Vulnerability Summary for the Week of July 7, 2008

Released
Jul 14, 2008
Document ID
SB08-196

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 

">

High Vulnerabilities
Primary
Vendor -- Product		Description
Discovered
Published
CVSS ScoreSource & Patch Info
AShopSoftware -- AShop DeluxeSQL injection vulnerability in catalogue.php in AShop Deluxe 4.x allows remote attackers to execute arbitrary SQL commands via the cat parameter.
unknown
2008-07-10
7.5CVE-2008-3136
MILW0RM
BID
barenuked -- barenuked_cmsSQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the password parameter.
unknown
2008-07-10
7.5CVE-2008-3133
MILW0RM
BID
XF
blognplus -- blognplusMultiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819.
unknown
2008-07-09
7.5CVE-2008-3090
OTHER-REF
bluez -- bluez_utils
bluez -- bluez_libs		src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.
unknown
2008-07-07
7.5CVE-2008-2374
MLIST
OTHER-REF
brightcode -- brightcode_weblinks_module
Joomla -- Joomla		SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.
unknown
2008-07-08
7.5CVE-2008-3083
MILW0RM
BID
XF
cms_little -- cms_littleDirectory traversal vulnerability in index.php in CMS little 0.0.1 allows remote attackers to include and execute arbitrary local files, and probably remote files, via a .. (dot dot) in the template parameter.
unknown
2008-07-07
7.5CVE-2008-3036
MILW0RM
DreamLevels -- dream_pics_builderSQL injection vulnerability in index.php in DreamPics Builder allows remote attackers to execute arbitrary SQL commands via the page parameter.
unknown
2008-07-10
7.5CVE-2008-3119
MILW0RM
efes_tech_shop -- efes_tech_shopSQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an urunler action.
unknown
2008-07-07
7.5CVE-2008-3030
MILW0RM
BID
hanghai -- high_street_5
hanghai -- hot_step
hanghai -- 5th_street		Format string vulnerability in dx8render.dll in Snail Game (aka Suzhou Snail Electronic Company) 5th street (aka Hot Step or High Street 5) allows remote attackers to execute arbitrary code via format string specifiers in a chat message.
unknown
2008-07-10
9.3CVE-2008-3116
BUGTRAQ
BID
XF
HIOX INDIA -- Banner RotatorPHP remote file inclusion vulnerability in hioxBannerRotate.php in HIOX Banner Rotator (HBR) 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the hm parameter.
unknown
2008-07-10
7.5CVE-2008-3127
MILW0RM
Hussin X -- plx Web Studio Ad TraderSQL injection vulnerability in ad.php in plx Ad Trader 3.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter in a redir action.
unknown
2008-07-07
7.5CVE-2008-3025
MILW0RM
ISC -- BINDThe DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via certain cache poisoning techniques against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability."
unknown
2008-07-08
7.5CVE-2008-1447
CISCO
DEBIAN
DEBIAN
DEBIAN
MS
UBUNTU
CERT
CERT-VN
SECTRACK
SECTRACK
XF
Joomla -- com_beamospetitionSQL injection vulnerability in the beamospetition (com_beamospetition) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pet parameter to index.php.
unknown
2008-07-10
7.5CVE-2008-3132
MILW0RM
BID
XF
Microsoft -- windows-ntUnspecified vulnerability in Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to conduct cache poisoning attacks via unknown vectors, aka "DNS Cache Poisoning Vulnerability," a different vulnerability than CVE-2008-1447.
unknown
2008-07-08
9.4CVE-2008-1454
MS
Microsoft -- office_wordMicrosoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file that contains malformed data, as exploited in the wild in July 2008, and as demonstrated by attachement.doc.
unknown
2008-07-09
9.3CVE-2008-2244
OTHER-REF
OTHER-REF
OTHER-REF
BID
XF
Microsoft -- office_snapshot_viewer_activexThe Microsoft Office Snapshot Viewer ActiveX control in snapview.ocx, as distributed in the standalone Snapshot Viewer and Microsoft Office Access 2000 through 2003, allows remote attackers to download arbitrary files to a client machine via a crafted HTML document or e-mail message. NOTE: this can be leveraged for code execution by writing to a Startup folder.
