Vulnerability Summary for the Week of April 12, 2010
Released
Apr 19, 2010
Document ID
SB10-109
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adobe -- acrobat | Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability." | 2010-04-14 | 9.3 | CVE-2010-0191 CERT VUPEN CONFIRM BID |
| adobe -- acrobat | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0193 and CVE-2010-0196. | 2010-04-14 | 9.3 | CVE-2010-0192 CERT VUPEN CONFIRM BID |
| adobe -- acrobat | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0196. | 2010-04-14 | 9.3 | CVE-2010-0193 CERT VUPEN CONFIRM XF BID |
| adobe -- acrobat | Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0197, CVE-2010-0201, and CVE-2010-0204. | 2010-04-14 | 9.3 | CVE-2010-0194 CERT VUPEN CONFIRM BID |
| adobe -- acrobat | Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, do not properly handle fonts, which allows attackers to execute arbitrary code via unspecified vectors. | 2010-04-14 | 9.3 | CVE-2010-0195 CERT VUPEN CONFIRM BID |
| adobe -- acrobat | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0193. | 2010-04-14 | 9.3 | CVE-2010-0196 CERT VUPEN CONFIRM BID |
| adobe -- acrobat | Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0201, and CVE-2010-0204. | 2010-04-14 | 9.3 | CVE-2010-0197 CERT VUPEN CONFIRM BID |
| adobe -- acrobat | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0199, CVE-2010-0202, and CVE-2010-0203. | 2010-04-14 | 9.3 | CVE-2010-0198 CERT VUPEN CONFIRM BID |
| adobe -- acrobat | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0202, and CVE-2010-0203. | 2010-04-14 | 9.3 | CVE-2010-0199 CERT VUPEN CONFIRM BID |
| adobe -- acrobat | Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0204. | 2010-04-14 | 9.3 | CVE-2010-0201 CERT VUPEN CONFIRM BID |
| adobe -- acrobat | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0203. | 2010-04-14 | 9.3 | CVE-2010-0202 CERT VUPEN CONFIRM BID |
| adobe -- acrobat | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0202. | 2010-04-14 | 9.3 | CVE-2010-0203 CERT CONFIRM VUPEN BID |
| adobe -- acrobat | Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0201. | 2010-04-14 | 9.3 | CVE-2010-0204 CERT VUPEN CONFIRM XF BID |
| boesch-it -- faqengine | Multiple PHP remote file inclusion vulnerabilities in FAQEngine 4.24.00 allow remote attackers to execute arbitrary PHP code via a URL in the path_faqe parameter to (1) attachs.php, (2) backup.php, (3) badwords.php, (4) categories.php, (5) changepw.php, (6) colorchooser.php, (7) colorwheel.php, (8) dbfiles.php, (9) diraccess.php, (10) faq.php, (11) index.php, (12) kb.php, and (13) stats.php. | 2010-04-13 | 7.5 | CVE-2010-1360 XF BID MISC MISC |
| cisco -- secure_desktop | The Web Install ActiveX control in Cisco Secure Desktop (CSD) before 3.5.841 does not properly verify the signatures of downloaded programs, which allows remote attackers to force the download and execution of arbitrary files via a crafted web page, aka Bug ID CSCta25876. | 2010-04-15 | 9.3 | CVE-2010-0589 CISCO MISC BID SECTRACK |
| extremejoomla -- com_j-projects | SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the project parameter in a projects action to index.php. | 2010-04-13 | 7.5 | CVE-2010-1363 XF VUPEN BID MISC MISC |
| gamescript -- gamescript | SQL injection vulnerability in index.php in GameScript (GS) 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a category action. | 2010-04-13 | 7.5 | CVE-2010-1368 XF BID MISC MISC |
| hdflvplayer -- com_hdflvplayer | SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 2010-04-13 | 7.5 | CVE-2010-1372 XF BID SECUNIA MISC OSVDB |
| ibm -- director_agent | Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts. | 2010-04-12 | 7.2 | CVE-2010-1347 VUPEN BID AIXAPAR SECUNIA |
| ibm -- websphere_portal | Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors. | 2010-04-12 | 7.5 | CVE-2010-1348 VUPEN AIXAPAR BID SECUNIA |
| imperva -- securesphere_database_firewall | Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation. | 2010-04-15 | 7.8 | CVE-2010-1329 CONFIRM BID BUGTRAQ MISC |
| joomlaprojects -- com_jp_jobs | SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | 2010-04-12 | 7.5 | CVE-2010-1350 BID CONFIRM XF MISC MISC SECUNIA MISC |
| justsystems -- ichitaro | Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file. | 2010-04-15 | 9.3 | CVE-2010-1424 VUPEN CONFIRM SECTRACK SECUNIA OSVDB JVNDB JVN |
