before 5.8.1, and ActiveMatrix Service Performance Manager before 1.3.2 do not properly handle JMX connections, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service via unspecified vectors. 2010-10-26 10.0 CVE-2010-3491
CONFIRM
XF
VUPEN
CONFIRM
BID
SECUNIA
tu-braunschweig -- libsmi
Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier (aka OID) represented as a numerical string containing many components separated by . (dot) characters. 2010-10-27 7.5 CVE-2010-2891
BID
EXPLOIT-DB
MISC
XF
VUPEN
BUGTRAQ
MANDRIVA
CONFIRM
SECUNIA
typo3 -- typo3
The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote attackers to read arbitrary files via unspecified vectors. 2010-10-25 7.1 CVE-2010-3714
CONFIRM
BID
DEBIAN
Back to top

Medium Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
adobe -- robohelp
Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 7 and 8, and RoboHelp Server 7 and 8, allows remote attackers to inject arbitrary web script or HTML via vectors related to WebHelp generation with RoboHelp for Word. 2010-10-26 4.3 CVE-2010-2885
CONFIRM
SECTRACK
VUPEN
SECUNIA
adobe -- robohelp
Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 7 and 8, and RoboHelp Server 7 and 8, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2010-10-26 4.3 CVE-2010-2886
CONFIRM
VUPEN
SECTRACK
SECUNIA
artifex -- afpl_ghostscript
The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043. 2010-10-23 4.3 CVE-2010-4054
CERT-VN
MLIST
avatic -- aardvark_topsites_php
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Aardvark Topsites PHP 5.2.0 and 5.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) title, (3) u, and (4) url parameters. NOTE: the q parameter is already covered by CVE-2009-2302. 2010-10-27 4.3 CVE-2010-4097
XF
BID
BUGTRAQ
curl -- curl
Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the --remote-header-name or -J option is used, allows remote servers to create or overwrite arbitrary files by using (backslash) as a separator of path components within the Content-disposition HTTP header. 2010-10-27 5.8 CVE-2010-3842
MLIST
CONFIRM
MLIST
MLIST
SECTRACK
SECUNIA
CONFIRM
fenrir -- grani
Untrusted search path vulnerability in Fenrir Sleipnir before 2.9.5 and Grani before 4.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory. 2010-10-25 6.9 CVE-2010-3163
CONFIRM
CONFIRM
JVNDB
JVN
fenrir -- grani
Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4 and earlier and Grani 4.3 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory. 2010-10-25 6.9 CVE-2010-3164
MISC
MISC
JVNDB
JVN
hp -- systems_insight_manager
Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. 2010-10-23 6.8 CVE-2010-3288
HP
HP
hp -- systems_insight_manager
Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2010-10-23 4.3 CVE-2010-3289
XF
BID
HP
HP
hp -- systems_insight_manager
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote authenticated users to gain privileges via unknown vectors. 2010-10-23 6.5 CVE-2010-3290
XF
BID
HP
HP
hp -- virtual_connect_enterprise_manager
Unspecified vulnerability in HP Virtual Connect Enterprise Manager (VCEM) 6.0 and 6.1 allows remote attackers to read arbitrary files via unknown vectors. 2010-10-26 5.0 CVE-2010-3986
VUPEN
HP
HP
hp -- operations_orchestration
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2010-10-26 4.3 CVE-2010-3985
XF
VUPEN
BID
HP
HP
hp -- insight_control_virtual_machine_management
Cross-site scripting (XSS) vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2010-10-28 4.3 CVE-2010-3987
HP
HP
hp -- insight_control_virtual_machine_management
Unspecified vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to bypass intended access restrictions and cause a denial of service via unknown vectors. 2010-10-28 5.0 CVE-2010-3988
HP
HP
hp -- insight_control_virtual_machine_management
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. 2010-10-28 6.8 CVE-2010-3989
HP
HP
hp -- virtual_server_environment
Unspecified vulnerability in HP Virtual Server Environment before 6.2 allows remote attackers to read arbitrary files via unknown vectors. 2010-10-28 5.0 CVE-2010-3990