unknown
2008-07-07
7.5CVE-2008-2463
OTHER-REF
CERT-VN
Microsoft -- Office Communicator
Microsoft -- visio_professional
Microsoft -- windows_live_mail
Microsoft -- sharepoint_designer
Microsoft -- Excel
Microsoft -- project_standard
Microsoft -- groove
Microsoft -- Frontpage
Microsoft -- Publisher
Microsoft -- Outlook
Microsoft -- Access
Microsoft -- visio_standard
Microsoft -- Office
Microsoft -- project_professional
Microsoft -- PowerPoint
Microsoft -- OneNote
Microsoft -- InfoPath		Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension.
unknown
2008-07-07
7.5CVE-2008-3068
BUGTRAQ
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
BID
Mole Group -- Hotel ScriptSQL injection vulnerability in index.php in Mole Group Hotel Script 1.0 allows remote attackers to execute arbitrary SQL commands via the file parameter.
unknown
2008-07-10
7.5CVE-2008-3124
MILW0RM
BID
XF
Mole Group -- Lastminute ScriptSQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
unknown
2008-07-10
7.5CVE-2008-3125
MILW0RM
BID
Mole Group -- Real EstateSQL injection vulnerability in index.php in Mole Group Real Estate Script 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action.
unknown
2008-07-10
7.5CVE-2008-3123
MILW0RM
BID
XF
Mozilla -- Thunderbird
Mozilla -- SeaMonkey
Mozilla -- Firefox		Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the layout engine.
unknown
2008-07-07
10.0CVE-2008-2798
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
Mozilla -- Thunderbird
Mozilla -- SeaMonkey
Mozilla -- Firefox		Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine.
unknown
2008-07-07
10.0CVE-2008-2799
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
Mozilla -- SeaMonkey
Mozilla -- Firefox		Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files.
unknown
2008-07-07
7.5CVE-2008-2801
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
Mozilla -- Thunderbird
Mozilla -- SeaMonkey
Mozilla -- Firefox		Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to execute arbitrary code via an XUL document that includes a script from a chrome: URI that points to a fastload file, related to this file's "privilege level."
unknown
2008-07-07
7.5CVE-2008-2802
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
Mozilla -- Firefox
Mozilla -- SeaMonkey
Mozilla -- Thunderbird		Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to bypass the Same Origin Policy and create arbitrary socket connections via a crafted Java applet, related to the Java Embedding Plugin (JEP) and Java LiveConnect.
unknown
2008-07-07
7.5CVE-2008-2806
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
Mozilla -- Thunderbird
Mozilla -- SeaMonkey
Mozilla -- Firefox		The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines.
unknown
2008-07-07
10.0CVE-2008-2811
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
MyBB -- MyBBUnspecified vulnerability in inc/datahandler/user.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $user['language'] variable, probably related to SQL injection.
unknown
2008-07-08
7.5CVE-2008-3070
OTHER-REF
MyBB -- MyBBDirectory traversal vulnerability in inc/class_language.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $language variable.
unknown
2008-07-08
7.5CVE-2008-3071
OTHER-REF
Netscape -- Certificate Management SystemRed Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.
unknown
2008-07-07
7.5CVE-2008-1676
OTHER-REF
BID
OneClick CMS -- OneClick CMSSQL injection vulnerability in index.php in OneClick CMS (aka Sisplet CMS) 2008-01-24 allows remote attackers to execute arbitrary SQL commands via the id parameter.
unknown
2008-07-07
7.5CVE-2008-3026
MILW0RM
BID
opera -- operaUnspecified vulnerability in Opera before 9.51 on Windows allows attackers to execute arbitrary code via unknown vectors.
unknown
2008-07-08
10.0CVE-2008-3079
OTHER-REF
Opera Software -- OperaOpera before 9.51 does not properly manage memory within functions supporting the CANVAS element, which allows remote attackers to read uninitialized memory contents by using JavaScript to read a canvas image.
unknown
2008-07-08
7.8CVE-2008-3078
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
PCRE -- PCREHeap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.
unknown
2008-07-07
7.5CVE-2008-2371
OTHER-REF
DEBIAN
SUSE
phpmotion -- phpmotionSQL injection vulnerability in play.php in PHPmotion 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the vid parameter.
unknown
2008-07-10
7.5CVE-2008-3118
MILW0RM
BID
XF
Poppler -- popplerThe Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.
unknown
2008-07-07
7.5CVE-2008-2950
BUGTRAQ
OTHER-REF
redhat -- vsftpdMemory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on Red Hat Enterprise Linux (RHEL) 3 and 4, when PAM is used, allows remote attackers to cause a denial of service (memory consumption) via a large number of invalid authentication attempts within the same session, a different vulnerability than CVE-2007-5962.