| microsoft -- visio | Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Attribute Validation Memory Corruption Vulnerability." | 2010-04-14 | 7.6 | CVE-2010-0254 CERT MS |
| microsoft -- visio | Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly calculate unspecified indexes associated with Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Index Calculation Memory Corruption Vulnerability." | 2010-04-14 | 7.6 | CVE-2010-0256 CERT MS |
| microsoft -- windows_media_player | Unspecified vulnerability in the Windows Media Player ActiveX control in Windows Media Player (WMP) 9 on Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted media content, aka "Media Player Remote Code Execution Vulnerability." | 2010-04-14 | 9.3 | CVE-2010-0268 CERT MS |
| microsoft -- windows_2000 | The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for SMB responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Memory Allocation Vulnerability." | 2010-04-14 | 10.0 | CVE-2010-0269 CERT MS |
| microsoft -- windows_7 | The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate fields in SMB transaction responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reboot) via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Transaction Vulnerability." | 2010-04-14 | 10.0 | CVE-2010-0270 CERT MS |
| microsoft -- windows_2003_server | The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reboot) via a crafted SMB transaction response that uses (1) SMBv1 or (2) SMBv2, aka "SMB Client Response Parsing Vulnerability." | 2010-04-14 | 10.0 | CVE-2010-0476 CERT MS |
| microsoft -- windows_7 | The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly handle (1) SMBv1 and (2) SMBv2 response packets, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted packet that causes the client to read the entirety of the response, and then improperly interact with the Winsock Kernel (WSK), aka "SMB Client Message Size Vulnerability." | 2010-04-14 | 10.0 | CVE-2010-0477 CERT MS |
| microsoft -- windows_2000 | Stack-based buffer overflow in nsum.exe in the Windows Media Unicast Service in Media Services for Microsoft Windows 2000 Server SP4 allows remote attackers to execute arbitrary code via crafted packets associated with transport information, aka "Media Services Stack-based Buffer Overflow Vulnerability." | 2010-04-14 | 9.3 | CVE-2010-0478 CERT MS |
| microsoft -- publisher | Buffer overflow in Microsoft Office Publisher 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability." | 2010-04-14 | 9.3 | CVE-2010-0479 CERT MS |
| microsoft -- windows_2000 | Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability." | 2010-04-14 | 9.3 | CVE-2010-0480 CERT MS |
| microsoft -- windows_2000 | The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows user-assisted remote attackers to execute arbitrary code via a modified (1) Portable Executable (PE) or (2) cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "WinVerifyTrust Signature Validation Vulnerability." | 2010-04-14 | 9.3 | CVE-2010-0486 CERT MS |
| microsoft -- windows_2000 | The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows remote attackers to execute arbitrary code via a modified cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "Cabview Corruption Validation Vulnerability." | 2010-04-14 | 9.3 | CVE-2010-0487 CERT MS |
| modxcms -- modxcms | SQL injection vulnerability in MODx Evolution before 1.0.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors related to WebLogin. | 2010-04-15 | 7.5 | CVE-2010-1426 CONFIRM JVNDB JVN XF SECUNIA |
| opera -- opera_browser | Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow. | 2010-04-12 | 10.0 | CVE-2010-1349 VUPEN BID XF SECTRACK CONFIRM MISC SECUNIA OSVDB CONFIRM |
| oracle -- database_server | Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8, 9.2.0.8, and DV; and Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 2010-04-13 | 7.5 | CVE-2010-0853 CERT CONFIRM SECUNIA SECUNIA |
| oracle -- database_server | Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to the Create User privilege. | 2010-04-13 | 7.1 | CVE-2010-0860 CERT CONFIRM SECUNIA |
| oracle -- sun_product_suite | Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_134 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Trusted Extensions. | 2010-04-13 | 7.2 | CVE-2010-0882 CERT CONFIRM |