VUPEN
BID
SECTRACK
HP
HP
hp -- insight_control_server_migration
Cross-site scripting (XSS) vulnerability in HP Insight Control Server Migration before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2010-10-28 4.3 CVE-2010-3991
HP
HP
hp -- insight_control_server_migration
Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote attackers to obtain sensitive information or modify data via unknown vectors. 2010-10-28 6.4 CVE-2010-3993
HP
HP
hp -- hp
Cross-site scripting (XSS) vulnerability in HP Version Control Repository Manager (VCRM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2010-10-28 4.3 CVE-2010-3994
BID
SECTRACK
SECUNIA
HP
HP
hp -- insight_control_power_management
Cross-site scripting (XSS) vulnerability in HP Insight Control Power Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2010-10-28 4.3 CVE-2010-4023
HP
HP
hp -- insight_control_power_management
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Power Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. 2010-10-28 6.8 CVE-2010-4024
HP
HP
hp -- palm_webos
Unspecified vulnerability in the service API in HP Palm webOS 1.4.1 allows local users to gain privileges by leveraging the ability to perform certain service calls. 2010-10-28 6.2 CVE-2010-4026
HP
HP
hp -- palm_webos
Unspecified vulnerability in the camera application in HP Palm webOS 1.4.1 allows local users to overwrite arbitrary files via unknown vectors. 2010-10-28 5.6 CVE-2010-4027
HP
HP
ibm -- soliddb
Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 and earlier allows remote attackers to cause a denial of service (memory consumption and daemon crash) by connecting to TCP port 1315 and sending a packet with many integer fields, which trigger many recursive calls of a certain function. 2010-10-23 5.0 CVE-2010-4055
XF
VUPEN
EXPLOIT-DB
SECTRACK
SECUNIA
MISC
ibm -- soliddb
solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on port 1315. 2010-10-23 5.0 CVE-2010-4056
XF
VUPEN
EXPLOIT-DB
SECTRACK
SECUNIA
MISC
ibm -- soliddb
solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via a TCP session on port 1315. 2010-10-23 5.0 CVE-2010-4057
XF
VUPEN
EXPLOIT-DB
SECTRACK
SECUNIA
MISC
ibm -- rational_quality_manager
The Tomcat server in IBM Rational Quality Manager and Rational Test Lab Manager has a default password for the ADMIN account, which makes it easier for remote attackers to execute arbitrary code by leveraging access to the manager role. NOTE: this might overlap CVE-2009-3548. 2010-10-26 5.0 CVE-2010-4094
MISC
VUPEN
SECTRACK
MISC
ibm -- tivoli_access_manager_for_e-business
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/. 2010-10-28 4.3 CVE-2010-4120
XF
VUPEN
BID
AIXAPAR
SECTRACK
SECUNIA
joomla -- joomla!
Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before 1.5.21 allows remote attackers to inject arbitrary web script or HTML via vectors involving "multiple encoded entities." 2010-10-27 4.3 CVE-2010-3712
MLIST
MLIST
CONFIRM
k2top -- k2editor
Untrusted search path vulnerability in K2 K2Editor before 1.5.9 allows local users to gain privileges via a Trojan horse executable file in the current working directory. 2010-10-25 6.9 CVE-2010-3156
JVNDB
JVN
masahiko_watanabe -- apsaly
Untrusted search path vulnerability in Apsaly before 3.74 allows local users to gain privileges via a Trojan horse executable file in the current working directory. 2010-10-25 6.9 CVE-2010-3162
CONFIRM
JVNDB
JVN
monkeysphere_project -- monkeysphere
share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows local users to execute arbitrary code via unknown manipulations related to the "monkeysphere-authentication keys-for-user" command. 2010-10-27 4.6 CVE-2010-4096
MLIST
monotone -- monotone
monotone before 0.48.1, when configured to allow remote commands, allows remote attackers to cause a denial of service (crash) via an empty argument to the mtn command. 2010-10-27 5.0 CVE-2010-4098
XF
BID
CONFIRM
SECUNIA
nitrosecurity -- nitroview_esm_software
ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the Request parameter to ess. 2010-10-27 6.8 CVE-2010-4099
