Vulnerability Summary for the Week of June 14, 2010
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
accoria -- rock_web_server | Accoria Web Server (aka Rock Web Server) 1.4.7 uses a predictable httpmod-sessionid cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie. | 2010-06-15 | 7.5 | CVE-2010-2270 CERT-VN MISC |
accoria -- rock_web_server | Format string vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to have an unspecified impact via format string specifiers in the path (aka Password File) parameter. | 2010-06-15 | 7.5 | CVE-2010-2271 CERT-VN MISC |
adobe -- air | Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory consumption) or possibly execute arbitrary code via unknown vectors. | 2010-06-15 | 9.3 | CVE-2009-3793 CERT CONFIRM VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 2010-06-15 | 9.3 | CVE-2010-2160 CERT CONFIRM VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified "types of Adobe Flash code." | 2010-06-15 | 9.3 | CVE-2010-2161 CERT CONFIRM VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK IDEFENSE |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via unspecified vectors. | 2010-06-15 | 9.3 | CVE-2010-2162 CERT CONFIRM VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unknown vectors. | 2010-06-15 | 9.3 | CVE-2010-2163 CERT CONFIRM VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function." | 2010-06-15 | 9.3 | CVE-2010-2164 CERT CONFIRM VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK IDEFENSE |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 2010-06-15 | 9.3 | CVE-2010-2165 CERT CONFIRM VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 2010-06-15 | 9.3 | CVE-2010-2166 CERT CONFIRM VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors. | 2010-06-15 | 9.3 | CVE-2010-2167 CERT CONFIRM VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of service (pointer memory corruption) or possibly execute arbitrary code via unspecified vectors. | 2010-06-15 | 9.3 | CVE-2010-2169 CERT CONFIRM VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2181 and CVE-2010-2183. | 2010-06-15 | 9.3 | CVE-2010-2170 CERT CONFIRM VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 2010-06-15 | 9.3 | CVE-2010-2171 CERT CONFIRM VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability," a different vulnerability than CVE-2010-2174. | 2010-06-15 | 9.3 | CVE-2010-2173 CERT CONFIRM VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability," a different vulnerability than CVE-2010-2173. | 2010-06-15 | 9.3 | CVE-2010-2174 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 2010-06-15 | 9.3 | CVE-2010-2175 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 2010-06-15 | 9.3 | CVE-2010-2176 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 2010-06-15 | 9.3 | CVE-2010-2177 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 2010-06-15 | 9.3 | CVE-2010-2178 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 2010-06-15 | 9.3 | CVE-2010-2180 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2183. | 2010-06-15 | 9.3 | CVE-2010-2181 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. | 2010-06-15 | 9.3 | CVE-2010-2182 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2181. | 2010-06-15 | 9.3 | CVE-2010-2183 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2187, and CVE-2010-2188. | 2010-06-15 | 9.3 | CVE-2010-2184 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors. | 2010-06-15 | 9.3 | CVE-2010-2185 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. | 2010-06-15 | 9.3 | CVE-2010-2186 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188. | 2010-06-15 | 9.3 | CVE-2010-2187 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187. | 2010-06-15 | 9.3 | CVE-2010-2188 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
adobe -- air | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when used in conjunction with VMWare Tools on a VMWare platform, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | 2010-06-15 | 9.3 | CVE-2010-2189 CERT CONFIRM XF BID BID SECTRACK SECTRACK |
apple -- safari | Use-after-free vulnerability in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. | 2010-06-11 | 9.3 | CVE-2010-1385 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to HTML buttons. | 2010-06-11 | 9.3 | CVE-2010-1392 VUPEN BID APPLE BUGTRAQ CONFIRM SECTRACK SECUNIA |
apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to removing container elements. | 2010-06-11 | 9.3 | CVE-2010-1396 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to a layout change during selection rendering and the DOCUMENT_POSITION_DISCONNECTED attribute in a container of an unspecified type. | 2010-06-11 | 9.3 | CVE-2010-1397 VUPEN BID APPLE MISC BUGTRAQ CONFIRM SECTRACK SECUNIA |