| oracle -- sun_product_suite | Unspecified vulnerability in the Sun Ray Server Software component in Oracle Sun Product Suite 4.0, 4.1, and 4.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Device Services. | 2010-04-13 | 10.0 | CVE-2010-0888 CERT CONFIRM SUNALERT |
| oracle -- sun_product_suite | Unspecified vulnerability in the Sun Convergence component in Oracle Sun Product Suite 1.0 allows remote attackers to affect confidentiality via unknown vectors related to Address Book and Mail Filter. | 2010-04-13 | 7.1 | CVE-2010-0896 CERT CONFIRM |
| oracle -- sun_product_suite | Unspecified vulnerability in the Sun Java System Directory Server component in Oracle Sun Product Suite 5.2, 6.0, 6.1, 6.2, 6.3, and 6.3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Directory Service Markup Language. | 2010-04-13 | 7.5 | CVE-2010-0897 CERT CONFIRM BID |
| oracle -- weblogic_server | Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Server 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, and 10.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 2010-04-14 | 10.0 | CVE-2010-0073 CERT VUPEN CONFIRM SECUNIA |
| oracle -- jdk | Argument injection vulnerability in the URI handler in (a) Java NPAPI plugin and (b) Java Deployment Toolkit in Java 6 Update 10, 19, and other versions, when running on Windows and possibly on Linux, allows remote attackers to execute arbitrary code via the (1) -J or (2) -XXaltjvm argument to javaws.exe, which is processed by the launch method. NOTE: some of these details are obtained from third party information. | 2010-04-15 | 9.3 | CVE-2010-1423 CERT-VN VUPEN XF SECTRACK MISC SECUNIA OSVDB FULLDISC |
| preprojects -- pre_classified_listings_asp | SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the email parameter. | 2010-04-13 | 7.5 | CVE-2010-1369 BID MISC SECUNIA MISC |
| preprojects -- pre_classified_listings_asp | SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers to execute arbitrary SQL commands via the siteid parameter. | 2010-04-13 | 7.5 | CVE-2010-1370 SECUNIA MISC |
| uiga -- personal_portal | SQL injection vulnerability in index.php in Uiga Personal Portal, as downloaded on 20100301, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. NOTE: some of these details are obtained from third party information. | 2010-04-13 | 7.5 | CVE-2010-1364 VUPEN MISC SECUNIA MISC |
| uiga -- fan_club | SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. | 2010-04-13 | 7.5 | CVE-2010-1365 VUPEN MISC SECUNIA MISC MISC |
| uiga -- fan_club | Multiple SQL injection vulnerabilities in admin/admin_login.php in Uiga Fan Club 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) admin_name and (2) admin_password parameters. | 2010-04-13 | 7.5 | CVE-2010-1366 MISC MISC |
| vmware -- movie_decoder | Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding. | 2010-04-12 | 9.3 | CVE-2009-1564 CONFIRM MISC SECUNIA SECUNIA SECUNIA MLIST FULLDISC BUGTRAQ |
| vmware -- movie_decoder | vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted HexTile-encoded video chunks that trigger heap-based buffer overflows, related to "integer truncation errors." | 2010-04-12 | 9.3 | CVE-2009-1565 CONFIRM MLIST MISC SECUNIA SECUNIA SECUNIA FULLDISC BUGTRAQ |
| vmware -- vmrc | Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors. | 2010-04-12 | 10.0 | CVE-2009-3732 CONFIRM MLIST SECUNIA FULLDISC BUGTRAQ |
| vmware -- fusion | Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata. | 2010-04-12 | 7.2 | CVE-2010-1139 CONFIRM MLIST SECUNIA SECUNIA SECUNIA FULLDISC BUGTRAQ |
| vmware -- ace | VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share. | 2010-04-12 | 8.5 | CVE-2010-1141 CONFIRM MLIST SECUNIA SECUNIA FULLDISC BUGTRAQ |
| vmware -- ace | VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk. | 2010-04-12 | 8.5 | CVE-2010-1142 CONFIRM MLIST SECUNIA SECUNIA FULLDISC BUGTRAQ |
| vsecurity -- tandberg_video_communication_server | The administrative web console on the TANDBERG Video Communication Server (VCS) before X4.3 uses predictable session cookies in (1) tandberg/web/lib/secure.php and (2) tandberg/web/user/lib/secure.php, which makes it easier for remote attackers to bypass authentication, and execute arbitrary code by loading a custom software update, via a crafted "Cookie: tandberg_login=" HTTP header. | 2010-04-13 | 10.0 | CVE-2009-4509 MISC BUGTRAQ SECUNIA CONFIRM |
