Report date: July 28, 2008 Date posted: July 28, 2008
This report combines relevant bulletins from SANS, Secunia and CERT. The wording is original with some "back" links added where needed. The CERT index lists vulnerabilities with and without solutions. Click the link for specific information.
At a very minimum, look at the SANS bulletins as they include the top issues on a weekly basis. Next, review Secunia for a more complete listing with well structured bulletins avaiable as external links. Finally, the CERT section contains very detailed information and many newly discovered vulnerabilities and updates on existing issues.
Tip: highlight any link below to reveal the criticality or priority.
back [SA31187] Pre Survey Poll "catid" SQL Injection Vulnerability
back [SA31170] HRS Multi "key" SQL Injection Vulnerability
back [SA31158] SWAT 4 Denial of Service Vulnerabilities
back [SA31195] Red Hat update for thunderbird
back [SA31183] Debian update for xulrunner
back [SA31182] Gentoo update for peercast
back [SA31181] Debian update for ruby1.8
back [SA31180] Gentoo BitchX Multiple Vulnerabilities
back [SA31176] Debian update for iceweasel
back [SA31167] SUSE Update for Multiple Packages
back [SA31157] Fedora update for firefox
back [SA31154] Fedora update for seamonkey
back [SA31212] OpenBSD BIND Query Port DNS Cache Poisoning
back [SA31209] Slackware update for dnsmasq
back [SA31208] IPCop update for perl
back [SA31206] Debian update for clamav
back [SA31204] IPCop update for various packages
back [SA31200] Ubuntu update for php
back [SA31199] Ubuntu update for dnsmasq
back [SA31197] dnsmasq Denial of Service and DNS Cache Poisoning
back [SA31171] Fedora update for mantis
back [SA31169] rPath update for bind
back [SA31168] Debian update for libgd2
back [SA31163] Fedora update for python-formencode
back [SA31155] Sun Solaris System Management Agent SNMP Daemon Buffer Overflow
back [SA31202] SUSE update for kernel
back [SA31175] Filesys::SmbClientParser Shell Command Injection Vulnerability
back [SA31194] Fedora update for asterisk
back [SA31172] Linux Kernel LDT Buffer Size Handling Vulnerability
back [SA31159] Vim configure.in Insecure Temporary Files
back [SA31198] Red Hat update for kernel
back [SA31184] Gentoo Bacula MySQL Director Password Disclosure Weakness
back [SA31179] OpenSSH "X11UseLocalhost" X11 Forwarding Security Issue
back [SA31173] Century Systems Routers Cross-Site Request Forgery
back [SA31203] SocialEngine SQL Injection and Code Execution
back [SA31161] YouTube Blog Multiple Vulnerabilities
back [SA31193] EasyPublish SQL Injection and Cross-Site Scripting
back [SA31192] EasyE-Cards SQL Injection and Cross-Site Scripting
back [SA31190] MyReview Disclosure of Sensitive Information
back [SA31189] EasyDynamicPages SQL Injection and Cross-Site Scripting
back [SA31185] ZDaemon Denial of Service Vulnerability
back [SA31174] Def-Blog "article" SQL Injection Vulnerabilities
back [SA31166] MojoClassifieds "cat_a" SQL Injection Vulnerability
back [SA31165] MojoPersonals "cat" SQL Injection Vulnerability
back [SA31164] MojoJobs "cat_a" SQL Injection Vulnerability
back [SA31162] MojoAuto "cat_a" SQL Injection Vulnerability
back [SA31156] ShopCartDx "pid" SQL Injection Vulnerability
back [SA31211] Drupal Session Fixation Vulnerability
back [SA31201] Claroline Multiple Cross-Site Scripting Vulnerabilities
back [SA31196] Moodle Script Insertion and Cross-Site Request Forgery
back [SA31191] EasyBookMarker "rs" Cross-Site Scripting
back [SA31188] Geeklog Forum Plugin Search Cross-Site Scripting Vulnerability
back [SA31186] EMC Retrospect Multiple Vulnerabilities
back [SA31178] Asterisk Two Denial of Service Vulnerabilities
Secunia Bulletin - 2008-29
CERT Bulletin - SB08-203
BULLETIN DETAIL
Secunia Bulletin
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2008-07-23
DreamTurk has reported a vulnerability in Pre Survey Poll, which can be exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/31187/
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2008-07-22
Mr.SQL has reported a vulnerability in HRS Multi, which can be exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/31170/
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2008-07-21
Luigi Auriemma has reported some vulnerabilities in SWAT 4, which can be exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/31158/
Critical: Highly critical
Where: From remote
Impact: Spoofing, Exposure of system information, Exposure of
sensitive information, System access
Released: 2008-07-24
Red Hat has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, disclose sensitive information, or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/31195/
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure
of system information, Exposure of sensitive information, DoS, System access
Released: 2008-07-24
Debian has issued an update for xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, disclose sensitive information, or potentially compromise a user's system.