apple -- safari | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document, related to the insertion of an unspecified element into an editable container and the access of an uninitialized element. | 2010-06-11 | 9.3 | CVE-2010-1398 VUPEN BID APPLE MISC BUGTRAQ CONFIRM SECTRACK SECUNIA |
apple -- safari | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during a selection change on a form input element, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document. | 2010-06-11 | 9.3 | CVE-2010-1399 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving caption elements. | 2010-06-11 | 9.3 | CVE-2010-1400 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA IDEFENSE |
apple -- safari | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the :first-letter pseudo-element. | 2010-06-11 | 9.3 | CVE-2010-1401 VUPEN BID APPLE MISC BUGTRAQ CONFIRM SECTRACK SECUNIA |
apple -- safari | Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to an event listener in an SVG document, related to duplicate event listeners, a timer, and an AnimateTransform object. | 2010-06-11 | 9.3 | CVE-2010-1402 VUPEN BID APPLE MISC BUGTRAQ CONFIRM SECTRACK SECUNIA |
apple -- safari | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during the handling of a use element in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document containing XML that triggers a parsing error, related to ProcessInstruction. | 2010-06-11 | 9.3 | CVE-2010-1403 VUPEN BID APPLE MISC BUGTRAQ CONFIRM SECTRACK SECUNIA |
apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG document that contains recursive Use elements, which are not properly handled during page deconstruction. | 2010-06-11 | 9.3 | CVE-2010-1404 VUPEN BID APPLE MISC BUGTRAQ CONFIRM SECTRACK SECUNIA |
apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML element that has custom vertical positioning. | 2010-06-11 | 9.3 | CVE-2010-1405 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an SVG document with nested use elements. | 2010-06-11 | 9.3 | CVE-2010-1410 VUPEN BID APPLE BID CONFIRM SECTRACK SECUNIA |
apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to hover events. | 2010-06-11 | 9.3 | CVE-2010-1412 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the removeChild DOM method. | 2010-06-11 | 9.3 | CVE-2010-1414 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle libxml contexts, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to an "API abuse issue." | 2010-06-11 | 9.3 | CVE-2010-1415 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via HTML content that contains multiple :after pseudo-selectors. | 2010-06-11 | 9.3 | CVE-2010-1417 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Cascading Style Sheets (CSS) run-in property and multiple invocations of a destructor for a child element that has been referenced multiple times. | 2010-06-11 | 9.3 | CVE-2010-1749 VUPEN BID APPLE MISC BUGTRAQ CONFIRM SECTRACK SECUNIA |
apple -- safari | Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management. | 2010-06-11 | 9.3 | CVE-2010-1750 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a certain window close action that occurs during a drag-and-drop operation. | 2010-06-11 | 9.3 | CVE-2010-1419 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving DOM Range objects. | 2010-06-11 | 9.3 | CVE-2010-1758 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Node.normalize method. | 2010-06-11 | 9.3 | CVE-2010-1759 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML document subtrees. | 2010-06-11 | 9.3 | CVE-2010-1761 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document containing a BR element, related to a "type checking issue." | 2010-06-11 | 9.3 | CVE-2010-1770 VUPEN BID APPLE MISC CONFIRM SECTRACK SECUNIA SECUNIA CONFIRM CONFIRM |
apple -- safari | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving fonts. | 2010-06-11 | 9.3 | CVE-2010-1771 VUPEN BID APPLE XF CONFIRM SECTRACK SECUNIA |
apple -- safari | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses out-of-bounds memory during processing of HTML tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document. | 2010-06-11 | 9.3 | CVE-2010-1774 VUPEN BID APPLE XF CONFIRM SECTRACK SECUNIA |
apple -- mac_os_x | NetAuthSysAgent in Network Authorization in Apple Mac OS X 10.5.8 does not have the expected authorization requirements, which allows local users to gain privileges via unspecified vectors. | 2010-06-17 | 7.2 | CVE-2010-1375 BID CONFIRM VUPEN SECTRACK SECUNIA APPLE |
apple -- mac_os_x | Open Directory in Apple Mac OS X 10.6 before 10.6.4 creates an unencrypted connection upon certain SSL failures, which allows man-in-the-middle attackers to spoof arbitrary network account servers, and possibly execute arbitrary code, via unspecified vectors. | 2010-06-17 | 9.3 | CVE-2010-1377 BID CONFIRM VUPEN SECTRACK SECUNIA APPLE |
