U.S. Flag Official website of the Department of Homeland Security

Bulletin (SB12-184)

Vulnerability Summary for the Week of June 25, 2012

Original release date: July 02, 2012 | Last revised: November 08, 2012

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
alexis_wilke -- protected_node
The Protected Node module 6.x-1.x before 6.x-1.6 for Drupal does not properly "protect node access when nodes are accessed outside of the standard node view," which allows remote attackers to bypass intended access restrictions. 2012-06-26 7.5 CVE-2012-2730
apache -- roller
Multiple cross-site request forgery (CSRF) vulnerabilities in the admin/editor console in Apache Roller before 5.0.1 allow remote attackers to hijack the authentication of admins or editors by leveraging the HTTP POST functionality. 2012-06-26 9.3 CVE-2012-2380
david_hansson -- ruby_on_rails
The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661. 2012-06-22 7.5 CVE-2012-2695
google -- chrome
Untrusted search path vulnerability in Google Chrome before 20.0.1132.43 on Windows might allow local users to gain privileges via a Trojan horse Metro DLL in the current working directory. 2012-06-27 7.2 CVE-2012-2764
google -- chrome
Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. 2012-06-27 10.0 CVE-2012-2807
google -- chrome
Google Chrome before 20.0.1132.43 on Windows does not properly isolate sandboxed processes, which might allow remote attackers to cause a denial of service (process interference) via unspecified vectors. 2012-06-27 7.8 CVE-2012-2816
google -- chrome
Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to tables that have sections. 2012-06-27 7.5 CVE-2012-2817
google -- chrome
Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the layout of documents that use the Cascading Style Sheets (CSS) counters feature. 2012-06-27 7.5 CVE-2012-2818
google -- chrome
The autofill implementation in Google Chrome before 20.0.1132.43 does not properly display text, which has unspecified impact and remote attack vectors. 2012-06-27 7.5 CVE-2012-2821
google -- chrome
Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG resources. 2012-06-27 7.5 CVE-2012-2823
google -- chrome
Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG painting. 2012-06-27 7.5 CVE-2012-2824
google -- chrome
Use-after-free vulnerability in the UI in Google Chrome before 20.0.1132.43 on Mac OS X allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. 2012-06-27 7.5 CVE-2012-2827
google -- chrome
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. 2012-06-27 7.5 CVE-2012-2829
google -- chrome
Google Chrome before 20.0.1132.43 does not properly set array values, which allows remote attackers to cause a denial of service (incorrect pointer use) or possibly have unspecified other impact via unknown vectors. 2012-06-27 7.5 CVE-2012-2830
google -- chrome
Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG references. 2012-06-27 7.5 CVE-2012-2831
google -- chrome
Buffer overflow in the JS API in the PDF functionality in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. 2012-06-27 7.5 CVE-2012-2833
google -- chrome
Integer overflow in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted data in the Matroska container format. 2012-06-27 9.3 CVE-2012-2834
ibm -- aix
The default configuration of sendmail in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, allows local users to gain privileges by entering a command in a .forward file in a home directory. 2012-06-27 7.2 CVE-2012-2200
pippin_williamson -- font_uploader
Unrestricted file upload vulnerability in font-upload.php in the Font Uploader plugin 1.2.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a PHP file with a .php.ttf extension, then accessing it via a direct request to the file in font-uploader/fonts. 2012-06-27 7.5 CVE-2012-3814
pro-face -- pro-server_ex
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, does not properly check packet sizes before reusing packet memory buffers, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a short crafted packet with a certain opcode. 2012-06-25 10.0 CVE-2012-3797
ruby_on_rails -- ruby_on_rails
The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695. 2012-06-22 7.5 CVE-2012-2661
sielcosistemi -- winlog_pro
Buffer overflow in RunTime.exe in Sielco Sistemi Winlog 2.07.14 and earlier allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. 2012-06-27 7.5 CVE-2012-3815
strongswan -- strongswan
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability." 2012-06-27 7.5 CVE-2012-2388
winradius -- winradius
WinRadius Server 2009 allows remote attackers to cause a denial of service (crash) via a long password in an Access-Request packet. 2012-06-27 7.8 CVE-2012-3816