| vsecurity -- tandberg_video_communication_server | The SSH service on the TANDBERG Video Communication Server (VCS) before X5.1 uses a fixed DSA key, which makes it easier for remote attackers to conduct man-in-the-middle attacks and spoof arbitrary servers via crafted SSH packets. | 2010-04-13 | 8.5 | CVE-2009-4510 MISC SECUNIA CONFIRM |
| vsecurity -- tandberg_video_communication_server | Unspecified vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to execute arbitrary code via unknown vectors, aka Reference ID 69773. | 2010-04-13 | 10.0 | CVE-2010-1356 CONFIRM |
Medium Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| adobe -- acrobat | Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2010-04-14 | 4.3 | CVE-2010-0190 CERT VUPEN CONFIRM BID |
| apache -- open_for_business_project | Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open For Business Project (aka OFBiz) 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via (1) the productStoreId parameter to control/exportProductListing, (2) the partyId parameter to partymgr/control/viewprofile (aka partymgr/control/login), (3) the start parameter to myportal/control/showPortalPage, (4) an invalid URI beginning with /facility/control/ReceiveReturn (aka /crmsfa/control/ReceiveReturn or /cms/control/ReceiveReturn), (5) the contentId parameter (aka the entityName variable) to ecommerce/control/ViewBlogArticle, (6) the entityName parameter to webtools/control/FindGeneric, or the (7) subject or (8) content parameter to an unspecified component under ecommerce/control/contactus. | 2010-04-15 | 4.3 | CVE-2010-0432 BID MISC CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| bluegate -- direct_url | SQL injection vulnerability in bluegate_seo.inc.php in the Direct URL module for xt:Commerce, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the coID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | 2010-04-13 | 6.8 | CVE-2010-1359 BID SECUNIA |
| cnr.somee -- hikaye_portal | CNR Hikaye Portal 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/hikaye.mdb. | 2010-04-13 | 5.0 | CVE-2009-4765 VUPEN OSVDB SECUNIA MISC |
| f-secure -- anti-virus | F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection. | 2010-04-15 | 5.0 | CVE-2010-1425 VUPEN CONFIRM SECTRACK SECTRACK SECTRACK SECUNIA |
| glarotech -- phpeppershop | Cross-site scripting (XSS) vulnerability in shop/USER_ARTIKEL_HANDLING_AUFRUF.php in PHPepperShop 2.5 allows remote attackers to inject arbitrary web script or HTML via the darstellen parameter. | 2010-04-13 | 4.3 | CVE-2010-1361 BID XF MISC |
| jooforge -- com_jukebox | Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | 2010-04-12 | 5.0 | CVE-2010-1352 BID MISC SECUNIA MISC |
| kde -- kde_sc | Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm. | 2010-04-15 | 6.9 | CVE-2010-0436 VUPEN CONFIRM CONFIRM BID CONFIRM SECUNIA REDHAT |
| linux -- kernel | The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a NULL nameidata (aka nd) field in a POSIX file-creation request to a server that supports UNIX extensions. | 2010-04-12 | 4.7 | CVE-2010-1148 CONFIRM MISC XF BID SECUNIA MLIST MLIST MLIST MLIST MLIST MLIST MLIST |
| linux -- kernel | The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service (guest OS crash, and an associated qemu-kvm process exit) by sending a large amount of network traffic to a TCP port on the guest OS, related to a virtio-net whitelist that includes an improper implementation of TCP Segment Offloading (TSO). | 2010-04-12 | 5.0 | CVE-2010-0741 CONFIRM CONFIRM CONFIRM VUPEN REDHAT SECTRACK MLIST MLIST MLIST CONFIRM |
| linux -- kernel | The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/. | 2010-04-12 | 6.9 | CVE-2010-1146 MLIST CONFIRM BID SECUNIA |
| memcachedb -- memcached | memcached.c in memcached before 1.4.3 allows remote attackers to cause a denial of service (daemon hang or crash) via a long line that triggers excessive memory allocation. NOTE: some of these details are obtained from third party information. | 2010-04-12 | 5.0 | CVE-2010-1152 MLIST MLIST MLIST CONFIRM CONFIRM SECTRACK SECUNIA CONFIRM |
| microsoft -- exchange_server | The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2003 SP2, does not properly parse MX records, which allows remote DNS servers to cause a denial of service (service outage) via a crafted response to a DNS MX record query, aka "SMTP Server MX Record Vulnerability." | 2010-04-14 | 5.0 | CVE-2010-0024 CERT MS |