apple -- mac_os_x | Integer overflow in the cgtexttops CUPS filter in Printing in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page sizes. | 2010-06-17 | 7.5 | CVE-2010-1380 BID CONFIRM VUPEN SECTRACK SECUNIA APPLE |
apple -- itunes | Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1763 and CVE-2010-1769. | 2010-06-18 | 10.0 | CVE-2010-1387 CONFIRM SECTRACK APPLE |
basti2web -- book_panel | SQL injection vulnerability in books.php in the Book Panel (book_panel) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the bookid parameter. | 2010-06-11 | 7.5 | CVE-2009-4889 XF BID MILW0RM |
creative -- autoupdate | Stack-based buffer overflow in Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0, as used in Creative Software AutoUpdate 1.40.01, allows remote attackers to execute arbitrary code via vectors related to the BrowseFolder method. | 2010-06-15 | 10.0 | CVE-2010-0990 BID BUGTRAQ MISC SECUNIA |
cs-cart -- cs-cart | SQL injection vulnerability in index.php in CS-Cart 2.0.0 Beta 3 allows remote attackers to execute arbitrary SQL commands via the product_id parameter in a products.view action. | 2010-06-11 | 7.5 | CVE-2009-4891 XF BID MILW0RM |
dojotoolkit -- dojo | Unspecified vulnerability in iframe_history.html in Dojo 0.4.x before 0.4.4 has unknown impact and remote attack vectors. | 2010-06-15 | 10.0 | CVE-2010-2272 CONFIRM SECUNIA |
dojotoolkit -- dojo | The default configuration of the build process in Dojo 0.4.x before 0.4.4, 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 has the copyTests=true and mini=false options, which makes it easier for remote attackers to have an unspecified impact via a request to a (1) test or (2) demo component. | 2010-06-15 | 10.0 | CVE-2010-2276 CONFIRM VUPEN AIXAPAR CONFIRM SECUNIA SECUNIA |
evological -- evocam | Buffer overflow in the web server for EvoLogical EvoCam 3.6.6 and 3.6.7 allows remote attackers to execute arbitrary code via a long GET request. | 2010-06-16 | 7.5 | CVE-2010-2309 BID EXPLOIT-DB SECUNIA |
google -- chrome | The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors. | 2010-06-15 | 9.3 | CVE-2010-2296 SECUNIA CONFIRM CONFIRM |
google -- chrome | rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table. | 2010-06-15 | 9.3 | CVE-2010-2297 SECUNIA CONFIRM CONFIRM |
google -- chrome | browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing, which allows remote attackers to bypass intended sandbox restrictions via vectors involving fchdir and chdir calls. | 2010-06-15 | 10.0 | CVE-2010-2298 SECUNIA CONFIRM CONFIRM |
google -- chrome | The Clipboard::DispatchObject function in app/clipboard/clipboard.cc in Google Chrome before 5.0.375.70 does not properly handle CBF_SMBITMAP objects in a ViewHostMsg_ClipboardWriteObjectsAsync message, which might allow remote attackers to execute arbitrary code via vectors involving crafted data from the renderer process, related to a "Type Confusion" issue. | 2010-06-15 | 9.3 | CVE-2010-2299 SECUNIA CONFIRM CONFIRM |
google -- chrome | Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to handlers for DOM mutation events, aka rdar problem 7948784. NOTE: this might overlap CVE-2010-1759. | 2010-06-15 | 9.3 | CVE-2010-2300 SECUNIA CONFIRM CONFIRM |
google -- chrome | Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771. | 2010-06-15 | 9.3 | CVE-2010-2302 SECUNIA CONFIRM CONFIRM |
google -- chrome | page/Geolocation.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not stop timers associated with geolocation upon deletion of a document, which has unspecified impact and remote attack vectors. | 2010-06-15 | 9.3 | CVE-2010-2303 SECUNIA CONFIRM CONFIRM |
google -- chrome | The toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to list markers, aka rdar problem 8009118. | 2010-06-15 | 9.3 | CVE-2010-2304 SECUNIA CONFIRM CONFIRM |
hauntmax -- haunted_house_directory_listing_cms | SQL injection vulnerability in index.php in HauntmAx Haunted House Directory Listing CMS allows remote attackers to execute arbitrary SQL commands via the state parameter in a listings action. | 2010-06-16 | 7.5 | CVE-2010-2312 EXPLOIT-DB SECUNIA OSVDB |
hp -- openview_network_node_manager | Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-683. | 2010-06-17 | 7.5 | CVE-2010-1964 HP HP BID |
ibm -- lotus_connections | The Top Updates implementation in the Homepage component in IBM Lotus Connections 2.5.x before 2.5.0.2, when "forced SSL" is enabled, uses http for links, which has unspecified impact and remote attack vectors. | 2010-06-15 | 7.6 | CVE-2010-2279 CONFIRM VUPEN AIXAPAR SECUNIA |
idevspot -- textads | SQL injection vulnerability in index.php in IDevSpot TextAds 2.08 allows remote attackers to execute arbitrary SQL commands via the page parameter. | 2010-06-17 | 7.5 | CVE-2010-2319 VUPEN BID MISC |