Full Advisory:
http://secunia.com/advisories/31183/
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2008-07-22
Gentoo has issued an update for peercast. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/31182/
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2008-07-22
Debian has issued an update for ruby1.8. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/31181/
Critical: Highly critical
Where: From remote
Impact: Privilege escalation, System access
Released: 2008-07-22
Gentoo has acknowledged a security issue and a vulnerability in bitchx, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to potentially compromise a user's system.
Full Advisory:
http://secunia.com/advisories/31180/
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Exposure of sensitive information, System
access
Released: 2008-07-24
Debian has issued an update for iceweasel. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/31176/
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Manipulation of data, DoS, System access
Released: 2008-07-21
SUSE has issued an update for multiple packages. This fixes some security issues and some vulnerabilities, which can be exploited by malicious people to manipulate certain data, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/31167/
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Exposure of sensitive information, System
access
Released: 2008-07-18
Fedora has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/31157/
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-07-18
Fedora has issued an update for seamonkey. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/31154/
Critical: Moderately critical
Where: From remote
Impact: Spoofing
Released: 2008-07-24
OpenBSD has acknowledged a vulnerability in BIND, which can be exploited by malicious people to poison the DNS cache.
Full Advisory:
http://secunia.com/advisories/31212/
Critical: Moderately critical
Where: From remote
Impact: Spoofing
Released: 2008-07-24
Slackware has issued an update for dnsmasq. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
Full Advisory:
http://secunia.com/advisories/31209/
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2008-07-24
An updated version of IPCop has been released, which fixes some vulnerabilities in perl, which can potentially be exploited by malicious people to cause a Denial of Service or to compromise a vulnerable perl application.
Full Advisory:
http://secunia.com/advisories/31208/
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2008-07-24
Debian has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/31206/
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Spoofing, DoS
Released: 2008-07-23
An updated version of IPCop has been released, which fixes some vulnerabilities in bzip2, dnsmasq, and snort, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and poison the DNS cache.
Full Advisory:
http://secunia.com/advisories/31204/
Critical: Moderately critical
Where: From remote
Impact: Unknown, Security Bypass, DoS, System access
Released: 2008-07-24
Ubuntu has issued an update for php. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions, and potentially by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/31200/
Critical: Moderately critical
Where: From remote
Impact: Spoofing
Released: 2008-07-23
Ubuntu has issued an update for dnsmasq. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
Full Advisory:
http://secunia.com/advisories/31199/
Critical: Moderately critical
Where: From remote
Impact: Spoofing, DoS
Released: 2008-07-23
Some vulnerabilities have been reported in dnsmasq, which can be exploited by malicious people to cause a DoS (Denial of Service) and poison the DNS cache.
Full Advisory:
http://secunia.com/advisories/31197/
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, System access
Released: 2008-07-23
Fedora has issued an update for mantis. This fixes some vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and malicious people to conduct cross-site scripting and request forgery attacks.
