U.S. Flag Official website of the Department of Homeland Security

Bulletin (SB12-030)

Vulnerability Summary for the Week of January 23, 2012

Original release date: January 30, 2012 | Last revised: November 08, 2012

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

High Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
batavi -- batavi
SQL injection vulnerability in ajax.php in Batavi before 1.2.1 allows remote attackers to execute arbitrary SQL commands via the boxToReload parameter. 2012-01-24 7.5 CVE-2012-0069
dev!l's -- dev!l'z_clanportal_gamebase_addon
SQL injection vulnerability in deV!L'z Clanportal (DZCP) Gamebase addon allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a detail action to index.php. 2012-01-20 7.5 CVE-2012-0905
emc -- networker
Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. 2012-01-26 9.3 CVE-2012-0395
google -- chrome
Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections. 2012-01-23 7.5 CVE-2011-3924
google -- chrome
Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors related to a navigation entry and an interstitial page. 2012-01-23 7.5 CVE-2011-3925
google -- chrome
Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. 2012-01-23 7.5 CVE-2011-3926
google -- chrome
Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. 2012-01-23 7.5 CVE-2011-3927
google -- chrome
Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. 2012-01-23 7.5 CVE-2011-3928
hitachi -- cobol2002_net_developer
Unspecified vulnerability in Hitachi COBOL2002 Net Developer, Net Server Suite, and Net Client Suite 01-00, 01-01 through 01-01-/D, 01-02 through 01-02-/F, 01-03 through 01-03-/F, 02-00 through 02-00-/D, 02-01 through 02-01-/C, and possibly other versions before 02-01-/D allows remote attackers to execute arbitrary code via unknown attack vectors. 2012-01-24 10.0 CVE-2012-0918
ibm -- lotus_symphony
Multiple integer overflows in vclmi.dll in the visual class library module in IBM Lotus Symphony before 3.0.1 might allow remote attackers to execute arbitrary code via an embedded (1) JPEG or (2) PNG image object in a Symphony document that triggers a heap-based buffer overflow, as demonstrated by a .doc file. 2012-01-23 9.3 CVE-2012-0192
icloudcenter -- ictimeattendance
SQL injection vulnerability in checklogin.aspx in ICloudCenter ICTimeAttendance 1.0 allows remote attackers to execute arbitrary SQL commands via the passw parameter. NOTE: Some of these details are obtained from third party information. 2012-01-24 7.5 CVE-2012-0913
mystarmedia -- moviebase_addon
SQL injection vulnerability in the Moviebase addon for deV!L'z Clanportal (DZCP) 1.5.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a showkat action to index.php. 2012-01-20 7.5 CVE-2012-0906
renren -- renren_talk
Integer signedness error in RenRen Talk 2.9 allows remote attackers to execute arbitrary code via crafted dimensions of a skin file, leading to a heap-based buffer overflow, as demonstrated using a BMP image. 2012-01-24 9.3 CVE-2012-0915
renren -- renren_talk
Heap-based buffer overflow in RenRen Talk 2.9 allows remote attackers to execute arbitrary code via a crafted image in a chat message, as demonstrated using a PNG file. 2012-01-24 9.3 CVE-2012-0916
stone-ware -- webnetwork
SQL injection vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. 2012-01-24 7.5 CVE-2012-0912
symantec -- pcanywhere
The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631. 2012-01-25 10.0 CVE-2011-3478
Back to top

