Vulnerability Summary for the Week of February 18, 2008
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
">
High Vulnerabilities |
---|
Primary Vendor -- Product | Description |
| CVSS Score | Source & Patch Info | ||
---|---|---|---|---|---|---|
Apache Software Foundation -- mod_jk F5 -- BIG-IP | Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header. |
| 7.5 | CVE-2007-6258 BUGTRAQ OTHER-REF CERT-VN BID FRSIRT | ||
Apple -- iPhoto | The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 allows remote attackers to cause a denial of service (crash) via a malformed dpap: URI, a different vulnerability than CVE-2008-0043. |
| 7.5 | CVE-2008-0830 MILW0RM BID | ||
aStats -- astatsPRO Joomla -- com_astatspro | SQL injection vulnerability in refer.php in the astatsPRO (com_astatspro) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| 7.5 | CVE-2008-0839 MILW0RM | ||
auraCMS -- AuraCMS | Multiple SQL injection vulnerabilities in AuraCMS 1.62 allow remote attackers to execute arbitrary SQL commands via (1) the kid parameter to (a) mod/dl.php or (b) mod/links.php, and (2) the query parameter to search.php. |
| 7.5 | CVE-2008-0811 MILW0RM | ||
BEA Systems -- WebLogic Portal | BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session. |
| 7.5 | CVE-2008-0870 BEA | ||
Caroline -- Caroline | Unspecified vulnerability in the php2phps function in Claroline before 1.8.9 has unknown impact and attack vectors. |
| 10.0 | CVE-2008-0824 OTHER-REF SECUNIA | ||
Caroline -- Caroline | SQL injection vulnerability in Claroline before 1.8.9 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| 7.5 | CVE-2008-0825 OTHER-REF SECUNIA | ||
com_sg -- com_sg | SQL injection vulnerability in the com_sg component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the pid parameter in an order task. |
| 7.5 | CVE-2008-0816 BUGTRAQ BID | ||
Dokeos -- Dokeos | Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to whoisonline.php, (2) tracking_list_coaches_column parameter to main/mySpace/index.php, (3) tutor_name parameter to main/create_course/add_course.php, the (4) Referer HTTP header to index.php, and the (5) X-Fowarded-For HTTP header to main/admin/class_list.php. |
| 7.5 | CVE-2008-0850 BUGTRAQ OTHER-REF FRSIRT SECUNIA | ||
Drupal -- Header image | Unspecified vulnerability in the Header Image Module before 5.x-1.1 for Drupal allows remote attackers to access the administration pages via unknown attack vectors. |
| 10.0 | CVE-2008-0823 OTHER-REF BID FRSIRT SECUNIA XF | ||
e-Vision -- e-Vision CMS | Multiple SQL injection vulnerabilities in e-Vision CMS 2.02 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) iframe.php and (2) print.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| 7.5 | CVE-2008-0856 BID | ||
EMC -- Replistor | Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data. |
| 7.8 | CVE-2007-6426 IDEFENSE | ||
freePHPgallery -- freePHPgallery | Multiple directory traversal vulnerabilities in freePHPgallery 0.6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang cookie to (1) comment.php, (2) index.php, and (3) show.php. |
| 7.5 | CVE-2008-0818 MILW0RM OTHER-REF BID SECUNIA | ||
jlmZone -- Classifieds | SQL injection vulnerability in index.php in the jlmZone Classifieds module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in an Adsview action. |
| 7.5 | CVE-2008-0873 BUGTRAQ MILW0RM BID | ||
Joomla -- com_scheduling Component Mambo -- com_scheduling Component | SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| 7.5 | CVE-2008-0810 BUGTRAQ BID | ||
Joomla -- com_mezun Egitimhost -- com_mezun | SQL injection vulnerability in the com_mezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit task. |
| 7.5 | CVE-2008-0815 BUGTRAQ BID XF | ||
Joomla -- Rapid Recipe | Multiple SQL injection vulnerabilities in the Rapid Recipe (com_rapidrecipe) 1.6.5 and earlier component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) user_id or (2) category_id parameter. NOTE: this might overlap CVE-2008-0754. |
| 7.5 | CVE-2008-0831 MILW0RM | ||
Joomla -- Kemas Antonius com_quran Mambo -- Kemas Antonius com_quran | SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action. |
| 7.5 | CVE-2008-0832 MILW0RM | ||
Joomla -- com_galeria | SQL injection vulnerability in index.php in the com_galeria component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. |
| 7.5 | CVE-2008-0833 MILW0RM | ||
Joomla -- com_clasifier | SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. |