unknown
2008-07-08
7.8CVE-2008-2375
MLIST
OTHER-REF
redhat -- fedora_8Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows.
unknown
2008-07-08
7.5CVE-2008-2376
MLIST
FEDORA
rss_aggregator -- rss_aggregatorRSS-aggregator 1.0 does not require administrative authentication for the admin/fonctions/ directory, which allows remote attackers to access admin functions and have unspecified other impact, as demonstrated by (1) an IdFlux request to supprimer_flux.php and (2) a TpsRafraich request to modifier_tps_rafraich.php.
unknown
2008-07-07
9.3CVE-2008-3033
BUGTRAQ
BID
XF
rss_aggregator -- rss_aggregatorMultiple SQL injection vulnerabilities in RSS-aggregator 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) IdFlux parameter to admin/fonctions/supprimer_flux.php and the (2) IdTag parameter to admin/fonctions/supprimer_tag.php.
unknown
2008-07-07
7.5CVE-2008-3034
BUGTRAQ
BID
XF
Simple Machines -- Simple Machines ForumSimple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13, when running in PHP before 4.2.0, does not properly seed the random number generator, which has unknown impact and attack vectors.
unknown
2008-07-08
7.5CVE-2008-3072
OTHER-REF
Simple Machines -- Simple Machines ForumUnspecified vulnerability in Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13 has unknown impact and attack vectors, probably cross-site scripting (XSS), related to "use of the html-tag."
unknown
2008-07-08
7.5CVE-2008-3073
OTHER-REF
simple_php_agenda -- simple_php_agendaDirectory traversal vulnerability in index.php in Simple PHP Agenda 2.2.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
unknown
2008-07-07
7.5CVE-2008-3031
MILW0RM
BID
Sun -- JRE
Sun -- JDK		Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to "perform unauthorized operations" via unspecified vectors.
unknown
2008-07-09
10.0CVE-2008-3103
BID
Sun -- JRE
Sun -- JDK		Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to access URLs or cause a denial of service via unknown vectors involving "processing of XML data" by a trusted application.
unknown
2008-07-09
7.1CVE-2008-3105
BID
Sun -- JRE
Sun -- JDK
Sun -- SDK		Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
unknown
2008-07-09
10.0CVE-2008-3107
SUNALERT
BID
Sun -- JRE
Sun -- JDK
Sun -- SDK		Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.
unknown
2008-07-09
10.0CVE-2008-3108
BID
Sun -- JRE
Sun -- JDK		Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs.
unknown
2008-07-09
7.5CVE-2008-3109
BID
Sun -- JRE
Sun -- JDK
Sun -- SDK		Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs, aka CR 6557220.
unknown
2008-07-09
10.0CVE-2008-3111
Sun -- JRE
Sun -- JDK
Sun -- SDK		Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via an untrusted application, aka CR 6703909.
unknown
2008-07-09
9.3CVE-2008-3112
Sun -- JRE
Sun -- JDK
Sun -- SDK		Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Update 16 and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create or delete arbitrary files via an untrusted application, aka CR 6704077.
unknown
2008-07-09
9.3CVE-2008-3113
Sun -- JRE
Sun -- JDK		Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15, does not properly prevent execution of applets on older JRE releases, which might allow remote attackers to exploit vulnerabilities in these older releases.
unknown
2008-07-09
7.5CVE-2008-3115
BID
SuSE -- open SuseSQL injection vulnerability in courier-authlib in SUSE openSUSE 10.3 and 11.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
unknown
2008-07-07
7.5CVE-2008-2667
SUSE
TYPO3 -- address_directorySQL injection vulnerability in the Address Directory (sp_directory) extension 0.2.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
unknown
2008-07-07
7.5CVE-2008-3038
OTHER-REF
BID
XF
TYPO3 -- dam_frontend_extensionSQL injection vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
unknown
2008-07-07
7.5CVE-2008-3039
OTHER-REF
BID
XF
TYPO3 -- dam_frontend_extensionUnspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Improper Error Handling."
unknown
2008-07-07
10.0CVE-2008-3042
OTHER-REF
BID
XF
TYPO3 -- wec_discussion_forumUnspecified vulnerability in the WEC Discussion Forum (wec_discussion) extension 1.6.2 and earlier for TYPO3 allows attackers to execute arbitrary code via vectors related to "certain file types."