| microsoft -- exchange_server | The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2000 SP3, does not properly allocate memory for SMTP command replies, which allows remote attackers to read fragments of e-mail messages by sending a series of invalid commands and then sending a STARTTLS command, aka "SMTP Memory Allocation Vulnerability." | 2010-04-14 | 5.0 | CVE-2010-0025 CERT MS SECUNIA |
| microsoft -- windows_2000 | The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 does not properly validate a registry-key argument to an unspecified system call, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Null Pointer Vulnerability." | 2010-04-14 | 4.7 | CVE-2010-0234 CERT MS |
| microsoft -- windows_2000 | The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not perform the expected validation before creating a symbolic link, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Symbolic Link Value Vulnerability." | 2010-04-14 | 4.7 | CVE-2010-0235 CERT MS |
| microsoft -- windows_2000 | The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not properly allocate memory for the destination key associated with a symbolic-link registry key, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Allocation Vulnerability." | 2010-04-14 | 6.8 | CVE-2010-0236 CERT MS |
| microsoft -- windows_2000 | The kernel in Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows local users to gain privileges by creating a symbolic link from an untrusted registry hive to a trusted registry hive, aka "Windows Kernel Symbolic Link Creation Vulnerability." | 2010-04-14 | 6.9 | CVE-2010-0237 CERT MS |
| microsoft -- windows_2000 | Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Registry Key Vulnerability." | 2010-04-14 | 4.9 | CVE-2010-0238 CERT MS |
| microsoft -- windows_7 | The kernel in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly translate a registry key's virtual path to its real path, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Virtual Path Parsing Vulnerability." | 2010-04-14 | 4.7 | CVE-2010-0481 CERT MS |
| microsoft -- windows_7 | The kernel in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate relocation sections of image files, which allows local users to cause a denial of service (reboot) via a crafted file, aka "Windows Kernel Malformed Image Vulnerability." | 2010-04-14 | 4.7 | CVE-2010-0482 CERT MS |
| microsoft -- windows_server_2008 | The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, does not properly handle unspecified exceptions, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability." | 2010-04-14 | 4.7 | CVE-2010-0810 CERT MS |
| microsoft -- windows_2003_server | Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to bypass intended IPv4 source-address restrictions via a mismatched IPv6 source address in a tunneled ISATAP packet, aka "ISATAP IPv6 Source Address Spoofing Vulnerability." | 2010-04-14 | 6.4 | CVE-2010-0812 CERT MS SECUNIA |
| modxcms -- evolution | Cross-site scripting (XSS) vulnerability in the SearchHighlight plugin in MODx Evolution before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to AjaxSearch. | 2010-04-15 | 4.3 | CVE-2010-1427 CONFIRM JVNDB JVN XF SECUNIA |
| nodesforum -- nodesforum | Multiple PHP remote file inclusion vulnerabilities in Nodesforum 1.033 and 1.045, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) _nodesforum_path_from_here_to_nodesforum_folder parameter to erase_user_data.php and the (2) _nodesforum_code_path parameter to pre_output.php. NOTE: some of these details are obtained from third party information. | 2010-04-12 | 6.8 | CVE-2010-1351 XF MISC SECUNIA |
| oracle -- fusion_middleware | Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors. | 2010-04-13 | 4.3 | CVE-2010-0086 CERT CONFIRM SECUNIA |
| oracle -- database_server | Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality via unknown vectors. | 2010-04-13 | 4.0 | CVE-2010-0851 CERT CONFIRM SECUNIA |
| oracle -- database_server | Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | 2010-04-13 | 5.5 | CVE-2010-0852 CERT CONFIRM SECUNIA |
| oracle -- fusion_middleware | Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors. | 2010-04-13 | 4.3 | CVE-2010-0855 CERT CONFIRM SECUNIA |