Back to top

Medium Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
adam_ross -- tokenauth
The Token Authentication (tokenauth) module 6.x-1.x before 6.x-1.7 for Drupal does not properly revert user sessions, which might allow remote attackers to perform requests with extra privileges. 2012-06-26 5.0 CVE-2012-2720
adcillc -- simplemeta
Multiple cross-site request forgery (CSRF) vulnerabilities in the SimpleMeta module 6.x-1.x before 6.x-2.0 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) delete or (2) add a meta tag entry. 2012-06-26 6.8 CVE-2012-2729
antoine_beaupre -- hostmaster
The Hostmaster (Aegir) module 6.x-1.x before 6.x-1.9 for Drupal does not properly exit when users do not have access to package/task nodes, which allows remote attackers to bypass intended access restrictions and edit unauthorized nodes. 2012-06-26 5.8 CVE-2012-2707
blaine_lang -- filedepot
The filedepot module 6.x-1.x before 6.x-1.3 for Drupal, when accessed using multiple different browsers from the same IP address, causes Internet Explorer sessions to "switch users" when uploading a file, which has unspecified impact possibly involving file uploads to the wrong user directory, aka "Session Management Vulnerability." 2012-06-26 5.1 CVE-2012-2719
blaine_lang -- maestro
Multiple cross-site request forgery (CSRF) vulnerabilities in the Maestro module 7.x-1.x before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) change workflows or (2) insert cross-site scripting (XSS) sequences. 2012-06-26 5.1 CVE-2012-3799
bryce_hamrick -- janrain_capture
Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when synchronizing user data, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter. 2012-06-26 5.8 CVE-2012-2727
bryce_hamrick -- janrain_capture
The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creating a local user account, allows attackers to obtain part of the initial input used to generate passwords, which makes it easier to conduct brute force password guessing attacks. 2012-06-26 5.0 CVE-2012-3798
david_hansson -- ruby_on_rails
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2694. 2012-06-22 5.0 CVE-2012-2660
david_hansson -- ruby_on_rails
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain "['xyz', nil]" values, a related issue to CVE-2012-2660. 2012-06-22 4.3 CVE-2012-2694
google -- chrome
Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain. 2012-06-27 5.0 CVE-2012-2815
google -- chrome
The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textures, which allows remote attackers to cause a denial of service (assertion failure and application crash) or possibly have unspecified other impact via a crafted web page, as demonstrated by certain WebGL performance tests, aka rdar problem 11520387. 2012-06-27 6.8 CVE-2012-2819
google -- chrome
Google Chrome before 20.0.1132.43 does not properly implement SVG filters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. 2012-06-27 5.0 CVE-2012-2820
google -- chrome
The PDF functionality in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. 2012-06-27 5.0 CVE-2012-2822
google -- chrome
The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors. 2012-06-27 5.0 CVE-2012-2825
google -- chrome
Google Chrome before 20.0.1132.43 does not properly implement texture conversion, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. 2012-06-27 5.0 CVE-2012-2826
google -- chrome
Multiple integer overflows in the PDF functionality in Google Chrome before 20.0.1132.43 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. 2012-06-27 6.8 CVE-2012-2828
google -- chrome
The image-codec implementation in the PDF functionality in Google Chrome before 20.0.1132.43 does not initialize an unspecified pointer, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. 2012-06-27 6.8 CVE-2012-2832
isaac_sukin -- browserid
Cross-site request forgery (CSRF) vulnerability in the BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that login a user to another web site. 2012-06-26 6.8 CVE-2012-2713
jason_moore -- amadou
Cross-site scripting (XSS) vulnerability in the themes_links function in template.php in the Amadou theme module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to class attributes in a list of links. 2012-06-26 4.3 CVE-2012-2715
john_franklin -- advertisement
The Advertisement module 6.x-2.x before 6.x-2.3 for Drupal does not properly restrict access to debug information, which allows remote attackers to obtain sensitive site configuration information that is specified by the $conf variable in settings.php. 2012-06-26 5.0 CVE-2012-3801
mariadb -- mariadb
sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value. 2012-06-26 5.1 CVE-2012-2122