Full Advisory:
http://secunia.com/advisories/31171/
Critical: Moderately critical
Where: From remote
Impact: Spoofing
Released: 2008-07-21
rPath has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
Full Advisory:
http://secunia.com/advisories/31169/
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2008-07-22
Debian has issued an update for libgd2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Full Advisory:
http://secunia.com/advisories/31168/
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2008-07-18
Fedora has issued an update for python-formencode. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/31163/
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2008-07-18
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/31155/
Critical: Less critical
Where: From remote
Impact: Privilege escalation, DoS
Released: 2008-07-23
SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges, and malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/31202/
Critical: Less critical
Where: From remote
Impact: System access
Released: 2008-07-21
Jesus Olmos Gonzalez has discovered a vulnerability in Filesys::SmbClientParser, which can be exploited by malicious people to compromise an application using the module.
Full Advisory:
http://secunia.com/advisories/31175/
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2008-07-24
Fedora has issued an update for asterisk. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to conduct DoS attacks.
Full Advisory:
http://secunia.com/advisories/31194/
Critical: Less critical
Where: Local system
Impact: Privilege escalation, DoS
Released: 2008-07-24
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/31172/
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2008-07-18
A security issue has been reported in Vim, which can be exploited by malicious, local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/31159/
Critical: Not critical
Where: Local system
Impact: DoS
Released: 2008-07-24
Red Hat has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/31198/
Critical: Not critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2008-07-22
Gentoo has acknowledged a weakness in bacula, which can be exploited by malicious, local users to disclose potentially sensitive information.
Full Advisory:
http://secunia.com/advisories/31184/
Critical: Not critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2008-07-22
A security issue has been reported in OpenSSH, which can be exploited by malicious, local users to disclose sensitive information.
Full Advisory:
http://secunia.com/advisories/31179/
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2008-07-22
A vulnerability has been reported in various Century Systems routers, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Full Advisory:
http://secunia.com/advisories/31173/
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Manipulation of data, System access
Released: 2008-07-23
Tim Loshak has reported some vulnerabilities in SocialEngine, which can be exploited by malicious users to compromise a vulnerable system, and by malicious people to conduct SQL injection attacks and bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/31203/
Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, Exposure of
system information, Exposure of sensitive information, System access
Released: 2008-07-23
Some vulnerabilities have been discovered in YouTube Blog, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, disclose sensitive information, and compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/31161/
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released: 2008-07-22
Khashayar Fereidani has discovered two vulnerabilities in EasyPublish, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/31193/
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2008-07-22
Khashayar Fereidani has discovered some vulnerabilities in EasyE-Cards, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/31192/
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2008-07-22
Julien Thomas has reported a security issue in MyReview, which can be exploited by malicious people to disclose potentially sensitive information.
Full Advisory:
http://secunia.com/advisories/31190/
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2008-07-22
Khashayar Fereidani has discovered two vulnerabilities in EasyDynamicPages, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/31189/
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2008-07-22
Luigi Auriemma has reported a vulnerability in ZDaemon, which can be exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/31185/
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2008-07-21
CWH Underground has discovered some vulnerabilities in Def-Blog, which can be exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/31174/
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2008-07-22
Mr.SQL has reported a vulnerability in MojoClassifieds, which can be exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/31166/
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2008-07-22
Mr.SQL has reported a vulnerability in MojoPersonals, which can be exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/31165/
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2008-07-22
Mr.SQL has reported a vulnerability in MojoJobs, which can be exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/31164/
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2008-07-22
Mr.SQL has reported a vulnerability in MojoAuto, which can be exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/31162/
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2008-07-22
Cr@zy_King has reported a vulnerability in ShopCartDX, which can be exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/31156/
Critical: Less critical
Where: From remote
Impact: Hijacking
Released: 2008-07-24
A vulnerability has been reported in Drupal, which can be exploited by malicious people to conduct session fixation attacks.