| oracle -- fusion_middleware | Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.2 allows remote attackers to affect availability via unknown vectors. | 2010-04-13 | 5.0 | CVE-2010-0856 CERT CONFIRM BID SECUNIA |
| oracle -- e-business_suite | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 ATG RUP6 allows remote attackers to affect confidentiality and integrity via unknown vectors. | 2010-04-13 | 6.4 | CVE-2010-0859 CERT CONFIRM SECUNIA |
| oracle -- e-business_suite | Unspecified vulnerability in the Oracle HRMS (Self Service) component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect confidentiality via unknown vectors. | 2010-04-13 | 5.0 | CVE-2010-0861 CERT CONFIRM SECUNIA |
| oracle -- industry_product_suite | Unspecified vulnerability in the Retail - Oracle Retail Markdown Optimization component in Oracle Industry Product Suite 13.1 allows remote attackers to affect integrity via unknown vectors related to Online Help. | 2010-04-13 | 4.3 | CVE-2010-0862 CERT CONFIRM BID |
| oracle -- industry_product_suite | Unspecified vulnerability in the Retail - Oracle Retail Plan In-Season component in Oracle Industry Product Suite 12.2 allows remote attackers to affect integrity via unknown vectors related to Online Help. | 2010-04-13 | 4.3 | CVE-2010-0863 CERT CONFIRM |
| oracle -- industry_product_suite | Unspecified vulnerability in the Retail - Oracle Retail Place In-Season component in Oracle Industry Product Suite 12.2 allows remote attackers to affect integrity via unknown vectors related to Online Help. | 2010-04-13 | 4.3 | CVE-2010-0864 CERT CONFIRM |
| oracle -- e-business_suite | Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle E-Business Suite 6.1.1.0 allows remote attackers to affect confidentiality via unknown vectors. | 2010-04-13 | 4.3 | CVE-2010-0865 CERT CONFIRM SECUNIA |
| oracle -- database_server | Unspecified vulnerability in the JavaVM component in Oracle Database 11.1.0.7 and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | 2010-04-13 | 6.5 | CVE-2010-0866 CERT CONFIRM |
| oracle -- database_server | Unspecified vulnerability in the JavaVM component in Oracle Database 10.2.0.4, 11.1.0.7, and 11.2.0.1.0 allows remote authenticated users to affect integrity via unknown vectors. | 2010-04-13 | 4.0 | CVE-2010-0867 CERT CONFIRM |
| oracle -- e-business_suite | Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. | 2010-04-13 | 5.8 | CVE-2010-0868 CERT CONFIRM SECUNIA |
| oracle -- e-business_suite | Unspecified vulnerability in the Oracle Transportation Management component in Oracle E-Business Suite 5.5.05.07, 5.5.06.00, and 6.0.03 allows remote attackers to affect confidentiality via unknown vectors. | 2010-04-13 | 4.3 | CVE-2010-0869 CERT CONFIRM SECUNIA |
| oracle -- e-business_suite | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect integrity via unknown vectors. | 2010-04-13 | 4.3 | CVE-2010-0871 CERT CONFIRM SECUNIA |
| oracle -- fusion_middleware | Unspecified vulnerability in the Oracle Internet Directory component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3 allows remote attackers to affect availability via unknown vectors. | 2010-04-13 | 5.0 | CVE-2010-0872 CERT CONFIRM SECUNIA |
| oracle -- industry_product_suite | Unspecified vulnerability in the Communications - Oracle Communications Unified Inventory Management component in Oracle Industry Product Suite 7.1 allows remote attackers to affect integrity via unknown vectors. | 2010-04-13 | 4.3 | CVE-2010-0874 CERT CONFIRM |
| oracle -- industry_product_suite | Unspecified vulnerability in the Life Sciences - Oracle Thesaurus Management System component in Oracle Industry Product Suite 4.5.2, 4.6, and 4.6.1 allows remote attackers to affect integrity, related to TMS Browser. | 2010-04-13 | 4.3 | CVE-2010-0875 CERT CONFIRM |
| oracle -- industry_product_suite | Unspecified vulnerability in the Life Sciences - Oracle Clinical Remote Data Capture Option component in Oracle Industry Product Suite 4.5.3 and 4.6 allows remote attackers to affect integrity, related to RDC Onsite. | 2010-04-13 | 4.3 | CVE-2010-0876 CERT CONFIRM |
| oracle -- jd_edwards_enterpriseone | Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.26 and 8.50.07 allows remote attackers to affect integrity via unknown vectors. | 2010-04-13 | 5.0 | CVE-2010-0877 CERT CONFIRM |