unknown
2008-07-07
7.5CVE-2008-3043
BID
TYPO3 -- news_calendar_extensionSQL injection vulnerability in the News Calendar (newscalendar) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
unknown
2008-07-07
7.5CVE-2008-3044
OTHER-REF
BID
XF
TYPO3 -- industry_database_extensionUnspecified vulnerability in the Industry Database (aka Branchendatenbank pro_industrydb) extension 1.0.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Insufficient Verification of Data Authenticity."
unknown
2008-07-07
7.5CVE-2008-3045
BID
XF
TYPO3 -- packman_extensionIncomplete blacklist vulnerability in the Packman (kb_packman) extension 0.2.1 and earlier for TYPO3 has unknown impact and attack vectors.
unknown
2008-07-07
7.5CVE-2008-3046
BID
XF
TYPO3 -- kb_unpack_extensionIncomplete blacklist vulnerability in the KB Unpack (kb_unpack) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors.
unknown
2008-07-07
7.5CVE-2008-3047
OTHER-REF
BID
XF
TYPO3 -- pdf_generator_2_extensionUnspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 has unknown impact and attack vectors related to "Unprotected test functionality."
unknown
2008-07-07
7.5CVE-2008-3048
OTHER-REF
XF
TYPO3 -- pdf_generator_2_extensionThe PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to obtain sensitive information via unspecified vectors.
unknown
2008-07-07
7.5CVE-2008-3049
OTHER-REF
XF
TYPO3 -- pinboard_extensionSQL injection vulnerability in the Pinboard extension 0.0.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
unknown
2008-07-07
7.5CVE-2008-3051
XF
TYPO3 -- sql_frontend_extensionUnspecified vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 allows remote attackers to cause a denial of service via unknown vectors.
unknown
2008-07-07
7.5CVE-2008-3052
OTHER-REF
BID
XF
TYPO3 -- sql_frontend_extensionSQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
unknown
2008-07-07
7.5CVE-2008-3053
BID
XF
TYPO3 -- Branchenbuch extensionSQL injection vulnerability in the Branchenbuch (aka Yellow Pages o (mh_branchenbuch) extension 0.8.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
unknown
2008-07-07
7.5CVE-2008-3054
OTHER-REF
XF
TYPO3 -- support_view_extensionSQL injection vulnerability in the Support view (ext_tbl) extension 0.0.102 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
unknown
2008-07-07
7.5CVE-2008-3055
OTHER-REF
BID
TYPO3 -- codeon_petition_extensionSQL injection vulnerability in the Codeon Petition (cd_petition) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
unknown
2008-07-07
7.5CVE-2008-3056
OTHER-REF
vangogh_web_cms -- vangogh_web_cmsSQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the article_ID parameter to index.php.
unknown
2008-07-07
7.5CVE-2008-3027
MILW0RM
BID
VideoLAN -- VLC Media PlayerInteger overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file.
unknown
2008-07-07
9.3CVE-2008-2430
BUGTRAQ
OTHER-REF
xpoze -- xpoze_proSQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter.
unknown
2008-07-09
7.5CVE-2008-3089
MILW0RM

Back to top

Medium Vulnerabilities
Primary
Vendor -- Product		Description
Discovered
Published
CVSS ScoreSource & Patch Info
Adobe -- robohelp_serverCross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Help Errors log.
unknown
2008-07-09
4.3CVE-2008-2991
OTHER-REF
BID
SECTRACK
Avaya -- Messaging Storage ServerMultiple unspecified "input validation" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user vexvm via vectors related to (1) SFTP Remote Store configuration; (2) remote FTP storage settings; (3) name server lookup; (4) pinging another host; (5) TCP/IP Networking parameter configuration; (6) the external hosts configuration main page; (7) adding and changing external hosts; (8) Windows domain parameter configuration; (9) date, time, and NTP server configuration; (10) alarm settings; (11) the command line history form; (12) the maintenance form; and (13) the server events form.
unknown
2008-07-08
6.5CVE-2008-3081
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
BID
Catviz -- CatvizMultiple SQL injection vulnerabilities in index.php in Catviz 0.4 beta 1 allow remote attackers to execute arbitrary SQL commands via the (1) foreign_key_value paramter in the news page and (2) webpage parameter in the webpage_multi_edit form.