Full Advisory:
http://secunia.com/advisories/31211/
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2008-07-23
Digital Security Research Group have reported some vulnerabilities in Claroline, which can be exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/31201/
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2008-07-23
ProCheckUp Ltd have reported two vulnerabilities in Moodle, which can be exploited by malicious users to conduct script insertion attacks, and by malicious people to conduct cross-site request forgery attacks.
Full Advisory:
http://secunia.com/advisories/31196/
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2008-07-22
Khashayar Fereidani has discovered a vulnerability in EasyBookMarker, which can be exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/31191/
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2008-07-23
A vulnerability has been reported in the Forum plugin for Geeklog, which can be exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/31188/
Critical: Less critical
Where: From local network
Impact: Brute force, Exposure of sensitive information, DoS
Released: 2008-07-22
Some vulnerabilities and a security issue has been reported in EMC Retrospect, which can be exploited by malicious people to disclose sensitive information or cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/31186/
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2008-07-23
Two vulnerabilities have been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service) or to conduct DoS attacks.
Full Advisory:
http://secunia.com/advisories/31178/
©
2004 California State Polytechnic University, Pomona
policies |
site map |
directories |
eHelp |
web mail |
contact info
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
| High Vulnerabilities |
|---|
| Medium Vulnerabilities |
|---|
| Primary Vendor -- Product | Description |
| CVSS Score | Source & Patch Info | ||
|---|---|---|---|---|---|---|
| back 1scripts -- codedb |
Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. |
| 6.8 | CVE-2008-3190 MILW0RM BID XF | ||
| back afuse -- afuse |
The expand_template function in afuse.c in afuse 0.2 allows local users to gain privileges via shell metacharacters in a pathname. |
| 4.6 | CVE-2008-2232 OTHER-REF | ||
| back Apache Software Foundation -- Apache Microsoft -- IIS Sun -- Java System Web Server Sun -- ONE Web Server Oracle -- weblogic_server_component Oracle -- bea_product_suite |
Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors. |
| 6.8 | CVE-2008-2579 OTHER-REF | ||
| back Apple -- Safari |
Safari on Apple iPhone before 2.0 and iPod touch before 2.0 misinterprets a menu button press as user confirmation for visiting a web site with a (1) self-signed or (2) invalid certificate, which makes it easier for remote attackers to spoof web sites. |
| 4.3 | CVE-2008-1589 APPLE BID | ||
| back Apple -- core_image_fun_house |
Buffer overflow in Apple Core Image Fun House 2.0 and earlier in CoreImage Examples in Xcode tools before 3.1 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a .funhouse file with a string XML element that contains many characters. |
| 6.8 | CVE-2008-2304 BUGTRAQ MILW0RM OTHER-REF | ||
| back Apple -- Xcode Tools |
The WOHyperlink implementation in WebObjects in Apple Xcode tools before 3.1 appends local session IDs to generated non-local URLs, which allows remote attackers to obtain potentially sensitive information by reading the requests for these URLs. |
| 5.0 | CVE-2008-2318 OTHER-REF | ||
| back Apple -- Safari |
Apple Safari allows web sites to set cookies for country-specific top-level domains, such as co.uk and com.au, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking," a related issue to CVE-2004-0746, CVE-2004-0866, and CVE-2004-0867. |
| 6.8 | CVE-2008-3170 OTHER-REF BID | ||
| back Apple -- Safari |
Apple Safari sends Referer headers containing https URLs to different https web sites, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. |