Medium Vulnerabilities

Primary
Vendor -- Product
Description Published CVSS Score Source & Patch Info
360 -- mobilesafe
The 360 MobileSafe (com.qihoo360.mobilesafe) application 2.1.0 and 2.2.0 for Android does not properly protect data, which allows remote attackers to read or modify SMS messages and a contact list via a crafted application. 2012-01-24 5.8 CVE-2011-4769
360 -- kouxin
The 360 KouXin (com.qihoo360.kouxin) application 1.5.3 for Android does not properly protect data, which allows remote attackers to read or modify SMS messages and a contact list via a crafted application. 2012-01-24 5.8 CVE-2011-4772
airties -- air_4450
AirTies Air 4450 1.1.2.18 allows remote attackers to cause a denial of service (reboot) via a direct request to cgi-bin/loader. 2012-01-20 5.0 CVE-2012-0902
androidapptools -- easy_filter
The AndroidAppTools Easy Filter (com.phoneblocker.android) application 1.1 and 1.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS messages and call records via a crafted application. 2012-01-24 6.4 CVE-2011-4698
anguanjia -- anguanjia
The AnGuanJia (com.anguanjia.safe) application 2.10.343 for Android does not properly protect data, which allows remote attackers to read or modify SMS messages and a contact list via a crafted application. 2012-01-24 5.8 CVE-2011-4773
annuairephp -- annuaire_php
Cross-site scripting (XSS) vulnerability in referencement/sites_inscription.php in Annuaire PHP allows remote attackers to inject arbitrary web script or HTML via the url parameter and possibly the nom parameter. 2012-01-20 4.3 CVE-2012-0899
asterisk -- open_source
chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple. 2012-01-25 4.3 CVE-2012-0885
attenzione -- yousaytoo
Cross-site scripting (XSS) vulnerability in yousaytoo.php in YouSayToo auto-publishing plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the submit parameter. 2012-01-20 4.3 CVE-2012-0901
beehive_forum -- beehive_forum
Multiple cross-site scripting (XSS) vulnerabilities in Beehive Forum 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) forum/register.php or (2) forum/logon.php. 2012-01-20 4.3 CVE-2012-0900
camaleo -- myeasybackup
Directory traversal vulnerability in meb_download.php in the myEASYbackup plugin 1.0.8.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dwn_file parameter. 2012-01-20 5.0 CVE-2012-0898
drupal -- panels
Cross-site scripting (XSS) vulnerability in display_renderers/panels_renderer_editor.class.php in the admin view in the Panels module 6.x-2.x before 6.x-3.10 and 7.x-3.x before 7.x-3.0 for Drupal allows remote authenticated users with certain privileges to inject arbitrary web script or HTML via the Region title. 2012-01-24 4.3 CVE-2012-0914
duckcorp -- bip
Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file descriptors. 2012-01-26 6.5 CVE-2012-0806
glucose -- glucose_2
Cross-site scripting (XSS) vulnerability in glucose 2 before stage 6.2 allows remote attackers to inject arbitrary web script or HTML via an RSS feed. 2012-01-23 4.3 CVE-2012-0313
google -- android
The Bluetooth service (com/android/phone/BluetoothHeadsetService.java) in Android 2.3 before 2.3.6 allows remote attackers within Bluetooth range to obtain contact data via an AT phonebook transfer. 2012-01-25 4.3 CVE-2011-4276
hardened-php -- suhosin
Stack-based buffer overflow in the suhosin_encrypt_single_cookie function in the transparent cookie-encryption feature in the Suhosin extension before 0.9.33 for PHP, when suhosin.cookie.encrypt and suhosin.multiheader are enabled, might allow remote attackers to execute arbitrary code via a long string that is used in a Set-Cookie HTTP header. 2012-01-26 5.1 CVE-2012-0807
hatena -- callconfirm
The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 for Android does not properly protect data, which allows remote attackers to read or modify allow/block lists via a crafted application. 2012-01-24 5.8 CVE-2011-4701
hitachi -- it_operations_analyzer
Cross-site scripting (XSS) vulnerability in Hitachi IT Operations Analyzer 02-01, 02-51 through 02-51-01, and 02-53 through 02-53-02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2012-01-24 4.3 CVE-2012-0917