unknown
2008-07-10
6.4CVE-2008-3129
MILW0RM
BID
XF
commtouch -- enterprise_anti-spam_gatewayCross-site scripting (XSS) vulnerability in UPM/English/login/login.asp in Commtouch Enterprise Anti-Spam Gateway 4 and 5 allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter.
unknown
2008-07-08
4.3CVE-2008-3082
FULLDISC
OTHER-REF
BID
Dokeos -- DokeosDirectory traversal vulnerability in user_portal.php in Dokeos 1.8.5, when running on Windows, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the include parameter.
unknown
2008-07-10
6.4CVE-2008-3120
OTHER-REF
BID
Drupal -- taxonomy_autotagger_module_for_drupalCross-site scripting (XSS) vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Drupal allows remote authenticated users, with create or edit post permissions, to inject arbitrary web script or HTML via unspecified vectors.
unknown
2008-07-09
4.3CVE-2008-3091
OTHER-REF
BID
XF
Drupal -- taxonomy_autotagger_moduleSQL injection vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Drupal allows remote authenticated users, with create or edit post permissions, to execute arbitrary SQL commands via unspecified vectors.
unknown
2008-07-09
6.5CVE-2008-3092
BID
XF
Drupal -- Drupal
Drupal -- organic_groups_module		The Organic Groups (OG) module 5.x before 5.x-7.3 and 6.x before 6.x-1.0-RC1, a module for Drupal, allows remote attackers to obtain sensitive information (private group names) via unspecified vectors.
unknown
2008-07-09
4.3CVE-2008-3094
BID
Drupal -- outline_designer_moduleThe Outline Designer module 5.x before 5.x-1.4 for Drupal changes each content reader's authentication level to match that of the content author, which might allow remote attackers to gain privileges.
unknown
2008-07-09
6.5CVE-2008-3096
BID
XF
FaScript -- FaNameclass/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to obtain sensitive information via a '; (quote semicolon) sequence in the id parameter, which reveals the installation path in an error message.
unknown
2008-07-08
4.3CVE-2007-3651
OTHER-REF
FaScript -- FaNameSQL injection vulnerability in class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might be the same issue as CVE-2008-0328.
unknown
2008-07-08
6.8CVE-2007-3652
OTHER-REF
FaScript -- FaNameMultiple cross-site scripting (XSS) vulnerabilities in Farsi Script (aka FaScript) FaName 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) key or (2) desc parameter to index.php, or (3) the name parameter to page.php.
unknown
2008-07-08
4.3CVE-2007-3653
OTHER-REF
XF
Fujitsu -- ServerViewMultiple stack-based buffer overflows in the ServerView web interface (SnmpGetMibValues.exe) in Fujitsu Siemens Computers ServerView 04.60.07 and earlier allow remote authenticated users to execute arbitrary code via a crafted URL.
unknown
2008-07-10
6.5CVE-2008-3126
FULLDISC
BID
GraphicsMagick -- GraphicsMagickMultiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.
unknown
2008-07-10
5.0CVE-2008-3134
OTHER-REF
OTHER-REF
kasseler-cms -- kasseler_cmsDirectory traversal vulnerability in Kasseler CMS 1.3.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to index.php, possibly related to the phpManual module.
unknown
2008-07-09
5.0CVE-2008-3087
MILW0RM
kasseler-cms -- kasseler_cmsCross-site scripting (XSS) vulnerability in the Files module in Kasseler CMS 1.3.0 and 1.3.1 Lite allows remote attackers to inject arbitrary web script or HTML via the cid parameter in a Category action to index.php.
unknown
2008-07-09
4.3CVE-2008-3088
MILW0RM
kernel -- linuxarch/x86/kernel/ptrace.c in the Linux kernel before 2.6.25.10 on the x86_64 platform leaks task_struct references into the sys32_ptrace function, which allows local users to cause a denial of service (system crash) or have unspecified other impact via unknown vectors, possibly a use-after-free vulnerability.
unknown
2008-07-08
4.9CVE-2008-3077
MLIST
OTHER-REF
OTHER-REF
Linux -- KernelThe Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.
unknown
2008-07-08
4.9CVE-2008-2812
MLIST
OTHER-REF
OTHER-REF
Linux -- KernelThe do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.