microsoft -- windows_2003_server | The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist (fromHCP option) and execute arbitrary commands via a crafted hcp:// URL. | 2010-06-15 | 9.3 | CVE-2010-1885 CERT-VN XF VUPEN SECTRACK BID BUGTRAQ BUGTRAQ CONFIRM EXPLOIT-DB SECUNIA CONFIRM MISC FULLDISC |
power-tab -- power_tab_editor | Stack-based buffer overflow in Power Tab Editor 1.7 build 80 allows user-assisted remote attackers to execute arbitrary code via a .ptb file with a long font name. | 2010-06-16 | 9.3 | CVE-2010-2311 XF EXPLOIT-DB MISC SECUNIA OSVDB |
samba -- samba | Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet. | 2010-06-17 | 7.5 | CVE-2010-2063 CONFIRM CONFIRM MLIST VUPEN CONFIRM CONFIRM SECUNIA |
smartisoft -- phpbazar | PHP remote file inclusion vulnerability in picturelib.php in SmartISoft phpBazar 2.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the cat parameter. | 2010-06-17 | 7.5 | CVE-2010-2315 XF BID MISC |
sophos -- anti-virus | Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function. | 2010-06-16 | 7.2 | CVE-2010-2308 VUPEN CONFIRM SECTRACK BUGTRAQ SECUNIA MISC |
standards_based_linux_instrumentation -- sblim-sfcb | Heap-based buffer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB before 1.3.8 might allow remote attackers to execute arbitrary code via a Content-Length HTTP header that specifies a value too small for the amount of POST data, aka bug #3001896. | 2010-06-15 | 10.0 | CVE-2010-1937 VUPEN CONFIRM SECUNIA CONFIRM MLIST |
standards_based_linux_instrumentation -- sblim-sfcb | Integer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB 1.3.4 through 1.3.7, when the configuration sets httpMaxContentLength to a zero value, allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a large integer in the Content-Length HTTP header, aka bug #3001915. NOTE: some of these details are obtained from third party information. | 2010-06-15 | 10.0 | CVE-2010-2054 VUPEN CONFIRM SECUNIA CONFIRM MLIST |
symantec -- sygate_personal_firewall | Buffer overflow in an ActiveX control in SSHelper.dll for Symantec Sygate Personal Firewall 5.6 build 2808 allows remote attackers to execute arbitrary code via a long third argument to the SetRegString method. | 2010-06-16 | 9.3 | CVE-2010-2305 XF EXPLOIT-DB MISC |
symantec -- appstream | Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which allows remote Workspace Streaming servers and man-in-the-middle attackers to download arbitrary executable files onto a client system, and execute these files, via unspecified vectors. | 2010-06-17 | 9.3 | CVE-2008-4389 CONFIRM BID |
todd_rogers -- phprecipebook | SQL injection vulnerability in index.php in PHPRecipeBook 2.24 and 2.39 allows remote attackers to execute arbitrary SQL commands via the (1) base_id or (2) course_id parameter in a search action. | 2010-06-11 | 7.5 | CVE-2009-4883 XF BID MILW0RM SECUNIA |
unrealircd -- unrealircd | UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, contains an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro, which allows remote attackers to execute arbitrary commands. | 2010-06-15 | 7.5 | CVE-2010-2075 VUPEN CONFIRM BID MLIST EXPLOIT-DB GENTOO SECUNIA FULLDISC FULLDISC OSVDB |
webjump -- webjump! | SQL injection vulnerability in Content Management System WEBjump! allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) portfolio_genre.php and (2) news_id.php. | 2010-06-11 | 7.5 | CVE-2009-4892 BID MILW0RM |
wireshark -- wireshark | Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. | 2010-06-15 | 8.3 | CVE-2010-2284 VUPEN CONFIRM CONFIRM BID MLIST MANDRIVA SECUNIA |
wireshark -- wireshark | Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. | 2010-06-15 | 8.3 | CVE-2010-2287 VUPEN CONFIRM CONFIRM BID MLIST MANDRIVA SECUNIA |
wmsdesign -- wmscms | Multiple SQL injection vulnerabilities in WmsCms 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) search, (2) sbr, (3) pid, (4) sbl, and (5) FilePath parameters to default.asp; and the (6) sbr, (7) pr, and (8) psPrice parameters to printpage.asp. | 2010-06-17 | 7.5 | CVE-2010-2317 VUPEN BID MISC MISC |
xnview -- xnview | Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allows remote attackers to execute arbitrary code via a MultiBitMap (MBM) file with a Paint Data Section that contains a malformed Encoding field. | 2010-06-16 | 9.3 | CVE-2010-1932 XF VUPEN SECTRACK BID MISC SECUNIA |
Medium Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
accoria -- rock_web_server | Multiple cross-site scripting (XSS) vulnerabilities in Accoria Web Server (aka Rock Web Server) 1.4.7 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the getenv sample program, (2) the desc parameter to loadstatic.cgi, (3) the name parameter to httpdcfg.cgi, or (4) the dns parameter to servercfg.cgi. | 2010-06-15 | 4.3 | CVE-2010-2267 CERT-VN MISC |