hitachi -- it_operations_director
Cross-site scripting (XSS) vulnerability in Hitachi IT Operations Director 02-50-01 through 02-50-07, 03-00 through 03-00-04, and possibly other versions before 03-00-06, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2012-01-24 4.3 CVE-2012-0919
horde -- dynamic_imp
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edition before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compose page; (4) formname parameter to the contacts popup window; or (5) IMAP mailbox names. NOTE: some of these details are obtained from third party information. 2012-01-24 4.3 CVE-2012-0791
horde -- groupware_webmail_edition
Cross-site scripting (XSS) vulnerability in Horde_Form in Horde Groupware Webmail Edition before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to email verification. NOTE: Some of these details are obtained from third party information. 2012-01-24 4.3 CVE-2012-0909
irfanview -- irfanview
Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment. 2012-01-20 6.8 CVE-2012-0897
kaixin001 -- kaixin001
The Kaixin001 (com.kaixin001.activity) application 1.3.1 and 1.3.3 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a cleartext password via a crafted application. 2012-01-24 6.4 CVE-2011-4866
lucion -- scan_to_pdf_free
The Scan to PDF Free (com.scan.to.pdf.trial) application 2.0.4 for Android does not properly protect data, which allows remote attackers to read or modify scanned files and a Google account via a crafted application. 2012-01-24 5.8 CVE-2011-4771
mailenable -- mailenable
Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter. 2012-01-24 4.3 CVE-2012-0389
ming -- blacklist_free
The Ming Blacklist Free (vc.software.blacklist) application 1.8.1 and 1.9.2.1 for Android does not properly protect data, which allows remote attackers to read or modify blacklists and a contact list via a crafted application that launches a "data-flow attack." 2012-01-24 5.8 CVE-2011-4705
nathanielkh -- limit_my_call
The Limit My Call (com.limited.call.view) application 2.11 for Android does not properly protect data, which allows remote attackers to read or modify call logs and a contact list via a crafted application. 2012-01-24 5.8 CVE-2011-4703
neoaxis -- neoaxis_web_player
Directory traversal vulnerability in the web player in NeoAxis NeoAxis web player 1.4 and earlier allows user-assisted remote attackers to write arbitrary files via a .. (dot dot) in a filename in the neoaxis_web_application_win32.zip ZIP archive. 2012-01-20 5.8 CVE-2012-0907
nimbuzz -- nimbuzz
The Nimbuzz (com.nimbuzz) application 2.0.8 and 2.0.10 for Android does not properly protect data, which allows remote attackers to read or modify a contact list via a crafted application. 2012-01-24 5.8 CVE-2011-4702
oetiker -- smokeping
Cross-site scripting (XSS) vulnerability in smokeping_cgi in Smokeping 2.4.2, 2.6.6, and other versions before 2.6.7 allows remote attackers to inject arbitrary web script or HTML via the displaymode parameter. 2012-01-24 4.3 CVE-2012-0790
openssl -- openssl
crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts. 2012-01-26 5.8 CVE-2011-4354
oscommerce -- oscommerce
Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before R9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2012-01-26 4.3 CVE-2012-0311
oscommerce -- online_merchant
Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before R9, and osCommerce Online Merchant before 2.3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2012-01-26 4.3 CVE-2012-0312
phpmyadmin -- phpmyadmin
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to (1) libraries/tbl_links.inc.php and (2) tbl_tracking.php. 2012-01-26 4.3 CVE-2011-1940
phpmyadmin -- phpmyadmin
Open redirect vulnerability in the redirector feature in phpMyAdmin 3.4.x before 3.4.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. 2012-01-26 4.3 CVE-2011-1941
qiwi -- wallet
The QIWI Wallet (ru.mw) application before 1.14.2 for Android does not properly protect data, which allows remote attackers to read or modify financial information via a crafted application. 2012-01-24 5.8 CVE-2011-4770