mathew_winstone -- mobile_tools
Multiple cross-site scripting (XSS) vulnerabilities in the Mobile Tools module 6.x-2.x before 6.x-2.3 for Drupal allow remote attackers to inject arbitrary web script or HTML via the (1) Mobile URL field or (2) Desktop URL field to the General configuration page, or the (3) message to the Mobile Tools block message options. 2012-06-27 4.3 CVE-2012-2717
mikel_olasagasti -- revelation
Revelation 0.4.13-2 and earlier uses only the first 32 characters of a password followed by a sequence of zeros, which reduces the entropy and makes it easier for context-dependent attackers to crack passwords and obtain access to keys via a brute-force attack. 2012-06-27 5.0 CVE-2012-2742
mikel_olasagasti -- revelation
Revelation 0.4.13-2 and earlier does not iterate through SHA hashing algorithms for AES encryption, which makes it easier for context-dependent attackers to guess passwords via a brute force attack. 2012-06-27 5.0 CVE-2012-2743
moshe_weitzman -- organic_groups
The default views in the Organic Groups (OG) module 6.x-2.x before 6.x-2.4 for Drupal do not properly check permissions when all users have the "access content" permission removed, which allows remote attackers to bypass access restrictions and possibly have other unspecified impact. 2012-06-26 6.8 CVE-2012-2721
nicholasthompson -- global_redirect
Open redirect vulnerability in the Global Redirect module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.4 for Drupal, when non-clean to clean is enabled, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter. 2012-06-25 5.8 CVE-2010-2021
peter_pokrivcak -- post_affiliate_pro
Cross-site scripting (XSS) vulnerability in the Post Affiliate Pro (PAP) module for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors related to user registration. 2012-06-26 4.3 CVE-2012-2706
peter_pokrivcak -- post_affiliate_pro
Unspecified vulnerability in the Post Affiliate Pro (PAP) module for Drupal allows remote authenticated users to read the commissions of other users via unknown attack vectors. 2012-06-27 4.0 CVE-2012-3802
pro-face -- pro-server_ex
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (out-of-bounds read operation) via a crafted packet that triggers a certain Find Node check attempt. 2012-06-25 5.0 CVE-2012-3792
pro-face -- pro-server_ex
Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (daemon crash) via a crafted packet with a certain opcode that triggers an incorrect memory allocation and a buffer overflow. 2012-06-25 5.0 CVE-2012-3793
pro-face -- pro-server_ex
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (unhandled exception and daemon crash) via a crafted packet with a certain opcode that triggers an invalid attempt to allocate a large amount of memory. 2012-06-25 5.0 CVE-2012-3794
pro-face -- pro-server_ex
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (daemon crash) via a crafted packet with a certain opcode and a large value in a size field. 2012-06-25 5.0 CVE-2012-3795
pro-face -- pro-server_ex
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to obtain sensitive information from daemon memory via a crafted packet with a certain opcode. 2012-06-25 5.0 CVE-2012-3796
ronan_dowling -- node_hierarchy
Multiple cross-site request forgery (CSRF) vulnerabilities in the Node Hierarchy module 6.x-1.x before 6.x-1.5 for Drupal allow remote attackers to hijack the authentication of administrators for requests that change a node hierarchy position via an (1) up or (2) down action. 2012-06-26 6.8 CVE-2012-2728
scott_reynen -- node_embed
The node selection interface in the WYSIWYG editor (CKEditor) in the Node Embed module 6.x-1.x before 6.x-1.5 and 7.x-1.x before 7.x-1.0 for Drupal does not properly check permissions, which allows remote attackers to bypass intended access restrictions and read node titles. 2012-06-26 4.3 CVE-2012-2722
tony_freixas -- ubercart_product_keys
The Ubercart Product Keys module 6.x-1.x before 6.x-1.1 for Drupal does not properly check access for product keys, which allows remote attackers to read all unassigned product keys via certain conditions related to the uid. 2012-06-26 5.0 CVE-2012-2702
webatall -- web@all
Multiple cross-site request forgery (CSRF) vulnerabilities in web@all 2.0, as downloaded before May 30, 2012, allow remote attackers to hijack the authentication of administrators for requests that add, delete, or modify sensitive information, as demonstrated by adding a file to execute arbitrary code via a do_addfile action to inc/browser/action.php. 2012-06-27 4.3 CVE-2012-3231
wordpress -- wordpress
Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2012-06-27 4.3 CVE-2011-4956
wordpress -- wordpress