| 7.5 | CVE-2008-0842 MILW0RM | ||
Joomla -- com_pccookbook | SQL injection vulnerability in index.php in the PccookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter. |
| 7.5 | CVE-2008-0844 MILW0RM | ||
Joomla -- com_downloads Mambo -- com_downloads | SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652. |
| 7.5 | CVE-2008-0849 BUGTRAQ BID XF | ||
Joomla -- com_detail Mambo -- com_detail | SQL injection vulnerability in the com_detail component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. |
| 7.5 | CVE-2008-0853 BUGTRAQ BID | ||
Joomla -- com_salesrep Mambo -- com_salesrep | SQL injection vulnerability in the com_salesrep component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the rid parameter in a showrep action to index.php. |
| 7.5 | CVE-2008-0854 BUGTRAQ BID XF | ||
Joomlapixel -- Jooget Mambo -- Mambo Joomla -- Joomla | SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task. |
| 7.5 | CVE-2008-0829 MILW0RM OTHER-REF OTHER-REF BID SECUNIA | ||
Kerio -- Kerio MailServer VisNetic -- VisNetic AntiVirus Plug-in for Mail Server | Buffer overflow in the Visnetic anti-virus plugin in Kerio MailServer before 6.5.0 might allow remote attackers to execute arbitrary code via unspecified vectors. |
| 7.5 | CVE-2008-0858 OTHER-REF BID FRSIRT SECTRACK SECUNIA | ||
Kerio -- AVG Plugin Kerio -- Kerio MailServer | Unspecified vulnerability in the AVG plugin in Kerio MailServer before 6.5.0 has unspecified impact via unknown remote attack vectors related to null DACLs. |
| 10.0 | CVE-2008-0860 OTHER-REF BID FRSIRT SECTRACK SECUNIA | ||
Lyris -- List Manager | Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating "new accounts that collide with existing accounts." |
| 10.0 | CVE-2007-6319 BUGTRAQ BID | ||
Mambo -- com_filebase Component Joomla -- com_filebase Component | SQL injection vulnerability in the com_filebase component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. |
| 7.5 | CVE-2008-0817 BUGTRAQ BID | ||
Mambo -- com_ricette component Joomla -- com_ricette component | SQL injection vulnerability in index.php in the Giorgio Nordo Ricette (com_ricette) 1.0 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| 7.5 | CVE-2008-0841 MILW0RM BID | ||
Mambo -- com_profile Joomla -- com_profile | SQL injection vulnerability in index.php in the com_profile component for Joomla! allows remote attackers to execute arbitrary SQL commands via the oid parameter. |
| 7.5 | CVE-2008-0846 BUGTRAQ BID | ||
Mambo -- com_facileforms Joomla -- com_facileforms | SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. |
| 7.5 | CVE-2008-0855 BUGTRAQ | ||
MySQL -- MySQL Community Server | MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements. |
| 7.8 | CVE-2007-6313 OTHER-REF | ||
OpenCA -- OpenCA PKI | Cross-site request forgery (CSRF) vulnerability in OpenCA PKI 0.9.2.5, and possibly earlier versions, allows remote attackers to perform unauthorized actions as authorized users via a link or IMG tag to RAServer. |
| 7.5 | CVE-2008-0556 FULLDISC OTHER-REF SECUNIA XF | ||
OSI Codes Inc. -- PHPLive | SQL injection vulnerability in admin/traffic/knowledge_searchm.php in OSI Codes Inc. PHP Live! 3.2.2 allows remote attackers to execute arbitrary SQL commands via the questid parameter in an expand_question action. |
| 7.5 | CVE-2008-0821 MILW0RM BID | ||
PCRE -- PCRE | Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255. |
| 7.5 | CVE-2008-0674 OTHER-REF OTHER-REF FRSIRT | ||
PHPNuke -- Book | SQL injection vulnerability in the Books module of PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter. |
| 7.5 | CVE-2008-0827 MILW0RM BID | ||
PHPNuke -- Web_Links Module | SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action. |
| 7.5 | CVE-2008-0879 BUGTRAQ BID | ||
PHPNuke -- EasyContent Module | SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the page_id parameter. |
| 7.5 | CVE-2008-0880 MILW0RM BID | ||
PHPNuke -- Okul Module | SQL injection vulnerability in modules.php in the Okul 1.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the okulid parameter in an okullar action. |
| 7.5 | CVE-2008-0881 MILW0RM | ||
Reality -- Medias PHPizabi | Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b C1 HFP1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension from the event page, then accessing it via a direct request to the file in system/cache/pictures. |