rsa -- envision
EMC RSA enVision 4.0 before SP4 P5 and 4.1 before P3 allows remote attackers to obtain sensitive information about environment variables in the web system via unspecified vectors. 2012-01-26 5.0 CVE-2011-4143
simplesamlphp -- simplesamlphp
Cross-site scripting (XSS) vulnerability in modules/core/www/no_cookie.php in SimpleSAMLphp 1.8.1 and possibly other versions before 1.8.2 allows remote attackers to inject arbitrary web script or HTML via the retryURL parameter. 2012-01-24 4.3 CVE-2012-0040
simplesamlphp -- simplesamlphp
Cross-site scripting (XSS) vulnerability in logout.php in SimpleSAMLphp 1.8.1 and possibly other versions before 1.8.2 allows remote attackers to inject arbitrary web script or HTML via the link_href parameter. 2012-01-24 4.3 CVE-2012-0908
stone-ware -- webnetwork
Multiple cross-site scripting (XSS) vulnerabilities in Stoneware webNetwork before 6.0.8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2012-01-24 4.3 CVE-2012-0285
stone-ware -- webnetwork
Cross-site request forgery (CSRF) vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to hijack the authentication of unspecified victims for requests that modify user accounts. 2012-01-24 6.8 CVE-2012-0286
symantec -- pcanywhere
Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which allows local users to gain privileges by modifying a file. 2012-01-25 4.3 CVE-2011-3479
tencent -- qqpimsecure
The Tencent QQPimSecure (com.tencent.qqpimsecure) application 3.0.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS/MMS messages and a contact list via a crafted application. 2012-01-24 5.8 CVE-2011-4863
tencent -- mobileqq
The Tencent MobileQQ (com.tencent.mobileqq) application 2.2 for Android does not properly protect data, which allows remote attackers to read or modify messages and a friends list via a crafted application. 2012-01-24 5.8 CVE-2011-4864
tencent -- microblogpad
The Tencent WBlog (com.tencent.WBlog) 3.3.1 and MicroBlogPad 1.4.0 applications for Android do not properly protect data, which allows remote attackers to read or modify message drafts and search keywords via a crafted application. 2012-01-24 5.8 CVE-2011-4865
tencent -- qqpphoto
The Tencent QQPhoto (com.tencent.qqphoto) application 0.97 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a password hash via a crafted application. 2012-01-24 5.8 CVE-2011-4867
tom_braider -- count_per_day
Cross-site scripting (XSS) vulnerability in map/map.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the map parameter. 2012-01-20 4.3 CVE-2012-0895
tom_braider -- count_per_day
Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter. 2012-01-20 5.0 CVE-2012-0896
ubermedia -- twidroyd_legacy
The Ubermedia Twidroyd Legacy (com.twidroydlegacy) application 4.3.11 for Android does not properly protect data, which allows remote attackers to read or modify Twitter information via a crafted application. 2012-01-24 6.4 CVE-2011-4699
ubersocial -- ubersocial
The UberMedia UberSocial (com.twidroid) application 7.1.5 and 7.2.2 for Android does not properly protect data, which allows remote attackers to read or modify Twitter information via a crafted application. 2012-01-24 5.8 CVE-2011-4700
videolan -- vlc_media_player
VLC media player 1.1.11 allows remote attackers to cause a denial of service (crash) via a long string in an amr file. 2012-01-20 4.3 CVE-2012-0904
vmware -- zimbra_desktop
Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Desktop 7.1.2 b10978 allow remote attackers to inject arbitrary web script or HTML via the (1) Username or (2) MailBox Name. 2012-01-20 4.3 CVE-2012-0903
voxofon -- voxofon
The Voxofon (com.voxofon) application before 2.5.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS information via a crafted application. 2012-01-24 5.8 CVE-2011-4704
xiaomi -- mitalk_messenger
The Xiaomi MiTalk Messenger (com.xiaomi.channel) application before 2.1.320 for Android does not properly protect data, which allows remote attackers to read or modify messaging information via a crafted application. 2012-01-24 6.4 CVE-2011-4697
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top