unknown
2008-07-09
4.4CVE-2008-2931
MLIST
MLIST
OTHER-REF
OTHER-REF
OTHER-REF
BID
luigi_auriemma -- soldner_secret_warsSoldner Secret Wars 33724 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a large numeric value in a 0x80 data block.
unknown
2008-07-10
5.0CVE-2008-3135
BUGTRAQ
OTHER-REF
Microsoft -- Data Engine
Microsoft -- SQL Server Desktop Engine
Microsoft -- sql_server		Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, Microsoft Data Engine (MSDE) 1.0 SP4, SQL Server 2000 Desktop Engine (MSDE 2000) SP4, and 2005 Express Edition SP2 does not initialize memory pages when reallocating memory, which allows database operators to obtain sensitive information (database contents) via unknown vectors related to memory page reuse.
unknown
2008-07-08
5.0CVE-2008-0085
MS
Microsoft -- sql_server_desktop_engine
Microsoft -- data_engine
Microsoft -- sql_server_express_edition
Microsoft -- sql_server		Buffer overflow in the convert function in Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, Microsoft Data Engine (MSDE) 1.0 SP4, SQL Server 2000 Desktop Engine (MSDE 2000) SP4, and 2005 Express Edition SP2 allows remote authenticated users to execute arbitrary code via a crafted SQL expression.
unknown
2008-07-08
6.5CVE-2008-0086
MS
Microsoft -- sql_server_desktop_engine
Microsoft -- data_engine
Microsoft -- sql_server_express_edition
Microsoft -- sql_server		Buffer overflow in Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, Microsoft Data Engine (MSDE) 1.0 SP4, SQL Server 2000 Desktop Engine (MSDE 2000) SP4, and 2005 Express Edition SP2 allows remote authenticated users to execute arbitrary code via a crafted insert statement.
unknown
2008-07-08
6.5CVE-2008-0106
MS
Microsoft -- sql_server_desktop_engine
Microsoft -- data_engine
Microsoft -- sql_server_express_edition
Microsoft -- sql_server		Integer underflow in Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, Microsoft Data Engine (MSDE) 1.0 SP4, SQL Server 2000 Desktop Engine (MSDE 2000) SP4, and 2005 Express Edition SP2 allows remote authenticated users to execute arbitrary code via an on-disk file with a crafted record size value, which triggers a buffer overflow, aka "SQL Server Memory Corruption Vulnerability."
unknown
2008-07-08
6.5CVE-2008-0107
MS
Microsoft -- Windows Vista
Microsoft -- Windows Server 2008		Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability."
unknown
2008-07-08
6.8CVE-2008-1435
MS
SECTRACK
Microsoft -- exchange_srvCross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 and 2007 up to SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified e-mail fields, a different vulnerability than CVE-2008-2248.
unknown
2008-07-08
4.3CVE-2008-2247
MS
SECTRACK
XF
Microsoft -- Outlook Web Access
Microsoft -- exchange_srv		Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 and 2007 up to SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified HTML, a different vulnerability than CVE-2008-2247.
unknown
2008-07-08
4.3CVE-2008-2248
MS
SECTRACK
XF
Mozilla -- SeaMonkey
Mozilla -- Firefox		Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer window, (2) a SCRIPT element in an unloaded document, or (3) the onreadystatechange handler in conjunction with an XMLHttpRequest.
unknown
2008-07-07
4.3CVE-2008-2800
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
Mozilla -- Thunderbird
Mozilla -- SeaMonkey
Mozilla -- Firefox		The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from (1) file: URIs, (2) data: URIs, or (3) certain non-canonical chrome: URIs, which allows remote attackers to execute arbitrary code via vectors involving third-party add-ons.
unknown
2008-07-07
6.8CVE-2008-2803
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
Mozilla -- SeaMonkey
Mozilla -- Firefox		Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to force the upload of arbitrary local files from a client computer via vectors involving originalTarget and DOM Range.
unknown
2008-07-07
5.0CVE-2008-2805
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
Mozilla -- SeaMonkey
Mozilla -- Firefox		Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .properties file for an add-on, which allows remote attackers to read uninitialized memory, as demonstrated by use of ISO 8859 encoding instead of UTF-8 encoding in a French .properties file.
unknown
2008-07-07
5.0CVE-2008-2807
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
Mozilla -- Firefox
Ubuntu -- Linux
Mozilla -- SeaMonkey
Mozilla -- Thunderbird		Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.