XF
SECTRACK
BID
EXPLOIT-DB
openfabrics -- enterprise_distribution
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file. 2010-10-26 6.3 CVE-2010-1693
XF
BID
OSVDB
MLIST
SECUNIA
MLIST
php -- php
Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string. 2010-10-25 4.3 CVE-2010-3710
CONFIRM
pidgin -- pidgin
libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins for MSN, MySpaceIM, XMPP, and Yahoo! and the NTLM authentication support. 2010-10-27 4.0 CVE-2010-3711
VUPEN
CONFIRM
CONFIRM
CONFIRM
XF
VUPEN
VUPEN
REDHAT
OSVDB
MANDRIVA
SECTRACK
SECUNIA
SECUNIA
ponsoftware -- explzh
Untrusted search path vulnerability in Explzh 5.67 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory. 2010-10-25 6.9 CVE-2010-3159
MISC
JVNDB
JVN
ponsoftware -- archive_decoder
Untrusted search path vulnerability in Archive Decoder 1.23 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory. 2010-10-25 6.9 CVE-2010-3160
MISC
JVNDB
JVN
realpage -- module_activex_controls
The Upload method in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage Module ActiveX Controls does not properly restrict certain property values, which allows remote attackers to read arbitrary files via a filename in the SourceFile property in conjunction with an http URL in the DestURL property. 2010-10-26 5.0 CVE-2010-2584
BID
OSVDB
MISC
SECUNIA
robo-ftp -- robo-ftp
Directory traversal vulnerability in the FTP client in Serengeti Systems Incorporated Robo-FTP 3.7.3, and probably other versions before 3.7.5, allows remote FTP servers to write arbitrary files via a .. (dot dot) in a filename in a server response. 2010-10-26 4.3 CVE-2010-4095
XF
BID
BUGTRAQ
MISC
SECUNIA
CONFIRM
ruby_on_rails -- ruby_on_rails
Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes, which allows remote attackers to modify arbitrary records by changing the names of parameters for form inputs. 2010-10-27 6.4 CVE-2010-3933
VUPEN
CONFIRM
SECTRACK
SECUNIA
susumu_terao -- terapad
Untrusted search path vulnerability in TeraPad before 1.00 allows local users to gain privileges via a Trojan horse DLL in the current working directory. 2010-10-25 6.9 CVE-2010-3161
CONFIRM
JVNDB
JVN
typo3 -- typo3
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the RemoveXSS function, and allow remote authenticated users to inject arbitrary web script or HTML via vectors related to (2) the backend. 2010-10-25 4.3 CVE-2010-3715
BID
DEBIAN
CONFIRM
typo3 -- typo3
The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x before 4.3.7 allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrary group memberships. 2010-10-25 6.0 CVE-2010-3716
BID
DEBIAN
CONFIRM
typo3 -- typo3
The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly restrict input to filter_var FILTER_VALIDATE_EMAIL operations in PHP, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string, a related issue to CVE-2010-3710. 2010-10-25 5.0 CVE-2010-3717
BID
DEBIAN
CONFIRM
typo3 -- typo3
Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 allows remote authenticated administrators to read and possibly modify arbitrary files via a crafted parameter, a different vulnerability than CVE-2010-3714. 2010-10-25 4.9 CVE-2010-4068
BID
DEBIAN
CONFIRM
usebb -- usebb
rss.php in UseBB before 1.0.11 does not properly handle forum configurations in which a user has the view permission but not the read permission, which allows remote attackers to bypass intended access restrictions by reading a forum feed in combination with a topic feed. 2010-10-27 4.3 CVE-2010-3713
CONFIRM
CONFIRM
MLIST
MLIST
yokkasoft -- deuxeditor
Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and earlier, OuiEditor 1.6.1.1 and earlier, UnEditor 1.10.1.2 and earlier, DeuxEditor 1.7.1.2 and earlier, SQLEditorXP 3.14.1.2 and earlier, SQLEditorTE 1.9.1.3 and earlier, SQLEditor8 3.8.1.2 and earlier, and SQLEditorClassic 1.8.1.3 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory. 2010-10-25 6.9 CVE-2010-3165
JVNDB
JVN
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top