| 4.3 | CVE-2008-3171 OTHER-REF BID | ||
| back Chipmunk Scripts -- Chipmunk Blogger |
Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Blog (Blogger) allow remote attackers to inject arbitrary web script or HTML via the membername parameter to (1) members.php, (2) comments.php, (3) photos.php, (4) archive.php, or (5) cat.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| 4.3 | CVE-2008-3186 BID XF | ||
| back content_now -- content_now |
Unrestricted file upload vulnerability in upload.php in ContentNow CMS 1.4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/. |
| 6.5 | CVE-2008-3181 MILW0RM BID | ||
| back CWH Underground -- contentnow_cms |
Multiple cross-site scripting (XSS) vulnerabilities in upload/file/language_menu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) pageid parameter or (2) PATH_INFO. |
| 4.3 | CVE-2008-3180 MILW0RM BID | ||
| back easy-script -- wysi_wiki_wyg |
Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter. |
| 5.0 | CVE-2008-3205 MILW0RM BID XF | ||
| back Empire Server -- Empire Server |
The files utility in Empire Server before 4.3.15 discloses the world creation time, which makes it easier for attackers to determine the PRNG seed. |
| 5.0 | CVE-2008-3168 XF | ||
| back fuzzylime -- fuzzylime_cms |
Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter, as demonstrated using content.php, a different vector than CVE-2007-4805. |
| 6.8 | CVE-2008-3165 MILW0RM BID XF XF | ||
| back IBM -- maximo |
Multiple cross-site scripting (XSS) vulnerabilities in jsp/common/system/debug.jsp in IBM Maximo 4.1 and 5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Accept, (2) Accept-Language, (3) UA-CPU, (4) Accept-Encoding, (5) User-Agent, or (6) Cookie HTTP header. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| 4.3 | CVE-2008-3161 BID | ||
| back marcioforum -- mforum |
Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) City, (2) Interest, (3) Email, (4) Icq, (5) msn, or (6) Yahoo Messenger field in an edit_profile action. |
| 6.8 | CVE-2008-3191 MILW0RM BID XF | ||
| back Microsoft -- ie |
Microsoft Internet Explorer allows web sites to set cookies for domains that have a public suffix with more than one dot character, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking." NOTE: this issue may exist because of an insufficient fix for CVE-2004-0866. |
| 6.8 | CVE-2008-3173 OTHER-REF OTHER-REF | ||
| back Mozilla -- Firefox |
Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer. |
| 6.8 | CVE-2008-2934 OTHER-REF OTHER-REF BID SECTRACK XF | ||
| back Nortel -- sip_multimedia_pc_client |
Nortel SIP Multimedia PC Client 4.x MCS5100 and MCS5200 does not limit the number of concurrent sessions, which allows attackers to cause a denial of service (resource consumption) via a large number of sessions. |
| 5.0 | CVE-2008-3157 OTHER-REF OTHER-REF SECTRACK | ||
| back Novell -- Novell Client for Windows |
Unspecified vulnerability in NWFS.SYS in Novell Client for Windows 4.91 SP4 has unknown impact and attack vectors, possibly related to IOCTL requests that overwrite arbitrary memory. |
| 6.9 | CVE-2008-3158 BID SECTRACK XF | ||
| back OllyDbg -- OllyDbg mackt -- ImpRec |
Stack-based buffer overflow in (1) OllyDBG 1.10 and (2) ImpREC 1.7f allows user-assisted attackers to execute arbitrary code via a crafted DLL file that contains a long string. |
| 6.8 | CVE-2008-3148 MILW0RM BID | ||
| back opera -- opera |
Opera allows web sites to set cookies for country-specific top-level domains that have DNS A records, such as co.tv, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking." |
| 6.8 | CVE-2008-3172 OTHER-REF OTHER-REF OTHER-REF OTHER-REF | ||
| back Oracle -- weblogic_server Oracle -- bea_product_suite |
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.2, 9.1, 9.0, and 8.1 SP6 has unknown impact and local attack vectors. |
| 4.3 | CVE-2008-2576 OTHER-REF | ||