accoria -- rock_web_server | Cross-site request forgery (CSRF) vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to hijack the authentication of administrators for requests that create user accounts. | 2010-06-15 | 6.8 | CVE-2010-2268 CERT-VN MISC |
accoria -- rock_web_server | Directory traversal vulnerability in loadstatic.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter. | 2010-06-15 | 5.0 | CVE-2010-2269 CERT-VN MISC |
adobe -- flash_player | Adobe Flash Player 9 before 9.0.277.0 on unspecified UNIX platforms allows attackers to cause a denial of service via unknown vectors. | 2010-06-15 | 4.3 | CVE-2010-2172 CERT CONFIRM XF VUPEN BID BID REDHAT SECTRACK |
adobe -- air | Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing. | 2010-06-15 | 4.3 | CVE-2010-2179 CERT CONFIRM XF VUPEN BID BID REDHAT REDHAT SECTRACK SECTRACK |
anodyne-productions -- simm_management_system | Directory traversal vulnerability in index.php in Anodyne Productions SIMM Management System (SMS) 2.6.10, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter to index.php. NOTE: some of these details are obtained from third party information. | 2010-06-17 | 6.8 | CVE-2010-2313 XF VUPEN BID MISC SECUNIA MISC OSVDB |
apple -- safari | Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not provide a warning about a (1) http or (2) https URL that contains a username and password, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL. | 2010-06-11 | 4.3 | CVE-2010-1384 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6, and before 4.1 on Mac OS X 10.4, does not properly handle clipboard (1) drag and (2) paste operations for URLs, which allows user-assisted remote attackers to read arbitrary files via a crafted HTML document. | 2010-06-11 | 4.3 | CVE-2010-1388 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) paste or (2) drag-and-drop operation for a selection. | 2010-06-11 | 4.3 | CVE-2010-1389 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to improper UTF-7 canonicalization, and lack of termination of a quoted string in an HTML document. | 2010-06-11 | 4.3 | CVE-2010-1390 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Multiple directory traversal vulnerabilities in the (a) Local Storage and (b) Web SQL database implementations in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allow remote attackers to create arbitrary database files via vectors involving a (1) %2f and .. (dot dot) or (2) %5c and .. (dot dot) in a URL. | 2010-06-11 | 4.3 | CVE-2010-1391 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to discover sensitive URLs via an HREF attribute associated with a redirecting URL. | 2010-06-11 | 4.3 | CVE-2010-1393 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML document fragments. | 2010-06-11 | 4.3 | CVE-2010-1394 VUPEN SECTRACK APPLE BID CONFIRM SECUNIA |
apple -- safari | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving DOM constructor objects, related to a "scope management issue." | 2010-06-11 | 4.3 | CVE-2010-1395 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging, a related issue to CVE-2010-0660. | 2010-06-11 | 4.3 | CVE-2010-1406 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to bypass intended restrictions on outbound connections to "non-default TCP ports" via a crafted port number, related to an "integer truncation issue." NOTE: this may overlap CVE-2010-1099. | 2010-06-11 | 4.3 | CVE-2010-1408 VUPEN BID APPLE BID CONFIRM SECTRACK SECUNIA |
apple -- safari | Incomplete blacklist vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to trigger disclosure of data over IRC via vectors involving an IRC service port. | 2010-06-11 | 5.8 | CVE-2010-1409 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends NTLM credentials in cleartext in unspecified circumstances, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors. | 2010-06-11 | 5.0 | CVE-2010-1413 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly restrict the reading of a canvas that contains an SVG image pattern from a different web site, which allows remote attackers to read images from other sites via a crafted canvas, related to a "cross-site image capture issue." | 2010-06-11 | 4.3 | CVE-2010-1416 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle changes to keyboard focus that occur during processing of key press events, which allows remote attackers to force arbitrary key presses via a crafted HTML document. | 2010-06-11 | 4.3 | CVE-2010-1422 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to a malformed URL. | 2010-06-11 | 4.3 | CVE-2010-0544 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via a FRAME element with a SRC attribute composed of a javascript: sequence preceded by spaces. | 2010-06-11 | 4.3 | CVE-2010-1418 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | The execCommand JavaScript function in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly restrict remote execution of clipboard commands, which allows remote attackers to modify the clipboard via a crafted HTML document. | 2010-06-11 | 4.3 | CVE-2010-1421 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML in a TEXTAREA element. | 2010-06-11 | 4.3 | CVE-2010-1762 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, follows multiple redirections during form submission, which allows remote web servers to obtain sensitive information by recording the form data. | 2010-06-11 | 4.3 | CVE-2010-1764 VUPEN BID APPLE CONFIRM SECTRACK SECUNIA |