unknown
2008-07-07
4.3CVE-2008-2808
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
Mozilla -- Mozilla
Netscape -- Netscape
Mozilla -- SeaMonkey
Mozilla -- Firefox		Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.
unknown
2008-07-08
4.0CVE-2008-2809
BUGTRAQ
BUGTRAQ
BUGTRAQ
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
SECTRACK
SREASON
XF
Mozilla -- SeaMonkey
Mozilla -- Firefox		Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of Windows shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site for which the user has previously saved a shortcut.
unknown
2008-07-07
6.8CVE-2008-2810
OTHER-REF
OTHER-REF
OTHER-REF
UBUNTU
BID
MyBB -- MyBBMultiple cross-site scripting (XSS) vulnerabilities in MyBB before 1.2.13 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) portal.php and (2) inc/functions_post.php.
unknown
2008-07-08
4.3CVE-2008-3069
OTHER-REF
OTHER-REF
myWebland -- myBloggieMultiple SQL injection vulnerabilities in myWebland myBloggie 2.1.6 allow remote attackers to execute arbitrary SQL commands via (1) the user_id parameter in a viewuser action to index.php, and allow remote authenticated administrators to execute arbitrary SQL commands via (2) the post_id parameter in an edit action to admin.php.
unknown
2008-07-08
5.1CVE-2007-1899
MILW0RM
OTHER-REF
OTHER-REF
myWebland -- myBloggiemyWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive information via (1) an invalid year parameter to calendar.php, reached through index.php; (2) a direct request to common.php; and (3) a mode array parameter in the query string to login.php, which reveal the installation path in various error messages.
unknown
2008-07-08
5.0CVE-2007-3650
OTHER-REF
openssl -- opensslMemory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm.
unknown
2008-07-10
5.0CVE-2008-1678
MLIST
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
OTHER-REF
GENTOO
phplizardo -- imperialbbUnrestricted file upload vulnerability in ImperialBB 2.3.5 and earlier allows remote authenticated users to upload and execute arbitrary PHP code by placing a .php filename in the Upload_Avatar parameter and sending the image/gif content type.
unknown
2008-07-09
6.5CVE-2008-3093
MILW0RM
OTHER-REF
phpmotion -- phpmotionUnrestricted file upload vulnerability in update_profile.php in PHPmotion 2.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a .php file with a content type of (1) image/gif, (2) image/jpeg, or (3) image/pjpeg, then accessing it via a direct request to the file under pictures/.
unknown
2008-07-10
6.0CVE-2008-3117
MILW0RM
BID
XF
Pidgin -- PidginMultiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 allow remote attackers to execute arbitrary code via a malformed SLP message, a different vulnerability than CVE-2008-2955.
unknown
2008-07-07
6.8CVE-2008-2927
MLIST
MLIST
OTHER-REF
OTHER-REF
OTHER-REF
Pivot -- PivotDirectory traversal vulnerability in search.php in Pivot 1.40.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the t parameter.
unknown
2008-07-10
5.0CVE-2008-3128
MILW0RM
OTHER-REF
Powie -- psysSQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showid parameter.
unknown
2008-07-10
6.8CVE-2008-3131
MILW0RM
BID
Simple Machines -- OpenCartMultiple cross-site scripting (XSS) vulnerabilities in index.php in OpenCart 0.7.7 allow remote attackers to inject arbitrary web script or HTML via the (1) firstname and (2) search parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
unknown
2008-07-10
4.3CVE-2008-3130
Sun -- JRE
Sun -- JDK
Sun -- SDK		Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet.
unknown
2008-07-09
6.8CVE-2008-3104
BID
Sun -- JRE
Sun -- JDK		Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier allows remote attackers to access URLs via unknown vectors involving processing of XML data by an untrusted (1) application or (2) applet, a different vulnerability than CVE-2008-3105.
unknown
2008-07-09
4.3CVE-2008-3106
SUNALERT
BID
Sun -- JRE
Sun -- JDK		Unspecified vulnerability in scripting language support in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to obtain sensitive information by using an applet to read information from another applet.
unknown
2008-07-09
4.3CVE-2008-3110
BID
Sun -- JRE
Sun -- JDK
Sun -- SDK		Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows context-dependent attackers to obtain sensitive information (the cache location) via an untrusted application, aka CR 6704074.