| oracle -- jd_edwards_enterpriseone | Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.26 and 8.50.07 allows remote authenticated users to affect integrity via unknown vectors. | 2010-04-13 | 4.0 | CVE-2010-0878 CERT CONFIRM |
| oracle -- jd_edwards_enterpriseone | Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.26 and 8.50.07 allows remote authenticated users to affect confidentiality via unknown vectors. | 2010-04-13 | 4.0 | CVE-2010-0879 CERT CONFIRM |
| oracle -- jd_edwards_enterpriseone | Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.26 and 8.50.07 allows remote attackers to affect confidentiality and integrity via unknown vectors. | 2010-04-13 | 4.0 | CVE-2010-0880 CERT CONFIRM |
| oracle -- sun_product_suite | Unspecified vulnerability in the Sun Java System Communications Express component in Oracle Sun Product Suite 6 2005Q4 (6.2) and and 6.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Address Book. | 2010-04-13 | 6.8 | CVE-2010-0885 CERT CONFIRM |
| oracle -- opensolaris | Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite OpenSolaris snv_128 allows local users to affect confidentiality via unknown vectors related to the Kernel. | 2010-04-13 | 4.9 | CVE-2010-0889 CERT CONFIRM |
| oracle -- sun_product_suite | Unspecified vulnerability in the Sun Management Center component in Oracle Sun Product Suite 3.6.1 and 4.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Solaris Container Manager. | 2010-04-13 | 5.8 | CVE-2010-0891 CERT CONFIRM SUNALERT |
| oracle -- sun_product_suite | Unspecified vulnerability in the Sun Convergence component in Oracle Sun Product Suite 1.0 allows remote attackers to affect confidentiality via unknown vectors related to Mail. | 2010-04-13 | 4.3 | CVE-2010-0893 CERT CONFIRM BID SUNALERT |
| oracle -- opensso_enterprise | Unspecified vulnerability in the Sun Java System Access Manager component in Oracle Sun Product Suite 7.1, 7 2005Q4, and OpenSSO Enterprise 8.0 allows remote attackers to affect confidentiality and integrity via unknown vectors. | 2010-04-13 | 5.8 | CVE-2010-0894 CERT CONFIRM BID SUNALERT SECUNIA |
| oracle -- collaboration_suite | Unspecified vulnerability in the User Interface Components in Oracle Collaboration Suite 10.1.2.4 allows remote attackers to affect integrity via unknown vectors. | 2010-04-14 | 4.3 | CVE-2010-0881 CERT CONFIRM BID SECUNIA |
| preprojects -- pre_classified_listings_asp | Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to inject arbitrary web script or HTML via the address parameter. | 2010-04-13 | 4.3 | CVE-2010-1371 SECUNIA MISC |
| pulsecms -- pulse_cms | Multiple cross-site request forgery (CSRF) vulnerabilities in Pulse CMS Basic 1.2.2 and 1.2.3, and possibly Pulse Pro before 1.3.2, allow remote attackers to hijack the authentication of users for requests that (1) upload image files, (2) delete image files, or (3) create blocks. | 2010-04-09 | 6.8 | CVE-2010-0992 CONFIRM BUGTRAQ MISC SECUNIA |
| pulsecms -- pulse_cms | Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.2 and 1.2.3, and possibly Pulse Pro before 1.3.2, allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. | 2010-04-09 | 6.0 | CVE-2010-0993 CONFIRM BUGTRAQ MISC SECUNIA |
| sbddirectorysoftware -- sbd_directory_software | Cross-site scripting (XSS) vulnerability in editors/logindialogue.php in SBD Directory Software 4.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | 2010-04-13 | 4.3 | CVE-2010-1357 XF OSVDB MISC SECUNIA MISC |
| tembria -- server_monitor | Multiple stack-based buffer overflows in Tembria Server Monitor before 5.6.1 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted (1) GET, (2) PUT, or (3) HEAD request, as demonstrated by a malformed GET request containing a long PATH_INFO to index.asp. | 2010-04-14 | 5.0 | CVE-2010-1316 MISC MISC SECUNIA |
| ternaria -- com_vjdeo | Directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | 2010-04-12 | 5.0 | CVE-2010-1354 BID MISC SECUNIA MISC |
| uiga -- fan_club | Multiple cross-site scripting (XSS) vulnerabilities in admin/admin_login.php in Uiga Fan Club, as downloaded on 20100310, allow remote attackers to inject arbitrary web script or HTML via the (1) admin_name and (2) admin_password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | 2010-04-13 | 4.3 | CVE-2010-1367 SECUNIA |