apple -- safari | The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document. | 2010-06-11 | 4.3 | CVE-2010-2264 VUPEN BID APPLE BID CONFIRM SECTRACK SECUNIA |
apple -- mac_os_x | Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to hijack the authentication of administrators for requests that change settings. | 2010-06-17 | 6.0 | CVE-2010-0540 VUPEN BID CONFIRM SECUNIA APPLE |
apple -- mac_os_x | Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page. | 2010-06-17 | 4.3 | CVE-2010-0541 BID CONFIRM VUPEN SECUNIA APPLE |
apple -- mac_os_x | ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with MPEG2 encoding. | 2010-06-17 | 6.8 | CVE-2010-0543 VUPEN BID CONFIRM SECTRACK SECUNIA APPLE |
apple -- mac_os_x | The Finder in DesktopServices in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, does not set the expected file ownerships during an "Apply to enclosed items" action, which allows local users to bypass intended access restrictions via normal filesystem operations. | 2010-06-17 | 4.4 | CVE-2010-0545 VUPEN BID CONFIRM SECTRACK SECUNIA APPLE |
apple -- mac_os_x | Cross-site scripting (XSS) vulnerability in Help Viewer in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted help: URL, related to "URL parameters in HTML content." | 2010-06-17 | 4.3 | CVE-2010-1373 VUPEN BID CONFIRM SECTRACK SECUNIA APPLE |
apple -- mac_os_x | Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, when AIM is used, allows remote attackers to create arbitrary files via directory traversal sequences in an inline image-transfer operation. | 2010-06-17 | 4.3 | CVE-2010-1374 BID CONFIRM VUPEN SECTRACK SECUNIA APPLE |
apple -- mac_os_x | Multiple format string vulnerabilities in Network Authorization in Apple Mac OS X 10.6 before 10.6.4 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) afp, (2) cifs, or (3) smb URL. | 2010-06-17 | 6.8 | CVE-2010-1376 BID CONFIRM VUPEN SECTRACK SECUNIA APPLE |
apple -- mac_os_x | Printer Setup in Apple Mac OS X 10.6 before 10.6.4 does not properly interpret character encoding, which allows remote attackers to cause a denial of service (printing failure) by deploying a printing device that has a Unicode character in its printing-service name. | 2010-06-17 | 5.0 | CVE-2010-1379 BID CONFIRM VUPEN SECTRACK SECUNIA APPLE |
apple -- mac_os_x | Multiple integer overflows in ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow. | 2010-06-17 | 6.8 | CVE-2010-1411 CONFIRM VUPEN SECTRACK SECUNIA APPLE |
apple -- mac_os_x | The web interface in CUPS in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, reads uninitialized memory during handling of form variables, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via unspecified vectors. | 2010-06-17 | 4.3 | CVE-2010-1748 BID CONFIRM VUPEN SECUNIA APPLE |
bernhard_frohlich -- phpcom | Multiple SQL injection vulnerabilities in phpCommunity 2 2.1.8, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the forum_id parameter in a forum action to index.php, (2) the topic_id parameter in a forum action to index.php, (3) the wert parameter in an id search action to index.php, (4) the wert parameter in a nick search action to index.php, or (5) the wert parameter in a forum search action to index.php, related to class_forum.php and class_search.php. | 2010-06-11 | 6.8 | CVE-2009-4884 XF BUGTRAQ MILW0RM |
bernhard_frohlich -- phpcom | Cross-site scripting (XSS) vulnerability in templates/1/login.php in phpCommunity 2 2.1.8 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 2010-06-11 | 4.3 | CVE-2009-4885 XF BUGTRAQ MILW0RM |
bernhard_frohlich -- phpcom | Multiple directory traversal vulnerabilities in phpCommunity 2 2.1.8 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) file parameter to module/admin/files/show_file.php and the (2) path parameter to module/admin/files/show_source.php. | 2010-06-11 | 5.0 | CVE-2009-4886 XF BUGTRAQ MILW0RM |
d-link -- di-604 | Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field. | 2010-06-15 | 4.3 | CVE-2010-2292 XF BID BUGTRAQ |
d-link -- di-604 | The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large "ip textfield" size. | 2010-06-15 | 6.8 | CVE-2010-2293 XF BID BUGTRAQ |