| back Oracle -- webloic_server_component Oracle -- bea_product_suite |
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.2 MP1 has unknown impact and remote authenticated attack vectors. |
| 4.6 | CVE-2008-2577 OTHER-REF | ||
| back Oracle -- webloic_server_component Oracle -- bea_product_suite |
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 and 9.2 MP1 has unknown impact and local attack vectors. |
| 6.5 | CVE-2008-2578 OTHER-REF | ||
| back Oracle -- weblogic_server_component Oracle -- bea_product_suite |
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer. |
| 5.1 | CVE-2008-2581 OTHER-REF | ||
| back Oracle -- application_server Oracle -- oracle_portal_component |
Unspecified vulnerability in the sample Discussion Forum Portlet for the Oracle Portal component in Oracle Application Server, as available from OTN before 20080715, has unknown impact and remote attack vectors. |
| 4.3 | CVE-2008-2583 OTHER-REF | ||
| back Oracle -- E-Business Suite Oracle -- report_manager_component |
Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors. |
| 6.5 | CVE-2008-2585 OTHER-REF | ||
| back Oracle -- E-Business Suite Oracle -- application_object_library |
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors. |
| 6.5 | CVE-2008-2586 OTHER-REF | ||
| back Oracle -- Database 11g Oracle -- Database 9i Oracle -- Database 10g |
Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors. |
| 6.5 | CVE-2008-2591 | ||
| back Oracle -- Oracle Database Oracle -- advanced_replication_component |
Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_DEFER_SYS. |
| 6.5 | CVE-2008-2592 OTHER-REF | ||
| back Oracle -- Application Server 10g Oracle -- oracle_portal_component |
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 has unknown impact and remote attack vectors. |
| 4.3 | CVE-2008-2593 OTHER-REF | ||
| back Oracle -- Database 9i Oracle -- Database 10g |
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service (crash) via a malformed LDAP request that triggers a NULL pointer dereference. |
| 5.0 | CVE-2008-2595 | ||
| back Oracle -- E-Business Suite Oracle -- mobile_application_server |
Unspecified vulnerability in the Mobile Application Server component in Oracle E-Business Suite 12.0.3 has unknown impact and remote authenticated attack vectors. |
| 6.5 | CVE-2008-2596 OTHER-REF | ||
| back Oracle -- Oracle Database Oracle -- spatial_component |
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to MDSYS.SDO_TOPO_MAP. |
| 6.5 | CVE-2008-2600 OTHER-REF | ||
| back Oracle -- E-Business Suite |
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors. |
| 5.5 | CVE-2008-2601 | ||
| back Oracle -- Database 11g Oracle -- data_pump_component Oracle -- Database 10g |
Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to the IMP_FULL_DATABASE role. |
| 6.5 | CVE-2008-2602 OTHER-REF | ||
| back Oracle -- Database 11g Oracle -- authentication_component |
Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown impact and remote authenticated attack vectors. |
| 6.5 | CVE-2008-2604 OTHER-REF | ||
| back Oracle -- Database 11g Oracle -- authentication_component |
Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.6 has unknown impact and remote authenticated attack vectors. |
| 6.5 | CVE-2008-2605 OTHER-REF | ||
| back Oracle -- E-Business Suite Oracle -- application_object_library |
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors. |
| 6.5 | CVE-2008-2606 OTHER-REF | ||
| back Oracle -- Database 11g Oracle -- advanced_queuing_component Oracle -- Database 9i Oracle -- Database 10g |
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_AQELM. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a buffer overflow that allows attackers to cause a denial of service (database corruption) and possibly arbitrary code via a long argument to an unspecified procedure. |
| 6.5 | CVE-2008-2607 OTHER-REF | ||
| back Oracle -- data_pump_component Oracle -- Database 10g |
Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote authenticated attack vectors related to SYS.KUPF$FILE_INT. |
| 6.5 | CVE-2008-2608 OTHER-REF | ||
| back Oracle -- E-Business Suite Oracle -- oracle_applications_technology_stack_component |
Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors. |
| 6.5 | CVE-2008-2610 OTHER-REF | ||
| back Oracle -- hyperion_bi_plus_component Oracle -- Oracle Application Server |
Unspecified vulnerability in the Hyperion BI Plus component in Oracle Application Server 8.3.2.4, 8.5.0.3, 9.2.0.3, 9.2.1.0, and 9.3.1.0 has unknown impact and remote attack vectors. |
| 4.3 | CVE-2008-2612 OTHER-REF | ||
| back Oracle -- Database 11g Oracle -- database_scheduler Oracle -- Database 10g |
Unspecified vulnerability in the Database Scheduler component in Oracle Database 10.2.0.4 and 11.1.0.6 has unknown impact and local attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this is an untrusted search path issue that allows local users to execute arbitrary code via a malicious library. |
| 6.5 | CVE-2008-2613 OTHER-REF | ||
| back Oracle -- oracle_http_server_component Oracle -- Oracle Application Server |
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.3.3 has unknown impact and remote attack vectors. |
| 4.3 | CVE-2008-2614 OTHER-REF | ||
| back Oracle -- peoplesoft_peopletools_component Oracle -- JD Edwards EnterpriseOne Oracle -- PeopleSoft Enterprise |
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors. |
| 6.5 | CVE-2008-2615 OTHER-REF | ||
| back Oracle -- JD Edwards EnterpriseOne Oracle -- PeopleSoft Enterprise Oracle -- PeopleSoft PeopleTools |
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors. |
| 6.5 | CVE-2008-2616 OTHER-REF | ||
| back Oracle -- peoplesoft_peopletools_component Oracle -- JD Edwards EnterpriseOne Oracle -- PeopleSoft Enterprise |
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors. |
| 6.5 | CVE-2008-2617 OTHER-REF | ||
| back Oracle -- peoplesoft_peopletools_component Oracle -- JD Edwards EnterpriseOne Oracle -- PeopleSoft Enterprise |
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors. |
| 6.5 | CVE-2008-2618 OTHER-REF | ||
| back Oracle -- peoplesoft_peopletools_component Oracle -- JD Edwards EnterpriseOne Oracle -- PeopleSoft Enterprise |
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors. |
| 6.5 | CVE-2008-2620 OTHER-REF | ||
| back Oracle -- peoplesoft_peopletools_component Oracle -- JD Edwards EnterpriseOne Oracle -- PeopleSoft Enterprise |
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors. |
| 4.0 | CVE-2008-2621 OTHER-REF | ||
| back Oracle -- peoplesoft_peopletools_component Oracle -- JD Edwards EnterpriseOne Oracle -- PeopleSoft Enterprise |
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.17 and 8.49.11 has unknown impact and remote authenticated attack vectors. |
| 6.5 | CVE-2008-2622 OTHER-REF | ||
| back pagefusion -- pagefusion |
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Pagefusion 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) acct_fname and (2) acct_lname parameters in an edit action, and the (3) PID, (4) PGID, and (5) rez parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| 4.3 | CVE-2008-3201 OTHER-REF BID XF | ||
| back Pluck -- Pluck |
Multiple directory traversal vulnerabilities in data/inc/themes/predefined_variables.php in pluck 4.5.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) langpref, (2) file, (3) blogpost, or (4) cat parameter. |
| 6.8 | CVE-2008-3194 MILW0RM BID XF | ||
| back regretless -- dodos_mail |
Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the dodosmail_header_file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| 6.8 | CVE-2008-3163 BID XF | ||
| back resiprocate -- resiprocate |
rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service (daemon crash) via a SIP (1) INVITE or (2) OPTIONS message with a long domain name in a request URI, which triggers an assert error. |