| visualizationlibrary -- visualization_library | Multiple buffer overflows in src/vl/vlDAT.cpp in Visualization Library 2009.08.812 allow user-assisted remote attackers to execute arbitrary code via a crafted DAT file, related to the (1) vl::loadDAT and (2) vl::isDAT functions. | 2010-04-15 | 6.8 | CVE-2010-0994 BID BUGTRAQ MISC SECUNIA |
| vmware -- ace | The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process. | 2010-04-12 | 5.0 | CVE-2010-1138 CONFIRM MLIST SECUNIA SECUNIA SECUNIA FULLDISC BUGTRAQ |
| vmware -- player | The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk. | 2010-04-12 | 6.9 | CVE-2010-1140 CONFIRM MLIST SECUNIA FULLDISC BUGTRAQ |
| vsecurity -- tandberg_video_communication_server | Multiple directory traversal vulnerabilities in the web administration interface on the TANDBERG Video Communication Server (VCS) before X5.1 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to (1) helppage.php or (2) user/helppage.php. | 2010-04-13 | 4.0 | CVE-2009-4511 MISC BUGTRAQ SECUNIA |
| vsecurity -- tandberg_video_communication_server | Cross-site scripting (XSS) vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Reference ID 66316. | 2010-04-13 | 4.3 | CVE-2010-1355 CONFIRM |
| wowjoomla -- com_loginbox | Directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. | 2010-04-12 | 5.0 | CVE-2010-1353 XF VUPEN BID MISC SECUNIA MISC |
| yasirpro -- ms-pro_portal_scripti | YP Portal MS-Pro Surumu (aka MS-Pro Portal Scripti) 1.0 and 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for galeri/database/db.mdb. | 2010-04-13 | 5.0 | CVE-2009-4766 OSVDB SECUNIA MISC |
Low Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| ben_jeavons -- ownterm | Cross-site scripting (XSS) vulnerability in the Own Term module 6.x-1.0 for Drupal allows remote authenticated users, with "create additional terms" privileges, to inject arbitrary web script or HTML via the term description field in a term listing page. | 2010-04-13 | 2.1 | CVE-2010-1362 CONFIRM CONFIRM BID SECUNIA |
| freedesktop -- udisks | probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to udev even for a crypt UDISKS_DM_TARGETS_TYPE, which allows local users to discover encryption keys by (1) running a certain udevadm command or (2) reading a certain file under /dev/.udev/db/. | 2010-04-12 | 2.1 | CVE-2010-1149 CONFIRM CONFIRM CONFIRM CONFIRM BID SECUNIA FEDORA CONFIRM CONFIRM |
| oracle -- database_server | Unspecified vulnerability in the Audit component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to "SELECT, INSERT or DELETE on tables subject to auditing." | 2010-04-13 | 2.1 | CVE-2010-0854 CERT CONFIRM SECUNIA |
| oracle -- e-business_suite | Unspecified vulnerability in the Oracle Workflow Cartridge component in Oracle E-Business Suite 11.5.10.2 allows remote authenticated users to affect integrity via unknown vectors. | 2010-04-13 | 3.5 | CVE-2010-0857 CERT CONFIRM SECUNIA |
| oracle -- e-business_suite | Unspecified vulnerability in the E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote authenticated users to affect integrity via unknown vectors. | 2010-04-13 | 3.5 | CVE-2010-0858 CERT CONFIRM SECUNIA |
| oracle -- database_server | Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_CDC_PUBLISH. | 2010-04-13 | 3.6 | CVE-2010-0870 CERT CONFIRM SECUNIA |
| oracle -- sun_product_suite | Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite. | 2010-04-13 | 2.1 | CVE-2010-0883 CERT CONFIRM BID |
| oracle -- sun_product_suite | Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite. | 2010-04-13 | 2.1 | CVE-2010-0884 CERT CONFIRM BID |
| oracle -- sun_product_suite | Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_98 allows local users to affect availability via unknown vectors related to the Kernel. | 2010-04-13 | 2.1 | CVE-2010-0890 CERT CONFIRM BID SUNALERT SECUNIA |
| oracle -- opensolaris | Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite OpenSolaris snv_119 allows local users to affect integrity and availability via unknown vectors related to IP Filter. | 2010-04-13 | 3.6 | CVE-2010-0895 CERT CONFIRM BID |
| ron_jerome -- bibliography | Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privileges, to inject arbitrary web script or HTML via unspecified vectors. | 2010-04-13 | 2.1 | CVE-2010-1358 BID CONFIRM SECUNIA |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.