dojotoolkit -- dojo | Multiple cross-site scripting (XSS) vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to dojo/resources/iframe_history.html, dojox/av/FLAudio.js, dojox/av/FLVideo.js, dojox/av/resources/audio.swf, dojox/av/resources/video.swf, util/buildscripts/jslib/build.js, and util/buildscripts/jslib/buildUtil.js, as demonstrated by the (1) dojoUrl and (2) testUrl parameters to util/doh/runner.html. | 2010-06-15 | 4.3 | CVE-2010-2273 CONFIRM VUPEN MISC AIXAPAR CONFIRM SECUNIA SECUNIA CONFIRM |
dojotoolkit -- dojo | Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, possibly related to dojo/resources/iframe_history.html, dojox/av/FLAudio.js, dojox/av/FLVideo.js, dojox/av/resources/audio.swf, dojox/av/resources/video.swf, util/buildscripts/jslib/build.js, util/buildscripts/jslib/buildUtil.js, and util/doh/runner.html. | 2010-06-15 | 4.3 | CVE-2010-2274 CONFIRM VUPEN AIXAPAR CONFIRM SECUNIA SECUNIA |
dojotoolkit -- dojo | Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js in Dojo Toolkit SDK before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the theme parameter, as demonstrated by an attack against dijit/tests/form/test_Button.html. | 2010-06-15 | 4.3 | CVE-2010-2275 VUPEN MISC AIXAPAR AIXAPAR CONFIRM SECUNIA SECUNIA CONFIRM |
edmondhui.homeip -- np_twitter | PHP remote file inclusion vulnerability in nucleus/plugins/NP_Twitter.php in the NP_Twitter Plugin 0.8 and 0.9 for Nucleus, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DIR_PLUGINS parameter. NOTE: some of these details are obtained from third party information. | 2010-06-17 | 6.8 | CVE-2010-2314 VUPEN BID OSVDB MISC SECUNIA MISC |
google -- chrome | page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not properly handle a change of the focused frame during the dispatching of keydown, which allows user-assisted remote attackers to redirect keystrokes via a crafted HTML document, aka rdar problem 7018610. NOTE: this might overlap CVE-2010-1422. | 2010-06-15 | 4.3 | CVE-2010-2295 CONFIRM CONFIRM SECUNIA CONFIRM CONFIRM |
google -- chrome | Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762. | 2010-06-15 | 4.3 | CVE-2010-2301 CONFIRM SECUNIA CONFIRM CONFIRM |
ibm -- lotus_connections | Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.5.x before 2.5.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) create or (2) edit form in the Communities component, the (3) verbiage field in the Bookmarks component, or (4) unspecified vectors related to the Mobile Blogs component. | 2010-06-15 | 4.3 | CVE-2010-2277 VUPEN CONFIRM SECUNIA |
ibm -- lotus_connections | The bookmarklet pop-up in the Bookmarks component in IBM Lotus Connections 2.5.x before 2.5.0.2 does not properly follow the "force SSL" setting, which might make it easier for remote attackers to obtain the cleartext of network communication by sniffing the network, or spoof arbitrary servers via a man-in-the-middle attack. | 2010-06-15 | 4.0 | CVE-2010-2278 CONFIRM VUPEN AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR AIXAPAR SECUNIA |
ibm -- lotus_connections | Open redirect vulnerability in the Mobile component in IBM Lotus Connections 2.5.x before 2.5.0.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "mobile edit actions," aka SPR ASRE83PPVH. | 2010-06-15 | 4.3 | CVE-2010-2280 CONFIRM VUPEN SECUNIA |
juniper -- secure_access | Cross-site scripting (XSS) vulnerability in dana/nc/ncrun.cgi in Juniper Networks IVE 6.5R1 (Build 14599) and 6.5R2 (Build 14951) allows remote attackers to inject arbitrary web script or HTML via the DSSignInURL cookie. | 2010-06-15 | 4.3 | CVE-2010-2288 SECTRACK BUGTRAQ MISC MISC OSVDB |
juniper -- secure_access | Open redirect vulnerability in dana/home/homepage.cgi in Juniper Networks IVE 6.5R1 (Build 14599) and 6.5R2 (Build 14951) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the Location parameter. | 2010-06-15 | 4.3 | CVE-2010-2289 XF VUPEN BID BUGTRAQ MISC MISC SECUNIA OSVDB |
linux -- kernel | The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier does not check file ownership before setting an ACL, which allows local users to bypass file permissions by setting arbitrary ACLs, as demonstrated using setfacl. | 2010-06-16 | 4.6 | CVE-2010-2071 MLIST CONFIRM MLIST MLIST |
mcafee -- unified_threat_management_firewall_firmware | Cross-site scripting (XSS) vulnerability in cgi-bin/cgix/help in McAfee Unified Threat Management (UTM) Firewall (formerly SnapGear) firmware 3.0.0 through 4.0.6 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | 2010-06-15 | 4.3 | CVE-2010-2290 CONFIRM VUPEN SECTRACK BUGTRAQ SECUNIA SECUNIA MISC |