| 4.3 | CVE-2008-3210 MILW0RM OTHER-REF BID XF | ||
| back sclek -- jsite |
Directory traversal vulnerability in index.php in jSite 1.0 OE allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter. |
| 6.8 | CVE-2008-3192 MILW0RM BID XF | ||
| back simpledns -- simple_dns_plus |
Simple DNS Plus 4.1, 5.0, and possibly other versions before 5.1.101 allows remote attackers to cause a denial of service via multiple DNS reply packets. |
| 5.0 | CVE-2008-3208 BUGTRAQ MILW0RM OTHER-REF OTHER-REF BID XF | ||
| back vbulletin -- vbulletin |
Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.6.10 PL2 and earlier, and 3.7.2 and earlier 3.7.x versions, allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO (PHP_SELF) or (2) the do parameter, as demonstrated by requests to upload/admincp/faq.php. NOTE: this issue can be leveraged to execute arbitrary PHP code. |
| 4.3 | CVE-2008-3184 BUGTRAQ OTHER-REF BID | ||
| back vclcomponents -- relative_real_estate_systems |
SQL injection vulnerability in index.php in Relative Real Estate Systems 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action. |
| 6.8 | CVE-2008-3185 MILW0RM OTHER-REF BID FRSIRT XF | ||
| back WebKit -- javascriptcore |
JavaScriptCore in WebKit on Apple iPhone before 2.0 and iPod touch before 2.0 does not properly perform runtime garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger memory corruption, a different vulnerability than CVE-2008-2317. |
| 6.8 | CVE-2008-1590 APPLE BID | ||
| back wefi -- wefi |
WeFi 3.2.1.4.1, when diagnostic mode is enabled, stores (1) WEP, (2) WPA, and (3) WPA2 access-point keys in (a) ClientWeFiLog.dat, (b) ClientWeFiLog.bak, and possibly (c) a certain .inf file under %PROGRAMFILES%\WeFi\Users\, and uses cleartext for the ClientWeFiLog files, which allows local users to obtain sensitive information by reading these files. |
| 4.7 | CVE-2008-3147 BUGTRAQ BUGTRAQ BID XF | ||
| back xomol -- xomol_cms |
Cross-site scripting (XSS) vulnerability in index.php in Xomol CMS 1.2 allows remote attackers to inject arbitrary web script or HTML via the current_url parameter in a tellafriend action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| 4.3 | CVE-2008-3202 OTHER-REF BID |
| Low Vulnerabilities |
|---|
| Primary Vendor -- Product | Description |
| CVSS Score | Source & Patch Info | ||
|---|---|---|---|---|---|---|
| back Mozilla -- Firefox |
Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely handled by a vector application, as exploited in conjunction with CVE-2008-2540. NOTE: this issue exists because of an insufficient fix for CVE-2005-2267. |
| 2.6 | CVE-2008-2933 OTHER-REF OTHER-REF BID | ||
| back Oracle -- Database 9i Oracle -- advanced_replication Oracle -- Database 10g |
Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors. |
| 2.1 | CVE-2008-2587 OTHER-REF | ||
| back Oracle -- instance_management_component Oracle -- Enterprise Manager 10g Oracle -- Database 10g |
Unspecified vulnerability in the Instance Management component in Oracle Database 10.1.0.5 and Enterprise Manager 10.1.0.6 has unknown impact and remote authenticated attack vectors. |
| 3.5 | CVE-2008-2590 OTHER-REF | ||
| back Oracle -- Enterprise Manager |
Unspecified vulnerability in the Resource Manager component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6, and Database Control in Enterprise Manager, has unknown impact and remote authenticated attack vectors. |
| 3.5 | CVE-2008-2603 | ||
| back phpMyAdmin -- phpMyAdmin |
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the "Creating a Database" functionality (db_create.php) and (2) unspecified vectors that modify the connection character set. |
| 3.5 | CVE-2008-3197 OTHER-REF OTHER-REF | ||
| back Wireshark -- Wireshark |
The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read. |
| 2.9 | CVE-2008-3145 OTHER-REF OTHER-REF OTHER-REF OTHER-REF FEDORA BID SECTRACK XF |
back Relevant Products