| 9.3 | CVE-2008-0805 MILW0RM BID FRSIRT | ||
RunCMS -- MyAnnonces | SQL injection vulnerability in index.php in the MyAnnonces 1.7 and earlier module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. |
| 7.5 | CVE-2008-0878 MILW0RM FRSIRT | ||
Simple CMS -- Simple CMS | SQL injection vulnerability in indexen.php in Simple CMS 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the area parameter. |
| 7.5 | CVE-2008-0835 MILW0RM BID | ||
Symantec -- Veritas Storage Foundation | Heap-based buffer overflow in the Veritas Enterprise Administrator (VEA) service (aka vxsvc.exe) in Symantec Veritas Storage Foundation 5.0 allows remote attackers to execute arbitrary code via a packet with a crafted value of a certain size field, which is not checked for consistency with the actual buffer size. |
| 9.3 | CVE-2008-0638 OTHER-REF OTHER-REF BID SECTRACK | ||
WoltLab -- Burning Board | SQL injection vulnerability in index.php in WoltLab Burning Board 3.0.3 PL 1 allows remote attackers to execute arbitrary SQL commands via the sortOrder parameter to the PMList page. |
| 7.5 | CVE-2008-0857 BUGTRAQ BID | ||
WordPress -- Dean Logan WP-People plugin | SQL injection vulnerability in wp-people-popup.php in Dean Logan WP-People plugin 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the person parameter. |
| 7.5 | CVE-2008-0845 BUGTRAQ | ||
XOOPS -- myTopics | SQL injection vulnerability in print.php in the myTopics module for XOOPS allows remote attackers to execute arbitrary SQL commands via the articleid parameter. |
| 7.5 | CVE-2008-0847 MILW0RM BID XF | ||
XOOPS -- eEmpregos Module | SQL injection vulnerability in index.php in the eEmpregos module for XOOPS allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view action. |
| 7.5 | CVE-2008-0874 BUGTRAQ MILW0RM |
Medium Vulnerabilities |
---|
Primary Vendor -- Product | Description |
| CVSS Score | Source & Patch Info | ||
---|---|---|---|---|---|---|
Apple -- Safari | Apple Safari might allow remote attackers to obtain potentially sensitive memory contents or cause a denial of service (crash) via a crafted (1) bitmap (BMP) or (2) GIF file, a related issue to CVE-2008-0420. |
| 6.8 | CVE-2008-0894 BUGTRAQ OTHER-REF | ||
ATutor -- ATutor | Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) attributes like style and onmouseover in (a) forum post or (b) mail; or (2) HTML tags in the website field of the profile. |
| 4.3 | CVE-2008-0828 BUGTRAQ BID | ||
BanPro -- NET BanPro DMS | Directory traversal vulnerability in DMS/index.php in BanPro DMS 1.0 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the action parameter. |
| 6.4 | CVE-2008-0812 BUGTRAQ BID SECUNIA | ||
BEA Systems -- WebLogic Server BEA Systems -- WebLogic Express | BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web service's WSDL and security policies, which allows remote attackers to obtain sensitive information and potentially launch further attacks. |
| 5.0 | CVE-2008-0863 BEA SECTRACK | ||
BEA Systems -- WebLogic Portal | Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertently remove entitlements for pages when an administrator edits the page definition label, which might allow remote attackers to bypass intended access restrictions. |
| 5.0 | CVE-2008-0864 BEA | ||
BEA Systems -- WebLogic Portal | Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 allows remote attackers to bypass entitlements for instances of a floatable WLP portlet via unknown vectors. |
| 5.0 | CVE-2008-0865 BEA | ||
BEA Systems -- WebLogic Workshop | Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Workshop allow remote attackers to inject arbitrary web script or HTML via an invalid action URI, which is not properly handled by NetUI page flows. |
| 4.3 | CVE-2008-0866 BEA | ||
BEA Systems -- AquaLogic Interaction BEA Systems -- Plumtree Foundation | Cross-site scripting (XSS) vulnerability in the portal for BEA Plumtree Foundation 6.0 through SP1 and AquaLogic Interaction 6.1 through Maintenance Pack 1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. |
| 4.3 | CVE-2008-0867 BEA | ||
BEA Systems -- WebLogic Portal | Cross-site scripting (XSS) vulnerability in Groupspace in BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 1 allows remote authenticated users to inject arbitrary web script or HTML via unknown vectors. |
| 4.3 | CVE-2008-0868 BEA | ||
BEA Systems -- WebLogic BEA Systems -- WebLogic Workshop | Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic Workshop or Apache Beehive NetUI framework with page flows. |