unknown
2008-07-09
5.0CVE-2008-3114
TYPO3 -- send_a_cardMultiple cross-site scripting (XSS) vulnerabilities in the Send-A-Card (sr_sendcard) extension 2.2.2 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
unknown
2008-07-07
4.3CVE-2008-3028
OTHER-REF
BID
XF
TYPO3 -- wec_discussion_forumCross-site scripting (XSS) vulnerability in the WEC Discussion Forum (wec_discussion) extension 1.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
unknown
2008-07-07
4.3CVE-2008-3029
OTHER-REF
BID
TYPO3 -- phpMyAdminCross-site scripting (XSS) vulnerability in the phpMyAdmin (phpmyadmin) extension 3.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
unknown
2008-07-07
4.3CVE-2008-3032
OTHER-REF
BID
XF
TYPO3 -- address_directoryCross-site scripting (XSS) vulnerability in the Address Directory (sp_directory) extension 0.2.10 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
unknown
2008-07-07
4.3CVE-2008-3037
OTHER-REF
BID
XF
TYPO3 -- dam_frontend_extensionUnspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors.
unknown
2008-07-07
5.0CVE-2008-3040
OTHER-REF
BID
XF
TYPO3 -- dam_frontend_extensionUnspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 has unknown impact and attack vectors related to "broken access control."
unknown
2008-07-07
6.5CVE-2008-3041
OTHER-REF
BID
XF
TYPO3 -- pdf_generator_2_extensionUnspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to cause a denial of service via unspecified vectors.
unknown
2008-07-07
5.0CVE-2008-3050
OTHER-REF
XF
Wireshark -- Wireshark
rPath -- rpath_linux		The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.
unknown
2008-07-10
5.0CVE-2008-3138
OTHER-REF
BID
Wireshark -- Wireshark
rPath -- rpath_linux		The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.
unknown
2008-07-10
5.0CVE-2008-3139
OTHER-REF
BID
Wireshark -- WiresharkThe syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors, possibly related to an "incomplete SS7 MSU syslog encapsulated packet."
unknown
2008-07-10
5.0CVE-2008-3140
OTHER-REF
BID
XChangeBoard -- XChangeBoardSQL injection vulnerability in newThread.php in XchangeBoard 1.70 Final and earlier allows remote authenticated users to execute arbitrary SQL commands via the boardID parameter.
unknown
2008-07-07
6.5CVE-2008-3035
MILW0RM
Xerox -- CentreWare WebMultiple cross-site scripting (XSS) vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
unknown
2008-07-10
4.3CVE-2008-3121
Xerox -- CentreWare WebMultiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors.
unknown
2008-07-10
6.5CVE-2008-3122

Back to top

Low Vulnerabilities
Primary
Vendor -- Product		Description
Discovered
Published
CVSS ScoreSource & Patch Info
Drupal -- DrupalCross-site scripting (XSS) vulnerability in the Organic Groups (OG) module 5.x before 5.x-7.3 and 6.x before 6.x-1.0-RC1, a module for Drupal, allows remote authenticated users, with group owner permissions, to inject arbitrary web script or HTML via unspecified vectors.
unknown
2008-07-09
3.5CVE-2008-3095
OTHER-REF
BID
XF
Drupal -- tinytax_taxonomy_block_module_for_drupalCross-site scripting (XSS) vulnerability in the Tinytax module (aka Tinytax taxonomy block) 5.x before 5.x-1.10-1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML, probably by creating a crafted taxonomy term.
unknown
2008-07-09
3.5CVE-2008-3097
OTHER-REF
BID
XF
HP -- System Management HomepageCross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
unknown
2008-07-08
0.0CVE-2008-1663
HP
myWebland -- myBloggieCross-site request forgery (CSRF) vulnerability in admin.php in myWebland myBloggie 2.1.6 allows remote attackers to perform edit actions as administrators. NOTE: this can be leveraged to execute SQL commands by also exploiting CVE-2007-1899.
unknown
2008-07-08
2.6CVE-2008-3080
MILW0RM
OTHER-REF
SuSE -- OpenSuSEsudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which might allow local users to obtain a password by reading stdin from the parent process after a sudo child process exits.
unknown
2008-07-07
2.1CVE-2008-3067
SUSE
Wireshark -- WiresharkThe GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.
unknown
2008-07-10
2.9CVE-2008-3137
OTHER-REF
Wireshark -- WiresharkUnspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors.
unknown
2008-07-10
2.9CVE-2008-3141
OTHER-REF

Back to top

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.