microsoft -- windows_2003_server | Cross-site scripting (XSS) vulnerability in the GetServerName function in sysinfo/commonFunc.js in Microsoft Windows Help and Support Center for Windows XP and Windows Server 2003 allows remote attackers to inject arbitrary web script or HTML via the svr parameter to sysinfo/sysinfomain.htm. NOTE: this can be leveraged with CVE-2010-1885 to execute arbitrary commands without user interaction. | 2010-06-15 | 4.3 | CVE-2010-2265 CERT-VN XF VUPEN BID BUGTRAQ MISC SECUNIA MISC MISC FULLDISC |
motorola -- surfboard_sbv6120e | Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request. | 2010-06-16 | 5.0 | CVE-2010-2307 XF BID OSVDB EXPLOIT-DB SECUNIA |
nginx -- nginx | nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI. | 2010-06-15 | 5.0 | CVE-2010-2263 BID EXPLOIT-DB EXPLOIT-DB MISC |
nginx -- nginx | nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence. | 2010-06-15 | 5.0 | CVE-2010-2266 EXPLOIT-DB |
nskate -- phortail | Cross-site scripting (XSS) vulnerability in poster.php in PHortail 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the (1) pseudo, (2) email, (3) ti, and (4) txt parameters. | 2010-06-11 | 4.3 | CVE-2009-4888 XF VUPEN BID SECUNIA MISC OSVDB |
phpcityportal -- phpcityportal | Cross-site scripting (XSS) vulnerability in cms_data.php in PHPCityPortal 1.3 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | 2010-06-17 | 4.3 | CVE-2010-2318 BID MISC |
punbb -- punbb | Multiple cross-site scripting (XSS) vulnerabilities in profile.php in PunBB before 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) password or (2) e-mail. | 2010-06-15 | 4.3 | CVE-2009-4894 CONFIRM |
pxsystem -- plume-cms | Cross-site request forgery (CSRF) vulnerability in Plume CMS 1.2.4 and possibly earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via unspecified vectors. | 2010-06-15 | 6.8 | CVE-2010-2294 XF VUPEN BUGTRAQ SECUNIA |
radovan_garabik -- pyftpd | auth_db_config.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the (1) test, (2) user, and (3) roxon accounts, which allows remote attackers to read arbitrary files from the FTP server. | 2010-06-16 | 5.0 | CVE-2010-2073 XF BID MLIST CONFIRM |
retrieve -- vbook | Multiple cross-site scripting (XSS) vulnerabilities in the login application in vBook 4.2.17 allow remote attackers to inject arbitrary web script or HTML via the (1) title and (2) message parameters. | 2010-06-11 | 4.3 | CVE-2009-4890 XF BID BUGTRAQ |
samba -- samba | The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request with a certain 0x8003 field value. | 2010-06-17 | 5.0 | CVE-2010-1635 CONFIRM CONFIRM CONFIRM MISC BID CONFIRM CONFIRM CONFIRM |
samba -- samba | The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a xffxff security blob length in a Session Setup AndX request. | 2010-06-17 | 5.0 | CVE-2010-1642 CONFIRM CONFIRM CONFIRM MISC BID CONFIRM CONFIRM CONFIRM |
sbuilder -- cms_s.builder | PHP remote file inclusion vulnerability in index.php in CMS S.Builder 3.7 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in a binn_include_path cookie. NOTE: this can also be leveraged to include and execute arbitrary local files. | 2010-06-11 | 6.8 | CVE-2009-4887 XF BID MILW0RM |
solarwinds -- tftp_server | SolarWinds TFTP Server 10.4.0.13 allows remote attackers to cause a denial of service (crash) via a long write request. | 2010-06-16 | 5.0 | CVE-2010-2310 XF BID EXPLOIT-DB |
sourcefire -- 3d1000 | The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack. | 2010-06-16 | 4.3 | CVE-2010-2306 MISC XF MISC VUPEN SECTRACK BUGTRAQ SECUNIA OSVDB |
tomatocms -- tomatocms | Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and earlier allows remote authenticated users, with certain privileges, to execute arbitrary PHP code by uploading an image file, and then accessing it via a direct request to the file in an unspecified directory. | 2010-06-15 | 6.0 | CVE-2010-1514 BID MISC SECUNIA MISC |
tomatocms -- tomatocms | Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS 2.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) keyword or (2) bannerid parameter in conjunction with a /admin/ad/banner/list PATH_INFO; and allow remote authenticated users, with certain privileges, to inject arbitrary web script or HTML via the (3) title or (4) answers parameter in conjunction with a /admin/poll/add PATH_INFO, or the (5) name parameter in conjunction with a /admin/category/add PATH_INFO. | 2010-06-15 | 4.3 | CVE-2010-2281 SECUNIA MISC |
tomatocms -- tomatocms | Cross-site request forgery (CSRF) vulnerability in TomatoCMS 2.0.6 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password. | 2010-06-15 | 5.1 | CVE-2010-2282 SECUNIA MISC |
unrealircd -- unrealircd | Buffer overflow in UnrealIRCd 3.2beta11 through 3.2.8, when allow::options::noident is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | 2010-06-15 | 6.8 | CVE-2009-4893 CONFIRM MLIST GENTOO |
w3m -- w3m | istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a ' |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.