| 4.3 | CVE-2008-0869 BEA | ||
Caroline -- Caroline | Cross-site scripting (XSS) vulnerability in Claroline before 1.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| 4.3 | CVE-2008-0826 OTHER-REF SECUNIA | ||
Crafty Syntax Live Help -- Crafty Syntax Live Help | Cross-site scripting (XSS) vulnerability in lostsheep.php in Crafty Syntax Live Help (CSLH) 2.4.13 and 2.4.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the versions claimed by the original researcher are likely incorrect. |
| 4.3 | CVE-2008-0848 BUGTRAQ BID XF | ||
cups -- CUPS | Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. NOTE: some of these details are obtained from third party information. |
| 6.4 | CVE-2008-0882 OTHER-REF SECUNIA | ||
Dokeos -- E-Learning System | Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to inscription.php, (2) courseCode parameter to main/calendar/myagenda.php, (3) category parameter to main/admin/course_category.php, (4) message parameter to main/admin/session_list.php in a show_message action, and (5) an avatar image to main/auth/profile.php. |
| 4.3 | CVE-2008-0851 BUGTRAQ OTHER-REF FRSIRT SECUNIA | ||
Etomite -- Etomite | ** DISPUTED ** Cross-site scripting (XSS) vulnerability in index.php in Etomite 0.6.1.4 Final allows remote attackers to inject arbitrary web script or HTML via $_SERVER['PHP_INFO']. NOTE: the vendor disputes this issue in a followup, stating that the affected variable is $_SERVER['PHP_SELF'], and "This is not an Etomite specific exploit and I would like the report rescinded." |
| 4.3 | CVE-2008-0820 BUGTRAQ OTHER-REF BID SECUNIA XF | ||
freeSSHd -- freeSSHd | freeSSHd 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a SSH2_MSG_NEWKEYS packet to TCP port 22, which triggers a NULL pointer dereference. |
| 5.0 | CVE-2008-0852 OTHER-REF BID FRSIRT SECUNIA | ||
Hitachi -- EUR Print Manager | Unspecified vulnerability in Hitachi EUR Print Manager, and related Client and Local Server products, 05-06 through 05-06-/B and 05-08 allows remote attackers to cause a denial of service (service hang or termination) via unspecified vectors related to "unexpected data." |
| 6.4 | CVE-2008-0875 OTHER-REF BID FRSIRT SECUNIA | ||
Hitachi -- SEWB3 PLATFORM Hitachi -- SEWB3 MI-PLATFORM | Unspecified vulnerability in the SEWB3 messaging service in Hitachi SEWB3/PLATFORM and SEWB3/MI-PLATFORM 01-00 through 02-14-/A allows remote attackers to cause a denial of service (service outage) via "invalid data." |
| 5.8 | CVE-2008-0876 OTHER-REF BID FRSIRT SECUNIA | ||
Horde -- Turba Contact Manager Horde -- Groupware Horde -- Groupware Webmail Edition | lib/Driver/sql.php in Turba 2 (turba2) Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, as used in products such as Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition before 1.0.5, does not properly check access rights, which allows remote authenticated users to modify address data via a modified object_id parameter to edit.php, as demonstrated by modifying a personal address book entry when there is write access to a shared address book. |
| 4.9 | CVE-2008-0807 MLIST MLIST MLIST MLIST OTHER-REF BID SECUNIA | ||
IBM -- Lotus Quickr | Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| 4.3 | CVE-2008-0834 OTHER-REF BID SECUNIA | ||
IBM -- Lotus Quickplace | Cross-site scripting (XSS) vulnerability in leg/Main.nsf in IBM Lotus Quickplace 7.0 allows remote attackers to inject arbitrary web script or HTML via an h_SearchString sub-parameter in the PreSetFields parameter of an EditDocument action. |
| 4.3 | CVE-2008-0861 OTHER-REF BID SECTRACK | ||
IBM -- Lotus Notes | IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email message to another user, which allows user-assisted remote attackers to bypass Execution Control List (ECL) protection. |
| 4.3 | CVE-2008-0862 OTHER-REF FRSIRT SECUNIA | ||
Ikiwiki -- Ikiwiki | Cross-site scripting (XSS) vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitrary web script or HTML via meta tags. |
| 4.3 | CVE-2008-0808 OTHER-REF OTHER-REF SECUNIA | ||
Ikiwiki -- Ikiwiki | Cross-site scripting (XSS) vulnerability in the htmlscrubber in Ikiwiki before 1.1.46 allows remote attackers to inject arbitrary web script or HTML via title contents. |
| 4.3 | CVE-2008-0809 OTHER-REF SECUNIA | ||