The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a denial of service (crash) via a comment with a crafted URL that triggers many recursive calls. 2012-06-27 5.0 CVE-2011-4957
Back to top

Low Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
alberto_trujillo_gonzalez -- protest
Cross-site scripting (XSS) vulnerability in the Protest module 6.x-1.x before 6.x-1.2 or 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "administer protest" permission to inject arbitrary web script or HTML via the protest_body parameter. 2012-06-262.1 CVE-2012-2726
antoine_beaupre -- hostmaster
Cross-site scripting (XSS) vulnerability in the _hosting_task_log_table function in modules/hosting/task/hosting_task.module in the Hostmaster (Aegir) module 6.x-1.x before 6.x-1.9 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a Drush log message in a provision task log. 2012-06-262.1 CVE-2012-2708
apache -- roller
Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller before 5.0.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the blogger role. 2012-06-263.5 CVE-2012-2381
authoring_html -- 6.x-1.0
classes/Filter/WhitelistedExternalFilter.php in the Authoring HTML module 6.x-1.x before 6.x-1.1 for Drupal does not properly validate sources with the host white list, which allows remote authenticated users to bypass intended access restrictions and conduct cross-site scripting (XSS) attacks. 2012-06-263.5 CVE-2012-2725
blaine_lang -- maestro
Cross-site scripting (XSS) vulnerability in the Maestro module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with maestro admin permissions to inject arbitrary web script or HTML via unspecified vectors. 2012-06-262.6 CVE-2012-2723
christopher_mitchell -- smart_breadcrumb
The filter_titles function in the Smart Breadcrumb module 6.x-1.x before 6.x-1.3 for Drupal does not properly convert a title to plain-text, which allows remote authenticated users with create or edit node permissions to conduct cross-site scripting (XSS) attacks via the title parameter. 2012-06-262.1 CVE-2012-2705
john_albin -- zen
Cross-site scripting (XSS) vulnerability in the Zen module 6.x-1.x before 6.x-1.1 for Drupal, when "Append the content title to the end of the breadcrumb" is enabled, allows remote attackers to inject arbitrary web script or HTML via the content title in a breadcrumb. 2012-06-262.6 CVE-2012-2710
john_franklin -- advertisement
Cross-site scripting (XSS) vulnerability in the Advertisement module 6.x-2.x before 6.x-2.3 for Drupal, when debug mode is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to the "$conf variable in settings.php." 2012-06-262.6 CVE-2012-2703
moshe_weitzman -- organic_groups
Cross-site scripting (XSS) vulnerability in og.js in the Organic Groups (OG) module 6.x-2.x before 6.x-2.4 for Drupal, when used with the Vertical Tabs module, allows remote authenticated users to inject arbitrary web script or HTML via vectors related the group title. 2012-06-262.1 CVE-2012-3800
nancy_wichmann -- taxonomy_list
Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy List module 6.x-1.x before 6.x-1.4 for Drupal allow remote authenticated users with create or edit taxonomy terms permissions to inject arbitrary web script or HTML via vectors related to taxonomy information. 2012-06-262.1 CVE-2012-2711
puppetlabs -- puppet
telnet.rb in Puppet 2.7.x before 2.7.13 and Puppet Enterprise (PE) 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows local users to overwrite arbitrary files via a symlink attack on the NET::Telnet connection log (/tmp/out.log). 2012-06-273.6 CVE-2012-1989
python -- python
The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 via UTF-7 encoding. 2012-06-272.6 CVE-2011-4940
richardo_ante -- ubercart_ajax_cart
The Ubercart AJAX Cart 6.x-2.x before 6.x-2.1 for Drupal stores the PHP session id in the JavaScript settings array in page loads, which might allow remote attackers to obtain sensitive information by sniffing or reading the cache of the HTML of a webpage. 2012-06-262.6 CVE-2012-2731
shlomi_fish -- config-inifiles
The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE: it has been reported that this might only be exploitable by writing in the same directory as the .ini file. If this is the case, then this issue might not cross privilege boundaries. 2012-06-273.6 CVE-2012-2451
thomas_seidl -- search_api
Multiple cross-site scripting (XSS) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.1 for Drupal, when supporting manual entry of field identifiers, allow remote attackers to inject arbitrary web script or HTML via vectors related to thrown exceptions and logging errors. 2012-06-262.6 CVE-2012-2712
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top