Jinzora -- Jinzora | Multiple cross-site scripting (XSS) vulnerabilities in Jinzora Media Jukebox 2.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) frontend, (2) set_frontend, (3) jz_path, (4) theme, and (5) set_theme parameters to (a) index.php; the frontend, theme, and (6) language parameters to (b) ajax_request.php; the jz_path parameter to (c) slim.php; the frontend, theme, and jz_path parameters to (d) popup.php; the (13) PATH_INFO to index.php and (e) slim.php; and the (14) query parameter in a playlistedit action and (15) siteNewsData parameter in a sitenews action to (f) popup.php. |
| 4.3 | CVE-2008-0877 BUGTRAQ SECUNIA | ||
John Godley -- Search Unleashed WordPress -- Search Unleashed plugin | Cross-site scripting (XSS) vulnerability in the log feature in the John Godley Search Unleashed 0.2.10 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, which is not properly handled when the administrator views the log file. |
| 4.3 | CVE-2008-0837 BUGTRAQ OTHER-REF BID SECUNIA XF | ||
Kerio -- Kerio MailServer | Unspecified vulnerability in Kerio MailServer before 6.5.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to decoding of uuencoded input, which triggers memory corruption. |
| 5.0 | CVE-2008-0859 OTHER-REF BID FRSIRT SECTRACK SECUNIA | ||
NOW -- SMS_MMS Gateway | Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service. |
| 6.8 | CVE-2008-0871 OTHER-REF BID FRSIRT SECUNIA | ||
SmarterTools -- SmarterMail | Cross-site scripting (XSS) vulnerability in SmarterTools SmarterMail Enterprise 4.3 allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute of an element in the Subject field of an e-mail message. |
| 6.0 | CVE-2008-0872 BUGTRAQ OTHER-REF BID SECUNIA | ||
Sophos -- ES4000 Sophos -- ES1000 | Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface in Sophos ES1000 and ES4000 Email Security Appliance 2.1.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) error and (2) go parameters to the login page. |
| 4.3 | CVE-2008-0838 BUGTRAQ OTHER-REF OTHER-REF BID FRSIRT SECUNIA | ||
StatCounteX -- StatCounteX | StatCounteX 3.0 and 3.1 allows remote attackers to obtain sensitive information and edit configuration scripts via a direct request to admin.asp. |
| 6.4 | CVE-2008-0843 BUGTRAQ SECUNIA | ||
Sun -- Solaris | Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 9 and 10 on x86 architectures allows local users to cause a denial of service (panic) via unspecified vectors that trigger a NULL pointer dereference in the vuid3ps2 module, a different issue than CVE-2007-5319. |
| 4.9 | CVE-2008-0836 SUNALERT FRSIRT SECUNIA | ||
Symantec Veritas -- Storage Foundation | The Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation 5.0 for Windows allows remote attackers to cause a denial of service (daemon crash or hang) via malformed packets. |
| 4.3 | CVE-2007-4516 IDEFENSE OTHER-REF BID SECTRACK | ||
Thecus -- N5200Pro NAS Server Control Panel | PHP remote file inclusion vulnerability in usrgetform.html in Thecus N5200Pro NAS Server allows remote attackers to execute arbitrary PHP code via a URL in the name parameter. |
| 6.8 | CVE-2008-0804 MILW0RM BID | ||
TRUC -- TRUC | Directory traversal vulnerability in download.php in Tracking Requirements & Use Cases (TRUC) 0.11.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the upload_filename parameter. |
| 6.4 | CVE-2008-0814 MILW0RM BID | ||
XPWeb -- XPWeb | Directory traversal vulnerability in Download.php in XPWeb 3.0.1, 3.3.2, and possibly other versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter. |
| 5.0 | CVE-2008-0813 MILW0RM BID |
Low Vulnerabilities |
---|
Primary Vendor -- Product | Description |
| CVSS Score | Source & Patch Info | ||
---|---|---|---|---|---|---|
Paul Pelzl -- wyrd | wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file. |
| 3.6 | CVE-2008-0806 OTHER-REF BID SECUNIA | ||
PlutoStatus -- PlutoStatus Locator | Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. |
| 3.6 | CVE-2008-0819 BUGTRAQ BID | ||
Public Warehouse -- Light Blog | Directory traversal vulnerability in view_member.php in Public Warehouse LightBlog 9.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the username parameter. |
| 3.6 | CVE-2008-0840 MILW0RM BID | ||
Scribe -- Scribe | Directory traversal vulnerability in index.php in Scribe 0.2 allows remote attackers to read arbitrary local files via a .. (dot dot) in the page parameter. |
| 3.6 | CVE-2008-0822 BUGTRAQ MILW0RM BID |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.